“Apple’s Mac OS X remains almost completely free of any sort of malware threat despite several years of availability, a significant market share, and even an entire month dedicated to pointing out its flaws,” Shaun Nichols reports for vnunet.com.
Nichols reports, “And security experts are not exactly sure why. In an article for the McAfee Avert Labs blog, security researcher Marius van Oers pointed out that Mac malware is ‘pretty much non-existent at the moment.'”
Nichols reports, “The researcher said that out of 236,000 known pieces of malicious software, only seven affect Mac OS X. ‘With an estimated OS X market share of about five per cent on desktop systems we would expect to see more malware for OS X,’ said van Oers.”
“The Mac OS X system is not inherently more secure than other operating systems, according to the researcher,” Nichols reports.
Full article here.
MacDailyNews Take: Mac OS X is inherently more secure than Windows. Period.
Here we go again, once more for old time’s sake:
“Security via Obscurity” is a myth. Mac OS X has zero (0) viruses. For six years and counting. Zero Mac OS X users affected outside of a lab with old, non-updated Mac OS versions that were intentionally infected.
The idea that Windows’ morass of security woes exists because more people use Windows and that Macs have no security problems because less people use Macs, is simply not true. Mac OS X is not more secure than Windows because less people use OS X, making it less of a target. By design, Mac OS X is simply more secure than Windows. Period. For reference and reasons why Mac OS X is more secure than Windows, read The New York Times’ David Pogue’s mea culpa on the subject of the “Mac Security Via Obscurity” myth here.
Macs account for roughly 10% of the world’s personal computer users — (some say as much as 16%) — so the first half of the myth doesn’t even stand up to scrutiny. Macs aren’t “obscure” at all. Therefore, the Apple Mac platform’s ironclad security simply cannot logically be attributed to obscurity.
There are zero-percent (0%) of viruses for the Mac OS X platform that should, logically, have some 10-16% of the world’s viruses if platforms’ install bases dictate the numbers of viruses. The fact that Mac OS X has zero (0) viruses totally discounts “security via obscurity.” There should be at least some Mac OS X viruses. There are none. The reason for this fact is not attributable solely to “obscurity,” it’s attributable to superior security design.
Still not convinced? Try this one on for size: according to operating system release, according to analysts at Bank of America Securities, there are “22 million Mac OS X users” in the world and there are still zero (0) viruses. According to CNET, the Windows Vista Beta was released “to about 10,000 testers” at the time the first Windows Vista virus arrived. So much for the security via obscurity myth.
Related articles:
Microsoft’s Live OneCare ‘security’ failureware: dead last in test of 17 Windows security apps – March 07, 2007
Bill Gates has lost his mind: calls Apple liars, copiers; slams Mac OS X security vs. Windows – February 02, 2007
Security firm: 38-percent of malware already Windows Vista-compatible – January 22, 2007
FUD Alert: CNET tries to equate Windows’ insecurity to handful of Mac OS X proof-of-concepts – December 02, 2006
Microsoft’s Windows is inherently more vulnerable to severe malware than Apple’s Mac OS X – August 23, 2006
Chicago Tribune falls for the ‘Security Via Obscurity’ myth – August 14, 2006
Symantec details more security holes in Microsoft’s Windows Vista – July 26, 2006
Symantec researcher: At this time, there are no file-infecting viruses that can infect Mac OS X – July 13, 2006
Sophos: Apple Mac OS X’s security record unscathed; Windows Vista malware just a matter of time – July 07, 2006
Gartner analyst tries to propagate discounted Mac OS X ‘security via obscurity’ myth via BBC – July 06, 2006
Sophos Security: Dump Windows, Get a Mac – July 05, 2006
Security company Sophos: Apple Mac the best route for security for the masses – December 06, 2005
Apple Macs are inherently safer and more secure than Microsoft Windows – November 22, 2005
BusinessWeek columnist propagates discounted ‘Apple Mac security via obscurity myth’ – September 06, 2005
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005
Another columnist trots out Mac OS X ‘Security through Obscurity’ myth – April 03, 2004
Columnist tries the ‘security through obscurity’ myth to defend Windows vs. Macs on virus front – October 01, 2003
Shattering the Mac OS X ‘security through obscurity’ myth – August 28, 2003
Virus and worm problems not just due to market share; Windows inherently insecure vs. Mac OS X – August 24, 2003
actually shen, it was more the fact he/she claimed there are viruses and rootkits for OS X without providing any proof.
If you’re going to make a statement as wild as that, you should at least have some evidence to back it up, without being asked to.
Mybe calling him a troll did make me look bad, but since this is the anonymous internet and my name is not really Jim, I couldn’t give a monkey’s!
Have a nice Day!
Could it be due to the higher levels of education and the fast that a lot of Apple users are in business and don’t have a lot of free time on there hands.
Or maybe it’s just all that upper crest inbreeding! <grin>
My sense is that MDN’s Take and others here addressing the Security-Obscurity myth is overblown and unnecesssary. My understanding is the the author is explaining to others why this myth doesn’t apply to Macs! Others reading about Mac security are likely to jump on the security-obscurity myth. The author here (I haven’t read the full article) is debunking it by bringing it up and saying why it doesn’t apply. He say, sure there are not as many Macs, but there are still an adequate number that some viruses should be seen. That specifically addresses those who think there are none because there aren’t many. Author tells those people there are enough to see some, yet none are out there. I see him addressing the myth still held by many and telling them, “Fine, if you claim there are fewer viruses [zero] than for Windows because there aren’t many Macs, why aren’t there at least SOME?” I don’t see him as making the case for the myth, but debunking it to those who hold it saying that the numbers have nothing to do with the security. Macs are simply secure and he and others don’t appear to know why. (whew)
“The Russians and Chinese can’t afford Mac’s.”
Number one: The above quoted phrase also demonstrates poor grammer… Macs not Mac’s. The apostrophe indicates possesion rather than plurality.
Number two: I am pleased to see that WiseGuy didn’t get it so hopelessly wrong by spelling Mac with all upper case letters.
Two is the MDM Magic Word too.
…”The researcher said that out of 236,000 known pieces of malicious software, only seven affect Mac OS X.”…
Yep, they are also known as
-Windows 95
-Windows 98
-Windows 98 2nd Edit.
-Windows ME
-Windows XP
-Windows XP SP 1+2
-Windows Vista
when run on a Mac via Parallels or where possible Bootcamp.
Case close, thank you Watson
” width=”19″ height=”19″ alt=”smile” style=”border:0;” />
Again, for the thousandth time, show us an actual Mac OS X vulnerability out in the wild that has ever actually IMPACTED anyone (not some proof of concept bullsh*t), and then we’ll talk. It’s been almost 6 years now and there hasn’t been one yet…
It would seem that the concept of zero does not compute well with some people, much like dividing by said constant. Error: Does Not Compute. You are coming to the sad realization that Macs do not have viruses. Accept or Deny?
Funny, someone else had “boy” earlier as their word.
Supposedly, the average mac user is more affluent than the average Doze user, and the overwhelming majority of OS X users do not use any form of anti-virus. Since most, or at least a large part, of virus attacks are criminally-related for financial gain, don’t you think someone would have busted into unprotected Mac machines containing all sorts of personal and financial data by now if they could? It’s been 5 years since OS X was released, and every patch makes it even less likely to happen.
Of course malware developers are going to aim for the most prominent AND the most vulnerable platform. Consequently, as a Mac user who is a potential target, I believe that I am far more secure because of BOTH the robustness of the operating system and the low proportion of Mac users.
One way to phrase the debate is to ask what would happen if the proportion of Windows to Macs around the globe were suddenly reversed. I’m convinced that there would be many more attacks against the Mac platform (because of its greater prominence in that case), with an extraordinarily low success rate (because of the tight security of the OS).
Stupid. Stupid. Stupid.
It’s because the clueless ‘choose’ Windows and they are SOOOO easy to fool… and so it will be for a long time to come.
Job done. Call me smug. Whatever.
Lack of intelligence baffles reader.
The most prominent argument about OS X security is that it not profitable enough to target Macs because of its small market share.
This simply not true! Even OS 9 had more malware than OS X, and back when Macs had even smaller market share!
Also, if you carefully examine the facts you will see that this market share argumment is really illogical.
There are at least 22 million+ Macs out there with little to no protection software(anti-virus, anti-spyware, firewalls, etc) since most Mac users don’t see the need to installing these types of software.
Obviously this is very profitable low hanging fruit for any hacker/craker to install keyloggers, rootkits, etc to perhaps steal their usernames and passwords and make tons of money. Its well known that Mac users tend to be more affluent than their windows counterparts.
It is also an obvious target for the first hacker to successfuly exploit Macs with a virus, worm, other malware for bragging rights.
Especially for the first few hackers/crackers to harvest all these unprotected Macs.
Where are these hackers/crackers? Why don’t they break into all these Macs and make tons of money or for bragging rights?
You can break into my MacBook Pro..I do tons of online banking…you can steal my username and password? My computer is online most of the time.
I will be waiting…..like you have done with my XP laptop protected with many layers of security software installed, but somehow has been constantly compromised.
I am still waiting….
And..having spent a day and a half rescuing a company with Windows problems, it seems to me that broadly speaking Microsoft is clueless too…
Actually, that’s a pretty reasonable assumption to me, Huh. The underlying issue is not whether or not Windows is attacked more. I actually read something saying that Linux is targeted more one time. Still taking salt for that one. The issue is how many attacks are successful, and we all know that happens regularly with Windows. So yeah, send attacks all you want, but if they just roll off like raindrops on an umbrella, then it really won’t matter to us.
The only problem I have with your argument is that I have not seen, nor heard, one instance of a Mac being hacked or infected buy a virus in the wild.
MDN’s holding up the trophy of a lack of widespread Mac viruses as guage of Mac OS X’s superiority is misleading.
It just shows that Windows is worse than Mac OS X, but to a hacker who only needs one root level exploit, it’s irrelevant.
Hackers are not about to disclose their secrets publically and certainly not going to inform the mark of the infected computer.
Mac OS X’s small market share usually doesn’t attract the attention of those who need large numbers of zombies to spew profitable spam or crack passwords.
http://www.upi.com/NewsTrack/Science/20070107-042614-5177r/
http://blog.washingtonpost.com/securityfix/2006/03/when_macs_attack.html
OS X is built on UNIX; UNIX was created by Ph.D. computer scientists. Windows evolved from DOS. DOS was created by college dropouts. Enough said.
Writing malware for Windows is potentially more profitable for the writer than one for Mac. While Mac may have 16% of the world’s computers, they certainly do not have a comparitively large percentage of enterprise systems. I believe its is like the old saying, “People rob banks because that is where the money is.” Why should someone go to the trouble trying to beat OSX when it is so much easier to attack Windows?
well “Jim” it is good to know that if you think you are anonymous you will behave like a jerk. “character is what you do when no one can see you.” i guess we know what you are….
the fact remains, that he spoke correctly. there have been known exploits in the BSD subsystem, both Apple and many people hacking on BSD have fixed many if not all of them, none of them mattered anyway because Macs ship with a good default system services setup.
i am sorry that you feel that his not going out and tracking down every thread from every security discussion in the BSD community means he is a troll. i think however that we have seen empirical proof that you are not the person we should listen to for security advice however.
magic word”feed” as in please do not feed the “Jims”……
I have never bought the “There are no Mac viruses because there are too few Macs” argument.
Using WiseGuys flawed Hooker/Virgin analogy, picutre this:
There are 100 girls in the villiage. 98 of them are hookers and two are virgins. Which girls would be the biggest challenge and provide the most prestige?
You don’t think that hackers would love to be the first to expose a serious flaw in the Mac OS? Puhleaze.
@mdn
“Mac OS X is inherently more secure than Windows. Period”
how ?
sorry i don’t believe that, it’s just more secure because of the absence of malware.
“Writing malware for Windows is potentially more profitable for the writer than one for Mac. While Mac may have 16% of the world’s computers, they certainly do not have a comparitively large percentage of enterprise systems. I believe its is like the old saying, “People rob banks because that is where the money is.” Why should someone go to the trouble trying to beat OSX when it is so much easier to attack Windows?”
good question. why should people go to the trouble to hack IIS when Apache has the majority of sites running it?
people don’t generally hack windows to get an enterprise system. the value of data on a major companies machines is generally on a Linux/UNIX/BSD box or mainframe. if the reason you hack a computer is “it is where the money is” then you want to hack those. the computers with that type of data generally only have one face showing to the outside world: webservers. so webservers get hacked. yet even though the big targets run Apache, IIS has the lions share of hacks. why is that?
lets put it this way, you rob a bank cause that is where the money is, but you don’t rob fort knox, cause their security is serious. pick a bank, but pick one you can knock over…..
thus windows gets hacked.
the other reason to hack a machine is for the “street cred” so to speak. and that begs the question, what would get you more reputation, hacking a windows box, or a Mac. what gets more notice, something any kid with a downloadable script kiddie toy can do, or something nobody has done to date?
Macs are targets, and targets more wanted than most windows machines, yet we have seen how many hacks? no, it isn’t unbreakable, but so far Apple has stayed ahead, and even if the future brings us a hack, the record is still much better than the other major choice. it is that simple.
magic word “paper” as in all the threats to OS X on the security front have so far been paper tigers….
Hey shen, take your medication. No need to start questioning my character.
“there have been known exploits in the BSD subsystem”
Like I said to peragrin – PROVE IT!
I’m not saying that he’s lying, but you must provide proof of your claims to have any credibility.
MW: bad, as in shen is a bad lad, so forgive him.
“Which girls would be the biggest challenge and provide the most prestige?”
That’s easy. It’s Belinda, the 400 lb. hooker with one eye that runs that crocodile farm by the highway.
For all you idiots that never heard of a Mac before OS X.
Back in the OS 7 and OS 8 days there were over 50 viruses on the Macs.
The Mac user base back then was smaller than OS X.
So why did they have viruses, if Security via Obscurity is true??
Dumb Windoz geeks.
OK, everybody, just read what “Peragrin” wrote above. He’s got the right answer. And, Falkirk above does, too. This is the Hacker Holy Grail! They would love to be the first to create a self-propagating OS X virus – they just are unable.
Does anyone else remember the text strings found inside one of the recent QuickTime exploits? The author of that trojan (?) said something like, “so much effort for such little result”, or something to that effect. I think that is the best testimony possible.