“Apple’s Mac OS X remains almost completely free of any sort of malware threat despite several years of availability, a significant market share, and even an entire month dedicated to pointing out its flaws,” Shaun Nichols reports for vnunet.com.
Nichols reports, “And security experts are not exactly sure why. In an article for the McAfee Avert Labs blog, security researcher Marius van Oers pointed out that Mac malware is ‘pretty much non-existent at the moment.'”
Nichols reports, “The researcher said that out of 236,000 known pieces of malicious software, only seven affect Mac OS X. ‘With an estimated OS X market share of about five per cent on desktop systems we would expect to see more malware for OS X,’ said van Oers.”
“The Mac OS X system is not inherently more secure than other operating systems, according to the researcher,” Nichols reports.
Full article here.
MacDailyNews Take: Mac OS X is inherently more secure than Windows. Period.
Here we go again, once more for old time’s sake:
“Security via Obscurity” is a myth. Mac OS X has zero (0) viruses. For six years and counting. Zero Mac OS X users affected outside of a lab with old, non-updated Mac OS versions that were intentionally infected.
The idea that Windows’ morass of security woes exists because more people use Windows and that Macs have no security problems because less people use Macs, is simply not true. Mac OS X is not more secure than Windows because less people use OS X, making it less of a target. By design, Mac OS X is simply more secure than Windows. Period. For reference and reasons why Mac OS X is more secure than Windows, read The New York Times’ David Pogue’s mea culpa on the subject of the “Mac Security Via Obscurity” myth here.
Macs account for roughly 10% of the world’s personal computer users — (some say as much as 16%) — so the first half of the myth doesn’t even stand up to scrutiny. Macs aren’t “obscure” at all. Therefore, the Apple Mac platform’s ironclad security simply cannot logically be attributed to obscurity.
There are zero-percent (0%) of viruses for the Mac OS X platform that should, logically, have some 10-16% of the world’s viruses if platforms’ install bases dictate the numbers of viruses. The fact that Mac OS X has zero (0) viruses totally discounts “security via obscurity.” There should be at least some Mac OS X viruses. There are none. The reason for this fact is not attributable solely to “obscurity,” it’s attributable to superior security design.
Still not convinced? Try this one on for size: according to operating system release, according to analysts at Bank of America Securities, there are “22 million Mac OS X users” in the world and there are still zero (0) viruses. According to CNET, the Windows Vista Beta was released “to about 10,000 testers” at the time the first Windows Vista virus arrived. So much for the security via obscurity myth.
Related articles:
Microsoft’s Live OneCare ‘security’ failureware: dead last in test of 17 Windows security apps – March 07, 2007
Bill Gates has lost his mind: calls Apple liars, copiers; slams Mac OS X security vs. Windows – February 02, 2007
Security firm: 38-percent of malware already Windows Vista-compatible – January 22, 2007
FUD Alert: CNET tries to equate Windows’ insecurity to handful of Mac OS X proof-of-concepts – December 02, 2006
Microsoft’s Windows is inherently more vulnerable to severe malware than Apple’s Mac OS X – August 23, 2006
Chicago Tribune falls for the ‘Security Via Obscurity’ myth – August 14, 2006
Symantec details more security holes in Microsoft’s Windows Vista – July 26, 2006
Symantec researcher: At this time, there are no file-infecting viruses that can infect Mac OS X – July 13, 2006
Sophos: Apple Mac OS X’s security record unscathed; Windows Vista malware just a matter of time – July 07, 2006
Gartner analyst tries to propagate discounted Mac OS X ‘security via obscurity’ myth via BBC – July 06, 2006
Sophos Security: Dump Windows, Get a Mac – July 05, 2006
Security company Sophos: Apple Mac the best route for security for the masses – December 06, 2005
Apple Macs are inherently safer and more secure than Microsoft Windows – November 22, 2005
BusinessWeek columnist propagates discounted ‘Apple Mac security via obscurity myth’ – September 06, 2005
16-percent of computer users are unaffected by viruses, malware because they use Apple Macs – June 15, 2005
Another columnist trots out Mac OS X ‘Security through Obscurity’ myth – April 03, 2004
Columnist tries the ‘security through obscurity’ myth to defend Windows vs. Macs on virus front – October 01, 2003
Shattering the Mac OS X ‘security through obscurity’ myth – August 28, 2003
Virus and worm problems not just due to market share; Windows inherently insecure vs. Mac OS X – August 24, 2003
Malware does not equal virus. A virus is something that takes action without user knowledge or intervention and self-replicates to other computers (and therefore spreads). Malware is just a bit of code that does something the user does not want to do. Even a non-tech like me could probably create an Applescript that played an annoying sound. If I put that file into the Login Items of a co-worker’s Mac (while he was away for a few mimutes), and he did not know how to get rid of it, that would be malware.
But it really doesn’t matter WHY Macs are infinitely more secure than Windows. Real world evidence shows that Mac are infinitely more secure. That’s fine with me. Let the so-called “experts” scratch their collective heads.
I have to agree with Cubert. Plenty of people looked for the Holy Grail, and yet most gave up (or croaked).
You don’t think that hackers would love to be the first to expose a serious flaw in the Mac OS? Puhleaze.
In fact it actually took Apple to piss off a couple of black hats to have them start the Month of Apple Bugs which exposed over 60 exploits online in retaliation.
So before this, these exploits have been circulating sight unseen, potentially ever since Mac OS X has been out, over 5 years now?
Here’s the site and more bugs already listed.
http://kernelfun.blogspot.com/
Most Black Hat Hackers like to keep the exploits to themselves or trade them to gain status in their circle of friends who think the same way.
Mac OS X is far from secure unless Apple incorporates tighter and more compartmentalized security
Applications allowing hackers to gain root access is just intolerable from a security standpoint.
Apple’s security is better than Microsoft’s, but it’s not enough.
From: Thorin
“Back in the OS 7 and OS 8 days there were over 50 viruses on the Macs.”
I can definitely attest to this.
I was in service back then and saw many attestill affected Macs. A few of the viruses were catastrophic.
THINK makes a good point.
My Mac career began with OS 6, and never was any machine hit with a virus. Fifty is exaggerating. There were 39 or 40, spread over the years from System 6 to 9.2.2. The biggest hit came from MacAddict when it shipped a virus in its magazine disk. Disks, mostly floppies, were the only way those viruses spread, and when a machine was infected, it rarely could infect another, unlike the 120,000 to 150,000 viruses spawned in Microsoft’s slough of reeking muck.
Anyway, what do systems 6 to 9 viruses have to do with OS X and the price of tea in China?
Falkirk –
I think a little bit of Nash Equilibrium would help you in this Whore/Virgin equation you are framing out…
Even if you were aiming to ‘bed down’ the two Village Virgins for the prestige and fame, You would still be seen from time to time entering the town’s whore-house to release a little tension from all your hard work at courting the two with clean slates.
By intentionally not focusing exclusively on the primary target, you will have the ability to exceed the value of the primary target – Translation: you will get laid more by not setting your goals too high.
this is sort of a variant of security through obscurity, which is illogical, cause sooner or later at least one Virgin is going to get banged… but to date it has not happened. One could then conclude that the Virgins are truly goddesses and any attempt to deflower them has been by unworthy, unclean hackers. Someday a knight in shining armor will arrive to ‘do’ the princess, but even those worthy enuf could not bear to tamper with perfection….
MW – keep …’i keep rambling’
Ok, of the 7 that affect OSX, how many of those were written by Microsoft? Hee Hee
Check out http://daringfireball.net/2004/06/broken_windows Very interesting take on this.
@Jack A
A very interesting article. But I deeply resent the fact that you’ve attempted to interject logic and facts into this debate when I, Cubert, Webmasters Apprentice and so many other distinguished notables are doing our very best to twist this into a discussion about the pros and cons of having sex with hookers and virgins.
The point about Vista in the MDN Take is… Well, it’s daft. sorry, but it’s using exactly the same logic-lacking arguments back at the Obscurity crowd only more so.
Vista was *never* obscure. It doesn’t matter if it has 10,000 users or just one. It *will* be on at least 80% of all computers. Obscurity is not a factor and the argument is just as flawed, selectively factual and misleading as the argument it’s trying to debunk.
And, no, I’m not a Windows fanboy. I just think that Nietzsche had a point.
@Daniel P. Said: “I just think that Nietzsche had a point.”
Nietzsche said: “That which does not destroy you makes you stronger.”
Falkirk: So I gues all that Malware makes Microsoft’s OS stronger.
” width=”19″ height=”19″ alt=”smile” style=”border:0;” /> Good luck with that.
Actually, I was gunning for the whole “If you fight monsters you should take care not to become one” bit.
He had too many quotes.
@Daniel P.
Yeah, I was just kidding. Although I really like your quote:
“If you fight monsters you should take care not to become one”
Sort of a “the ends do not justify the means” deal. Good quote. I’ll try to remember it.
One term: ActiveX
ActiveX and Microsoft’s implementation of such are responsible for an unbelievable number of Microsoft’s security woes, and the sad fact of the matter is that experts in the fields could see these troubles coming.
Wiseguy
Mac OS X’s small market share usually doesn’t attract the attention of those who need large numbers of zombies to spew profitable spam or crack passwords.
I’m sorry, but absolutely everything to this point in time proves that that sentiment is completely untrue. BSD and Unix systems and software based on Open Source run the internet, and remote exploit and control of those systems would grant you more access and more control than an army of bots. The simple fact of the matter is that remote exploits along the line of Microsoft’s ActiveX and Outlook script exploits simply do not exist on Unix based systems, and that includes the Mac.
They simply do not exist. Those exploits on the Mac do not exist. Nada. Nothing. Zip. Goose Egg.
I’ve run out of ways to say it. There are no gaping security holes on the Mac that can be exploited in the same manner that Win PCs can be turned into bots. There never will be, unless you sit in front of and compromise each Mac by hand.
Windows users get more viruses, mallware and spyware, not just because Windows is obviously sold as a wide open, vulnerable system, but also because Windows users are always trying to get something for nothing.
Get onto Yahoo! Answers, and you’re always seeing people who want to find a place to download free movies, get free MP3s, download free copies of Adobe Photoshop, etc. Is it any wonder how those people get exposed to hacks and viruses?
Plus, you see the bad attitudes that Windows users have (even towards each other); all the angry put-downs, and the mean-spirited opinions. Sure, you see some of that within the Mac community too, but not near as much. I mostly see Mac users more than willing to help each other out, than to put each other down. Maybe that’s from the types of computers that they have to work with, compared to the ones that we work with.
@Rudge
Please stop disparaging Windows users. I’ve used Macs since 1985 and I’ve used windows and now I’m back to using Macs fulltime.
The idea that Windows users are careless and Mac users are all tech savvy computer gods is arrogant, elitist nonsense. You can take it from me. I didn’t become dumber when I used my PC and smarter when I used my Mac.
Take a look at your post and ask yourself: Have Mac owners ever tried to get soething for nothing? Download free moves? Get free MP3s? Get free software? Have bad atttuedes.
Theres actually some irony to the end of your post: “Windows users have all the angry put-downs and mean spirited opinions.”
Geeez, I guess classifying all Windows users as cheap, stupid mean spirited fools might aslo be classified as “angry” and “mean-spirited”. Don’t ‘cha think?
“you think someone would have busted into unprotected Mac machines containing all sorts of personal and financial data by now if they could? “
It’s a numbers game. If you’re interested in financial gain you’ll do the work to target 95% of the PCs in the world and not bother doing the same amount of extra work to target only 2% more of them.
@Rudge
It is always dangerous to use sterotypes. IMHO Apple is more secure, as the lack of problems shows, however I do not think you can ignore the effect of a larger population of MS machines on the amount of malware affecting it.
The machine should be designed to have security built in, and should be simple to operate such as any other piece of home entertainment equipment.
Tongue in cheek you could argue that the mac is designed so a child could use it!
In regard to choice of mac or pc, the upfront cost is what most will base their choice on, and not consider the long term costs of having to manage AV programs, etc.
For background, I have been using various forms of windows for the past ten years and am considering the purchase of an apple mac.
@ Wise Guy,
Your example involved physical access to the Macs in question. In fact every known OS X hack, those proof of concepts made by anti-virus vendors, has been done through physical access to the Mac. They owned the Macs they hacked.
Anyone can hack their own computer. You can wipe the hard drive and lose all your data with ease.
My Macs have been online without anti-virus for years without being hacked. I do have a state of the art burglar alarm system on my very secure house. Perhaps my secure house is the reason my Macs have not been hacked.
Obviously none of you have ever done a google search for “Virus Kit”.
Anyone who thinks most viruses are written from scratch is giving these script kiddies waaayyy too much credit for their stupidity.
You can freely buy a CD full of virus code and modify it. It all works on Windows, it’s been out there for years! You change the virus signature, add a payload and click send – seriously.
There isn’t one for Mac because nobody’s accomplished an initial virus attack yet. But for a PC, I don’t doubt a 6 year old could modify one and send it on it’s way.
Sophos et al are a bunch of self serving a**hats. If they had half a clue they’re figure a way of making these easily obtainable kits obsolete, but then again, that would put them out of business…
@Obvious: “It’s a numbers game. If you’re interested in financial gain you’ll do the work to target 95% of the PCs in the world and not bother doing the same amount of extra work to target only 2% more of them.”
That argument just doesn’t work for 4 reasons.
1) MONEY ISN”T EVERYTHING: Lots of hacking is done for non-monetary gain. As has been expressed above, hacking the mac is the “Holy Grail” for hackers. The small number of macs might not entice them, but entering virgin territory would be a great draw.
2) 22 MILLION IS A BIG TARGET: Although Macs may be a small percentage of the overall PC population there are still 22 million mac users. It’s hard for me to believe that not even 1 hacker would decide to take the trouble of hacking 22 million machines.
3) GO WHERE THERE ARE NO LOCKS: Macs are almost completely unprotected. I had a PC. It had all the spyware, anti-virus, blah, blah blah on it. I bought a Mac and I’ve got NOTHING working to protect it. And that’s true for about 99% of all Mac users. So a hack of a Mac would be like breaking into a walled city where none of the house had locks. Wouldn’t that be attractive to a hacker?
4) WHAT ARE THE ODDS: There are 22 million Macs. There are what, millions of hackers? The Mac OS X has been in existence for about 6 years. With all the Macs for all those years and you don’t think that ANYONE of those hackers woud have taken a stab at cracking the Mac? Come on! There’s no chance that a certain percentage haven’t tried and failed to hack the Mac/
OSX/Leap-A
That’s an os x virus. so much for your claims.
And now you’re just embarrassing yourself. Security via obscurity is EXACTLY why os x has so few viruses. There’s just nothing to gain by making them. Practically no one uses Macs, so what’s the point?
Jedi Master
OSX/Leap-A
That’s an os x virus. so much for your claims.
No one is claiming there are no viruses. It’s just that the viruses that do exist HAVE NO EFFECT in the REAL WORLD!
And now you’re just embarrassing yourself. Security via obscurity is EXACTLY why os x has so few viruses. There’s just nothing to gain by making them. Practically no one uses Macs, so what’s the point?
What’s embarrassing is that with the wealth of information available on the web and in print, people like yourself continue to bleat assertions that are completely untrue. It can be safely argued that the contingent of the population that depend on Macs for their hardware and OS are far more important that the army of desktops acting as dumb terminals in every corporation and business. Yet we never hear of a print shop, animation studio, newspapers, university physics lab or medical facility running MAcs taken down by the latest incarnation of the Blaster worm. Why? Because those threats DO NOT EXIST on any platform outside Windows because no other OS ALLOWS IT TO HAPPEN!
You CANNOT make a Blaster style trojan/virus/whatever that propagates on Macs/Unix/Linux the way they propagate on Windows. It simply CANNOT be done and all notions to the contrary are based on ignorance.
Before you soil the reputation of Jedi, perhaps you should do a bit of studying.