Are Macs safer than PCs?

Filed Under: Apple, Malware, Microsoft, Vulnerability, Windows

Mac malwareLast week, there was a lot focus on the security of Apple Macs after the Russian security firm, Dr Web, revealed that they had found a botnet comprising over half a million infected Mac computers.

Macs were becoming infected with Flashback malware after users were redirected to a rogue website from a compromised site. JavaScript code was used to load a Java-applet which exploited a vulnerability (since patched).

The thing that surprised many of us was the scale of the botnet.

Mikko Hypponen, Chief Research Officer at F-Secure, put it very well when he said that, proportionally, the Flashback Trojan was as widespread amongst Macs as the notorious Conficker worm had been amongst Windows-based PCs.

The attack has left a lingering question: how secure are Apple Macs?

Apple has traditionally marketed its systems as being more secure than those running Microsoft Windows, but how true is that?

Mac OS, the Apple Mac operating system, is based upon the Berkley Software Distribution (BSD) of Unix, surrounded by a nice graphical user interface.

If you began your career using Unix, as I did, one of the things you come to value is that Unix (and hence Mac OS) has always had a security model built into the operating system.

That was not always the case for Windows as it was originally based upon MS-DOS. The concept of Read, Write and Execute for various executables and data, as implemented in Unix, is simple to understand and has stood Unix systems in good stead for many years.

Unix has other simple features, such as storing executable code and data in separate folders. When you install a program in Unix, you typically predict which folders the executables and data will reside. The corollary of this is that it is easy to completely remove an installation.

Anyone who has installed software onto a Windows platform knows that the installed components can be placed in a wide variety of folders, the obscurity of which mean that if you were ever to attempt to unpick the installation manually you’d inevitably end up with some unwanted pieces of code on your machine.

For Windows, this has spawned a whole host of tools for the uninstall and clean-up process.

Apple store. Image credit: pcruciatti / Shutterstock.comSo, Mac OS “feels” like it should be more secure. But is it in fact just tidier?

Fundamentally, there is no reason why Macs should not be targeted using malware in the same way that viruses, Trojans and worms are built to target Windows systems.

You might run, for example, a piece of JavaScript that steals credentials, or a keylogger, without necessarily attacking the operating system. Likewise, you might exploit a vulnerability in a third party application, as happened recently when a backdoor Trojan embedded inside boobytrapped Word documents successfully ran on Macs.

Ten years ago, when Windows gained a bad reputation for security, Microsoft responded by introducing its Trustworthy Computing Initiative. A security model had previously existed but it wasn't until XP, where objects were given Security IDs and allowed actions were enabled in a way similar to Unix, that a model existed that had the same value as that in Unix. However, Microsoft took a long look at the threat and made a conscious effort to evolve their operating systems to counter it.

Initially, one of the biggest threats was considered by Microsoft to be buffer overflow. This is where regions of computer memory that should not be used for executing code are misused by rogue software.

Windows VistaAs well as preventing developers inadvertently building this into their applications by adding safeguards to the compilers, Microsoft also introduced memory protection mechanisms within their operating systems.

For example, since Vista was introduced in 2007, Windows has had address space layout randomisation (ASLR) which is implemented so as to obscure most of what an attacker needs to conduct, for example, shell code injection attacks.

Mac OS acquired ASLR in late 2007 (Mac OS X v10.5, aka "Leopard"). Unfortunately, Apple’s implementation is not as advanced as that in Windows, and hence it does not provide the same degree of protection.

Apple said it planned to improve items such as ASLR in its next release of Mac OS, but some five years later we are still waiting.

Mac and WindowsI think what all of this exemplifies is two populations of users (Mac OS and Windows) that have developed very different attitudes to security.

Those using Windows have been aware for a long time that their systems have vulnerabilities, and so they are much more likely to use some form of protection such as anti-virus software. Windows users also typically update their software when an update is released by Microsoft; they know updates mean that vulnerabilities may have been found, and it is safer to update than be exposed.

Those using Mac OS have, perhaps, been lulled into a false sense of security. Mac OS users think their systems are somehow inherently “secure” and hence they are less likely to update as frequently as Windows users, or to use tools such as anti-virus software.

A Mac OS user is less likely to be attacked than a Windows user, but that is nothing to do with the level of vulnerability in the operating system. It has everything to do with the fact that over 80% of the personal computers in use run the Microsoft Windows operating system.

Those building malware would rather attack the vast majority of the users. They get a bigger bang for their buck, to borrow a phrase from the military.

What is now catching up with Mac OS users is that their platform of choice is now becoming popular enough to be considered worthy of hackers’ efforts. With the last three years seeing a growth in Mac OS malware in excess of 200%, Mac OS users need to start adopting a different mindset or they will be caught out.

Mac OS users may be "safer" than Windows users, simply because they have fewer attacks focussed on their systems, but they are not more "secure".

Apple has its part to play by releasing updates rapidly in response to known vulnerabilities, and users need to make sure they implement those updates as well as installing security software to protect against the coming threat.

Now is the time to prepare, rather than try to react, when the inevitable onslaught begins.

DownloadFree Anti-Virus for Mac
Download Sophos Anti-Virus for Mac Home Edition

Image credit: pcruciatti / Shutterstock.com

, , , , ,

You might like

56 Responses to Are Macs safer than PCs?

  1. Rob M · 903 days ago

    Macs safer, no. Having said that in the last 20 years of using a Mac I have been infected 0 times had 0 malware installed and feel safe. When running a competing product, it never found anything on my system. There were numerous reasons that it exposed me to potentially more vulnerabilities than it could have ever found. By default am antivirus system must download and install updates. It will generally do that silently to avoid constantly nagging the user. These unknown downloads would also need to be able to scan and change the lowest levels of the system or it isn't protecting all areas. At that point you are trusting the security measures of the vendor to protect your system from infection through their software. Thanks to a competitor not even letting the world know their source code was stolen 5 years prior to an announcement, I can't trust a security company either by default. Anti virus software is a personal choice and not always needed. The performance hit from most as well as the way they prevent real work from occurring at times leads me to believe I can rebuild my system once every 2 years with less disruption than installing AV software.

    • Ohlmann · 902 days ago

      Never, ever use your own example of being virus-less for X years as a proof your system is secure.

      I have run windows 95 without anti virus for more than 10 years without virus of any kind. It was evidently only because I was prudent, as when my father get the same computer, the system became infected beyond repair in less than ten minutes.

    • Peter Ridgers · 870 days ago

      I have seen lots of malware on PCs with current paid-for antimalware (McAfee, Norton, Kaspersky, AVG(commercial), Trend, .....). Most of the time the anti-malware program has not stopped the infection and cannot remove it (though Malwarbytes is pretty good in this respect, but not infallible).

      HOW is this situation better than Mac users thinking they don't need protection??? In both cases the user lives with a false sense of security but in the Windows case they have paid for it.

  2. Brian M. · 903 days ago

    So what I am getting out of this is the best combination is your computer being a Mac and your user being intelligent and diligent about putting antivirus and updates on their machine. That gives you an OS that is targeted less frequently and a user that knows they are not invincible and updates their machine and AV software regularly.

    I have nothing against Windows PCs as I have to use them every day, it's because of that I know how unrelenting the updates and patches are :-).

  3. no fanboy · 903 days ago

    As apple says:

    "It doesn’t get PC viruses.
    A Mac isn’t susceptible to the thousands of viruses plaguing Windows-based computers. That’s thanks to built-in defenses in Mac OS X that keep you safe, without any work on your part." https://www.apple.com/why-mac/better-os/

    Lot of people is getting this so wrong!

    • Pat20105 · 901 days ago

      You are getting it wrong dumbass. Macs also have viruses. ye mac has built in defences but its not even secure

    • It's actually more or less because PCs have the market share that the viruses target them. But don't worry my dear little Mac fanboy, you're getting yours. People are eating up that supply of Macs, along with the supply of B.S. Apple feeds you.

      You know what that means, right? Yeah, you're now worth targeting since there are enough of you. But here's the kicker my friend, the part that makes it the sweetest for me, Apple products are considered "Status Symbols," because they're so over-priced, so all the more reason to attack you, you have more money to steal.

    • Anonymous · 110 days ago

      may be so, but i never had so many trojans on a 4 months old brand new mac, than I had on windows for more than 15 years

  4. G Dean · 903 days ago

    Wow, Sophos continues its "scare the mac users into buying unecessary security software " campaign. Of course there is no such thing as a totally secure system, but the clunky design of windows & the whole retarded user experience forced by using windows, means that users are more likely to be trapped into downloading and running malware. So far Apple have done a good job patching vulnerabilities & it is not necessary for mac users to degrade their user experience by running intrusive and performance degrading security products. I loved the bit about "backdoor Trojan embedded inside boobytrapped Word documents "! ffs most mac users long ago learned that the safest thing for their machines was a NO Micros**t policy, it removed risk & stopped the performance degradation & instability inherant to poorly designed and developed software from Microsoft, who often seemed more intent on changing the macOS to suit themselves rather than designing software for the mac (anyone remember the number of system extensions (& vulnerabilities) that installing word on OS7 needed?). Whatever the new security conscious approach from Micros**t entails, the company will always be associated with poorly designed, buggy and insecure software, and this reputation is well deserved. If you want a smooth secure user experience there is one golden rule, do not buy any micros**t products

    • Jessie S's Friend · 903 days ago

      "So far Apple have done a good job patching vulnerabilities" - Apple were, what, 6 weeks later with the current Java patches for OS X than the patches for all other operating systems. This most recent Mac Flashplayer virus was therefore still technically a zero day attack (no patch available) on Macs, 42 days after the vulnerability was patched on "buggy and insecure" Windows.

      • John · 902 days ago

        Part of the problem is that the Mac OSX version of Java is not supported directly by Sun/Oracle. Apple has to wait for Sun/Oracle to release information regarding patches and updates to Java before they can fix it in their implementation. Thus, Apple's JVM is usually behind any other platform in regards to fixes and/or versions. Apple originally did their own JVM when Sun basically told them it was not worth their effort to support the platform. Perhaps the two parties should get together and remedy this situation.

    • Simon · 903 days ago

      Yes, because Sophos really are trying to get people to buy their software. Their free software. Their software that they give away for free. That they don't in fact sell at all. That makes perfect sense. Certainly more sense than the idea your beloved fanboi OS could have any security issues. .

      • g dean · 902 days ago

        The "free"software is a classic bait lol. Certainly my beloved OS has lots of security issues, but it is beloved because it works reliably and is easy to use. What I want from a system is functionality, something that would be degraded if I started believing & acting on all the Sophos hype! And yes I have tried Sophos "free" anti virus, all it did was flag up some non threats & a piece of malware that seems to have been the product of sophos mac scare tactics

    • I've a bucket of sand if you'd like to borrow it.

    • Machine_Silver · 903 days ago

      It is of course peoples perrogative to stick their head in the sand and ignore the warnings from Sophos who, you could legitimately argue have a potential vested interest in scaring MAC users (although their MAC AV product is presently free for home use!). However, there are similar warnings coming from many other independent sources and many incidents being reported to support the proliferation of MAC attacks. It is my understanding that MACs are definitely now becoming a focus of attention for the authors of malware exactly because they know that they are surrounded by this invulnerability culture and often left unprotected and so they can use them as carriers to inject malware into networks and other systems. By being in denial, I feel you potentially put others as well as yourself at risk. I will not dispute the merits of MACs over PCs especially in the area of security but neither they nor Apple are perfect and I strongly recommend all MAC users to start taking this issue seriously.

    • Tim · 902 days ago

      "intrusive and performance degrading security products."

      Actually, no

  5. City-Support · 903 days ago

    Ha finally someone is talking about the insecurities of the Apple OS, how safe can you be if you leave your house unlocked? Even if there are no known thieves in the area? Three weeks ago I looked at a clients personal Mac, 1500 infected files, she was very surprised and said "but Macs don't have viruses" A very expensive mistake.

    I still dispair at the number of people who ignore simple security basics, regardless of the OS you use, you should have a decent AV system.

    • Brian · 901 days ago

      There are no decent AV systems though. The performance of AV systems is dismal. You didn't mention what the files were infected with. What was it?

  6. David · 903 days ago

    I bought a new PC and went online without virus protection. In less than 1 hour I was infected by a malicious site. I would never keep a computer - whether Mac or Windows - without virus protection. To do so is to play roulette.

  7. GrahamG · 903 days ago

    Have to agree with City-Support - although he omits to say whether the infected files had windows viruses in them which would not affect his client's Mac!
    Have used Sophos for about 15 years on a mixed Mac and PC network (we are a Printer) and have not had an issue.
    Even Mr Cluley's occasional barbed stabs at Macs have only been mildly irritating when it is obvious that not running a "decent AV system" in a business environment is just plain stupid.
    Like G Dean, the "charms" of MicroSoft elude me, but as long as the machines are protected and the only worry is the convoluted logic behind the operating system - I can live with them - albeit with having to pay for "professional" help which is not needed on the Macs.
    Lets face it - ALL computer users need to stop being complacent and realise that AV is essential.

  8. Jon Fukumoto · 903 days ago

    There's no such thing as a 100% secure OS. Mac OSX is just as vulnuerable, and this latest Trojan proves that. On my MacBook I have auto log on disabled, and I have the firewall enabled and stealth mode on. I also have Sophos Anti-Virus installed on my Mac for protection. I've also disabled Java applets in Safari, as well as having the latest version of Java. I do checks for updates at least once a week, and I keep Sophos Anti-Virus updated. Patching any vulnerabilities will ensure that such drive-by attacks will be nullified. However, keep in mind that nothing is perfect, so be very careful of which websites you go to.

    • X-Doc · 881 days ago

      You sound just like what PC people went through 10 years ago. I'm glad there is a reasonably minded, logical Mac person. People hack in CIA, DOD, Pentagon computers routinely and, amazingly, there are plenty of Mac user hang onto this notion that Macs "safer" and that "it doesn't get viruses" etc. I was just speaking person working for one of our govt departments and despite incredibly sophisticated computer security, almost every single one of the computers have been hacked. Hackers have been targeting the big boys for years and now realizing that they can make $10k per day or more, they are targeting Mac users who have no notion of security. Wake up Mac users.

  9. Peter J Taylor · 903 days ago

    Alan, can you please answer this for me?

    I have a desktop PPC G5 iMac with OS 10.4.11, Tiger. Does Apple's adoption of an inferior ASLR with effect from 10.5 Leopard mean I would be safer to remain in Tiger rather than to upgrade to Leopard? Or is the ASLR that comes with Leopard better than no ASLR at all? (PPC G5s cannot accept any OS later than Leopard.)

    Incidentally I also have a laptop with 10.7 Lion, but see no reason to replace the desktop Mac any time soon.

    Kind regards

    • Alan · 903 days ago

      I take it you mean Alan Woodward. I'm a different Alan, the one that posted a couple of earlier comments. I should have used a different name. Anyway, I take a go at answering.

      ASLR was first implemented in Leopard but wasn't fully implemented until Lion. My understanding is that the early implementation didn't accomplish much because it was fairly easy to work around it.

      • Peter J Taylor · 902 days ago

        Thank you for responding, Alan. That sort of half-answers my question, as I get the impression that Leopard with ASLR is marginally better than Tiger with only the original OS X protection.

        But yes, I had really intended the question for the author of the article, Prof. Alan Woodward!

  10. Jim · 903 days ago

    IMO, mac owners should be very concerned. The 'malware industry' has become very organized over the last few years and most malware is built using standardized exploit tool kits that are purchased on the black market. The large criminal enterprises that create and market these tool kits have now added 'mac support' to their standard product offerings.

    As these criminal enterprises have grown, so have their R&D budgets. With this increase in scale, it's natural for them to expand their market to cover macs in addition to PCs.

    My guess is that we'll see an explosion of mac infections as miscreants around the world upgrade their malware to use these latest exploit kits, seeking the newest technology and cool new features.

  11. Alan · 903 days ago

    There appear to be some factual errors or at least misleading statements in this article.

    "That was not always the case for Windows as it was originally based upon MS-DOS." What you don't say is that there are two Windows families, MS-DOS, W95, W98 etc. and the Windows NT family. NT was wriiten from the ground up by Dave Cutler who was hired away from Digital. Culter previously developed VMS and NT drew heavily on that earlier experience.

    "A security model had previously existed but it wasn't until XP, where objects were given Security IDs and allowed actions were enabled in a way similar to Unix, that a model existed that had the same value as that in Unix."

    SIDs have existed in the Windws NT family of operating systems from the beginning. The first version was releaseed in mid-1993. That's almost 20 years ago and more than 8 years before the release of Windows XP.

    The major security issue associated with Windows relates to software development and users:

    1. Even though NT implemented a security model similar to VMS and UNIX (NT actually had a POSIX subsystem and currently supports an INTERIX subsystem) from the start getting third-party developers and end-users to use it was difficult. When the large MS-DOS/W95/W98 user-base switched to Windows XP they were all used to running with full administrative rights because that was the way things worked on the older windows family and most software required such rights. So they Windows XP inherited users, software and developers that assumed admin rights (i.e. the computing world's equivalent of crack addicts). Recent versions of Windows have been attempts to force third-party developers to write code that will run in standard user rights and wean windows users of their admin rights addiction. However, the LUA rights model has existed in NT from the start. Take a look at Cripin Cowan's PDC talk from 2008 "Windows 7: Best Practices for Developing for Windows Standard User" http://blogs.microsoft.co.il/blogs/bursteg/archiv...
    2. Microsoft also implemented the Security Development Lifecycle program to train developers (their own and third-party) to bake security into the software development process from the very start. See http://www.microsoft.com/security/sdl/. This was one of the main innovations to come out the trusworthy computing initiative. Other companies have since adopted this development model but a lot of the software still isn't deevloped with any consideration to security. Think most people developing apps for iOS and Android give a second thought about security? Think again. Same goes for web developers. If web developers gave a damn about security something as simple to prevent as SQL injection wouldn't be so common.

    "Apple said it planned to improve items such as ASLR in its next release of Mac OS, but some five years later we are still waiting."

    My understanding is that Apple was slow to implement ASLR but that the current version of OS X has caught up. Again there is quite a bit of application software that isn't written to utilize ASLR. Microsoft does provide a tool to manually force such apps to use it (along with other types of memory protection).

    • I did have in mind desktop OSs when I wrote the piece so didn't mention NT. I was trying to make sure I didn't compare apples and oranges :). Always tricky in 1000 words. As to ASLR I had understood that it was not going to be fully Implemented until Snow Leopard and that what there is at present hasn't changed much in 5 years. Do you have a reference to some other info as would love to read it.

      • Alan · 902 days ago

        Yes, I understand the space limitations and that NT wasn't widely used on the desktop before XP, although NT3.51, NT4 and W2K were vastly superior to any other desktop operating systems available contemporaneously (and Microsoft often gave NT away for free).

        Here's the reference for ASLR in Lion

        https://threatpost.com/en_us/blogs/apple-revamps-security-os-x-lion-072111

        Also see "Macs in the age of the APT", a talk given at last year's Blackhat. A PDF of the slides are online if you search. Chester Wisniewski also discussed the presentation on this blog last year.

        For an assessment of the current state of OS X and iOS security I'd also read anything on the topic by Charlie Miller and Dino Dai Zovi.

      • Gandalf · 902 days ago

        Windows XP for the desktop came out in 2001. OS X for the desktop came out in 2001. Your article compares Windows and OS X. Which Windows do you think we thought you meant?

        When you wrote "Mac OS is based on BSD", you meant "From 2001, Mac OS has been the OS X flavour, based on BSD." You should therefore have written, "Windows is based on VMS," meaning, "From 2001, desktop Windows has been the Windows NT flavour, based on VMS."

        That wouldn't have added any words to the article - plus you could then have left out two whole paragraphs about Windows not having file permissions, and UNIX having them built-in.

      • ian1775 · 185 days ago

        I used NT 4 on my desktop at work as soon as my company switched from Win3.11. I think it was the mid 90s.

  12. searbet · 903 days ago

    Guess it's time for me to try Sophos again on my Macs. The first time around it reported a lot of irrelevant garbage. Maybe the time has now come?
    I fight Windows malware nearly every day as part of my job so I am way more familiar with the stuff than I care to be. One of the reasons why I only have Macs running at home - too fatiguing to deal with malware 24/7.

    • Peter J Taylor · 903 days ago

      I've run Sophos on my macs since 1999, and it has never reported any irrelevant garbage: just a handful of infected emails in all that time.

      • searbet · 903 days ago

        I think most of the stuff it found came via a work Exchange account I was monitoring at home. Up until now, virus/malware concerns in my Mac environment have been next to none. Nothing close to the infections found in Windows. The worst part in my job is dealing with systems people bring in because they "work from home" and it's our job to clean up those messes too.

        • Peter J Taylor · 902 days ago

          Before I retired I worked for Meteorological Office Defence Services, who realised that people did work at home and either emailed or brought it into the office. They realised that this was a potential source of infection, so they bought a licence for home use by every single member of staff. That is quite a safe way for employers to operate.

          • Peter J Taylor · 902 days ago

            For clarification, I should have written that they bought a Sophos antivirus licence for every member of staff.

  13. Alan · 903 days ago

    @ G Dean

    If you were spouting more than hot air you'd know that Apple is trying to develop a program similar to Microsoft's SDL and that Apple has actually hired away security expertise from Microsoft and other companies over the last couple of years to help address their on-going security problem.

    Steve Jobs came up with some amazing products but security was never big on the feature list. Well, security Kool-Aid maybe but you really shouldn't drink it.

    • G Dean · 902 days ago

      As someone forced to use micros**t products at work for 20 years & having my productivity diminished by the experience I offer no apologies for not enthusing about the micros**t experience. Of course I run anti virus software on a regular basis just in case. Along with never downloading things from web sites, or emails &not using word, this works for me. I remember fondly the seamless & non intrusive nature of Disinfectant on OS7 compared with the intrusive nature of Norton & sophos products on the PCs I have to use it speaks volumes about the scare tactics & marketing of the security companies who have managed to create a major industry out of poorly developed software by micros**t

      • Alan · 902 days ago

        I agree with you on Norton. Never used Sophos antivirus so can't comment.

        Here's a video to take you back to the bygone era of Apple security nostalgia. Enjoy.

  14. Alex · 903 days ago

    Good read, but you talk about Windows history starting on top of MS DOS and security
    Being introduced in XP. Windows on MS DOS died with Windows 98 SE (or Me if you choose to acknowledge its existence). XP is the successor of Windows 2000 and Windows NT, which definitely had a security model built into the operating system, including file system restrictions in NTFS to secure read/write/execute permissions. XP was just the version version of his stream made to be consumer friendly for home users.

  15. W Glazier · 903 days ago

    What I notice is security issues are brought about by other companies when you add their programs to your system. Perhaps the issue isn't as clear as PC/MAC and has to do with other companies having to take responsibility for making operating systems vulnerable. Adobe Flash, Java, and a number of other add-in and plug-ins make all computers more vulnerable. I see no reason for those companies not to bear part of the burden to keep all computers secure by cleaning up their code.

    Nearly every time I hear about a new vulnerability it isn't due to the OS being vulnerable, it's due to some sloppy coding in some app that was made for a PC/MAC. It's time to start laying blame where it really lies. While I know perfectly secure system, sometimes I wonder if the guys coding their programs even care or notice if they make a system more vulnerable with their apps. I'd guess they don't even notice, and probably don't care since they've made their buck, and they can pass the responsibility on to the guys who have to patch the operating system to block a new exploit created by sloppy coders.

    • Alan · 900 days ago

      Agree. The biggest targets ate browser vulnerabilities and vulnerabilities in Java, Flash, and Adobe Reader, and a few other programs. You really need to be patching this stuff almost constantly. It also helps to turn off a lot of dumb stuff in Reader: i.e. Javascript and run other programs option in Trust Manager.

      But features in the OS do help mitigate against application vulnerabilities. Modern operating systems come with memory protection features. See:
      http://www.microsoft.com/security/sir/strategy/de...

      Not all apps implement these features but you can force them to use them:
      http://support.microsoft.com/kb/2458544

  16. Tim · 902 days ago

    A change of mindset and some extra security will go a long way for the (in the most polite way) ignorant apple product user. You're always less likely to get hit by cars if you check the road, just like you're less likely to get hit by malware if you check your system, no matter what OS you're using.

  17. James Wignowd · 902 days ago

    Mac OS + Faronics Deep Freeze

    You're set for a very, very long time.

  18. Phil coates · 902 days ago

    I have to applaud Sophos for bringing their av to the mac market. I get everyone I know to install it, it's free, no longer slow downs your mac or interfere with normal operation and is great at helping me not pass on dodgy emails to my windows brethren !
    If I now turn off java in my browsers I really do feel quite safe.... Even if it's in a false way!

  19. BDM · 902 days ago

    Since I switched to MACPro in 2008 I'vr been using SOPHOS AV! Preventing is better then curing!

  20. ummmm... linux ftw?

  21. Alexander Peter Kowalski · 900 days ago

    UNIX in general (since there were a few init. "distros" in AT&T/Bell Labs vs. Berkeley) was NOT built with security in mind initially.

    IIRC, AT&T/Bell Labs actually designed it MOSTLY for being able to do text processing initially in fact, with no REAL THOUGHT about security (just like TCP/IP initially).

    E.G.-> The FIRST computer worm/virus, afaik or @ least the most publicized?

    The 1988 (date?) Robert Morris worm that raised hell in fact so badly, it got him in all kinds of "bad business" but also did a lot of damage.

    Correct me where I am 'off/wrong' but this is just "looking out for you" Professor...

    APK

    P.S.=> I see your point: Trolls won't & will twist it against you (yes, even playing "mincing word games")... apk

    • MylesJ · 886 days ago

      look up the history of security problems in BIND, a really long story

  22. Alexander Peter Kowalski · 900 days ago

    One thing that a LOT of folks "fall for" is marketing tricks: The MAIN reason less used OS do NOT get 'targetted for termination' by malware makers in general, is just that - lack of users/marketshare. There's NOT enough "ROI" to justify even simple malware creations because there's not enough users to 'scam' out of their ca$h or personal information (such as credit card #'s & more).

    Especially "noob" users by the droves vs. 'computer gurus' a purely relative term that as well!

    (Please - pardon the term to others in 'noob', as it's just a phrase for folks that are NOT 'computer experts' that's widely used).

    In any event - Those malware makers, today?

    They are JUST LIKE PICKPOCKETS & do not target 'crowds of 1' only... They go where the people are, especially folks who are NOT 'security conscious'.

    Hitting most used OS on ANY computing platform be that PC's &/or Servers (where Windows rules the roost in terms of overall marketshare/user mindshare), or on smartphones (where ANDROID, a Linux variant, rules & yes, is being 'targetted for termination' by malware makers & shredded on the security front nearly daily & YES PROVES MY POINT HERE ALSO with widely recognized fact).

    Proofs in the pudding on that note, & to ANY "naysayers" on that account, all I can say is, "argue with the numbers" & facts + good luck - you'll NEED it.

    APK

    P.S.=> In any event, it is GOOD to see the world is "waking up" to the fact that once you start doing well? You WILL get targetted for attacks... even in computer operating systems, because the malware maker of today's no kid in his basement playing mischievous games - they're largely criminals IF NOT part of actual organized crime syndicates... apk

  23. person · 889 days ago

    The user can create accounts, modify permissions, modify files, and control security. People purchase Apple products with very few attempting to learn the system. Profits are more important to a business.

  24. Terry · 764 days ago

    Explain why the Apple Mac OS is “better” than PC’s that use Microsoft Windows

  25. Miss_Rarity · 725 days ago

    i don't get why no one trys to infect macs, it would be so easy to do so because they don't think that they can be hacked.

  26. Nearly every time I hear about a new vulnerability it isn't due to the OS being vulnerable, it's due to some sloppy coding in some app that was made for a PC/MAC.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

Professor Alan Woodward is a visiting professor at the University of Surrey's department of computing. He has worked for the UK government and still provides advice on issues including cybersecurity, covert communications and forensic computing. Read his personal blog at www.profwoodward.org and follow him on Twitter at @ProfWoodward.