Discussion about

April 17th 2010 11:32 am

I'm going to put the gdgt community to a test to see if we can have a non-flame war discussion.

I just read this article: "Apple Fans Are Clueless About Security, Hacker Says" www.pcworld.com­/article­/194429­/apple­_fans­_are­_clue...

Basically the hacker is saying that MS takes security more serious than Apple (perhaps out of necessity right now) and that Mac security is no better than Windows. He also says that Mac users believe that they're more secure, even though they technically aren't; it's more of a market share thing.

From my PC user perspective, I think that Apple and it's users are in a false sense of security. Right now, it's not a big deal to not run anti-virus/malware and not have security patches out immediately, but eventually I think it will bite them in the ass since the Mac user base is growing more and more.

To Mac users, does it worry you that Apple doesn't take security seriously, at least according to the hacker from the article?

sort by

5 replies

The biggest problem Mac OS is that it's touted as being 'secure', which is total crud. No system, anywhere, is 'secure'. Some are more secure than others, but there is no anti-virus program, firewall, bicycle lock, bank vault, server, or door lock that reduces the probability of compromise to zero. Someone with enough ingenuity and dedication will find a way around any security mechanism. Mac OS isn't being overrun with virus right now because no one (working on Mac viruses anyway) has enough of those two qualities to do that yet.

The biggest problem I foresee plaguing Mac users in the future is the mindset that many (most?) of them possess, in that they believe that there is nothing that can possibly harm them while surfing the web. Many (most?) Windows users are aware of the risks to which they are exposed while online in the same way that one is aware of the risks while crossing a road - if you're not careful, you're gonna get hit by a car. This kind of thinking doesn't exists within the Mac community, and when (not if) the hacker community gets into gear and starts focusing on attacking Macs, most users will be severely vulnerable, particularly to platform agnostic attacks, such as email scams.

In short, the most secure systems are those whose users understand that they're not secure.
2 like dislike

Can't say Apple's stance worries me. Frankly, until there is a threat to guard against, why waste cycles running scanning software? I get that I'm going to get caught eventually, but the odds of it being me who gets nailed in the first major virus outbreak for Macs has to be fairly low, and in the mean time, I don't have McAfee (or whoever) parasitically sucking away at my wallet and processers.

It is a little weird though that if OSX is as vulnerable to exploits as Windows, why hasn't someone written some virus to gut the OSX installed base? I have a Mac and I've got nothing running on it that would stop anyone other than the out of the box firewall. I'm sure I'm in the vast majority. PC users on the other hand, all seem to be doing something to keep the bugs out. Even with the smaller installed base, given that so many of us are really sitting ducks you'd think someone would write something nasty just to wipe the complacent grins from our faces. I don't pretend to be an expert in virus writer psychology, but Mac users strike me as pretty much a dream target.

Does someone have a good explanation for that? Is it because the smaller installed base though growing hasn't hit a tipping point where the number of boxes is large enough to provide sufficient vectors for infections to effectively spread through the population? Not a great theory because if that was the only issue, you would expect to see a bunch of failed attempts to get viruses to propagate and they just aren't out there. But if it is the case, has anyone got an idea of where that tipping point might be? When we start getting close I'll have to change my stance on scanning software.
0 like dislike

No one attacks the OSX platform because the overall market share is still way less than that of Windows. Even thought more and more people are buying Apple products the fact still remains that in the work place Windows still reigns as the defacto platform.

I'll also throw out there that Linux is just as suspect to attacks as Windows is. Despite the fact that typical Flash exploits wont work in Linux, it's incredibly easy to convince someone to just run a script. Not to long ago there was a headline on the Ubuntu Community forums saying "Do not run any scripts from untrusted posters". Simply because a lot of people are looking for easy walk through I can just write a generic script and say "Hey this will fix your problem with your video driver" and it will be nothing more than "rm -r /".

Realistically though it all comes down to market share.
1 like dislike

One addenda: I do one additional thing for security - no one who uses a Mac in my home has admin privileges on their user account, not even me. Not perfect, but it's something.
0 like dislike

Despite the potential easy pickings on the OSX and linux platforms, most hackers won't target them because of the fundamental differences in architecture, and thus a whole new vector of attack would be required, which is going to be a lot of work to come up with, and most hackers just don't want to put that time and effort into a project when there's already an extensive knowledge base of Windows attacks. When the Apple market share hits a critical point, there will be a lot more work going into figuring out the Mac exploits, but right now, it's probably not such a big deal.
0 like dislike

4 users following this discussion:

  • frankspin
  • Monkeyscribe
  • notgary
  • cass

This discussion has been viewed 1581 times.
Last activity .