Apple more secure than Windows NT?

commentary With exploit code for an OS X vulnerability released recently and a compromised Australian university Mac server caught hosting malware in August, it may be time Apple admitted its platform is no more secure than any other.

While Apple users laud their systems as unbreakable pillars of security in a dangerous world, unsusceptible to the malware attacks that make life on Windows so hazardous, the headlines keep coming.

In August, the University of New South Wales was, no doubt, surprised to learn one of its Mac servers had been hijacked by baddies to host some malware disguised as a Microsoft patch. University system administrators interviewed by ZDNet Australia were puzzled -- the server was evidently running the latest version of OS X server.

It turned out the miscreants gained entry through a vulnerability in the server's TikiWiki code, a third party package that has nothing to do with Apple. Still, OS X didn't somehow, magically, prevent the attack as some users seem to think it's capable of doing.

Yes, it's true the average Mac user (like me -- shiny 20 inch G5 Rev B) doesn't have to contend with the malware that plagues Windows-based computers. Yes, it's true I'd prefer my mother use a Mac to avoid keylogging Trojans designed to capture her Internet banking passwords. But Apple's marketing these days seems to suggest its computers are immune to attack (The advert is also available on YouTube).

They're not, and it's dishonest for Apple to suggest otherwise.

There is little evidence to justify the claim that Apple computers are more secure than any other, and anyone who points to the low number of reported OS X security bugs, worms or viruses as proof to the contrary is misguided.

Macs are safer to use because of the lower number of reported bugs, but that does not make them more secure. It's an important distinction.

There's only one thing that makes Macs substantially safer than PCs, and it's called market share; a 3.8 percent market share, measured by net presence, to be precise.

If Macs were the dominant operating system with, say, 80 percent of the market, there is no doubt all the clever malware writers would devote their skills to engineering malware for Macs, not Windows-based PCs.

With all that brainpower going into compromising an operating system, there is little doubt the efforts would yield results.

In this parallel universe, switching to that boutique operating system made by the underdog with the 3-4 percent market-share, Microsoft, would seem like a great idea. Windows would develop a cult following for its inherently superior security.

The ironic part is Apple has, whether it knows it or not, ripped a leaf straight out of Microsoft's marketing playbook. You have to dig around for Microsoft's old Windows NT marketing material -- the company has removed much of it from its Web servers, perhaps out of shame -- but it reads much the same as Apple's current spiel.

"Intelligent design prevents the swarms of viruses and spyware that plague PCs these days," says Apple's Web site.

And this from Microsoft. "Windows NT Server is secure from the ground up," says a Microsoft Web site archive touting NT's apparent NSA C2 security compliance.

"Every process and feature was designed with C2 level security in mind. In fact, Windows NT Server is so secure that certain processes (identification and authentication, and the ability to separate a user from his/her functions) meet B2 security requirements, a level of security that is even more strict than C2."

In retrospect, it is kind of funny. More reading here.

Indeed, when Windows NT first rolled around in the '90s, Microsoft pushed the security angle hard. It was a new product, and there were few known vulnerabilities in the new server architecture. Of course, with increased market share came a deluge of vulnerabilities and everyone realised that it was, for the purposes of security, poorly designed and full of holes.

Users were not happy, and Microsoft was forced -- it took years -- to finally invest in security in earnest. The Redmond-based giant has learned its lesson.

Apple hasn't been through that humiliating process yet, and still thinks it's invincible. This could explain its lacklustre response to security vulnerability reports. Ask almost any security researcher what they think of Apple's response capability, and you'll usually get the same answer: "They're bad, but not as bad as Oracle."

It's hardly a glowing endorsement.

The argument being put forward here isn't that Windows is more secure than OS X, it's that currently there is no such thing as a secure operating system. OS X just hasn't been subjected to the torture test that comes with market domination. It is almost certain that there are dozens of undiscovered bugs in OS X.

Welcome to the wonderful world of operating system security.

And thanks to the computer-maker's decision to switch to an Intel CPU architecture, Mac malware has never been easier to write. Creating security vulnerability exploit code requires a fairly intimate knowledge of the CPU architecture on the target machine. The relative obscurity of the previous Mac architecture (Power PC) meant there were few malicious coders who could be bothered writing exploits for OS X.

Now it's been switched over to the more hacker-friendly Intel architecture, it's a fair bet that more exploits for OS X will emerge. Sure, the differences between Mac and Microsoft operating systems still mean malware will have to be customised for OS X, but the initial exploitation will be that much easier.

Apple, the message is this: Yes, you make beautiful computers. They're pretty, shiny, they have a nice interface and I love my Mac. Consumers are safer online using a Mac, too. But just as the security of New Zealand is rooted in its geographic isolation, not its military might, the security of your products has more to do with your small market share than their technical superiority.

Editor's note: An update to this commentary has been published here.

Advertisement

Print feature brought to you by Adobe

Talkback 98 comments

    Absolute bullsh*t. Anonymous -- 16/10/06

    C'mon Zdnet, I know standards are slipping but geeez...the gimps you have "writing" for you now is beyond a joke.

    The article lost all credibility about 3 sentences in.

    The old "it's the marketshare" argument is sooooo 1995 and it has lost all credence with "proper" IT Security people, not just your CISSP clowns.

    I can't be bothered even starting in on thios artcile except to say that's toilet paper and should be treated as such, and no, I don't even use Macs day to day (but I admire their purity).

    So lift your game Zdnet and lets get some grown-ups here writing your articles, unless of course, you don't want them ?? Who pays for all that shiny advertising anyway?

    Your author is either a fool that shouldn't be let enar a typewriter, or he's pushing an agenda as NO-ONE of any note has even comtemplated those sad, well worn arguments for over a decade now.

    If Mac had 80% of the market then Win NR would STILL have the vast majority of the real world, "in the wild" viruses as it's TRIVIAL TO BREAK WINDOWS!

    Do you need smaller words, less syllables ?? TRIVIAL ! Windows is the ONLY commodity OS where you can get pnwed by CLICKING ON A LINK or OPENING AN EMAIL and all your huffing and pussing and lying won't change that. It's not even a proof of concept on Mac or BSD or Linux and there sure as hell is NOT 114,000 different examples of this floating around IN THE WILD infecting millions of machines every day!
    it's like car manufacturer X saying 'See/, a car from manufacturer Y got stolen so their cars are as bad as ours!' when the thief needed to follow you home, knock you out, take the keys, get a thumb-print, defeat the biometrics in the garage, then the car and then only manage to crane it onto the back of a truck for removal and it was the only one stolen that year when manufacturer X'c car doesn't even come with door locks or (pardon the pun) windows and they have a life expectancy until they're stolen of 15 minutes!

    Ohhh..but if man Y's cars were so popular they'd be stolen constantly too...right?..right?... rubbish!!

    Now go back to sleep.

    I agree Anonymous -- 16/10/06 (in reply to #320070340)

    A bit long winded but yes, the author clearly has little or no grasp of the fundamental principles at play here.

    it is a shame when so called "experts" don't understand the basics. Big or Little endian code has no bearing on this matter as most hackers --- see?, he doesn't even call them crackers ! -- use toolkits that go nowhere near hitting the hardware.

    The article is a joke and the author is woefully ignorant. I would suggest anyone who is reasonably interested in these matters invist 30 minutes of their time for some quick googling and have a look at what qualified people have to say on the issue.

    this article is still spot on Max Riethmuller -- 21/10/06 (in reply to #320070340)

    You have no idea if you think MAC is not open to infection via email or links. If you can trick the user to open the email or click the link, they can be infected, it's that simple.

    So? Anonymous -- 21/10/06 (in reply to #320070611)

    Yes, Macs (like all computers) are vulnerable to trojans. However, there are several significant differences:
    1. On a Mac, your system files are protected, so the Trojan will usually (at worst) damage your user files. Of course, since there have only been two Trojans in the wild and neither one did any damage, this is purely hypothetical.
    2. There are no self-propogating viruses in the wild that affect Macs.

    The bottom line is that while Macs are theoretically vulnerable, if you want to buy a computer today, Windows is a high risk choice and Mac OS X is not.

    rubbish.... Anonymous -- 21/10/06 (in reply to #320070611)

    And how exactly is a safari user going to infect their MAc by clicking on a link ?...hmmm..where's the exploit code ?..where's the ActiveX that makes the lovelyness possible?

    Look, I don't expect miracles, I do expect however a slight amount ok nous from people who reply to me..

    Go do your homework sonny, get some experience then come back and we'll talk.......see you in 2019!.

    you have your head in the sand Max Riethmuller -- 12/01/07 (in reply to #320070636)

    no thanks for the completely inaccurate assumption about my age or experience. Atleast I'm not afraid to put my name to my comments.

    Grow up

    Infected with what exactly? Anonymous -- 04/11/06 (in reply to #320070611)

    Name me ONE thing that natively infects Mac OSX in this manner.

    not really that easy Rob Lowe -- 26/11/07 (in reply to #320070611)

    via email? a .exe or a vbs script it wouldn't do anything to a mac because its an irrelevant file to the OS. The current way of tricking macs now is by linking an opening media that invokes installing a bogus codec and having the admin type the password. i mean, this is not close at all to the easiness of hurt in windows.

    Someone needs to take a deep breath... Gary Miller -- 10/11/06 (in reply to #320070340)

    Count to ten... wipe the spittle off your keyboard, mouse and screen. Then say to you self... there is no place like cupertino... there is no place like cupertino.

    Grow up. It's a computing platform. Not your child.

    nonesense Matt Bland -- 16/10/06

    You forget to mention that Mac OS X is built on top of a Unix variant and shares much in common with FreeBSD. It is as secure as Linux/FreeBSD/Unix in general and many of the vulnerabilities it has are due to third party applications rather than system design, unlike Windows NT & XP. The majority, of the limited number, software engineers who have looked at the Windows codebase are shocked at the number of short sighted 'quick-fixes' and messy spaggetti code that it is made up of. Conversely the under pinnings of OS X are open and available for inspection as part of Darwin, and are well written and transparent with over 30 years of history of refining and development of some segments of the code.

    Your accusation regarding market share leading to better security is laughable and betrays a complete misunderstanding of the subject.

    malware on Mac Anonymous -- 16/10/06

    As far as I can remember, Apple has never said anything about their system be unbreakable....they just don't talk about....but they do put out patches....don't know where you got the idea that Apple has said what you write about....me thinks you are wrong on this.....again, more FUD.....

    And, this has taken a rather long time for the report...this happened in August????....Now that is even suspect...if this is true, it would have made the news all over the world...in fact, this is the first I have heard about it....and I get news stories from all over the world about Apple Computer, Macintosh, and iPod's...?????

    What a crock Anonymous -- 17/10/06

    The fact that you can make a statement like this:

    "It turned out the miscreants gained entry through a vulnerability in the server's TikiWiki code, a third party package that has nothing to do with Apple. Still, OS X didn't somehow, magically, prevent the attack as some users seem to think it's capable of doing."

    Tells me you are utterly unqualified to make a statement like this:

    "There is little evidence to justify the claim that Apple computers are more secure than any other, and anyone who points to the low number of reported OS X security bugs, worms or viruses as proof to the contrary is misguided."

    You have to have a basis to understand what makes an OS or Application secure in order to gauge if it's possible for one to be more secure than another.

    Look here: http://weblog.infoworld.com/enterprisemac/archives/2006/08/is_windows_inhe.html

    Mac = Obscurity? NOT! GM -- 17/10/06

    Obscurity has nothing to do with market share or the installed user systems share. Apple is one of the LEAST OBSCURE computer systems, and offers the one of the most tempting targets for malware creators. This is no secret to hackers.

    Temptation #1 - Taunting - Never in the history of computing devices has any other computer manufacturer been so brazen about its security as to advertise it to so many around the world. This level of taunting is like twisting a dagger into the hearts of hackers.

    Temptation #2 - Transparent - Apple utilizes far more open-source code than Microsoft. This code is not only in user systems, but is also found in Apple's servers and super-computer grid configurations. All of Mac's core operating system, BSD UNIX, is freely available for use and inspection for vulnerabilities.

    Temptation #3 - Vulnerable - Over 95% of the Mac OS X users do NOT use ANY malware protection software. In fact, corporate-owned Apple systems, from in-store demo units to the staff at Cupertino, do not use any such software. They rely upon the innate security of the OS alone.

    Temptation #4 - Fame - To be the first to create a successful, self propagating virus or to take control of a Mac for the use of being an unwitting spam generator would bring tremendous international notoriety; the Holy Grail of programming. Apple's public announcement of being virus-free makes this challenge impossible to ignore by many hackers.

    There isn't a hacker out there that isn't aware of Apple's use of open source programming, their lack of virus protection software, and their arrogant public taunting of criminals. The general population still dwells within their vast herd of false security and myths, having yet to experience a Mac for themselves and view Apple as being an obscure computer system. But, for the hackers, they clearly see it, they are very well aware of it... but can't touch it. For them, Mac OS X is far from obscure.

    1 to 100,000 R. Yugaetu -- 17/10/06

    Let us acquiesce to a heavily disputed "fact" that there are 2 known Trojans out there for a Mac. If current trends hold true, then in 2008 the Mac OS will be 100,000 times safer than Vista with its projected 200,000 viruses/Trojans.

    I was about to make an analogy here, but it really isn't necessary. It should be blatantly obvious to even the simplest of morons that choosing between any two things where one item is 100,000 times more likely to cause security problems than the other is no real choice at all.

    But, for those of you still curious, here are a few examples of things with a 1:100,000 ratio. Which would you rather do...?

    Jog 1 mile or jog around the Earth 4 times?

    Toss a paperclip (1 gram) at your coworker's head or throw your stocky 220 pound boss the same distance?

    Wait 1 minute for your computer to boot up or wait 69.4 days?

    Last, but not least...

    Lift a gallon of milk (8 lbs) onto the kitchen counter or lift a fueled C5 Galaxy cargo plane with a full load of two M1-A1 Abrams battle tanks and 73 soldiers (400 tons total) onto the kitchen counter? [ photos at http://www.theaviationzone.com/images/html/galaxy/page2.asp ]

    Don't allow Microsoft or any of their mindless lemming-like minions to downplay the size of this problem; 100,000 of anything is a lot!

    and How! Anonymous -- 17/10/06 (in reply to #320070348)

    all I can say is and How!

    True Javier -- 17/10/06

    All Apple claims is 0 viruses. The problems this article describes are not computer viruses.

    0 viruses? Anonymous -- 26/11/07 (in reply to #320070349)

    Apple doesn't claim that... there have been 60 viruses in apple compared to more than 100,000 in windows.

    Apple is far more easier to keep or fix after an attack than a winblows vista machine

    FUDmeisters and Facts Robert Pritchett -- 17/10/06

    Over on macCompanion, we have established a Mac Security 101 column and we have also had QuickTime videos last summer on Mac Security and Maintenance that blow this kind of FUD completely out of the water.

    http://www.maccompanion.com

    Why spread blatently obtuse and patently false stuff like this around except to garner keyclicks and try to do a "Dvorak"?

    Ignore article and do not add more comments Anonymous -- 17/10/06

    I know, I know I just did.

    If you think this article is crap, and it is, please do not give the "reporter" additional credit by generating more visits to this page. After all that's all they're trying to do with these sensationalized, untrue, and unresearched stories based on ignorance.

    Please do not start a raging debate. Let's ignore this garbage and give it the resounding silence this article deserves.

    Thank you.

    Malware on Apple OS Anonymous -- 17/10/06

    If you listen to the Apple ads you mention, you'll note that "Mac" only says that he isn't affected by the viruses that infect "PC". Which is a 100% factual statement. The latest Mac OS has never been affected by a PC virus.

    If you install Windows or Microsoft Office on an Apple computer, then these applications can be vulnerable to viruses written specifically for this sofware. But the Mac 10.4.7 operating sytsem is not affected.

    If someone installs buggy software on any server, including an Apple Xserve, they shouldn't be surprised to find it vulnerable to attack. However I'm sure the Mac OS running on that server was not infected by the malware you mention.

    Your article was not very well informed and is more of the type "flame baiting" than the factual and neutral description of the security issues I would have expected from serious journalism.

    Are you serious? Anonymous -- 17/10/06 (in reply to #320070352)

    Are you serious? Serious journalism from ZDnet? HAHAHAHA!

    Macs ARE more secure than Windows XP Dan Pouliot -- 17/10/06

    Windows NT is not intended for consumers, so for starters let's compare apples to apples: OS X to XP. While OS X surely has vulnerabilities, that does not automatically make it as insecure as XP. XP runs all processes with the same level of privileges as the account in which it is run, and since most users run as admin, most processes are automatically granted admin privs. This is not the case with OS X. Therefore, malware trying to gain access through normal channels will prompt the user to authenticate.

    Apple cannot be blamed for the actions of admins placing third party software on their servers and then not keeping up with patching the security holes in that third party software. And please show me the people who think that OS X should have "magically, prevent[ed] the attack". Please don't paint us all with that brush.

    Apple more secure than Windows NT? Anonymous -- 17/10/06

    Is this a joke? This "article" has so many incorrect statements, it's ridiculous and not even worth my time to correct. Get someone who knows something about technology to write these "articles!"

    How Come I Can't Run 3.8% Of The Viruses? Ben Marks -- 17/10/06

    If Apple's marketshare is indeed 3.8%, why aren't 3.8% of the world's malware/viruses written for the Mac. Symantec indicates that there are over 100,000 viruses yet there are a disproportionate number for Windows? Statistically shouldn't there be something written for the Mac?

    3.8%.... How do they figure Anonymous -- 17/10/06 (in reply to #320070355)

    HOw do they figure this 3.8% of computer users are mac......I think its a little more then that..... every mac user knows that there computers last longer (or they keep them longer - my powerbook is 5 years old - you can still buy a imac 333 for 100 bucks) I remember a few years back a poll that went out where 1 in 10 people surveyed were mac users..... that seems closer to the truth to me

    different animals Anonymous -- 18/10/06 (in reply to #320070366)

    There is market share, then there is installed base. the 3.8% number is market share, which refers to the percentage of consumers buying computers during any particular quarter. The installed base is what you refer to, and it is widely recognized that Apple enjoys between 15 and 20% installed base of the computer market.

    This just exposes the author's ignorance; security through obscurity is FUD. Vista isn't even out yet, and therefore has fewer than just a couple of million copies out, and it already has been compromised at least a half dozen times. Mac OS X has been released since 2000, and there have only been two lame trojans - one proof of concept, and the other bombed on release due to lame programming. Neither is known to be in the wild at this time.

    Windows is compromised more often because it is more vulnerable. Even patches that are released by Microsoft don't always get applied, so those systems are just as exposed as if the patch hadn't been released.

    Mac OS X is set to automatically update by default. Most Mac users do this as a matter of course.

    And the most glaring error in this piece is that servers and desktops and laptops are three different animals. You CANNOT compare one to the other regarding security!

    Mac Saturation Anonymous -- 16/11/06 (in reply to #320070366)

    1. Windows XP 86.80%
    2. Windows 2000 6.09%
    3. Windows 98 2.68%
    4. Macintosh 2.32%
    5. Windows ME 1.09%
    6. Linux 0.36%
    7. Windows NT 0.24%
    8. Macintosh Power PC 0.15%

    http://www.onestat.com/html/aboutus_pressbox46-operating-systems-market-share.html
    August 14, 2006

    This trends with IDC and other leading research companies.

    You're wrong SS -- 17/10/06 (in reply to #320070355)

    I don't mean to start a conflict, but this argument is severely flawed. 3.8% of the market share with equal security does not mean that 3.8% of viruses would be for Macs. In order for 3.8% of viruses to be for Macs, 3.8% of the hackers/coders that write viruses in the world would have to be familiar with, and have reason for targeting Macs. I think if you did a poll of people who write viruses, you would find that they don't understand enough about the architecture of PowerPC to begin writing malicious code. It's not that it isn't possible, it's that no one in their right mind would bother learning about a new architecture to attack such a small portion of the population. On a side note, I went to my Universities book store today and 3 out of 5 Macs there were crashed. You could move the mouse, but the system was not responsive. Macs are vulnerable to everything Windows machines are. Mac users need to stop living in their bubbles and pre-emptively protect themselves.

    Sorry but you're wrong also. lantzn -- 17/10/06 (in reply to #320070373)

    Dude were you even aware that Macs are no longer on the PowerPC architecture? That's right, they've moved to the Intel architecture, just like your beloved PC. So were are all the virus?
    As far as problems go, I've been doing tech work on Macs since 1987 and they come nowhere close to having the problems PCs have, especially since they moved to OSX (UNIX/FreeBSD). I have setup numerous Macs and tell the operator NOT to shutoff their machines. I can't recall the last time I heard of a true system crash (kernel panic), maybe around the 10.2 era (we're at 10.4 now). If an app crashes, all you really have to do is reopen the app and everything else just keeps going. There is so much proof out there concerning the stability of OSX your comment is so rediculous. Those so called crashed Macs at your campus store sounds like a bunch of PC staff trying to give the Macs a bad name by "sabotaging" them. If I were running the place it's be a different story.

    pc's can run reliably and securely _ I have done so many times. Max Riethmuller -- 21/10/06 (in reply to #320070377)

    mate, I am a pc tech, and I kept over two hundred pc's running smoothly without getting viruses and without crashing all the time. All user's commented how secure and stable the machines where. Yes you probably could get a mac lab running better than that university had, but that doesn't mean anything if the same can be done with pc's.

    And, yet Anonymous -- 21/10/06 (in reply to #320070616)

    And, yet, viruses cause tens of billions of dollars per year on Windows PCs -- and zero dollars per year of damage on Macs.

    So much for how well your theory works in the real world.

    What is wrong with you Anonymous -- 18/10/06 (in reply to #320070373)

    PowerPC architecture? That doesn't have sh*t to do with it!

    The virus if written to exploit flaws in the software. You don't have a clue what you're talking about here.

    As for Macs being vulnerable to everything windows PCs are, that's obviously false because there are over 100,000 viruses that Windows has been vulnerable to and OS X has NOT.

    cpu architecture is relevant Max riethmuller -- 21/10/06 (in reply to #320070457)

    your the one who doesn't seem to have a clue? CPU architecture does become important in learning how to hack an os, since the way the cpu addresses memory is where hacking can sometimes be possible.

    Tell 'em to upgrade to at least 10.3 Anonymous -- 19/10/06 (in reply to #320070373)

    I've seen a lot of Macs crashing and putting out during my time at uni and most of the problems were caused by poor maintenance. This was during the days of OS 9. I was even able to crash my own mac those days (and prided myself at being able to).

    With the Unix-based OS 10, everything's just been more stable. I'm unable crash my mac the way I did in the past (though I have to admit I had 2 kernel panics from unkown causes). The only thing I get on a mac these days are kernel panics, and when they happen - you would know (it freezes the screen and tells you so).

    So next time you go to your uni and see a 'hung' mac... try looking if it's at least running any flavour of Mac OS X. If the mouse works but the computer seems unresponsive, it might just be something else: user error. Try hitting the ESC key or even command-opt-esc will fix things most of the time. The key combo I mentioned is similar to Windoze's ctrl+alt+delete... but it doesn't crash the system like Windoze's does.

    that was 98, not xp. Max Riethmuller -- 21/10/06 (in reply to #320070532)

    windows task manager (ctrl-alt-delete) doesn't "crash" windows at all. infact Windows XP has reduced 99.9 percent of the causes of apps crashing windows, and now most apps can be killed without any affect on the rest of the os, or even most other apps running.

    Gone are the days of Windows 98 my friend, Windos XP is light years ahead. It's a shame many people continue to compare MAC OSX against Windows flaws that idsappeared with the Windows 9x codebase.

    Security: OS vs. 3rd Party Apps Anonymous -- 17/10/06

    Apple can't "magically" prevent poorly written 3rd party apps from becoming security holes. All they can do is make their own code the best it can be.

    How many actual security breaches have been the result of Microsoft's own code?

    How many actual security breaches have been the result of Apple's own code?

    3rd party developers can write buggy code equally well for both operating systems, for which the OS manufacturer can't be held accountable.

    So, which OS is the better bet for safe computing? The answers to these questions will prove which is the least secure OS and its manufacturer's applications.

    I think the answer is clear.

    I don't think anyone has claimed OS X is impervious, but rather that it if far more secure than Windows and that, so far, nobody has breached security through an OS bug -- unlike Windows.

    So, let's be rational.

    Security Phil -- 17/10/06

    It has never been the issue that Microsoft is the only one with security issues. The issue has been the sieve-like nature of MS OSs and apps, and the misguided notion that competing products must have "no defects" to be better than what MS is offering. That notion is a logical fallacy, referred to as the Requirement for Perfection. In other words, it is not the case that Product X must be perfect in order to be "better than" Product W.

    Come Hack Me Then You Moron! Jim Everson -- 17/10/06

    Hey I don't run any 3rd party security software on my Mac. I'll even give you my static IP address. Come on, big mouth, hurt me! G*D this article is lame 10 times over! You say yourself it should be easy now that I'm on an Intel based Mac. Of course, it doesn't occur to you that vulnerabilities are found in the OS, not the CPU.

    LOL -- you guy's kill me Anonymous -- 17/10/06 (in reply to #320070359)

    There's the pinch windows users are not blind to the fact that there systems are easily compromised. As they are aware that the OS is made by humans and there fore no doubt can be hacked by humans. Mac users are like lemmings easliy lead have one determination to believe that all is well if a few words placed together in a clever guilded sentence tells them so. WAKE UP you delerious puffs of smoke your system is not immune to hackers or malware or any other nasties. The system has been made by humans and therefore it is hackable. Wake UP

    Maybe YOU should wake up Anonymous -- 17/10/06 (in reply to #320070412)

    No one ever claimed that Macs are immune. That's just the lie that Windows lemmings tell. But the facts are very real - if you want to use a computer today without worrying about viruses, Windows is an insanely stupid choice. There are no viruses in the wild for Macs.

    That could change some day. But even if it does, from a security perspective, anyone claiming that Windows is just as good is a moron

    OMG... LEMMINGS! Anonymous -- 19/10/06 (in reply to #320070434)

    Did someone just mention Lemmings! That used to be one of my favourites... and it first appeared..

    ON A MAC!

    1 pwn3d j00 phr34k!

    Your point? Anonymous -- 20/10/06 (in reply to #320070533)

    So your point is that you're not bright enough to understand the difference between a word and a concept?

    WRONG! Craigos -- 20/10/06 (in reply to #320070533)

    How about getting your facts right. It was first developed by DMA Design from memory on a COMMODORE AMIGA!

    It is very rare to get viruses on a pc with AV Max Riethmuller -- 21/10/06 (in reply to #320070434)

    You mac user's seem to have some misguided belief that windows systems are so poor they can not be protected, this is a joke. I run AV and Firewall software, and simply haven't had a viruses in so long I can't remember when. Those people whose computers I disinfect of viruses, have not been running uptodate AV software, or have no firewall.

    Okay so it's not os level protection (incidently, Apple recommend you update daily os patches, and run AV software), but hey I don't get viruses and with free AV software readily available there is no excuse to get viruses on your windows machine.

    Another thing I have experienced, mostly those peeps who trawl the worst of the worst "free preview" sex sites, or warez link farms, get internet born viruses. Other than that, they are a victom of some malware popup scam ("Your system is at risk. click here to install SOMEDODGYSOFTWARE Now!").

    Now here's something. The other day a mac user told my dad not to worry about the virus she sent him in a macro, since "mac's don't get viruses". As far as she was concerned it was not her issue, yet she had received a document which became infected with a macro virus by the copy of Office on her computer (a MAC).

    Please explain Anonymous -- 21/10/06 (in reply to #320070614)

    If your theory is true, why do PC viruses cause tens of billions of dollars per year of damage? Meanwhile, Macs have zero dollars.

    Only you said it was immune Anonymous -- 18/10/06 (in reply to #320070412)

    Another straw man argument. Are you the author posting anonymously?

    No one said they are immune, just not affected at present, and have better security. Understand the difference.

    Statements about technology should be supported by fact Anonymous -- 17/10/06

    If you're making a statement about alleged technological superiority, then you should give some facts about the technology instead of just assuming your conclusion from the start. Is Mac technology more or less secure than Windows technology? How would you know? How about a comparison between Apple's Unix implementation and Windows? How about an investigation into specific kinds of vulnerabilities such as Office macros and e-mail attachments? Without such a discussion, you've given us an opinion without any reason to listen to it.

    Spot on Fred Oz -- 17/10/06 (in reply to #320070361)

    There are manycommentators in the OS security debate who rage about what is more or less secure without ever defining some criteria for "secure".

    I can think of a number of measures, each of which may be more or less important to different types of user. For example, one measure might be exploits in the wild. Another might be number of compromised machines, adjusted for network presence if you must.

    Another might be number of known vulnerabilities, anther the rate at which vulnerabilities are discovered.

    Once you have decided on the criteria, you can determine the relevance if each criterion to a paricular user's circumstance. Thereby you can objectively decide platform that is more secure for certain types of user.

    There are other critieria to consider too - such as the value of the information that might be availble to a certain exploit, how hard the hack is to discover and remedy, how easy it is to actually implement, and so on.

    So how about it, ZDNet?

    Doesn't matter much Anonymous -- 17/10/06 (in reply to #320070408)

    It really doesn't matter which of the criteria you proposed are selected. The Mac wins hands down on ALL of them.

    That's why it irks me that idiots like this ZDNet writer pretend that Windows is just as good.

    Absurd, Pathetic, Weak Attack Anonymous -- 17/10/06

    The only successful Mac attack was a fake. Two security professionals at a conference installed special (PC) cards with special drivers to PROVE that the Mac was vulnerable!!! Pathetic. It turned out that one of the guys had seen the Mac PC commercials, and said that he'd like to "stick a burning cigarette in the eye" of "smug" Mac users. The only real attacks on the Mac are from journalist-wanna-be's like yourself.

    Apple has done a superb job. Give them credit. Never once - NOT ONCE - have I ever been attacked, nor has any Mac user I have ever heard about, aside from the jealous, grandstanding hoaxers mentioned above. Rather than say "that can't be, they're liars" perhaps you should write an article on just how Mac resists all attempts (to date) of attack. Is it the tried an true UNIX underpinnings? The way the mac won't allow installs without authorization as Windows does? Obviously what Mac has done is working... so why don't you write about that?

    no secure OS??? Anonymous -- 17/10/06

    OpenBSD has had only one remote hole in the default install, in more than 10 years!

    True - but.... Anonymous -- 17/10/06 (in reply to #320070363)

    That may be true (I don't have any way of knowing about OpenBSD), but it disproves the author's argument. He claims that OS X doesn't have any viruses in the default install because its market share is too low. But OpenBSD has a much lower market share - so how did it get a virus?

    vulnurability not the same as a virus Max Riethmuller -- 12/01/07 (in reply to #320070392)

    it didn't get a virus, a vulnurability was discovered, not a virus.

    Read for God's sake!

    Unconfirmed 1 Sighting Versus 900,000 jbelkin -- 17/10/06

    Not sure what your definition of "more" is but I'd say 900,000 vulnerabilities of Windows is more than 1 unconfirmed and unsubstantialed sighting of an alledged malware on the Mac side.

    Especially since on the Mac side, you expand vulnerabilities to include any random software that can be exploited if you step up the machine - if you include that description to the Windows side, where would that stand.

    Face the facts. Windows is poor security risk. It is a fat sleepy tourist on a park bench with all his valuables at his feet and the Mac is a young special forces solidier. The Mac has NEVER claimed complete invulnerabilities (look at their claims closely) but who is much less of a target for pickpockets.

    The Mac has over 25 million users and we're all still safe because any alledge vulnerabilities are closed within days instead of a month or three or one patch after another with then a newer version of IE plus another patch.

    You made a poor choice to go with Windows but that's your choice. Don't knock someone's else better choice just because you choose poorly. Grow up.

    Vunerable not likely Din Den -- 17/10/06

    OS-X has been out since September 2000 that is seven years and not a single in the wild threat.

    Each and every Microsoft Windows computer during that time suffers trillions of attacks and billions of breaches.

    Let me see seven years and ZERO vs Billions of infections to remove and data lost. Bank accounts robbed identity stolen. Cost of Mac breaches $0 cost of Windows breaches $100,000 to 1,000,000.

    Yeah that seems about equal if your a moron or a Windows drone but not if your a Mac user.

    Move to a better neighborhood Dan -- 17/10/06

    I smile when I read comments such as, Macs are less immune to viruses because they have a smaller market share. I like that. It's like living in a better neighborhood where you are less likely to be burglarized, vandalized, or be the victim of theft.

    I never equated being a victim as being a good thing.

    Bizarro-World Anonymous -- 17/10/06

    Since we are not living in a parallel Bizarro-World universe where Macs have 95% market share then er... Macs are more secure. Since this is unlikely to change for many, many years then why can't Apply Tout its security edge? Bonkers MS-pandering article...

    Gawd help ZDNet Anonymous -- 17/10/06

    If this is the quality of reporting and technical acumen I can expect from NDNet gawd help us all. Nothing original here BTW. I gave up reading when the whole Intel transition was called in to question from a security standpoint. I can't respond to something as basically absurd as the idea that a CPU and its instruction...oh forget it...I give up...have at it ZDNet!

    Funny thing Anonymous -- 21/10/06 (in reply to #320070374)

    "I gave up reading when the whole Intel transition was called in to question from a security standpoint."

    Yet Apple was criticized by ZDNet at the time for having PPC architecture instead of x86.

    Just goes to show - at ZDNet, EVERYTHING Apple does is wrong.

    What a complete prick Trotskiii -- 17/10/06

    What a complete prick, this is crass journalism even by ZDnets standards!

    I Beg To Differ... Anonymous -- 17/10/06

    Mac OS X is inherently more secure that Microsoft Windows. BSD Unix and it’s derivatives (including Mac OS X) has been declared as the most secure OS by all the major security analysts and the US and UK governments.

    This does not mean that there are no vulnerabilities in BDS Unix, or Mac OS X, but most are well known and have been patched. Third-party vulnerabilities are a problem for ALL operating systems, not just Mac OS X.

    Windows, however, has a legacy of vulnerabilities inherited from older versions that still plague all versions of that operating system. Additionally, releases of proprietary source code have allowed even more exploits in recent years.

    I do not believe that Mac OS X is "invulnerable" and more hacks will be tried in the future. However, today it is MUCH more secure than Windows.

    BTW - There are only two know "Trojans" for Mac OS X and NO viruses to date. Even "hacks" to show Mac OS X is more generally vulnerable have proven to be overblow or false.

    What a Joke Anonymous -- 17/10/06

    Get a brain and a life...tripe does not qualify as journalism

    Safer by Built-in Security More Important Walt French -- 17/10/06

    > There's only one thing that makes Macs substantially
    > safer than PCs, and it's called market share...

    Pure, hyperbolic Bullshit.

    Yes, it certainly helps. But the basic requirement of installation permissions, protections turned on by default when the machine leaves the factory, applets using safer (and more obvious) tools than Active-X, no super-use services and hundreds of other technical and social engineering standards are also involved.

    Windows can be setup well Max riethmuller -- 21/10/06 (in reply to #320070381)

    I get your point about of the shelf protection, but nevertheless windows is pretty secure if setup well. Active-X is a bugger I agree with that. Also, as far as software firewalls go thirdparty solutions are usually better (I fnid sygate excellent) than inbuilt. And of course AV software is a must.

    But ultimately, even with active-x, I get no virus problems wth Windows XP and Internet Explorer for the web browsing I do (which includes some porn browsing, I'll admit, but not tenaciously lol)

    Rant rampant, argument missing Anonymous -- 17/10/06

    That's a lovely mac boy rant but seriously where is your evidence to disprove the original commentary.

    Read my response (below) Anonymous -- 17/10/06 (in reply to #320070382)

    It's easy enough to shred the arguments this guy provides. Just see my article below.

    So where are the facts? Where are the viruses that affect OS X (not third party apps or third party WiFi cards)?

    If OS X is so bad, you should be able to point to at least one virus (not trojan) in the wild.

    Look out Palm Anonymous -- 17/10/06

    your brains are showing, you pin head.

    Apple more secure than Windows NT? Anonymous -- 17/10/06

    You truly should seek out employment on some comedy show. I'm sure some night spot in Australia or the United States would hire you.

    pch1351

    "Virus" Alert ... or "Bad Reporting" Alert Josh -- 17/10/06

    uh... From my understanding this is a Spam / Phishing email that pointed to a malicious .exe file on an OS X System. This simply means the administrator allowed someone to put a file on the server.......

    You can drop an virus .exe right now in my shared drop box on my OS X machine if you want.

    This is very very different from an Application being remotely loaded onto the OS X Server without the specific ports being opened prior by a Server administrator and without proper security.

    Furthermore, this is a lot different from malware or a virus running as an application on the OS X Server that wasn't specifically loaded by someone administering the computer.

    So I think there is some follow up needed on this matter in regards to the fact checking.

    Cheers

    How many mistakes? Anonymous -- 17/10/06

    How many mistakes can you make in one story? Apparently, a lot.

    First, Apple never claimed that their system was immune.

    Second, you bring out the same old 'Macs are only safe because they're obscure' argument - in spite of the fact that many less popular OSs (Amiga OS, BeOS, even Vista) have active malware, while Mac OS X doesn't.

    Third, you apparently don't understand the difference between an OS and an application. Or at least you appear to understand it, but you STILL claim that Mac OS X is insecure on the basis of an application problem:
    "It turned out the miscreants gained entry through a vulnerability in the server's TikiWiki code, a third party package that has nothing to do with Apple."

    Fourth, you make wild, unsubstantiated claims:
    "Still, OS X didn't somehow, magically, prevent the attack as some users seem to think it's capable of doing." I don't know any Mac users who think that their OS can prevent anything bad from happening to their system. Or, at least, no knowledgeable ones.

    Fifth, you can't understand a simple statement: "But Apple's marketing these days seems to suggest its computers are immune to attack " Where did Apple do that? They simply claimed that there are no active viruses TODAY. No one ever said there never will be.

    Sixth, you apparently don't have any clue what 'safe' means: "There is little evidence to justify the claim that Apple computers are more secure than any other, and anyone who points to the low number of reported OS X security bugs, worms or viruses as proof to the contrary is misguided." Sorry, but 'security' is a measure of how much chance my system has of being corrupted. The number for OSX is currently zero. The number for Windows is huge. The number for Linux, Vista, BeOS, AmigaOS, and many others is small, but finite.

    Then you bring up the silly market share argument again: "There's only one thing that makes Macs substantially safer than PCs, and it's called market share; a 3.8 percent market share, measured by net presence, to be precise." Then why are there already active viruses for Vista - along with obscure OSs like AmigaOS and BeOS? And why are there FreeBSD viruses, but none (today) for OS X?

    Then you pull out mindless (but incorrect) analogies: "The ironic part is Apple has, whether it knows it or not, ripped a leaf straight out of Microsoft's marketing playbook. You have to dig around for Microsoft's old Windows NT marketing material -- the company has removed much of it from its Web servers, perhaps out of shame -- but it reads much the same as Apple's current spiel." Unfortunately for your argument, there were plenty of NT viruses, but are still none for OS X. So when Apple said it, it was true - how is that a page out of Microsoft's playbook?

    Then you demonstrate your complete lack of understanding of malware: "And thanks to the computer-maker's decision to switch to an Intel CPU architecture, Mac malware has never been easier to write. Creating security vulnerability exploit code requires a fairly intimate knowledge of the CPU architecture on the target machine.". Sorry, but the majority of malware today is written by script-kiddies who don't need to know much at all.

    Then you repeat the market share argument again: "the security of your products has more to do with your small market share than their technical superiority." Do you really think that repeating your lie often enough will make it come true?

    What happened to ZDNet? They used to be a reputable source of information. With you and with George Ou, you seem to be nothing but Apple-bashers these days.

    Inaccurate Story Anonymous -- 17/10/06

    This article repeats two stories that have been repeatedly reputed: 1) Macs have fewer attacks because there are fewer of them; and 2) all operating systems are equally vulnerable to attacks.

    If the first point were true, one might expect that there would be a proportional relationship between attacks on Macs and on Windows machines. In fact, no such relationship exists; in fact, can anyone document a virus, trojan horse or other software vermin that currently attacks the Mac OS and is free in the "wild"? I know of none.

    The second point fails to recognize the difference in the design of the Mac and Windows OSs. Root-level access to the OS is the default mode in Windows, which is one of the main reasons hackers can cause such havoc, especially with unsophisticated users. In the Mac OS, gaining root access is not intuitive, and the OS has been designed to ask for a password when altering the OS if the user is not in sudo/root mode. These protections (among others) make the Mac OS INHERENTLY more secure.

    Having said all this, it is undoubtedly true that someday, someone will find a way to embarrass Mac users with a noxious virus. But I don't expect that we will have to live with situations like the one experienced by a friend of mine with a new Windows laptop: his computer became infected before he could even download the patch that would protect the machine from the viruses the patch was supposed to protect him from.

    In the meantime, the last virus I had on my Mac was in 1987.

    alright, let's see where this goes Dan Geer -- 17/10/06

    PREMISE: If as is often stated here and elsewhere
    and in various heated ways, Mac OS X security is
    meaningfully inferior to the Microsoft way, then

    CONSEQUENT: The low observed attack rate against
    Mac OS X machines cannot critically depend on the
    "insecurity" label being placed on it.

    Frankly, my dear, this leaves the protective effects
    of platform diversity as the leading contender for
    the upstream cause of the downstream effect, viz.,
    low observed attack rates.

    --dan, who notes that at the recent USENIX Security
    Symposium 35% of the machines in the room for the
    keynote address had the Apple logo, a 10-to-1 odds
    ratio when comparing to the population at large.

    Lets talk Mac OS history Anonymous -- 17/10/06

    Ok back in the days of os 7.6 or so Before the Second Coming of Steve, When market share was so tiny that it was assumed that Apple was going out of business. There came the infamous AutoStart Worm. This took a vulnerability that was inherent in the CD autostart code of the OS 7.5 CD driver. This was in the days of AOL really before the internet was popular. This one Worm started in the Publishing industry in Asia and quickly spread through the world.

    Before the Worm there was the ever present nVir series of Virii that pretty much corrupted just about every file on your mac. The source of this virus was usually college computer lab machines that would spread the virus via floppy disks (sneaker net). I had a full store of macs that ended up getting infected with this one.

    PS in those days you absolutely needed Anti Virus protection. Mac OS 1-9x were totally easy to write virii for and there were plenty, not as many as our DOS/Windows friend's machines, but enough.

    With the coming of OS X there have been 0 (zero) count them ZERO pieces of Malware in the wild that run on macs.

    In other words when Macs were the most obscure OS and was looking like it was going to die, there were new Virii being written for the OLD mac OS.

    Now when the platform is doing quite better in user numbers and with Apple (and mac users) bragging about how secure it is, there is still Zero (0) pieces of Malware in the wild for the platform. That tells me that Apple is doing something right.

    Why am I bringing up ancient Apple history? because this all happened prior to OS X

    Slight correction Anonymous -- 17/10/06 (in reply to #320070404)

    In answer to this bit:

    "With the coming of OS X there have been 0 (zero) count them ZERO pieces of Malware in the wild that run on macs. "

    Apart from the Bluetooth vulnerability, there was also the LEAP malware (part trojan, part worm, part virus).

    http://www.symantec.com/avcenter/venc/data/osx.leap.a.html

    Affects only Intel Macs and OSX 10.4, but just the same - please check facts.

    not quite Robert W. Ahrens -- 18/10/06 (in reply to #320070437)

    As to the Bluetooth vulnerability, a vulnerability is not a virus in the wild.

    And the Leap A you refer to was crippled by poor code writing that crippled it's ability to spread. That virus is not known to be in the wild. It bombed, and is no longer a danger.

    Additional Correction Anonymous -- 18/10/06 (in reply to #320070437)

    Leap.A is a classified as a Worm . You have to ACTIVELY invite it into your machine and then ALLOW it to run. It can not infect other systems.

    *** This a security flaw for MORONS ***

    Not a virus Anonymous -- 18/10/06 (in reply to #320070437)

    A virus is typically understood as something which propogates without user intervention (other than visiting a web site or inserting a CD, for example). Leap-A required the user to click on its icon and is therefore not a virus.. Since no system can prevent someone from installing software if they wish, that's not as serious a concern as the self-propogating viruses on Windows.

    Check your own facts Anonymous -- 18/10/06 (in reply to #320070437)

    If it needs your permission to install then it's a trojan and only a trojan. If you give it permission to violate your system then YOU have the security flaw, not the OS.

    Check your own facts

    Almost forgot Anonymous -- 18/10/06 (in reply to #320070437)

    A vulnerability is NOT a virus. All software has vulnerabilities, but OS X has a clean record with regards to virus attacks.

    Again, check your own facts before propagating false information.

    From the ghetto Anonymous -- 17/10/06

    You fools in your nice neighbourhods where no one is shot in drive-bys. Just because we are dying like flies here, it don't mean your neighbourhoods are more secure. Bullets can fly in MacVille too.

    "Macville is safer because of the lower number of reported murders, but that does not make it more secure. It's an important distinction."

    Yeah, but I think I'd rather live in MacVille.

    CRAP - the author is on someone's payroll other than ZDNet Anonymous -- 17/10/06

    See URL below for the experiences of someone who is more knowledgable than I:

    http://weblog.infoworld.com/enterprisemac/archives/2006/08/is_windows_inhe.html

    P.S. Refreshing to see so many mac/unix enthusiasts these days. Says something about the increasing market share and more important mindshare of Apple and Linux. I thought the Mac ads were a bit controversial at first but it seems even my Windows loving friends appreciate them - subconsciously the ads are having an effect and if nothing else reinforce the Apple and Macintosh brands. Love it.

    virusoft Anonymous -- 17/10/06

    Virus=marketshare. That is good my MAC 3% my BMW 0.5% my salary 1% in my industry, that mean more fun less problems.

    What am I talk about?????

    Oblivious to the Facts Nikolaus Heger -- 17/10/06

    Real, live viruses, worms and trojans on Mac OS X: Zero.

    You don't need a 900 word essay about that. It's simple, understandable, and most importantly, the only thing that's relevant to me, the end user.

    As of my writing, it's more likely that I will get hit by lightning than that I get a virus on OS X. Does ZDNet write endless articles about the dangers of getting hit by lightning outdoors?

    Wow, just wow. Anonymous -- 17/10/06

    I don't even know where to start. Where did Zdnet get this clown? We are all dumber after reading this.

    MS copies Apple Anonymous -- 17/10/06

    Then why is it the new Vista, copies amy of the security features in OSX?

    possibly not even an exploit of tikiwiki? Anonymous -- 18/10/06

    Ok so I just looked at the feature list of tikiwiki and on of the features is as follows:

    "File Galleries
    Computer files and software for downloading"

    Now from my understanding, since wiki's generally give out free accounts, and this software provides a place where you can upload files for others to download. I am guessing (since the article is very thin on details) that someone just used this feature. This is not a compromise of the server or the tikiwiki software at all and all it does is allow a user to put files on the server which others can download.

    Since this malware that was uploaded only affects windows pc's, how is this a macosx problem?????

    Until the author of the article does a proper investigation of this matter rather than just dribbling fud, I think we can assume that there was not exploit of macosx or tikiwiki.

    so there ;)

    This is FUD, like all the rest. Anonymous -- 18/10/06

    Most Mac users know their system isn't 100% secure, and every time there is an instance with security problems ZDnet and any other tech site jumps the gun and sensationalizes the story out of proportions like Fox on minor food poisoning. Compare that too the, and I'm being gentle with this, thousands of attacks on windows machines every hour. The only time you ever here that reported is when? When it happens to a big name server, or it's the big bad new virus going around the net.

    On that market share note: MARKET SHARE IS VALIDATED ON NUMBER OF UNITS SOLD TO CONSUMERS, NOT WEB PRESENCE, TAKE MARKETING 101! Considering that most Window PC sales are based on Microsofts number of OEM's sold and not the number of actual PC's sold that number is also a bit skewed because it nulls out people who later load Linux or any other OS on their machines.

    Considering Apple is the fourth largest PC manufacture in the United States, is worth about the same as dell if not more; has higher profit margins than any other computer maker, and lastly makes most of it's profits direct from the customers (not via OEMs like were Microsoft admits making 80% of it's actual income), it's not a small company every analyst tries to make it out to be. It's one of the fastest growing stocks of the last 5 years.

    Apple OS X will always be more secure than XP or NT because it does NOT give root access off the bat, and it prompts for passwords whenever an application is trying to run. Yes third party applications can let people in, but only if you allow that application to do that on the firewall feature. My bet is they just had a bot that changed all the wiki pages and didn't touch the actual admin account.

    So on the final note, this is FUD, all you apple nerds who think your Mac is invulnerable set up your security features, please, and news writers, write on things that really matter or at least don't over sensationalize it.

    Zealots with nothing to offer Harrison Jones -- 18/10/06

    Once again an army of Macintosh bigots wastes pages of bile attacking the author.
    Their sole defence seems to rest on there being no documented virus/trojan attacks for Mac OS X, which they then tranlsate into "so it must be impossible to do so".
    One comment even suggest the author made up a real attack on a Mac OS server, just because the commentator hadn't read about it before. He didn't see it so it didn't happen. Is he a relative of George W? What errant nonsense.
    If any one of this army of fundamentalist Jobsians bothered to keep up with the news, they'd know that there are no "hackers working for the glory" these days, so nobody is going to waste time proving how clever they are by hacking a system that hasn't yet been hacked.
    Modern day malware authors are working for organised crime for serious rewards, and yes folks, it is about market share.
    Rest assured if a target of one of the eMafia gangs happens to be running an OS other than Windows and the prize inside is big enough, they will still get hacked.
    Sure, nobody including the author of this story, said it wasn't a heck of a lot easier on Windows, but that does not make it impossible.
    Zealotry and bigotry obscure logic and reason no matter which side you're cheering on.

    Hosting isn't infected Anonymous -- 20/10/06

    I have had on virus that snuck onto my mac from an e-mail. This virus sat on my system utterly confused in isolated much like the Mars rover would if it overshot and landed on Jupiter. "No red dirt" it would conclude over and over until its batteries ran out and it would sit...inert, much like the virus on my system. If you'd take the time to read past the headlines you'd find that the only malware available for Mac OS X is proof of concept only and requires the user to install it on their computer. UNIX is funny like that. It was designed to run mainframes owned by the richest (and most paranoid) organizations in the world. It is designed to minimize the spread of malware. It is required that someone with admin rights install malware. No getting around it. That is why Mac OS X's UNIX based Darwin Kernel, which you can look up on the internet and read in full, has not been cracked. It is an open book for hackers and they have not been able to do it. Obscurity you say? Lack of market share? Again you are wrong. The very ads you see on TV are challenges to hackers to write a virus that spreads in the wild. they haven't risen to the challenge... I wonder why? The bragging rights would give that guy juice like nothing else in his circle of hacker friends. Just because the University of South Wales fails to keep their virus definitions up to date doesn't mean MAC OS X is less secure. It just means that their IT guy was napping. Go write a MAC OS X virus that spreads with ease in the wild like Windows viruses to prove me wrong... I dare you.

    It's all about the money pjb -- 31/10/06

    These articles are seeded to the press every now and then. Notice that the writer always owns an older model Mac, or something like an iMac, good machine but not for what you would call a "power user". Who benefits? Symantec and the other anti-virus mfrs. They make headlines with "Mac virus discovered". On investigation they reveal that it's just a concept that may possibly penetrate the Mac OS. They want to add the Mac to their Windows moneypot. And it just doesn't seem to take!!

    Re-think your thinking David Vasta -- 10/11/06

    At what point and time in this do they the writers make the point that in 15 years of "real" desktop systems there have been a few blunders but none quiet as large as the over 100K viruses for Windows and in that time Apple/Mac have seen nary a one. You can't say that no one has not tried because they have and it's to much trouble. You have to overcome so many things to get bad things to happen to a mac.....or you could just give it to my parents and they could destroy things.

    When will the ZDnets of the world start coming down on Windows like they do the mac folks. When does ZDNet attack Microsoft relentlessly until they really fix the problem?

    Next you will be going after Novell's SUSE saying it has to do with SUSE market share that it has not gotten a virus yet.

    HOW ABOUT POINTING OUT HOW SECURE UNIX AND LINUX from a fundamental standpoint and is built upon the fact that security was on the top of the must haves when they engineered MacOSX and Linux instead of at the bottom when they made Windows.

    I am sad over this but I expected it. It's normal now.

    Very Good Article Anonymous -- 10/11/06

    I think the Mac fanboys just got a good little dose of reality.

    Well Written!

    Ok, Anonymous -- 26/11/07 (in reply to #320071265)

    70.45.140.165 <---- my IP address using OS X I dare you to post your IP address using a Windows machine. There you have it ! Hack me !!!!

    LAME... Malware not even OS X native! Anonymous -- 12/11/06

    I call Shenanigans! It was Windows malware hosted on an OS X server! This whole article is complete and utter FUD!

    The malware was allowed to be posted on the OS X server via a third party (i.e. NOT APPLE) daemon flaw. This means that someone at the University installed TikiWiki on the OS X Server and the cracker/hacker used a TikiWiki vulnerability to post the malware to the Wiki. Then sent SPAM with a link to the malware hosted on the TikiWiki running under OS X using social engineering in the email to make people think it was an urgent Microsoft patch.

    So for starters:
    1. The malware target was WINDOWS not OS X!
    2. The malware was posted to the OS X box by a third party server application installed and configured by the University SysAdmin so the security flaw was with TikiWiki and the SysAdmin!
    3. It's not an OS X vulnerability the malware wouldn't even execute on the OS X server.
    4. OS X doesn't have a Wiki Server yet, it's coming in Leopard.
    5. TikiWiki is a PHP app and runs on any Operating System that runs PHP which includes just about all of them!

    The SysAdmin could have taken other measures to secure the Wiki. Wiki's are notoriously insecure. There are many steps that could have been taken to secure the Wiki that are too numerous to list here.

    Any host with TikiWiki installed would have been vulnerable! TikiWiki is a PHP webapp! No OS will protect against a third party network service/daemon or web app with a security flaw!

    It's entirely the SysAdmin's fault. He/She should have been watching TikiWiki vulnerabilities and patching the TikiWiki frequently, there have been several security update releases for TikiWiki recently. Or selected a more secure Wiki software. Or placed the TikiWiki behind an SSL layer or restricted the access to University Intranet connections, etc.

    Low Standards of ZD Net and Windoze Michael J Boland -- 14/11/06

    Articles like this may as well have stated the George W is a humanatarian, Hitler was a saint, the Pope is a child molester.
    It got the attention and rise from a lot of people and that is the objective of low class ill informed journos.
    I also note that the author has not had the gumption or interest to answer so much as one comment.
    Sorry, ZD Net was a good read but is now spam filtered on my machine.

    OS X'ers Anonymous -- 26/11/07

    Lets all put our IP Addresses up so that they enter our system. 70.45.140.165 <---- my IP address using OS X I dare you to post your IP address using a Windows machine. There you have it ! Hack me !!!!

    Go ahead!!! knock yourself out! I could have not been this free using XP nor Vista!

    WHO OUT THERE USING VISTA WOULD DARE TO POST THEIR IP OUT IN THE OPEN??? LETS DO IT!!!! BRING IT ON.

    not 1 attack still Anonymous -- 26/11/07 (in reply to #320090506)

    whats up windoze hackers and zealots... im still waiting!!!

    are u unwilling to admit that u failed?? Anonymous -- 08/12/08 (in reply to #320090507)

    and still waiting.. its been more then an year you need more time guys??

Add your opinion

Latest Videos

Sponsored content

Power Centre - Content from our premier sponsors

Blogs

Tags

  1. 488 articles are tagged with 3g
  2. 449 articles are tagged with accc
  3. 57 articles are tagged with accenture
  4. 237 articles are tagged with acquisition
  5. 39 articles are tagged with afact
  6. 140 articles are tagged with ato
  7. 1303 articles are tagged with broadband
  8. 663 articles are tagged with cio
  9. 62 articles are tagged with commonwealth bank
  10. 251 articles are tagged with conroy
  11. 391 articles are tagged with copyright
  12. 45 articles are tagged with david thodey
  13. 514 articles are tagged with dell
  14. 9 articles are tagged with feed
  15. 1040 articles are tagged with google
  16. 1030 articles are tagged with government
  17. 789 articles are tagged with hp
  18. 1302 articles are tagged with ibm
  19. 219 articles are tagged with iinet
  20. 349 articles are tagged with iphone
  21. 116 articles are tagged with legislation
  22. 13 articles are tagged with longhaus
  23. 34 articles are tagged with michael malone
  24. 1475 articles are tagged with microsoft
  25. 32 articles are tagged with mike quigley
  26. 50 articles are tagged with minchin
  27. 1125 articles are tagged with mobile
  28. 356 articles are tagged with mobile phone
  29. 209 articles are tagged with national broadband network
  30. 384 articles are tagged with nbn
  31. 198 articles are tagged with new zealand
  32. 27 articles are tagged with nick minchin
  33. 880 articles are tagged with optus
  34. 716 articles are tagged with oracle
  35. 2650 articles are tagged with security
  36. 53 articles are tagged with senate
  37. 68 articles are tagged with separation
  38. 177 articles are tagged with stephen conroy
  39. 57 articles are tagged with strike
  40. 174 articles are tagged with sydney
  41. 60 articles are tagged with telecom nz
  42. 2430 articles are tagged with telstra
  43. 135 articles are tagged with tender
  44. 49 articles are tagged with twitter
  45. 110 articles are tagged with union
  46. 147 articles are tagged with university
  47. 172 articles are tagged with victoria
  48. 201 articles are tagged with video
  49. 2 articles are tagged with win7au
  50. 88 articles are tagged with windows 7

Back to top

Featured