Apple more secure than Windows NT?

commentary With exploit code for an OS X vulnerability released recently and a compromised Australian university Mac server caught hosting malware in August, it may be time Apple admitted its platform is no more secure than any other.

While Apple users laud their systems as unbreakable pillars of security in a dangerous world, unsusceptible to the malware attacks that make life on Windows so hazardous, the headlines keep coming.

In August, the University of New South Wales was, no doubt, surprised to learn one of its Mac servers had been hijacked by baddies to host some malware disguised as a Microsoft patch. University system administrators interviewed by ZDNet Australia were puzzled -- the server was evidently running the latest version of OS X server.

It turned out the miscreants gained entry through a vulnerability in the server's TikiWiki code, a third party package that has nothing to do with Apple. Still, OS X didn't somehow, magically, prevent the attack as some users seem to think it's capable of doing.

Yes, it's true the average Mac user (like me -- shiny 20 inch G5 Rev B) doesn't have to contend with the malware that plagues Windows-based computers. Yes, it's true I'd prefer my mother use a Mac to avoid keylogging Trojans designed to capture her Internet banking passwords. But Apple's marketing these days seems to suggest its computers are immune to attack (The advert is also available on YouTube).

They're not, and it's dishonest for Apple to suggest otherwise.

There is little evidence to justify the claim that Apple computers are more secure than any other, and anyone who points to the low number of reported OS X security bugs, worms or viruses as proof to the contrary is misguided.

Macs are safer to use because of the lower number of reported bugs, but that does not make them more secure. It's an important distinction.

There's only one thing that makes Macs substantially safer than PCs, and it's called market share; a 3.8 percent market share, measured by net presence, to be precise.

If Macs were the dominant operating system with, say, 80 percent of the market, there is no doubt all the clever malware writers would devote their skills to engineering malware for Macs, not Windows-based PCs.

With all that brainpower going into compromising an operating system, there is little doubt the efforts would yield results.

In this parallel universe, switching to that boutique operating system made by the underdog with the 3-4 percent market-share, Microsoft, would seem like a great idea. Windows would develop a cult following for its inherently superior security.

The ironic part is Apple has, whether it knows it or not, ripped a leaf straight out of Microsoft's marketing playbook. You have to dig around for Microsoft's old Windows NT marketing material -- the company has removed much of it from its Web servers, perhaps out of shame -- but it reads much the same as Apple's current spiel.

"Intelligent design prevents the swarms of viruses and spyware that plague PCs these days," says Apple's Web site.

And this from Microsoft. "Windows NT Server is secure from the ground up," says a Microsoft Web site archive touting NT's apparent NSA C2 security compliance.

"Every process and feature was designed with C2 level security in mind. In fact, Windows NT Server is so secure that certain processes (identification and authentication, and the ability to separate a user from his/her functions) meet B2 security requirements, a level of security that is even more strict than C2."

In retrospect, it is kind of funny. More reading here.

Indeed, when Windows NT first rolled around in the '90s, Microsoft pushed the security angle hard. It was a new product, and there were few known vulnerabilities in the new server architecture. Of course, with increased market share came a deluge of vulnerabilities and everyone realised that it was, for the purposes of security, poorly designed and full of holes.

Users were not happy, and Microsoft was forced -- it took years -- to finally invest in security in earnest. The Redmond-based giant has learned its lesson.

Apple hasn't been through that humiliating process yet, and still thinks it's invincible. This could explain its lacklustre response to security vulnerability reports. Ask almost any security researcher what they think of Apple's response capability, and you'll usually get the same answer: "They're bad, but not as bad as Oracle."

It's hardly a glowing endorsement.

The argument being put forward here isn't that Windows is more secure than OS X, it's that currently there is no such thing as a secure operating system. OS X just hasn't been subjected to the torture test that comes with market domination. It is almost certain that there are dozens of undiscovered bugs in OS X.

Welcome to the wonderful world of operating system security.

And thanks to the computer-maker's decision to switch to an Intel CPU architecture, Mac malware has never been easier to write. Creating security vulnerability exploit code requires a fairly intimate knowledge of the CPU architecture on the target machine. The relative obscurity of the previous Mac architecture (Power PC) meant there were few malicious coders who could be bothered writing exploits for OS X.

Now it's been switched over to the more hacker-friendly Intel architecture, it's a fair bet that more exploits for OS X will emerge. Sure, the differences between Mac and Microsoft operating systems still mean malware will have to be customised for OS X, but the initial exploitation will be that much easier.

Apple, the message is this: Yes, you make beautiful computers. They're pretty, shiny, they have a nice interface and I love my Mac. Consumers are safer online using a Mac, too. But just as the security of New Zealand is rooted in its geographic isolation, not its military might, the security of your products has more to do with your small market share than their technical superiority.

Editor's note: An update to this commentary has been published here.

Advertisement

Print feature brought to you by Hewlett Packard

Talkback 97 comments

  1. Absolute bullsh*t. Anonymous -- 16/10/06

    C'mon Zdnet, I know standards are slipping but geeez...the gimps you have "writing" for you now is beyond a joke.

    The article lost all credibility about 3 sentences in.

    The old "it's the marketshare" argument is sooooo 1995 and it has lost all credence with "proper" IT Security people, not just your CISSP clowns.

    I can't be bothered even starting in on thios artcile except to say that's toilet paper and should be treated as such, and no, I don't even use Macs day to day (but I admire their purity).

    So lift your game Zdnet and lets get some grown-ups here writing your articles, unless of course, you don't want them ?? Who pays for all that shiny advertising anyway?

    Your author is either a fool that shouldn't be let enar a typewriter, or he's pushing an agenda as NO-ONE of any note has even comtemplated those sad, well worn arguments for over a decade now.

    If Mac had 80% of the market then Win NR would STILL have the vast majority of the real world, "in the wild" viruses as it's TRIVIAL TO BREAK WINDOWS!

    Do you need smaller words, less syllables ?? TRIVIAL ! Windows is the ONLY commodity OS where you can get pnwed by CLICKING ON A LINK or OPENING AN EMAIL and all your huffing and pussing and lying won't change that. It's not even a proof of concept on Mac or BSD or Linux and there sure as hell is NOT 114,000 different examples of this floating around IN THE WILD infecting millions of machines every day!
    it's like car manufacturer X saying 'See/, a car from manufacturer Y got stolen so their cars are as bad as ours!' when the thief needed to follow you home, knock you out, take the keys, get a thumb-print, defeat the biometrics in the garage, then the car and then only manage to crane it onto the back of a truck for removal and it was the only one stolen that year when manufacturer X'c car doesn't even come with door locks or (pardon the pun) windows and they have a life expectancy until they're stolen of 15 minutes!

    Ohhh..but if man Y's cars were so popular they'd be stolen constantly too...right?..right?... rubbish!!

    Now go back to sleep.

    1. I agree Anonymous -- 16/10/06

      A bit long winded but yes, the author clearly has little or no grasp of the fundamental principles at play here.

      it is a shame when so called "experts" don't understand the basics. Big or Little endian code has no bearing on this matter as most hackers --- see?, he doesn't even call them crackers ! -- use toolkits that go nowhere near hitting the hardware.

      The article is a joke and the author is woefully ignorant. I would suggest anyone who is reasonably interested in these matters invist 30 minutes of their time for some quick googling and have a look at what qualified people have to say on the issue.

    2. this article is still spot on Max Riethmuller -- 21/10/06

      You have no idea if you think MAC is not open to infection via email or links. If you can trick the user to open the email or click the link, they can be infected, it's that simple.

    3. So? Anonymous -- 21/10/06

      Yes, Macs (like all computers) are vulnerable to trojans. However, there are several significant differences:
      1. On a Mac, your system files are protected, so the Trojan will usually (at worst) damage your user files. Of course, since there have only been two Trojans in the wild and neither one did any damage, this is purely hypothetical.
      2. There are no self-propogating viruses in the wild that affect Macs.

      The bottom line is that while Macs are theoretically vulnerable, if you want to buy a computer today, Windows is a high risk choice and Mac OS X is not.

    4. rubbish.... Anonymous -- 21/10/06

      And how exactly is a safari user going to infect their MAc by clicking on a link ?...hmmm..where's the exploit code ?..where's the ActiveX that makes the lovelyness possible?

      Look, I don't expect miracles, I do expect however a slight amount ok nous from people who reply to me..

      Go do your homework sonny, get some experience then come back and we'll talk.......see you in 2019!.

    5. you have your head in the sand Max Riethmuller -- 12/01/07

      no thanks for the completely inaccurate assumption about my age or experience. Atleast I'm not afraid to put my name to my comments.

      Grow up

    6. Infected with what exactly? Anonymous -- 04/11/06

      Name me ONE thing that natively infects Mac OSX in this manner.

    7. not really that easy Rob Lowe -- 26/11/07

      via email? a .exe or a vbs script it wouldn't do anything to a mac because its an irrelevant file to the OS. The current way of tricking macs now is by linking an opening media that invokes installing a bogus codec and having the admin type the password. i mean, this is not close at all to the easiness of hurt in windows.

    8. Someone needs to take a deep breath... Gary Miller -- 10/11/06

      Count to ten... wipe the spittle off your keyboard, mouse and screen. Then say to you self... there is no place like cupertino... there is no place like cupertino.

      Grow up. It's a computing platform. Not your child.

  2. nonesense Matt Bland -- 16/10/06

    You forget to mention that Mac OS X is built on top of a Unix variant and shares much in common with FreeBSD. It is as secure as Linux/FreeBSD/Unix in general and many of the vulnerabilities it has are due to third party applications rather than system design, unlike Windows NT & XP. The majority, of the limited number, software engineers who have looked at the Windows codebase are shocked at the number of short sighted 'quick-fixes' and messy spaggetti code that it is made up of. Conversely the under pinnings of OS X are open and available for inspection as part of Darwin, and are well written and transparent with over 30 years of history of refining and development of some segments of the code.

    Your accusation regarding market share leading to better security is laughable and betrays a complete misunderstanding of the subject.

  3. malware on Mac Anonymous -- 16/10/06

    As far as I can remember, Apple has never said anything about their system be unbreakable....they just don't talk about....but they do put out patches....don't know where you got the idea that Apple has said what you write about....me thinks you are wrong on this.....again, more FUD.....

    And, this has taken a rather long time for the report...this happened in August????....Now that is even suspect...if this is true, it would have made the news all over the world...in fact, this is the first I have heard about it....and I get news stories from all over the world about Apple Computer, Macintosh, and iPod's...?????

  4. What a crock Anonymous -- 17/10/06

    The fact that you can make a statement like this:

    "It turned out the miscreants gained entry through a vulnerability in the server's TikiWiki code, a third party package that has nothing to do with Apple. Still, OS X didn't somehow, magically, prevent the attack as some users seem to think it's capable of doing."

    Tells me you are utterly unqualified to make a statement like this:

    "There is little evidence to justify the claim that Apple computers are more secure than any other, and anyone who points to the low number of reported OS X security bugs, worms or viruses as proof to the contrary is misguided."

    You have to have a basis to understand what makes an OS or Application secure in order to gauge if it's possible for one to be more secure than another.

    Look here: http://weblog.infoworld.com/enterprisemac/archives/2006/08/is_windows_inhe.html

  5. Mac = Obscurity? NOT! GM -- 17/10/06

    Obscurity has nothing to do with market share or the installed user systems share. Apple is one of the LEAST OBSCURE computer systems, and offers the one of the most tempting targets for malware creators. This is no secret to hackers.

    Temptation #1 - Taunting - Never in the history of computing devices has any other computer manufacturer been so brazen about its security as to advertise it to so many around the world. This level of taunting is like twisting a dagger into the hearts of hackers.

    Temptation #2 - Transparent - Apple utilizes far more open-source code than Microsoft. This code is not only in user systems, but is also found in Apple's servers and super-computer grid configurations. All of Mac's core operating system, BSD UNIX, is freely available for use and inspection for vulnerabilities.

    Temptation #3 - Vulnerable - Over 95% of the Mac OS X users do NOT use ANY malware protection software. In fact, corporate-owned Apple systems, from in-store demo units to the staff at Cupertino, do not use any such software. They rely upon the innate security of the OS alone.

    Temptation #4 - Fame - To be the first to create a successful, self propagating virus or to take control of a Mac for the use of being an unwitting spam generator would bring tremendous international notoriety; the Holy Grail of programming. Apple's public announcement of being virus-free makes this challenge impossible to ignore by many hackers.

    There isn't a hacker out there that isn't aware of Apple's use of open source programming, their lack of virus protection software, and their arrogant public taunting of criminals. The general population still dwells within their vast herd of false security and myths, having yet to experience a Mac for themselves and view Apple as being an obscure computer system. But, for the hackers, they clearly see it, they are very well aware of it... but can't touch it. For them, Mac OS X is far from obscure.

  6. 1 to 100,000 R. Yugaetu -- 17/10/06

    Let us acquiesce to a heavily disputed "fact" that there are 2 known Trojans out there for a Mac. If current trends hold true, then in 2008 the Mac OS will be 100,000 times safer than Vista with its projected 200,000 viruses/Trojans.

    I was about to make an analogy here, but it really isn't necessary. It should be blatantly obvious to even the simplest of morons that choosing between any two things where one item is 100,000 times more likely to cause security problems than the other is no real choice at all.

    But, for those of you still curious, here are a few examples of things with a 1:100,000 ratio. Which would you rather do...?

    Jog 1 mile or jog around the Earth 4 times?

    Toss a paperclip (1 gram) at your coworker's head or throw your stocky 220 pound boss the same distance?

    Wait 1 minute for your computer to boot up or wait 69.4 days?

    Last, but not least...

    Lift a gallon of milk (8 lbs) onto the kitchen counter or lift a fueled C5 Galaxy cargo plane with a full load of two M1-A1 Abrams battle tanks and 73 soldiers (400 tons total) onto the kitchen counter? [ photos at http://www.theaviationzone.com/images/html/galaxy/page2.asp ]

    Don't allow Microsoft or any of their mindless lemming-like minions to downplay the size of this problem; 100,000 of anything is a lot!

    1. and How! Anonymous -- 17/10/06

      all I can say is and How!

  7. True Javier -- 17/10/06

    All Apple claims is 0 viruses. The problems this article describes are not computer viruses.

    1. 0 viruses? Anonymous -- 26/11/07

      Apple doesn't claim that... there have been 60 viruses in apple compared to more than 100,000 in windows.

      Apple is far more easier to keep or fix after an attack than a winblows vista machine

  8. FUDmeisters and Facts Robert Pritchett -- 17/10/06

    Over on macCompanion, we have established a Mac Security 101 column and we have also had QuickTime videos last summer on Mac Security and Maintenance that blow this kind of FUD completely out of the water.

    http://www.maccompanion.com

    Why spread blatently obtuse and patently false stuff like this around except to garner keyclicks and try to do a "Dvorak"?

  9. Ignore article and do not add more comments Anonymous -- 17/10/06

    I know, I know I just did.

    If you think this article is crap, and it is, please do not give the "reporter" additional credit by generating more visits to this page. After all that's all they're trying to do with these sensationalized, untrue, and unresearched stories based on ignorance.

    Please do not start a raging debate. Let's ignore this garbage and give it the resounding silence this article deserves.

    Thank you.

  10. Malware on Apple OS Anonymous -- 17/10/06

    If you listen to the Apple ads you mention, you'll note that "Mac" only says that he isn't affected by the viruses that infect "PC". Which is a 100% factual statement. The latest Mac OS has never been affected by a PC virus.

    If you install Windows or Microsoft Office on an Apple computer, then these applications can be vulnerable to viruses written specifically for this sofware. But the Mac 10.4.7 operating sytsem is not affected.

    If someone installs buggy software on any server, including an Apple Xserve, they shouldn't be surprised to find it vulnerable to attack. However I'm sure the Mac OS running on that server was not infected by the malware you mention.

    Your article was not very well informed and is more of the type "flame baiting" than the factual and neutral description of the security issues I would have expected from serious journalism.

    1. Are you serious? Anonymous -- 17/10/06

      Are you serious? Serious journalism from ZDnet? HAHAHAHA!

  11. Macs ARE more secure than Windows XP Dan Pouliot -- 17/10/06

    Windows NT is not intended for consumers, so for starters let's compare apples to apples: OS X to XP. While OS X surely has vulnerabilities, that does not automatically make it as insecure as XP. XP runs all processes with the same level of privileges as the account in which it is run, and since most users run as admin, most processes are automatically granted admin privs. This is not the case with OS X. Therefore, malware trying to gain access through normal channels will prompt the user to authenticate.

    Apple cannot be blamed for the actions of admins placing third party software on their servers and then not keeping up with patching the security holes in that third party software. And please show me the people who think that OS X should have "magically, prevent[ed] the attack". Please don't paint us all with that brush.

  12. Apple more secure than Windows NT? Anonymous -- 17/10/06

    Is this a joke? This "article" has so many incorrect statements, it's ridiculous and not even worth my time to correct. Get someone who knows something about technology to write these "articles!"

  13. How Come I Can't Run 3.8% Of The Viruses? Ben Marks -- 17/10/06

    If Apple's marketshare is indeed 3.8%, why aren't 3.8% of the world's malware/viruses written for the Mac. Symantec indicates that there are over 100,000 viruses yet there are a disproportionate number for Windows? Statistically shouldn't there be something written for the Mac?

    1. 3.8%.... How do they figure Anonymous -- 17/10/06

      HOw do they figure this 3.8% of computer users are mac......I think its a little more then that..... every mac user knows that there computers last longer (or they keep them longer - my powerbook is 5 years old - you can still buy a imac 333 for 100 bucks) I remember a few years back a poll that went out where 1 in 10 people surveyed were mac users..... that seems closer to the truth to me

    2. different animals Anonymous -- 18/10/06

      There is market share, then there is installed base. the 3.8% number is market share, which refers to the percentage of consumers buying computers during any particular quarter. The installed base is what you refer to, and it is widely recognized that Apple enjoys between 15 and 20% installed base of the computer market.

      This just exposes the author's ignorance; security through obscurity is FUD. Vista isn't even out yet, and therefore has fewer than just a couple of million copies out, and it already has been compromised at least a half dozen times. Mac OS X has been released since 2000, and there have only been two lame trojans - one proof of concept, and the other bombed on release due to lame programming. Neither is known to be in the wild at this time.

      Windows is compromised more often because it is more vulnerable. Even patches that are released by Microsoft don't always get applied, so those systems are just as exposed as if the patch hadn't been released.

      Mac OS X is set to automatically update by default. Most Mac users do this as a matter of course.

      And the most glaring error in this piece is that servers and desktops and laptops are three different animals. You CANNOT compare one to the other regarding security!

    3. Mac Saturation Anonymous -- 16/11/06

      1. Windows XP 86.80%
      2. Windows 2000 6.09%
      3. Windows 98 2.68%
      4. Macintosh 2.32%
      5. Windows ME 1.09%
      6. Linux 0.36%
      7. Windows NT 0.24%
      8. Macintosh Power PC 0.15%

      http://www.onestat.com/html/aboutus_pressbox46-operating-systems-market-share.html
      August 14, 2006

      This trends with IDC and other leading research companies.

    4. You're wrong SS -- 17/10/06

      I don't mean to start a conflict, but this argument is severely flawed. 3.8% of the market share with equal security does not mean that 3.8% of viruses would be for Macs. In order for 3.8% of viruses to be for Macs, 3.8% of the hackers/coders that write viruses in the world would have to be familiar with, and have reason for targeting Macs. I think if you did a poll of people who write viruses, you would find that they don't understand enough about the architecture of PowerPC to begin writing malicious code. It's not that it isn't possible, it's that no one in their right mind would bother learning about a new architecture to attack such a small portion of the population. On a side note, I went to my Universities book store today and 3 out of 5 Macs there were crashed. You could move the mouse, but the system was not responsive. Macs are vulnerable to everything Windows machines are. Mac users need to stop living in their bubbles and pre-emptively protect themselves.

    5. Sorry but you're wrong also. lantzn -- 17/10/06

      Dude were you even aware that Macs are no longer on the PowerPC architecture? That's right, they've moved to the Intel architecture, just like your beloved PC. So were are all the virus?
      As far as problems go, I've been doing tech work on Macs since 1987 and they come nowhere close to having the problems PCs have, especially since they moved to OSX (UNIX/FreeBSD). I have setup numerous Macs and tell the operator NOT to shutoff their machines. I can't recall the last time I heard of a true system crash (kernel panic), maybe around the 10.2 era (we're at 10.4 now). If an app crashes, all you really have to do is reopen the app and everything else just keeps going. There is so much proof out there concerning the stability of OSX your comment is so rediculous. Those so called crashed Macs at your campus store sounds like a bunch of PC staff trying to give the Macs a bad name by "sabotaging" them. If I were running the place it's be a different story.

    6. pc's can run reliably and securely _ I have done so many times. Max Riethmuller -- 21/10/06

      mate, I am a pc tech, and I kept over two hundred pc's running smoothly without getting viruses and without crashing all the time. All user's commented how secure and stable the machines where. Yes you probably could get a mac lab running better than that university had, but that doesn't mean anything if the same can be done with pc's.

    7. And, yet Anonymous -- 21/10/06

      And, yet, viruses cause tens of billions of dollars per year on Windows PCs -- and zero dollars per year of damage on Macs.

      So much for how well your theory works in the real world.

    8. What is wrong with you Anonymous -- 18/10/06

      PowerPC architecture? That doesn't have sh*t to do with it!

      The virus if written to exploit flaws in the software. You don't have a clue what you're talking about here.

      As for Macs being vulnerable to everything windows PCs are, that's obviously false because there are over 100,000 viruses that Windows has been vulnerable to and OS X has NOT.

    9. cpu architecture is relevant Max riethmuller -- 21/10/06

      your the one who doesn't seem to have a clue? CPU architecture does become important in learning how to hack an os, since the way the cpu addresses memory is where hacking can sometimes be possible.

    10. Tell 'em to upgrade to at least 10.3 Anonymous -- 19/10/06

      I've seen a lot of Macs crashing and putting out during my time at uni and most of the problems were caused by poor maintenance. This was during the days of OS 9. I was even able to crash my own mac those days (and prided myself at being able to).

      With the Unix-based OS 10, everything's just been more stable. I'm unable crash my mac the way I did in the past (though I have to admit I had 2 kernel panics from unkown causes). The only thing I get on a mac these days are kernel panics, and when they happen - you would know (it freezes the screen and tells you so).

      So next time you go to your uni and see a 'hung' mac... try looking if it's at least running any flavour of Mac OS X. If the mouse works but the computer seems unresponsive, it might just be something else: user error. Try hitting the ESC key or even command-opt-esc will fix things most of the time. The key combo I mentioned is similar to Windoze's ctrl+alt+delete... but it doesn't crash the system like Windoze's does.

    11. that was 98, not xp. Max Riethmuller -- 21/10/06

      windows task manager (ctrl-alt-delete) doesn't "crash" windows at all. infact Windows XP has reduced 99.9 percent of the causes of apps crashing windows, and now most apps can be killed without any affect on the rest of the os, or even most other apps running.

      Gone are the days of Windows 98 my friend, Windos XP is light years ahead. It's a shame many people continue to compare MAC OSX against Windows flaws that idsappeared with the Windows 9x codebase.

  14. Security: OS vs. 3rd Party Apps Anonymous -- 17/10/06

    Apple can't "magically" prevent poorly written 3rd party apps from becoming security holes. All they can do is make their own code the best it can be.

    How many actual security breaches have been the result of Microsoft's own code?

    How many actual security breaches have been the result of Apple's own code?

    3rd party developers can write buggy code equally well for both operating systems, for which the OS manufacturer can't be held accountable.

    So, which OS is the better bet for safe computing? The answers to these questions will prove which is the least secure OS and its manufacturer's applications.

    I think the answer is clear.

    I don't think anyone has claimed OS X is impervious, but rather that it if far more secure than Windows and that, so far, nobody has breached security through an OS bug -- unlike Windows.

    So, let's be rational.

  15. Security Phil -- 17/10/06

    It has never been the issue that Microsoft is the only one with security issues. The issue has been the sieve-like nature of MS OSs and apps, and the misguided notion that competing products must have "no defects" to be better than what MS is offering. That notion is a logical fallacy, referred to as the Requirement for Perfection. In other words, it is not the case that Product X must be perfect in order to be "better than" Product W.

  16. Come Hack Me Then You Moron! Jim Everson -- 17/10/06

    Hey I don't run any 3rd party security software on my Mac. I'll even give you my static IP address. Come on, big mouth, hurt me! G*D this article is lame 10 times over! You say yourself it should be easy now that I'm on an Intel based Mac. Of course, it doesn't occur to you that vulnerabilities are found in the OS, not the CPU.

    1. LOL -- you guy's kill me Anonymous -- 17/10/06

      There's the pinch windows users are not blind to the fact that there systems are easily compromised. As they are aware that the OS is made by humans and there fore no doubt can be hacked by humans. Mac users are like lemmings easliy lead have one determination to believe that all is well if a few words placed together in a clever guilded sentence tells them so. WAKE UP you delerious puffs of smoke your system is not immune to hackers or malware or any other nasties. The system has been made by humans and therefore it is hackable. Wake UP

    2. Maybe YOU should wake up Anonymous -- 17/10/06

      No one ever claimed that Macs are immune. That's just the lie that Windows lemmings tell. But the facts are very real - if you want to use a computer today without worrying about viruses, Windows is an insanely stupid choice. There are no viruses in the wild for Macs.

      That could change some day. But even if it does, from a security perspective, anyone claiming that Windows is just as good is a moron

    3. OMG... LEMMINGS! Anonymous -- 19/10/06

      Did someone just mention Lemmings! That used to be one of my favourites... and it first appeared..

      ON A MAC!

      1 pwn3d j00 phr34k!

    4. Your point? Anonymous -- 20/10/06

      So your point is that you're not bright enough to understand the difference between a word and a concept?

    5. WRONG! Craigos -- 20/10/06

      How about getting your facts right. It was first developed by DMA Design from memory on a COMMODORE AMIGA!

    6. It is very rare to get viruses on a pc with AV Max Riethmuller -- 21/10/06

      You mac user's seem to have some misguided belief that windows systems are so poor they can not be protected, this is a joke. I run AV and Firewall software, and simply haven't had a viruses in so long I can't remember when. Those people whose computers I disinfect of viruses, have not been running uptodate AV software, or have no firewall.

      Okay so it's not os level protection (incidently, Apple recommend you update daily os patches, and run AV software), but hey I don't get viruses and with free AV software readily available there is no excuse to get viruses on your windows machine.

      Another thing I have experienced, mostly those peeps who trawl the worst of the worst "free preview" sex sites, or warez link farms, get internet born viruses. Other than that, they are a victom of some malware popup scam ("Your system is at risk. click here to install SOMEDODGYSOFTWARE Now!").

      Now here's something. The other day a mac user told my dad not to worry about the virus she sent him in a macro, since "mac's don't get viruses". As far as she was concerned it was not her issue, yet she had received a document which became infected with a macro virus by the copy of Office on her computer (a MAC).

    7. Please explain Anonymous -- 21/10/06

      If your theory is true, why do PC viruses cause tens of billions of dollars per year of damage? Meanwhile, Macs have zero dollars.

    8. Only you said it was immune Anonymous -- 18/10/06

      Another straw man argument. Are you the author posting anonymously?

      No one said they are immune, just not affected at present, and have better security. Understand the difference.

  17. Statements about technology should be supported by fact Anonymous -- 17/10/06

    If you're making a statement about alleged technological superiority, then you should give some facts about the technology instead of just assuming your conclusion from the start. Is Mac technology more or less secure than Windows technology? How would you know? How about a comparison between Apple's Unix implementation and Windows? How about an investigation into specific kinds of vulnerabilities such as Office macros and e-mail attachments? Without such a discussion, you've given us an opinion without any reason to listen to it.

    1. Spot on Fred Oz -- 17/10/06

      There are manycommentators in the OS security debate who rage about what is more or less secure without ever defining some criteria for "secure".

      I can think of a number of measures, each of which may be more or less important to different types of user. For example, one measure might be exploits in the wild. Another might be number of compromised machines, adjusted for network presence if you must.

      Another might be number of known vulnerabilities, anther the rate at which vulnerabilities are discovered.

      Once you have decided on the criteria, you can determine the relevance if each criterion to a paricular user's circumstance. Thereby you can objectively decide platform that is more secure for certain types of user.

      There are other critieria to consider too - such as the value of the information that might be availble to a certain exploit, how hard the hack is to discover and remedy, how easy it is to actually implement, and so on.

      So how about it, ZDNet?

    2. Doesn't matter much Anonymous -- 17/10/06

      It really doesn't matter which of the criteria you proposed are selected. The Mac wins hands down on ALL of them.

      That's why it irks me that idiots like this ZDNet writer pretend that Windows is just as good.

  18. Absurd, Pathetic, Weak Attack Anonymous -- 17/10/06

    The only successful Mac attack was a fake. Two security professionals at a conference installed special (PC) cards with special drivers to PROVE that the Mac was vulnerable!!! Pathetic. It turned out that one of the guys had seen the Mac PC commercials, and said that he'd like to "stick a burning cigarette in the eye" of "smug" Mac users. The only real attacks on the Mac are from journalist-wanna-be's like yourself.

    Apple has done a superb job. Give them credit. Never once - NOT ONCE - have I ever been attacked, nor has any Mac user I have ever heard about, aside from the jealous, grandstanding hoaxers mentioned above. Rather than say "that can't be, they're liars" perhaps you should write an article on just how Mac resists all attempts (to date) of attack. Is it the tried an true UNIX underpinnings? The way the mac won't allow installs without authorization as Windows does? Obviously what Mac has done is working... so why don't you write about that?

  19. no secure OS??? Anonymous -- 17/10/06

    OpenBSD has had only one remote hole in the default install, in more than 10 years!

    1. True - but.... Anonymous -- 17/10/06

      That may be true (I don't have any way of knowing about OpenBSD), but it disproves the author's argument. He claims that OS X doesn't have any viruses in the default install because its market share is too low. But OpenBSD has a much lower market share - so how did it get a virus?

    2. vulnurability not the same as a virus Max Riethmuller -- 12/01/07

      it didn't get a virus, a vulnurability was discovered, not a virus.

      Read for God's sake!

  20. Unconfirmed 1 Sighting Versus 900,000 jbelkin -- 17/10/06

    Not sure what your definition of "more" is but I'd say 900,000 vulnerabilities of Windows is more than 1 unconfirmed and unsubstantialed sighting of an alledged malware on the Mac side.

    Especially since on the Mac side, you expand vulnerabilities to include any random software that can be exploited if you step up the machine - if you include that description to the Windows side, where would that stand.

    Face the facts. Windows is poor security risk. It is a fat sleepy tourist on a park bench with all his valuables at his feet and the Mac is a young special forces solidier. The Mac has NEVER claimed complete invulnerabilities (look at their claims closely) but who is much less of a target for pickpockets.

    The Mac has over 25 million users and we're all still safe because any alledge vulnerabilities are closed within days instead of a month or three or one patch after another with then a newer version of IE plus another patch.

    You made a poor choice to go with Windows but that's your choice. Don't knock someone's else better choice just because you choose poorly. Grow up.

  21. Vunerable not likely Din Den -- 17/10/06

    OS-X has been out since September 2000 that is seven years and not a single in the wild threat.

    Each and every Microsoft Windows computer during that time suffers trillions of attacks and billions of breaches.

    Let me see seven years and ZERO vs Billions of infections to remove and data lost. Bank accounts robbed identity stolen. Cost of Mac breaches $0 cost of Windows breaches $100,000 to 1,000,000.

    Yeah that seems about equal if your a moron or a Windows drone but not if your a Mac user.

  22. Move to a better neighborhood Dan -- 17/10/06

    I smile when I read comments such as, Macs are less immune to viruses because they have a smaller market share. I like that. It's like living in a better neighborhood where you are less likely to be burglarized, vandalized, or be the victim of theft.

    I never equated being a victim as being a good thing.

  23. Bizarro-World Anonymous -- 17/10/06

    Since we are not living in a parallel Bizarro-World universe where Macs have 95% market share then er... Macs are more secure. Since this is unlikely to change for many, many years then why can't Apply Tout its security edge? Bonkers MS-pandering article...

  24. Gawd help ZDNet Anonymous -- 17/10/06

    If this is the quality of reporting and technical acumen I can expect from NDNet gawd help us all. Nothing original here BTW. I gave up reading when the whole Intel transition was called in to question from a security standpoint. I can't respond to something as basically absurd as the idea that a CPU and its instruction...oh forget it...I give up...have at it ZDNet!

    1. Funny thing Anonymous -- 21/10/06

      "I gave up reading when the whole Intel transition was called in to question from a security standpoint."

      Yet Apple was criticized by ZDNet at the time for having PPC architecture instead of x86.

      Just goes to show - at ZDNet, EVERYTHING Apple does is wrong.

  25. What a complete prick Trotskiii -- 17/10/06

    What a complete prick, this is crass journalism even by ZDnets standards!

  26. I Beg To Differ... Anonymous -- 17/10/06

    Mac OS X is inherently more secure that Microsoft Windows. BSD Unix and it’s derivatives (including Mac OS X) has been declared as the most secure OS by all the major security analysts and the US and UK governments.

    This does not mean that there are no vulnerabilities in BDS Unix, or Mac OS X, but most are well known and have been patched. Third-party vulnerabilities are a problem for ALL operating systems, not just Mac OS X.

    Windows, however, has a legacy of vulnerabilities inherited from older versions that still plague all versions of that operating system. Additionally, releases of proprietary source code have allowed even more exploits in recent years.

    I do not believe that Mac OS X is "invulnerable" and more hacks will be tried in the future. However, today it is MUCH more secure than Windows.

    BTW - There are only two know "Trojans" for Mac OS X and NO viruses to date. Even "hacks" to show Mac OS X is more generally vulnerable have proven to be overblow or false.

  27. What a Joke Anonymous -- 17/10/06

    Get a brain and a life...tripe does not qualify as journalism

  28. Safer by Built-in Security More Important Walt French -- 17/10/06

    > There's only one thing that makes Macs substantially
    > safer than PCs, and it's called market share...

    Pure, hyperbolic Bullshit.

    Yes, it certainly helps. But the basic requirement of installation permissions, protections turned on by default when the machine leaves the factory, applets using safer (and more obvious) tools than Active-X, no super-use services and hundreds of other technical and social engineering standards are also involved.

    1. Windows can be setup well Max riethmuller -- 21/10/06

      I get your point about of the shelf protection, but nevertheless windows is pretty secure if setup well. Active-X is a bugger I agree with that. Also, as far as software firewalls go thirdparty solutions are usually better (I fnid sygate excellent) than inbuilt. And of course AV software is a must.

      But ultimately, even with active-x, I get no virus problems wth Windows XP and Internet Explorer for the web browsing I do (which includes some porn browsing, I'll admit, but not tenaciously lol)

  29. Rant rampant, argument missing Anonymous -- 17/10/06

    That's a lovely mac boy rant but seriously where is your evidence to disprove the original commentary.

    1. Read my response (below) Anonymous -- 17/10/06

      It's easy enough to shred the arguments this guy provides. Just see my article below.

      So where are the facts? Where are the viruses that affect OS X (not third party apps or third party WiFi cards)?

      If OS X is so bad, you should be able to point to at least one virus (not trojan) in the wild.

  30. Look out Palm Anonymous -- 17/10/06

    your brains are showing, you pin head.

  31. Apple more secure than Windows NT? Anonymous -- 17/10/06

    You truly should seek out employment on some comedy show. I'm sure some night spot in Australia or the United States would hire you.

    pch1351

  32. "Virus" Alert ... or "Bad Reporting" Alert Josh -- 17/10/06

    uh... From my understanding this is a Spam / Phishing email that pointed to a malicious .exe file on an OS X System. This simply means the administrator allowed someone to put a file on the server.......

    You can drop an virus .exe right now in my shared drop box on my OS X machine if you want.

    This is very very different from an Application being remotely loaded onto the OS X Server without the specific ports being opened prior by a Server administrator and without proper security.

    Furthermore, this is a lot different from malware or a virus running as an application on the OS X Server that wasn't specifically loaded by someone administering the computer.

    So I think there is some follow up needed on this matter in regards to the fact checking.

    Cheers

  33. How many mistakes? Anonymous -- 17/10/06

    How many mistakes can you make in one story? Apparently, a lot.

    First, Apple never claimed that their system was immune.

    Second, you bring out the same old 'Macs are only safe because they're obscure' argument - in spite of the fact that many less popular OSs (Amiga OS, BeOS, even Vista) have active malware, while Mac OS X doesn't.

    Third, you apparently don't understand the difference between an OS and an application. Or at least you appear to understand it, but you STILL claim that Mac OS X is insecure on the basis of an application problem:
    "It turned out the miscreants gained entry through a vulnerability in the server's TikiWiki code, a third party package that has nothing to do with Apple."

    Fourth, you make wild, unsubstantiated claims:
    "Still, OS X didn't somehow, magically, prevent the attack as some users seem to think it's capable of doing." I don't know any Mac users who think that their OS can prevent anything bad from happening to their system. Or, at least, no knowledgeable ones.

    Fifth, you can't understand a simple statement: "But Apple's marketing these days seems to suggest its computers are immune to attack " Where did Apple do that? They simply claimed that there are no active viruses TODAY. No one ever said there never will be.

    Sixth, you apparently don't have any clue what 'safe' means: "There is little evidence to justify the claim that Apple computers are more secure than any other, and anyone who points to the low number of reported OS X security bugs, worms or viruses as proof to the contrary is misguided." Sorry, but 'security' is a measure of how much chance my system has of being corrupted. The number for OSX is currently zero. The number for Windows is huge. The number for Linux, Vista, BeOS, AmigaOS, and many others is small, but finite.

    Then you bring up the silly market share argument again: "There's only one thing that makes Macs substantially safer than PCs, and it's called market share; a 3.8 percent market share, measured by net presence, to be precise." Then why are there already active viruses for Vista - along with obscure OSs like AmigaOS and BeOS? And why are there FreeBSD viruses, but none (today) for OS X?

    Then you pull out mindless (but incorrect) analogies: "The ironic part is Apple has, whether it knows it or not, ripped a leaf straight out of Microsoft's marketing playbook. You have to dig around for Microsoft's old Windows NT marketing material -- the company has removed much of it from its Web servers, perhaps out of shame -- but it reads much the same as Apple's current spiel." Unfortunately for your argument, there were plenty of NT viruses, but are still none for OS X. So when Apple said it, it was true - how is that a page out of Microsoft's playbook?

    Then you demonstrate your complete lack of understanding of malware: "And thanks to the computer-maker's decision to switch to an Intel CPU architecture, Mac malware has never been easier to write. Creating security vulnerability exploit code requires a fairly intimate knowledge of the CPU architecture on the target machine.". Sorry, but the majority of malware today is written by script-kiddies who don't need to know much at all.

    Then you repeat the market share argument again: "the security of your products has more to do with your small market share than their technical superiority." Do you really think that repeating your lie often enough will make it come true?

    What happened to ZDNet? They used to be a reputable source of information. With you and with George Ou, you seem to be nothing but Apple-bashers these days.

  34. Inaccurate Story Anonymous -- 17/10/06

    This article repeats two stories that have been repeatedly reputed: 1) Macs have fewer attacks because there are fewer of them; and 2) all operating systems are equally vulnerable to attacks.

    If the first point were true, one might expect that there would be a proportional relationship between attacks on Macs and on Windows machines. In fact, no such relationship exists; in fact, can anyone document a virus, trojan horse or other software vermin that currently attacks the Mac OS and is free in the "wild"? I know of none.

    The second point fails to recognize the difference in the design of the Mac and Windows OSs. Root-level access to the OS is the default mode in Windows, which is one of the main reasons hackers can cause such havoc, especially with unsophisticated users. In the Mac OS, gaining root access is not intuitive, and the OS has been designed to ask for a password when altering the OS if the user is not in sudo/root mode. These protections (among others) make the Mac OS INHERENTLY more secure.

    Having said all this, it is undoubtedly true that someday, someone will find a way to embarrass Mac users with a noxious virus. But I don't expect that we will have to live with situations like the one experienced by a friend of mine with a new Windows laptop: his computer became infected before he could even download the patch that would protect the machine from the viruses the patch was supposed to protect him from.

    In the meantime, the last virus I had on my Mac was in 1987.

  35. alright, let's see where this goes Dan Geer -- 17/10/06

    PREMISE: If as is often stated here and elsewhere
    and in various heated ways, Mac OS X security is
    meaningfully inferior to the Microsoft way, then

    CONSEQUENT: The low observed attack rate against
    Mac OS X machines cannot critically depend on the
    "insecurity" label being placed on it.

    Frankly, my dear, this leaves the protective effects
    of platform diversity as the leading contender for
    the upstream cause of the downstream effect, viz.,
    low observed attack rates.

    --dan, who notes that at the recent USENIX Security
    Symposium 35% of the machines in the room for the
    keynote address had the Apple logo, a 10-to-1 odds
    ratio when comparing to the population at large.

  36. Lets talk Mac OS history Anonymous -- 17/10/06

    Ok back in the days of os 7.6 or so Before the Second Coming of Steve, When market share was so tiny that it was assumed that Apple was going out of business. There came the infamous AutoStart Worm. This took a vulnerability that was inherent in the CD autostart code of the OS 7.5 CD driver. This was in the days of AOL really before the internet was popular. This one Worm started in the Publishing industry in Asia and quickly spread through the world.

    Before the Worm there was the ever present nVir series of Virii that pretty much corrupted just about every file on your mac. The source of this virus was usually college computer lab machines that would spread the virus via floppy disks (sneaker net). I had a full store of macs that ended up getting infected with this one.

    PS in those days you absolutely needed Anti Virus protection. Mac OS 1-9x were totally easy to write virii for and there were plenty, not as many as our DOS/Windows friend's machines, bu