For security, you can't beat Mac OS X

For security, you can't beat Mac OS X

Summary: Is Mac OS X more "malware resistant" than Windows and Linux or is the market share too small for hackers to bother with? Does fewer patches for Mac mean increased productivity?


Today I came across a very interesting post over by Marius van Oers on McAfee's Avert Labs blog which looks at the malware count for Windows, Linux and Mac platforms:

Today we know of over 236,000 malicious malware items. These are mostly meant for the MS-Windows environment. Only about 700 are meant for the various Unix/Linux distributions. Current known Mac OSX malware count is even less with 7, so pretty much non-existent at the moment.

Let's take a second or two to digest those numbers.236,000 v. 700 v. 7 – no matter what way you cut those numbers, that means a lot of Windows-based malware seeking out new hosts and almost none targeting Mac OS X users.  I'm not sure if this makes Mac users feel smug about their operating system, but it certainly gives them a lot less to worry about, which has got to be a nice feeling.

[poll id=114]

But here's the pivotal question - is the Mac OS X platform "malware resistant" or is the install base just too small for hackers to bother with the platform?  Here's what von Oers thinks:

"... it is clear that OSX malware is not taking off yet. With an estimated OSX marketshare of about 5 % on the desktop systems one would expect to see more malware for OSX."

That hints that OS X might be a tough nut for hackers to crack (although the Month of Apple project might suggest otherwise) and that this is keeping malware under control.

Now all this has got to be compelling for those who just want to get on and use their hardware.  What I find is that on my Windows-based notebooks there are always updates to come in and be installed - Windows Updates, antivirus and firewall updates, applications updates ... the list goes on.  What I noticed when I had the MacBook Pro was that I could just flip the lip and immediately start working without all those update distractions. Sure, there were occasional updates from Apple and for Firefox, but given the negligible attention being paid to the platform by hackers, few of the updates felt at all urgent.  This in turn has to have a positive effect on productivity (or at least it did for me).  Apple also tends to bundle a huge number of fixes into a single download, which makes the patch seems smaller.  Compare this to Windows where almost every update feels critical and time has to be set aside at startup to applying patches and then rebooting.  This isn't good for productivity – or stress levels.

On a side note, I think that it's odd that Apple are marketing the under the unique selling point of not being an office (why have an office tool in the home sort of thing).  There's a potential for an identity crisis here in the future if Apple isn't careful. 

Thoughts?  Is security the main selling point of the Mac OS (especially among professionals)?  If you are a Mac user, do you feel that the additional cost of the hardware is offset by the time you later save having to administer software updates and patches?  Does your Mac make you more productive?

Topic: Apple

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Apple's switch to Intel may enable more malware.

    One of the things that kept Mac OS Classic and X relatively safe all this time was the fact that fewer hackers knew PowerPC (and Motorola 680x0 before it) machine / assembly language and the internals of its registers, [i]etc.[/i], compared to how many knew the Intel / AMD x86. The smaller market share was coupled with a steep learning curve for those who would write malware for it (they not only had to learn the internals of a new and complex and highly secure OS, but also of a whole new [to them] CPU family), thus weeding out all but the most determined.

    The switch to Intel processors means that would-be malware writers can now leverage their existing x86 know-how, and need only learn the OS itself (and the Darwin core is open-source, remember, so anyone can get the source code for free).

    The security features of OS X compared to pre-Vista Windows are still a formidable barrier, though. Nevertheless, there is one less barrier now.

    In the long run, I think the switch to Intel will hurt Apple for this very reason. It cost them a major portion of their security through obscurity.
    Joel R
    • In their long tradition, Apple makes it easier...

      First for the idiots and now for the hackers. But that's okay, these changes only benefit Apple's bottom line. And, in the end, that's all that matters. (Why else did they take forever to FINALLY get into recycling and environment-friendly programs when other companies have been doing it for years?)

      As for open source, one can readily get the source code. But people have been good at reverse-engineering Windows code, and (at least for Linux) the official release code is tightly controlled.

      As for learning OS X, it's not much different from FreeBSD -- Apple's desire to do things as sleazily as possible will do them no favors. (And I doubt those who coded FreeBSD in the first place would enjoy their efforts being hijacked as such.)
      • Bite this !

        Those who wish to remain secure are still using the PowerPC architecture like myself . If anything I will wait it out for a couple of more years to see what happens to the Intel based Macs . If it's still secure , I'll buy it then . I'll you one thing though and that is I won't be dual booting in Windows . I'll keep it pure .

        "In a world without walls and fences , who needs windows and gates."

        Mac OS X & Linux ROCK !
        • Look around

          [i]"In a world without walls and fences , who needs windows and gates."[/i]

          When you looked around, you saw a wall, didn't you? Don't lie.

          And I just looked out my window in my wall, and whaddya know... I saw my fence. And my neighbor's fence, and my neighbor across the street, I saw his fence too.

          Your "quote" is stupid.
          Hallowed are the Ori
          • Perhaps if you understood the quote better you would understand .

            "In a world without walls and fences , <--- I refer to the W.W.W.
            who needs windows and gates." <--- exactly , who needs a product throwing up barriers in your face all the times .

            Aren't you feeling kind of stupid now ,,, moron
        • Over priced scare mongering is not welcome...

          Essentially if you want to fork over twice the money for slower hardware and software that is not compliant with what the majority of computer users have, then be my guest.

          Security isn't an issue to most regular people that use generic PC's. AVG security is free and unabtrusive. You can get a bootable (using a HD USB Key, a CD or a DVD) Linux OS like Knoppix for free and use it (if you are paranoid about security or have a special security need). Knoppix is very easy and intuitive to use.

          The generic computers these days are much faster than most people require and capable of running multiple programs simultaneously.

          If you are afraid that your computer might be bogged down, spend more money on a better machine (before wasting it on an Apple). I would gladly pay the same for an Apple as a generic computer; but the fact that it is not the popularly supported machine and it costs an arm, a leg and a left nut simply steers me in the direction of the popular machine.

          I have never had a virus, my machine runs faster than my cousin's Apple, and it does anything I need. I feel no need to move to Vista, XP works for me.

          I think misconception is the main problem in this case.
          • Price?

            Example? You're evidently full of lies and FUD. Do you even know how much one
            costs? Twice as much? Forget it.
          • Twice as much?

            I recently compared the tech.specs of the Dell that my colleagues were buying (we use really high end laptops in our office). I found that there was barely any difference.
            If you include into the equation that over the use of 3 years you'll probably upgrade the OS once and the the same goes for the Office Suite.... You'll end up paying quite a bit more for a generic high end machine.
            On another note: one of the true lovely features of my MBP is that it kicks in in 3-4 secs after I open the lid. Try that on on any winslow machine.
        • Bravo!No sense . . .

          in following the Intel/Microsoft trail of bread crumbs to more and bigger "bloatware." "If it works for you, don't fix it."
      • What?

        I thought all the hackers were breaking into windows...thanks for clarifying that.
      • FreeBSD?

        You're wrong. The people at FreeBSD are delighted that a major company has
        taken such interest in their software. For one, it's encouraged me to install it on
        my computer, and I use it for everything I would use any desktop computer for. I
        find it far superior to Linux for many reasons, and usually Just Works. OS X,
        however, deals with EVERYTHING for me. I've never had to rewrite rules for my
        firewall, that's automatic. I've never had to edit .<insert name of program here>rc,
        and I've never had any downtime on it due to a config problem.

        I use OS X on my Macbook, and it is definately the only OS I'd ever run on a laptop.
        It actually can handle power management properly, being the only OS I've ever
        used that can do that.

        Oh yeah, not much different from BSD? Have you seen the kernel? Darwin is
        NOTHING like any of the BSD kernels. Get the facts....
    • What hooey

      The vast majority of hacking on the UNIX platform is done with shell scripting, not
      in machine code. What makes you think that hackers work mostly in machine
      code? I can assure you that they don't.

      So hack a system you need to find a way to hook into the OS superstructure -- in
      other words, crack a window. What's in the foundations is almost completely
      irrelevant, because the foundations are not what interacts with the outside world.

      Hopefully this analogy will help all you who are afeared of Intel to see that this will
      have zero effect on Mac security.

      Also your argument completely fails to explain why other flavours of UNIX are so
      secure ... despite Intel having been their primary platform for a couple of decades

      Of all the theories about Mac security, this is one of the most misinformed.
      Technicolour Squirrel
      • what he said

        Has anyone done hardware hacking since the 80's?
        • Yes.

          Former Soviet Union technicians, looking for their next meal, have a lot of ability in this field. They learned it spying on theinr "enemies." If what i am told is true, hardware hacking is so unexpected, and writing to prevent it is now a "lost art," that more than one Eastern Union and Russian based person or group turn out virtually undetectable invasive software written to the language of the target hardware. Most of this, of course, is not aimed, for the moment, at home desktops.

          In the future, however, looms the possibility of one competitor paying to infect another's products, even hardware drivers. Then, there are always still someone's Raid stacks to re-sequence, or a BIOS to disrupt (on next start-up.) "Everything old is new again."
      • Not quite

        Although it's not a Bad Thing? as such, the Xbox-Linux team had to do a lot of
        assembly coding to get their own code to run...
    • Unix/Linux runs on more architectures

      Now here. If the architecture was the real issue here Linux/Unix would be the most vulnerable of all. Lets quote the article.

      "Let's take a second or two to digest those numbers.236,000 v. 700 v. 7"

      Now lets look at the gentoo's( a particular Linux distro) package list.

      alpha amd64 arm hppa ia64 mips ppc ppc64 ppc macos s390 sparc sparc fbsd x86 x86 fbsd

      Now take out the ppc macos one and both fbsd (sparc and x86). That still leaves us 11 architectures it runs on. If your argument held any truth. Then all hackers could leverage all their skills on gentoo (and other distros as well). So not only could x86 hackers exploit their skills, so could PowerPC, Sparc etc.

      But that doesn't happen does it. Linux is still as the article says 700 vs 236,000. If we split those 700 among the 11 architectures we are still falling short of 7 by a factor of nearly 10.

      Your point is correct in the fact that architecture does influence the way you can crack a system. It is easier when you know the architecture. True. But it by no means explains the abysmal difference in exploit count. Pre Vista systems are flawed by design and Vista systems are flawed by design too. The former because they lack proper security. The later because, while having proper security it becomes so obnoxious users will probably turn it off and end up with little or no security.

      Believe me the "I just works." line isn't some catchy marketing thing from Apple. The thing just works.
      • Good point

        More important, answered with some science to back up your argument, unlike what most of the rest of us have been doing so far, scientifically baseless opinions.

        BTW: In their world of defining and breaking systems, these people refer to themselves and "crackers." "Hacking" is finding and defining the target, in their vernacular, then writing the invasive software after the cracker instructs them about methodology.
    • You are clueless

      Sir, to get anything doe from a malware point fo view, you need knowledge of the Operating system you are running on, and how to access the hardware pieces that are important: network, data access, etc, etc...

      Those are the province of the Firmware and the O.S. - that is, the O.S. uses the Firmware hooks to link to the actual devices, which then do the job. The reason malware is possible is because the O.S. makes a layer of abstraction which makes the specific hardware less important. Including, of course, the processor.

      What this means is that there is essentially _no_ benefit to Apple being on Intel vs. PowerPC. There, actually is _some_ benefit to Apple OS-X being a Unix derivative, because the shell scripting is portable between it and other Unix derivatives and Unix-like operating systems. Now, if they had mde it a Plan-9 derivative instead, then it would be free from that consideration.

      Anyway, I'm glad to see the '700' number for Unix/Linux - it means the guy working the Article didn't multi-count the Unix/Linux exploits based on the number of distributions it affects.
    • There are also more tools...

      There are also more tools available to hackers in Windows vs Mac-OS X to help them develop malware. This is probably related to the larger installed base of Windows over Mac-OS X. Even though Mac has gone over to x86, the fast development of malware has been accelerated by toolkits and until these become more ubiquitous for the Mac I think you will still see slow growth of malware for the Mac.
    • There was much more malware for OS 9

      Despite the small market share, and the Power PC chips or Motorola chips, there was much more malware for OS9. OS X is a much tougher nut to crack.

      And to address the end of the article, try to buy a similarly equipped Windows machine for less. Macs are not more expensive. They simply do not make junk models which sell for less.