Should Mac users be more concerned about security?
Summary: Last month we saw the Month of Apple Bugs (MoAB) project uncover 31 bugs relating to OS X and popular programs that Mac users run on the platform. But with a handful discovered and bought out into the open, how many more exist? Has the MoAB project made Mac users a little more concerned about security? If not, why not?
Last month we saw the Month of Apple Bugs (MoAB) project uncover 31 bugs relating to OS X and popular programs that Mac users run on the platform. But with a handful discovered and bought out into the open, how many more exist? Has the MoAB project made Mac users a little more concerned about security? If not, why not?
[poll id=89]
I watched the daily drip-feed of exploits from the MoAB project with great interest, not because the bugs themselves were interesting (although some were), but because it was interesting to watch how the Mac community responded to the disclosure of these bugs, or should I say didn’t respond to the bugs. No matter what platform under scrutiny, that many bugs being unleashed, along with exploit code, would make me a little worried about what would happen next. Security just isn’t something that Apple users seem to want to worry about.
But how long will this last for? As Mac user numbers grow and the surface presented to attackers gets bigger (the more applications there are for the Mac – browser toolbars, utilities, browser plug-ins and such – the bigger the surface being presented to attackers is), I really can’t see Mac users being able to ignore security indefinitely. In fact, it’s a credit to the Mac OS platform that they’ve got this far without issues. Given how social engineering tricks on websites can get people who are sitting behind the keyboard to install all kinds of junk onto their systems, I can’t believe that these tricks wouldn’t work on some Mac users too.
Thoughts?
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
Depends on the "community" you're talking about
the whole thing as normal users.
But if you mean the passionate Mac using community and specifically those who
develop for it and promote it (the alpha "fanboys" I guess) then the response was
not only swift but very revealing.
Within a day of the VLC overflow bug appearing, a prominent developer had
analyzed it, revealed the problem, and released a patch. For free. On his own
time.
That says volumes about the Mac community.
Or if you are talking about the specific Apple development team responsible for
such things: virtually all of the non-trivial potential exploits have been patched as
of the most recent security update. That's within 30 days of the proof of concept
flaws being illustrated.
So, while it would be good if the mom & pop Mac users were more in touch with
the importance of security on their chosen platform, it is also true that due
attention is being paid by those who should be paying attention.
Better concerned today than infected tomorrow.
Mac users also need to remember: Bloated egos make crappy firewalls.
Complacency
OSX has provided it's users with 6 years of consequence free computing. For the
bulk of users, being non-technical, what this has essentially meant, is, they
haven't had to worry about malware spyware, viruses etc.
Apparently, this makes Mac users naive.
Before the PC community starts congratulating itself for it's new 6 billion dollar
UAC prompt, it should consider this record. Regardless how secure Vista now
proves to be, you can't get the last 6 years back. It will take some time to catch up
with Apple's record of no-worry computing, and it's fair to say that no one is
standing still in this game.
At the end of the day, Apple users want to avoid security problems as much as
anyone. The declarations of who is arrogant or complacent should be carefully
considered. The folks who have suffered through billions in lost productivity, are,
just perhaps, not the people to lecture those who have not. You can log that as
arrogance if you see fit.
These are Mac users we are talking about...
How the hell Mac users can be so arrogant about how superior their product is when it has been documented just how dire the hardware is, and the fact that [b][u]one[/u][/b] researcher managed to find enough bugs to fill a month is truly outstanding.
Mac users shouldn't be concerned about security, they should be concerned about the high price tag of the products they purchased, and whether or not that purchase actually represented good value for money.
Only then should they get down to petty issues like security etc.
You should...
31 bugs in a month for Mac
What would you have them do?
The obvious question--if you think Mac users are not concerned enough, what would you suggest that they should be doing? Should they be more vocal, more theatrical? Should they run around declaring that the sky is falling? Seriously, as a Mac user, is there something I'm not doing regarding security that you think I should be doing?
wait wait wait...someone's gotta say it...
lol j/k...but as a fellow Mac user (it dual boots linux and OS X), my school of thought is there's not enough other Mac users updating their software. Unless you have apps that can't specifically run on 10.2.8, 10.3.9, or 10.4.8, you should be at one of those versions of OS X, and even then, most apps run better on updated versions of the operating system.