Ryan Naraine
Apple's fault
Users' fault
Christopher Dawson
Best Argument: Apple's fault
The moderater has delivered his final verdict.
Opening Statements
Unforgivable
Ryan Naraine: To really understand Apple’s negligence on security, we have to go back to 2006 and that famous “Mac vs PC” commercial http://www.youtube.com/watch?
This perpetuates a false sense of security among the Mac faithful. Mac OS X users have the mindset that security is not important and this complacency leads to long delays in patching dangerous security flaws and responding to in-the-wild attacks.
This iBotnet (more than 685,000 infected Mac machines) is entirely Apple’s fault. The Java patch (CVE-2012-0507) was issued for Windows on February 14, 2012. This same vulnerability affected Mac OS X but Apple didn't provide a fix until April 3, 2012.
Apple left its users exposed for 49 days, providing a large window of opportunity for malware writers to build a botnet. Unforgivable.
Naive users
Christopher Dawson: It's easy to blame Apple for the widespread infection of Macs with the Flashback Trojan. Actually, most would argue that Apple should be more proactive in anti-malware development; to date, this has taken a backseat to user experience. However, that lack of focus on security is as much (or more) the fault of naive users who blithely go on buying shiny new Macs and iOS devices, smug in their apparent invulnerability to rogue software as it is Apple’s.
Why has Windows evolved into a remarkably secure environment? Because the market first demanded and paid for powerful third-party software and then demanded native anti-malware solutions, again speaking with their wallets, by purchasing (ironically) Macs or running Linux. How many Mac users run antivirus tools on their machines even if only to prevent spreading Windows infections? Not many (says the debater writing this on his Mac running both Avast and ClamXav).
Talkback
Not mutually exclusive?
Probably a bit of both. Although I'd hold Apple more accountable.
Although . . .
True ...
49 day delay is Apple's shame, but obviously only *twice* clueless people
1) they had to believe that Flash does not update itself -- even though it does, and does it quite visibly;
2) they had to believe that Flash update should be on some weird non-Adobe site.
Otherwise, getting this trojan would be impossible.
DeRSSS still spreading dangerous misinformation
Honeymonster still spreading dangerous misinformation
You could never get infected visiting any regular site (ZDNet, CNN, et cetera).
.nu services
You can blame cyber crims....
Apple has put ALL their user's data in one huge basket and that is a very dangerous trend.
This is before you even argue about the merits of Apple's security measures in their OSes. Or the fact that Apple has sold their users a false sense of security thus the users lower their guard. Couple that to the fact Apple is the SLOWEST to offer security updates and you can bet that Apple users will be targeted by crims because Apple set up the ideal environment and infrastructure for hackers.
Crims are opportunistic. You can blame crims but Apple is largely to blame for setting up the opportunity.
No organisation, not even Apple's billions, has enough resources to shut down cyber crime significantly. The money is better spent in improving security and educating users.
@warboat
Apple has put ALL their user's data in one huge basket and that is a very dangerous trend."[/i]
First, just because you use a Mac does not mean you have to use iCloud but of course I am sure you actually know that. Second, isn't Google putting all the customer information into one place in the same way that Apple is. Do you have an issue with Google doing this or is it like so many other statements you have against Apple, it's only an issue because it's Apple and not somebody else?
Enough Blame to go Around. Twice!
The users who are drawn to Macintosh tend to be non-technical people, and a huge element of that attraction is the belief that you can use Macintosh and own it, problem free, without needing any technical smarts. And so, these people willingly and enthusiastically buy into the Macintosh Mystique.
And so, you end up with a huge Macintosh user base that enshrines beliefs such as Macs don't get viruses (or other malware), and which have no understanding of file and directory fragmentation, the prospect of hardware failures (e.g., bad blocks on a disk), the high failure rate of today's SSDs, or even things such as a tested and proven data backup/recovery strategy.
It could be said that in some ways, Apple and its users deserve each other: Those who so want you to believe in heaven, and those who are so willing to believe there is one.
FWIW, I was a rabid MacZealot for over a decade. I still have several Mac, but my main computer by a wide margin is a Windows XP PC. I don't think Macs are crap. I believe Apple has created a solid niche for a certain type of computer user. But I also believe that even that kind of user is best served to have a moderate level of knowledge and understanding about the machine they operate, and how to maintain it properly.