Replies

Pardon me for seeming to be a bit rude, but anyone who thinks that Apple MACs are inherently more secure than Win7 is living in a fantasy world.

MACs are not secure, period. First, just as with Windows, there are plenty of security vulnerabilities created by third-party apps. For example, Skype 5 for MAC - that's "for MAC," not just Skype 5 generically - has a vulnerability that "allows remote chatters to gain control of a system" - from Macworld, May 6, 2011.

Second, the MAC OS itself is no more inherently secure than Windows. For example, there is a piece of MAC-specific malware, called "Mac Defender" - cute name, I guess hackers have a sense of irony, if you will - that Apple has admitted is a problem, as per this May 25, 2011, Macworld article.

That security is an increasing issue for MACs is made clearer in this January 2011, TidBITS article:

Recent moves by Apple, especially the hiring of prominent security experts like David Rice (the author of “Geekonomics: The Real Cost of Insecure Software”) and Window Snyder (former head of security for Firefox maker Mozilla), combined with frequent product updates, indicate that Apple may be quietly, yet significantly, improving their security infrastructure.

The article also makes clear that the Mac OS can be trivial to hack for those who know how to hack:

But don’t think for a second that Macs are invulnerable or immune to security issues. Just last week I saw engineers at security software maker Immunity (in a Web-based demonstration) exploit an up-to-date version of Mac OS X 10.6 Snow Leopard via Safari using a new, unpatched, WebKit vulnerability. All it took was clicking on a single link to give the attacker full control over the Mac.

Finally, as both articles (and a bunch of others) make clear, Win7 is substantially more secure than WinXP.

There are even some interesting little tidbits on a platform vs. platform comparison. For example, as stated in this Feb. 1, 2010 CNet article:

Meanwhile, Mac users are just as vulnerable to Web-based attacks like phishing as PC users are, and Mac users who fall prey to phishing tend to lose more money on average than PC users do, the survey found.

Oops. Apparently, a false sense of inherent security lulls one to sleep. As someone once said, that which doesn't kill you makes you stronger, and PC users appear to have grown stronger from their lack of false security.

Finally, here's an interesting little take-away from that CNet article:

"If you look at the number of published vulnerabilities in software and the number of users and compare Windows versus Mac OS you will discover that Mac OS has far more published vulnerabilities per user than Windows does so I think the data pretty much speaks for itself.

-- 3ric Johanson, security researcher

(no, that's not a typo, he apparently does go by the name "3ric" in real life.)

What it really comes down to is the subjective measure - how comfortable are you with this or that OS - and not some supposedly objective measure of security, not because security isn't an issue, but because MAC and Win7 are pretty much neck and neck - each has different vulnerabilities, but both are vulnerable - and because the biggest threat isn't in the software, it's in the wetware between the user's ears.

Pardon me for seeming to be a bit rude, but anyone who thinks that Apple MACs are inherently more secure than Win7 is living in a fantasy world.

MACs are not secure, period. First, just as with Windows, there are plenty of security vulnerabilities created by third-party apps. For example, Skype 5 for MAC - that's "for MAC," not just Skype 5 generically - has a vulnerability that "allows remote chatters to gain control of a system" - from Macworld, May 6, 2011.

Conservatives generally recognize that journalism is biased; I like to think that I have studied that phenomenon more deeply than most. One observation I would make is that although journalists do sometimes lie, the deceptive half truth is generally their weapon of choice. This is even explicitly codified in the "'Man Bites Dog' rather than 'Dog Bites Man'" preference of journalism. And here we have an example of that in an FR comment: an example of excessive flexibility in coding for an application (Skype) turns up in an exploit, and it is news. It might have seemed like news, to be fair, if it happened to Win 7 - but in any previous incarnation of Windows it would have been strictly a "Dog Bites Man" story. And the story is extrapolated to other applications by citing it as an "example" when, so far as I am aware, no other app has been implicated. Nor, I warrant, will it be - the permissiveness which allowed Skype's coding malpractice to run under OS X has surely been corrected by now.

Second, the MAC OS itself is no more inherently secure than Windows. For example, there is a piece of MAC-specific malware, called "Mac Defender" - cute name, I guess hackers have a sense of irony, if you will - that Apple has admitted is a problem

Meanwhile, Mac users are just as vulnerable to Web-based attacks like phishing as PC users are, and Mac users who fall prey to phishing tend to lose more money on average than PC users do, the survey found.

Oops. Apparently, a false sense of inherent security lulls one to sleep. As someone once said, that which doesn't kill you makes you stronger, and PC users appear to have grown stronger from their lack of false security.

Which is it? Are Mac users too credulous of the claims that Mac is substantially more difficult to produce self-replicating viruses for - or are Mac users too credulous of claims (such as your own) that we need to install whatever fly-by-night "antivirus" software comes at us over the Internet proclaiming that the sky is falling?

What it really comes down to is the subjective measure - how comfortable are you with this or that OS - and not some supposedly objective measure of security, not because security isn't an issue, but because MAC and Win7 are pretty much neck and neck - each has different vulnerabilities, but both are vulnerable - and because the biggest threat isn't in the software, it's in the wetware between the user's ears.

I know that you are correct, regarding the Mac at least. I hope you are correct in saying that Win7 is as resistant as OS X.
I'm for taking good security measures, but I decided that if distinct self-replicating viruses number in the thousands which can turn my computer against my security are effective against my system, I was using the wrong OS. And that's why I dropped Windows. I know that it's impossible to make, and prove, 100% reliable security. I just don't want to be so vulnerable that I am an easy target for phishing attacks exploiting my knowledge of that vulnerability.

"If you look at the number of published vulnerabilities in software and the number of users and compare Windows versus Mac OS you will discover that Mac OS has far more published vulnerabilities per user than Windows does so I think the data pretty much speaks for itself.
What, precisely, does "published vulnerabilities per user" mean? That metric seems to suggest that if there are, for example, ten vulnerabilities in Linux that is a bigger problem than a hundred vulnerabilities in Windows if there are more than ten times as many Windows users than Linux users. And I just don't see why that would be the case. Nor do I see how all "vulnerabilities" are equal. Either a "vulnerability" produces an attack on my computer or it doesn't. And if it doesn't, that either means that it is an illusory "vulnerability" or that the OS supplier has nipped it in the bud. The only thing that matters is how hard it is for me to keep my computer exclusively under my control.