Re: [wpmac] Mac Security (New York Times)
- Right on, Paul. The comparison the author makes is really bogus. All of the "successful" attacks required physical access to the Mac, or took advantage of browser weaknesses, or used Microsoft Office macros. None of these are comparable to the attacks that have wreaked havoc on Windows users. (And all of them have been repaired.)
Apple does repair any security issue as soon as they can after discovery. And Apple does not recommend the use of a security program. On the other hand, a PC is at serious risk if it's virus software isn't on.
TODAY'S QUOTE: "I never vote for anyone. I always vote against." - W.C. Fields
--- On Tue, 4/7/09, Paul Hogan <paul.hogan.atty@...> wrote:
From: Paul Hogan <paul.hogan.atty@...>
Subject: Re: [wpmac] Mac Security (New York Times)
Date: Tuesday, April 7, 2009, 8:53 PM
The article says:Yet Macs’ relative safety is primarily due to their
still-slim market share. They’re simply a waste of time for today’s
attackers, who are trying to accomplish crime on a large scale by
infiltrating millions of computers.
If Apple sells about 2 million Macs a quarter, and they stay in use for 3
years, that is 24 million Macs. If a crook wants to infiltrate millions of
computers, there they are, waiting to be plundered and used by people that
don't buy software to protect themselves. To me, that makes them more of a
target, not less of a target. So, if they remain relatively safe, perhaps it
is for a reason other than their market share.
On Tue, Apr 7, 2009 at 5:32 PM, John Rethorst <jrethorst@...> wrote:
> John R.
[Non-text portions of this message have been removed]
Yahoo! Groups Links
[Non-text portions of this message have been removed]
- On Apr 7, 2009, at 5:53 PM, Paul Hogan wrote:
> The article says:Yet Macs relative safety is primarily due to theirI just submitted this to the site. We'll see if they post it:
> still-slim market share.
The theory that there aren't enough Macs being used, and
as a result virus writers haven't found the Mac to be a worthy enough
target (security through obscurity), doesn't stand up to even the
smallest application of logic.
If there aren't enough Macs in use to interest virus writers, why is
it that there are apparently enough Macs in use to interest other
software authors? There are literally tens of thousands of software
applications for the Macintosh:
Why would it be that there are enough Macs in use for legitimate
commercial software developers, and not for virus-writing sociopaths?
Macintosh OS X has been out now for over 8 years. For eight long
years Windows apologists have been saying that eventually there will
be lots of viruses for Macs running OS X.
The next Macintosh virus will be....the first.
Windows computers have...over 180,000 viruses!
The Macintosh market share is, for the sake of argument, only about
5%. That represents about 25 to 30 million Mac users according to
Apple. That doesn't sound like an insignificant number to me.
The Mac's share of viruses is...what...zero percent? With a 5%
market share, why isn't it
5%? Or even a paltry half of a percent? Why is it an astounding
Back when the Macintosh was running OS 7, OS 8 and OS 9 (prior to the
OS X with its UNIX underpinnings), and the Mac had a much smaller market
share than today, there were a decent number of viruses for the
Macintosh. (Though nowhere near the huge number that exist for
Windows. And most of the OS 8/9 viruses that existed weren't
So, clearly, a small market share does not equal no viruses.
Apparently the lack of viruses for Macs running OS X has nothing to do
with its proportion of market share. Maybe the lack of viruses for
Macs running OS X has to do with something else? Maybe Windows is
inherently more vulnerable
to malware attacks than OS X?
Viruses and Operating Systems
by David Pogue (see page 5 of this PDF)
So Witty (followup to Broken Windows)
Is Windows inherently more vulnerable to malware attacks than OS X?
InfoWorld Publishes False Report on Mac Security
Randy B. Singer
Co-author of The Macintosh Bible (4th, 5th, and 6th editions)
Macintosh OS X Routine Maintenance
- On 08/04/2009, at 10:32 AM, John Rethorst wrote:
Then rewrite the main point of the story to make one point clear:
Windows OS is under continuous attack by nefarious organisations that
seek to profit from any vulnerabilities that they can exploit. That is
bad news for any Windows user. The Macintosh OS is not attacked or
threatened in that way. That is good news for any Macintosh user.
- Another theory put forward used to be that Macs were too expensive for
eastern euro-hackers with no budget. But with a VERY active hackintosh
scene, that theory is put to rest...
On Apr 7, 2009, at 9:52 PM, Randy B. Singer wrote:
> On Apr 7, 2009, at 5:53 PM, Paul Hogan wrote:
> > The article says:Yet Macs� relative safety is primarily due to their
> > still-slim market share.
> I just submitted this to the site. We'll see if they post it:
- I think both sides are oversimplifying things.
It is true - Macs are less of a target. Security through obscurity is very
much in play.
It is also true that Mac OS X, being a Unix based system designed from the
ground up this century, is by its very nature a more secure system.
It is also true that Windows is a much bigger (read more profitable and more
headlines grabbing) target than Mac.
It is also true that Windows is buggy, bloated, and burdened with supporting
over 15 years of legacy apps and leftover code from an operating system
designed before there was a world wide web. There is still code from
Windows 95 in Windows 7. Core code. All of this makes it much more of an
The expense of Macs also can be prohibited for hackers, (European or
otherwise), who are not known for paying full price for anything. And the
Hackintosh scene may change that. (I, for example, have both a MacBook and
a $350 netbook that is running Mac OS X 10.5.6.)
However, what that last part overlooks is - hackers are not
super-intelligent uber-coders who can crank out a world-stopping virus in 60
minutes with nothing more than a text editor on a Pentium 2. Nor are they
slick reluctant heroes who can hijack the Pentegon in 60 seconds if they
have a gun to their heads. They are greedy losers who "stand on the backs
of giants" by tweaking existing viruses, trojans, and worms to do what they
want them to do. The term is "Script kiddies". They just lump a bunch of
scripts that they find on their darknets together to make it do something.
Are their hackers writing original code? Sure - there would have to be,
right? But most viruses - the vast majority of them - are just variations
on a theme. Even this latest major bug "Conficker" was actually "Conflicker
D" meaning there were at least 3 preceding viruses.
All that so say - add to the secure nature of Mac OS X, its limitations on
the hardware it supports, its expense, and its smaller target size - add to
all that the lack of existing malware raw materials for the hackers to use.
Then throw in Windows decades of vulenarablities, its familiarity to
hackers, the vast treasure houses of existing malware to play with, the
bigger target, its widespread use in businesses, banks, and governments, (IE
- Where the real money is), and it's much larger marketshare... Mix, bake,
and serve. Somewhere in there do you get the "true reason" why Macs are
ultimately pragmatically malware free.
In the end, though, the reason why doesn't really matter (until that reason
changes and we're no longer safe). The fact remains I don't need antivirus,
antispyware, antiadware, etc. software on my MacBook. That's good enough
- Chad Smith
On Wed, Apr 8, 2009 at 2:24 AM, Patrick Sheffield
> Another theory put forward used to be that Macs were too expensive for[Non-text portions of this message have been removed]
> eastern euro-hackers with no budget. But with a VERY active hackintosh
> scene, that theory is put to rest...
> On Apr 7, 2009, at 9:52 PM, Randy B. Singer wrote:
> > On Apr 7, 2009, at 5:53 PM, Paul Hogan wrote:
> > > The article says:Yet Macs� relative safety is primarily due to their
> > > still-slim market share.
> > I just submitted this to the site. We'll see if they post it:
> Yahoo! Groups Links