Excerpt:
Windows is more secure than you think, and Mac OS X is worse than you ever imagined. That is according to statistics published for the first time this week by Danish security firm Secunia.
…
The stats, based on a database of security advisories for more than 3,500 products during 2003 and 2004 sheds light on the real security of enterprise applications and operating systems, according to the firm.
…
One thing the hard figures have shown is that OS X’s reputation as a relatively secure operating system is unwarranted, Secunia said. This year and last year Secunia tallied 36 advisories on security issues with the software, many of them allowing attackers to remotely take over the system - comparable to figures on operating systems such as Windows XP Professional and Red Hat Enterprise Server.
For example, Windows security holes generally receive a lot of press because of the software’s popularity, but the statistics show that Windows isn’t the subject of significantly more advisories than other operating systems. Windows XP Professional saw 46 advisories in 2003-2004, with 48 percent of vulnerabilities allowing remote attacks and 46 percent enabling system access, Secunia said.
…
Mac OS X doesn’t stand out as particularly more secure than the competition, according to Secunia. Of the 36 advisories issued in 2003-2004, 61 percent could be exploited across the Internet and 32 percent enabled attackers to take over the system. The proportion of critical bugs was also comparable with other software: 33 percent of the OS X vulnerabilities were “highly” or “extremely” critical by Secunia’s reckoning, compared with 30 percent for XP Professional and 27 percent for SLES 8 and just 12 percent for Advanced Server 3. OS X had the highest proportion of “extremely critical” bugs at 19 percent.
beowulff, you’re $30 down for the data above for “highly” & “extremely” critical exploits.
…and before somebody points out that MAC OS X is more mature now, so is Windows. Both have been patched against the bugs that are listed in the report.
Patching is the process where old bugs are removed and all new bugs are installed.
There’s a recognized always true statement for any operating system, “Fortunately, the next-to-last bug has just been fixed.”
…and my article above points out that the meme that OS-X’s reputation as having a “virtually nil” level of threat from viruses is, in fact, false.
My advice? Use what you like, be smart downloading and keep your patches up to date. Don’t decide what OS to use based on the OS, decide what OS to use based on the programs you want to run and the price to run them. You don’t run an OS to run an OS. You run an OS to run programs.
I’m a card carrying mac zealot, but ultimately the best choice for you is going to depend on what you really need in using your computer. I love macs, but for the most part PCs are fine - there are even a couple of things PCs do that make more sense to me than the Mac. PCs have a bit more software, and are a bit cheaper to upgrade. The general UI is decent but it’s based on a paleolithic core process that tends to create weird problems that cause crashes and reinstalls. And unless you are vigilant they tend to be spam/malware/virus magnets.
I think the fact that you can run your PC stuff off the mac is a big have your cake and eat it to bonus.
You should probably spend some time with someone else’s PC before you decide. Usually these sorts of decisions come down to some arbitrary litmus test based on personal preferences. Something you just can’t live without, rather than overall pluses and minuses.
You might want to keep in mind the fact that you already have the two computers, so it’s not just a mac vs pc issue. You might want to pick the machine that’s going to perform better.
Mac OS X: 12 Advisories of which 67% were “Highly” or “Extremely” critical.
XP - Home: 29 Advisories of which 41% were “Highly” or “Extremely” critical.
XP - Pro: 32 Advisories of which 37% were “Highly” or “Extremely” critical.
Vista: 30 Advisories of which 27% were “Highly” or “Extremely” critical.
So, doing a little math for number of critical bugs:
OS-X: 8
XP Home: 12
XP - Pro: 12
Vista: 8
So - that’s a tie for Vista & OS-X for 2008. XP was 3:2 with Mac. Not “virtually nil”.
I declare you “Fanboy” and “Apologist” and will give your opinion all the merit it deserves.
FWIW: I like Unix, the base for OS-X. I’ve administrated unix boxes for 17 years. I know their vulnerabilities & I know there is no such thing as an operating system that cannot be exploited. Just declaring something as perfect because you want it to be so doesn’t change that fact that all OS’s have flaws.
If you want to point out a benefit, it seems that OS-X is a bit faster at fixing the bugs you claim don’t exist.
I never once said it was perfect.
All I’ve said is that the real-world (as opposed to theoretical) risk from malware is orders of magnitudes greater running Windows compared to running OS X.
Your (and kinthalis’s) argument is something like “Both Israelis and Palestinians are equally vulnerable to attack, therefore there is no more risk in being a Palestinian in a conflict” In other words, BS.
Virus
2.16.2006 News Mac OS X Virus Alert - Sophos Anti Virus has found the first ‘real virus’ for Mac OS X known as OSX/Leap-A or OSX/Oompa-A.
Trojan
4.19.2006 News Symantec’s LiveUpdate for Macintosh does not set execution path environments allowing non-privledged users to change the path opening up potential to trojan horse attacks.
5.24.2006 News
Xcode 2.3 has been released due to a xcode security advisory (apple APPLE-SA-2006-05-23). The impact of the security issue would allow remote attackers to obtain or modify WebObjects projecs while Xcode is running. Security Focus Advisory.
9.18.2006 News
Multiple Firefox Vulnerabilities have been reported including man-in-the-middle, spoofing and cross-site scripting attacks and holes potentially compromising the users computer.
10.25.2006 News
The Openbase application included with Apple Xcode has been proven prone to multiple privilege escalating issues
11.11.2006 News
Intego VirusBarrier X4 Definition Bypass Exploit covers an issue discovered by Kevin Finisterre that would render the anti-virus software incapable of detecting viruses.
11.21.2006 News
Mac OS X Apple UDIF Disk Image Kernel Memory Corruption is an advisory and proof of concept exploit that demonstrates a bug in Mac OS X com.apple.AppleDiskImageController.
12.19.2006 News
Apple Security Update 2006-008 has been released today fixing a security issue in Quicktime for Java and Quartz composer. The update is available now via Software Update and the link provided. This fix fixes a issue that could allow malicious websites to access private information without the users consent.
Exploits exist & they viruses were being written to them. “Nil” is debunked again. EDIT: I just snipped from 2006 listings - they go on. This doesn’t mean that 2008 had no exploits.
I was raised on a Mac until I went away to university. At that point, I switched to a Windows machine. It’s still running 6 1/2 years later but the next computer that I buy will be a Mac.
Windows is decent but I don’t understand it the way I do with a Mac. At work, sometimes I need to run a program in DOS and it’s completely foreign to me. If something goes wrong with my computer, my first instinct is to call for help. On my Mac, I can poke around to figure out what the problem is.
(Note: The above statement is only meant to describe me and is not a general comment regarding the two systems.)
The viruses & exploits on the securemac.com website remain. All this proves is that Apple wants you to think they’re secure and they’re very, very good at PR.
Apples are safer because of “security through obscurity”. This does not mean they’re safe.
This looks like the Mac virus that won’t die, one year old and still out there. Now, if Mac users were realistic about their susceptibility, rather than their belief of invulnerability, there just *might *be less of this Trojan out there.
Note: Bulletin is one month old.
12.17.2008 News
It’s been a year since the DNSChanger Trojan Horse was discovered in the wild. In the intervening months, it has grown to become the single most widespread piece of malware on OS X, with multiple variants actively affecting Macintosh computers world-wide. To promote safe web browsing, SecureMac has issued a bulletin on the DNSChanger Trojan Horse detailing common symptoms of infection, ways to check for and remove the Trojan, and a list of safe practices to use when surfing the web.
Why is it so hard to believe that Macs don’t really need to have anti-virus software because of their miniscule marketshare? People who create viruses want to wreak havok. You can wreak much more havok on an OS that has ~90+% marketshare than one that has ~5%. Yes, Macs are more secure, but it’s only because they’re not a large enough market to pay attention to.
I wouldn’t be surprised if a lot of Mac viruses come out in the next few years, since I’ve seen a lot of people switch (or at least consider) a Mac who never would have before. Larger marketshare means higher likelihood of having virus-writers focus their sight on you.
I’ve had to reinstall on many many many machines over the years. That and there is almost always some stupid popup error.
As for this ‘Mac’s interface and file system is confusing’ thing I don’t understand. There is little difference between a Mac’s file system and a PC’s file system from an user’s standpoint.