• The Myth of Mac OS Security Rears its Ugly Head (Again)

    March 26th, 2005

    Those of us who reside in the Mac universe have had a relative freedom from computer viruses and other malware. Sure, we had a few dozen viruses back in the days of the Classic Mac OS, but since Mac OS X came about, the worst we’ve seen were proofs of concept. In other words, the potential vulnerability can be duplicated in the laboratory, but real infections have yet to occur.

    So why do they have tens of thousands of viruses on the Windows platform, plus an unknown number of spyware outbreaks? Why isn’t the Mac OS subject to similar invasions to our serenity? Well, the common theory, voiced unfortunately by some makers of virus protection software in a recent ZDNet article, can best be summarized as safety due to obscurity. Since the Mac has less than a three percent share of the current PC market, virus authors simply aren’t attracted to the platform. As the Mac becomes more popular, due to the Mac mini, the iPod halo effect or whatever, you can bet we’ll have to arm ourselves with software to protect us all from the same ills that plague Windows users.

    But is this really true? Or is it an attempt by security software makers to sell product? Maybe the answer lies somewhere in the great gray divide between those extremes. It’s quite true that Apple releases security updates for Mac OS X every few weeks; in fact one came out just yesterday. This isn’t to be taken lightly. Some of those vulnerabilities can cause havoc, but does it mean that the Mac is no more secure than a Windows box?

    I don’t think so. You see, Windows was originally developed as strictly a personal operating system, without support for networking or the rise of the Internet. Microsoft has fixed things over the years not by throwing out the code and starting again but by patching and modifying and in general making Windows one big mess with plenty of pitfalls. I do believe that Microsoft’s “Trustworthy Computing” program is real; they don’t want to see their customers being plagued by malware anymore than the PC user wants to confront such things. But plugging one hole may reveal another, or create unanticipated incompatibilities. Sometimes you ever have to check for security software updates every single day and you should always test the updates to be sure they don’t create new problems.

    Recent surveys show that 80% of home PC boxes are riddled with spyware, and a third of the PC boxes have viruses. This means that the malware-free PC is the exception. The situation is better in the office, especially if there are IT people around to make sure all the necessary updates are done before things go badly. Even then, I’m sure you know of offices that have had PCs down for days or weeks because of security problems of one sort or another.

    So where does that leave Mac OS X? Well, the core of the operating system is a Unix code base that has been tested and proven for many years. Unix was designed for computer servers that operate 24/7, and the open source aspect means that there are thousands of programmers around the world working on making things better and improving security. Apple’s open source core, Darwin, has been more refined over time for this very reason.

    The other feature of Mac OS X is that you cannot install software without using your password. It gives you a chance to think before you act; not a perfect solution but one that just works.

    On the other hand, Windows spyware is often installed behind your back and you don’t have to grant permission for the installation; you don’t know it’s there until it’s too late. And, for various reasons, spyware detectors don’t always deliver 100% reliability. The definition of spyware varies on whom you ask. To one company, spyware is simply a rival’s product. Their own software is just a marketing tool, nothing more nothing less, even though others might label it spyware. Worse, I’m not just talking about one or two extra applications infiltrating a PC. It’s not uncommon to find dozens of these things vying for CPU time on your Dell, Gateway or whatever. What a mess!

    So, yes, a greater market share for Macs will make it more of a target, but it’ll never approach the ubiquity of Windows, not by a long shot. In addition, Mac OS X is inherently more secure, so the risks are also lessened. However, the security software firms do have a point; you should buy an Internet security software suite. Both Symantec and Intego have products of this sort, and I recommend you pick one or the other; not later, but now.

    No, it’s not because I simply want to see those companies make a profit when they sell you their products. Even if there are no active Mac OS X viruses right now, just about all of you have a Windows user on your mailing list. It may be a family member, a friend or a business contact, but if you forward a virus ridden letter to them, your Mac may not be vulnerable, but they will be. Do you want to be responsible for causing them more grief? No, it doesn’t serve them right for choosing Windows over a Mac. If you want to encourage them to switch to Macs, please do it nicely.

    | Print This Article Print This Article

    Leave Your Comment