Security comparison: Mac OS X vs. Windows

BROWSE BY TAG Platform Security,   Application and Platform Security,   Windows Security: Alerts, Updates and Best Practices,   Operating System Security,   Alternative OS security: Mac, Linux, Unix, etc.,   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Platform Security Should developers create libraries of common cryptographic algorithms? How to secure USB ports on Windows machines What is the best database patch management process? What is an encryption collision? What are new and commonly used public-key cryptography algorithms? Should management processes change based on a patch release schedule? Does an EULA make it truly illegal to decompile software? Should businesses delay Windows Vista adoption and just buy Windows 7? Why should we place data files on a separate partition than the OS? Should Windows Mobile updates come from Microsoft? Windows Security: Alerts, Updates and Best Practices Microsoft to address flaws in Windows, Office for Mac Microsoft fixes security update that breaks Internet Explorer What is the best database patch management process? Microsoft addresses critical SMBv2 flaw, fixes record number of flaws Microsoft to address SMB zero-day, IIS FTP Service vulnerabilities Microsoft releases temporary fix for SMB2 zero-day vulnerability Microsoft issues SMB vulnerability advisory, patch pending Attackers target Microsoft IIS; new SMB flaw discovered Microsoft repairs Windows media, TCP/IP vulnerabilities Microsoft five critical updates won't include IIS Alternative OS security: Mac, Linux, Unix, etc. Machiavelli Mac OS X rootkit unveiled at Black Hat How secure is 'Platform as a Service (PaaS)?' Mac OS memory flaws pose challenges for enterprise endpoint protection Rootkit Hunter demo: Detect and remove Linux rootkits Oracle to buy Sun Microsystems for $7.4 billion How to harden Linux operating systems Serious holes in Mac OS X memory, researcher shows What is the best operating system for an FTP server implementation? Black Hat DC 2009: Mac OS attack method New hacking method stealthily attacks Macs with malware Alternative OS security: Mac, Linux, Unix, etc. Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary BotHunter  (SearchSecurity.com) principle of least privilege (POLP)  (SearchSecurity.com) security identifier  (SearchSecurity.com) trusted computing  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

I doubt the OS X vs. Windows debate over the relative malware resistance of the two operating systems will ever be resolved, as supporters of each OS have strong but unprovable claims as to why their favored OS is better. The main argument in support of Mac OS security is that the number of vulnerabilities found in OS X is just a fraction of those found in Windows, thus proving it to be a more secure platform. Supporters of Windows say this argument is not valid as there are far more hackers trying to break into Windows PCs because its huge user base makes it more attractive. I think the truth lies somewhere in the middle.

Microsoft's malware problems are certainly a product of poor engineering, not its large installed base. The launch of Windows 95 coincided with the dramatic growth of the Internet and network connectivity. This advancement caught Microsoft off guard and its lack of secure coding meant users were connecting to each other using flawed and vulnerable systems. Combine this with the way Microsoft targeted less computer-savvy users, and hackers had a field day.

The Mac, on the other hand, has always had good baseline security built in, and it has a reputation for providing a safe haven from malware. Recent viruses and Trojans such as OSX.Trojan.iServices.B, however, have shown that Mac machines are not fully malware-resistant. Mac users must get used to security updates for multiple vulnerabilities, too. The big question is: as the growth in the Mac user base makes it a more profitable target for attackers, will more vulnerabilities come to light?

Cybercriminals are ultimately after money, so OS X will inevitably be attacked. Also, Mac users are generally less security conscious than Windows users -- an added attraction for potential hackers who often rely on users' bad habits to spread their malware.

Mac social engineering attacks are now a fact of life. If, however, they remain small in number, the figure will imply that hackers have found the time and cost of developing Mac malware too great compared to their potential returns. Will this prove then that the Mac, from a security angle, is a better engineered OS than Windows? Sadly no. It could show that there are next to no vulnerabilities to exploit. But it could mean that with only a tenth or less of market share, just a tenth or less of the hacker community's collective effort is focused on finding those Mac vulnerabilities and that the opportunity cost still favors targeting Windows instead.

Malware is not an unavoidable problem facing users of popular platforms, though. For example, it has proven difficult to distribute malware on Apple's iPhone, which limits the distribution of software to a restricted model similar to the console video gaming market, a sector that has seen no real malware exploits. Certainly no personal computing platform is 100% safe from attack, so remaining security-aware will always be essential to avoid the problems that come with malware.