Recent malware rampages have had little impact on Linux, BSD and Mac OS X. Bagle, Mydoom, Klez, Sobig, Sasser and the infamous Netsky have caused significant productivity losses upon the Windows environments of the computing world
Mi2g Ltd., a London-based security firm that employs controversial methodologies, conducted a study analyzing more than 235,000 successful attacks made on computers worldwide between November 2003 and October 2004. The computers studied were online 24 hours a day, seven days a week.
The Linux, BSD and Mac OS X computing environments, when compared with Windows environments, have insignificant quantities of highly damaging malware written for them. In fact, Mac OS X comes equipped with lots of built-in security features to thwart such security breaches. As a default, all Mac OS X network services are disabled, which suits the needs of most users in a workstation environment.
To understand the threats to organizations compared to home users, Mi2g looked at breaches via viruses, worms and other malicious code. Since the beginning of 2004, Mi2g determined that most breaches were to small businesses -- nearly 59% of all infiltrations -- with home users victimized to a lesser degree, at 33% and another 6% targeting medium-sized organizations. A mere 2.5% of the successful attacks were hits on large organizations, including government agencies and non-profit companies.
Windows systems were the primary victims of those attacks, with Linux,
The results of the study also revealed that the majority -- roughly 65% -- of successful attacks [other than those caused by malware, such as configuration issues and vulnerabilities] were on computers running Linux, with another 25% made on computers running Windows. Less than 5% of the total successful attacks were made on systems running OS X and BSD Unix.
Mi2g concluded that Mac OS X and BSD Unix were the "world's safest and most secure 24/7 online computing environments." As OS X is a direct descendent of BSD Unix [and the original AT&T Unix which has been around more than 30 years] the operating systems are inherently similar at their core, hence their ranking the same level of security.