Mac Security A Myth? Really? - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Mobile // Mobile Applications
Commentary
9/28/2009
03:04 PM
Jake Widman
Jake Widman
Commentary
50%
50%

Mac Security A Myth? Really?

As the launch date for Windows 7 approaches, more and more articles about flaws in Mac security are hitting the Web. Should Mac-based businesses be worried?

As the launch date for Windows 7 approaches, more and more articles about flaws in Mac security are hitting the Web. Should Mac-based businesses be worried?These days it seems like we're seeing a lot of challenges to the conventional wisdom that Macs are inherently more secure than Windows. Early last week a hacker got some attention by claiming that Windows is more secure than OS X, and on Thursday ChannelWeb published its guide to the "Top (Mac OS) X Security Myths." What's going on here?

Some of my Mac-using acquaintances see the stories as related to (none suggest "part of," as far as I know) the publicity surrounding the upcoming launch of Windows 7. It's true that Apple does tout the Mac's resistance to viruses in its latest ads, and so it's not too surprising that there'd be pushback.

And it's also true that Apple added some antimalware features to Snow Leopard, which refocused attention on the state of Mac security. Put all these together, and you have fertile ground for sowing doubt about Apple's claims without getting into conspiracy theories.

But what about the allegations of weak Mac security? I don't pretend to be a security expert, but I have to wonder about some of the complaints. For example, both of those cited articles repeat the old assertion that the main reason so little malware afflicts Macs is that malware writers don't bother with a platform with such low market share. Reliable numbers are difficult to come by, but one estimate is that 20 million people were using Macs in 1997. Is that not a big enough target? Okay then, how about the 25.7 million Gartner estimated in 2007? No? How about the 75 million Phil Schiller claimed at this year's Apple developers conference? At some point, the claim that the Mac just isn't a big enough target starts to sound a little hollow.

The other thing I notice is that the sources for articles like ChannelWeb's are almost always security experts who happen to work for security companies. It's a bit like turning to GlaxoSmithKline for information about the risks of the flu: I'm sure they know their stuff, but they also have a stake in how nervous people are about catching something. And people challenging the conventional wisdom will always get more attention -- you're not likely to see a story headlined, "Security Experts Confirm Macs More Secure Than Windows."

All that said, there is a form of malware that's worth paying attention to -- Trojans, exactly the kind of infection the Snow Leopard barriers are designed to stop There have been reports of a few Mac Trojans in the wild, usually masquerading as a plug-in you need to install to play poker or view porn, or buried in software downloaded from a pirate site. That means they only affect people who trust their machines to the good will of a site specializing in distributing illegal copies of software, or who are willing to give their password to anything that asks for it.

Nevertheless, we also learned last week about a cybercrime site that was offering malware developers 43 cents per infected Mac (10 cents less than an infected PC was worth). And last April came news of the first Mac-based botnet (another infection spread by pirated software), so it's clear that cybercriminals are trying to exploit Macs. Interestingly, by the time the bounty for infected Macs was discovered, it had been taken down; and the botnet reportedly involved only a few thousand Macs, far fewer than the numbers of PCs infected by the well-known malware epidemics. Is this an indication that trying to infect Macs is more trouble than it's worth -- that OS X is by nature malware-resistant after all?

Bottom line: when someone tries to convince you we're all gonna die from the flu, take it with a grain of salt. But even so, use the common sense your mother gave you: wash your hands often, cover your mouth when you cough. Use antimalware software and don't install the "special software" you need to watch strip poker. But you won't convince me OS X security is a "myth" until I actually hear of Macs being brought to a standstill because of the malware infesting them.

More From bMighty:

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Slideshows
Reflections on Tech in 2019
James M. Connolly, Editorial Director, InformationWeek and Network Computing,  12/9/2019
Slideshows
What Digital Transformation Is (And Isn't)
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/4/2019
Commentary
Watch Out for New Barriers to Faster Software Development
Lisa Morgan, Freelance Writer,  12/3/2019
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
The Cloud Gets Ready for the 20's
This IT Trend Report explores how cloud computing is being shaped for the next phase in its maturation. It will help enterprise IT decision makers and business leaders understand some of the key trends reflected emerging cloud concepts and technologies, and in enterprise cloud usage patterns. Get it today!
Slideshows
Flash Poll