Are Macs More Secure?
In October, Apple announced a small percentage of recently shipped iPods contained a virus that would affect computers running the Microsoft Windows operating system. Apple deflected blame, saying the virus originated from a factory computer running Windows and that it was a Windows-based virus.
In an announcement on its Web site, Apple stated, “As you might imagine, we are upset at Windows for not being more hardy against such viruses and even more upset with ourselves for not catching it.”
Of course, numerous tech pundits and computer enthusiasts immediately cried foul, and not much in the way of understanding was engendered on either end of the operating system spectrum. But the incident illuminated a debate that’s existed since the dawn of the personal computer age: Are Macs really more secure than Windows?
Apple users often claim their computers are absolutely secure, resistant to all forms of viruses and malware, while PCs running Windows are extremely susceptible to corruption. Apple’s own marketing even makes this assertion.
In one TV ad from its popular “Get a Mac” marketing campaign, starring author and comedian John Hodgman as a PC and actor Justin Long as a Mac, “PC” behaves as if he’s sick, indicating that he’s caught a virus. “Mac” offers sympathy as PC warns him to stay away because “last year there were over 114,000 known viruses for PCs.”
Mac calmly responds, “For PCs, but not Macs.” PC then falls over — he crashed.
The ad is more or less in line with conventional wisdom and perhaps even factual accuracy, considering that more than 114,000 viruses for PCs were widely reported as identified by the end of 2005. But it’s misleading to suggest the disproportionate amount of viruses and malware attacking Windows versus the amount attacking Macs can be entirely attributed to the integrity of the respective operating systems.
The difference is more one of proportion. The Web site www.netapplications.com offers statistics on Microsoft and Apple’s market shares by net applications. From August 2005 to July 2006, on average, Apple had between 3 percent to 4 percent of that share, while Microsoft has about 95 percent. Some might place the split more around 90 percent Microsoft, 10 percent Apple, but the difference is clear: If you were a cybercriminal, which operating system would you pick as a target — the one with 90 percent of the market or the one with 10 percent? In this case, viruses and malware become the sincerest form of flattery.
Meanwhile, stories of Macs being corrupted or found to be vulnerable are becoming more and more frequent. In November, the U.S. Computer Emergency Response Team (US-CERT) reported various security failures on the part of Apple’s Mac OS X.
According to the team, OS X “does not properly clean the environment when executing commands, which allows local users to gain privileges via unspecified vectors; does not properly search certificate revocation lists (CRL), which allows remote attackers to access systems by using revoked certificates; allows remote attackers to execute arbitrary code via unspecified vectors; (and) does not authenticate the user before installing certain software requiring system privileges,” among other problems.
In the wake of this vulnerability summary, Apple released a security update to address these problems. Meanwhile, antivirus researchers have begun to spot adware and spyware programs capable of launching browser windows on OS X. It seems that the Mac’s reputation of impenetrability is beginning to crack, perhaps owing to the continuing success of Apple itself.