PDA

View Full Version : Why Mac OS is more secure than Windows



Beamtracer
12-17-2003, 08:38 AM
An article in the British publication, The Register, explains the reasons why Mac OS X is far more secure than Windows from viruses and malicious attacks.

http://www.theregister.co.uk/content/4/34554.html

It's a bit long and technical, but it's really worth a read.


"Unlike Windows, Mac OS was designed from the ground up with security in mind."

"The real security wisdom of Mac OS lies in its internal architecture and how the operating system works and interacts with applications. Itís also something Microsoft unfortunately canít accomplish without a complete re-write of the Windows software -- starting with ripping out the bug-riddled Internet Explorer that serves as the Windows version of "Finder.""

"When compared to Windows, Mac OS is proving to be a significantly more reliable and (exponentially) more secure computing environment for today's users"

Dodgy
12-17-2003, 09:45 AM
I loved this bit:

(Referring to Windows) only mainstream operating system that, among other high-profile incidents over the years, facilitated remote system exploitation through a word processor's clip art function!

Speaking as an annoyed PC user, I would love to jump ship as soon as the other OS's are more supported. Already have my win/Linux copy of Star office waiting and ready!

Maybe Mac could port OSX to pc for me :)

kmscottmoore
12-17-2003, 07:37 PM
I was waiting for the right occasion to post this.

riki
12-17-2003, 10:04 PM
I think macs seem to have a problem with spyware, which I don't think has been addressed properly.

WizCraker
12-17-2003, 10:20 PM
ha

http://abcnews.go.com/sections/scitech/ZDM/mac_vulnerablility_pcmag_031211.html

http://www.carrel.org/dhcp-vuln.html

http://www.macobserver.com/article/2003/10/30.1.shtml

Johnny
12-17-2003, 10:27 PM
<Itís also something Microsoft unfortunately canít accomplish without a complete re-write of the Windows software -- starting with ripping out the bug-riddled Internet Explorer that serves as the Windows version of "Finder.">

sorry...don't oft get exposed to the froots of the redmond loom...am I seeing right here in that explorer is being used in Windows as a counterpart to the Mac Finder??

why in thee heck would you want a computer interface to be like a web browser..am I missing something?

J

Beamtracer
12-18-2003, 04:36 AM
WizCraker: I don't think you bothered to read the story linked at the start of this thread. It's criticizing the factual errors in a PC Mag story on December 11. The PC Mag story is the same story in the ABC link you posted.

Go and read the first story again. It explains the technical reasons why Windows XP is not a secure OS. Microsoft views their customers with utter contempt by not properly addressing security issues and releasing an OS so vulnerable to outside attacks, malicious worms and viruses.

To rub salt into the wounds, Microsoft this week announced that they will be dropping support for Windows 98.

BBC News:
http://news.bbc.co.uk/2/hi/technology/3324471.stm

This means that Microsoft will stop releasing any security patches for Win98. It basically opens the doors up for worms and viruses to enter en mass.

http://newsimg.bbc.co.uk/media/images/39643000/jpg/_39643035_microsoft_proline203b.jpg

For companies running Win98 networks it could mean they are forced to replace everything... every computer in the building, or suffer malicious attacks. For some companies this could cost millions of dollars.

I bet they didn't factor this into the price when they were originally purchasing those x86 boxes. Oh well, I hope they enjoyed their "cheap megahertz" while it lasted.

Red_Oddity
12-18-2003, 04:40 AM
Well, on a Mac atleast you don't need virusses to destroy your data...we have Apple OS-X updates for that...

Anymore stupid flame bait threads ready Mr Beamtracer...it get's annoying by now ...

btw...yesterday a friend of mine got the W32/Parite.B virus...that would be the 3rd time in my life as a PC user to encounter a virus...the first one was YankeeDoodle (in 1988 i believe, on my 8086), then some other non destructive annoyance, and now Parite.B)...i have been using PCs since '86...
I have been using Macs since '97 and have encountered the same amount of virusses in that time (or worms..or whatnot)...

So...i think for me, security is about evened out on both platforms...

Ade
12-18-2003, 05:07 AM
In my 7 years of macintosh I have never ever got a virus...

PPL who get viruses usually are ppl who dabble in hotline and other pirating software scenes.


But since '97 email viruses have destroyed any sense of security on pc's.


Macs have almost no viruses (some exhist in os9) and OSX doesnt have any backdoors open to undermine security.
The trouble is windows still has legacy flaws from its 3.1 days, until it gets a major rewrite it will always be vulnerable.
Sharing DLL system in windows is one of its biggest flaws, my friend whose a programmer says you can get into certain parts of windows by going through low priority systems that ms usually waits to be found vulnerable before fixed.
He said msn was a big ine when it was first released.

Lightwolf
12-18-2003, 05:15 AM
Beam,
wow, I actually read the article, and half of what Mr. Forno writes is quite off or inaccurate as well, despite him being a technologist.

* The next XP SP will have a tightened firewall (this shouldn't affect corporate use though, you should have a strong firewall there anyhow).

*The Messaging Service may be an annoyance if someone spams you with is, it is not a security flaw though.

* The whole NT line of OSes were actually designed with security in mind, allthough the threats were different at that time.

* As for the installation, he is right, on the other side, that is the choice of the developer, you can easily install software without touching the system folder (as I do with LW all the time).

* Security Fix / DRM... Well, don't tell me QT6.4 doesn't have DRM...

* "Unlike Windows, Mac OS X requires an administrator password to change certain configurations, run the system updater, and when installing new software."
The only current windows version that behaves that way is XP Home. Mind you though, most windows log on to their machines with an administrator account (their fault).

* He is quite right about Mediaplayer, Explorer and such... but you can easily install something else if you don't like it.

You currently seem to have just as many leaks and potential exploits on u*ix based system nowadays than you do running windows, remember debian.org getting hacked badly a couple of days ago.

As for Windows 98... Does Apple still provide support for Mac OS8 ?

I do agree with the fact that most users have less problems with their Mac than with their PCs, but that is another story.
For my part, I've so far _never_ encountered one single virus on our (PC based) network, the last one I saw was 10 years ago on the Amiga ;)
Heck, I hardly even run virus checkers, and there are no personal firewalls on any of our systems...
Cheers,
Mike

riki
12-18-2003, 05:18 AM
I had some Autoboot Worm/Virus?? on my mac once which use to change all my MSWord docs to templates.

Lightwolf
12-18-2003, 05:23 AM
Originally posted by Ade
Macs have almost no viruses (some exhist in os9) and OSX doesnt have any backdoors open to undermine security.
I does, but they haven't been exploited (yet...) or been patched up quickly (just look at the latest OSX update from today).

The trouble is windows still has legacy flaws from its 3.1 days, until it gets a major rewrite it will always be vulnerable.
Erm, you know that any Windows of the NT (NT - W2K - XP) family has just about nothing to with Win3.x and Win9x / Me? That would be like saying that OSX is the next release of OS9...
We are talking completely different kernels and architecture here (even though APIs have stayed consistent).
It is true though that MS took a couple of shortcuts from NT3 to NT4 and on to W2K to improve performance, and o the other side decreased security (moving graphics drivers into the kernel for example).
Cheers,
Mike

Lightwolf
12-18-2003, 05:24 AM
Originally posted by riki
I had some Autoboot Worm/Virus?? on my mac once which use to change all my MSWord docs to templates.
Lol, sounds like a hacker with humour ;)

Beamtracer
12-18-2003, 05:32 AM
Hi Red_Oddity. I'm interested that you have a Mac full of viruses. Is it running OS X? The gist of the story is that the UNIX underpinnings of OS X make it very secure.

The old MacOS (OS7, 8, 9) was basically a completely different platform, so it has no UNIX code in it.

I read an analysis of Mac viruses a few months ago. It said there were no OS-level viruses on Mac OS X.

The only viruses were ones that came with Microsoft software for the Mac, like MS Word. Most of these viruses required the MS email program 'Outlook Express' to propagate. Maybe they should change the name of 'Outlook Express' to 'Virus Express'?


Originally posted by Red_Oddity
Anymore stupid flame bait threads ready Mr Beamtracer There was a Mac Vs PC thread recently on the Community forum.

On that thread, Windows users were claiming the Mac was riddled with viruses. I actually gave up trying to argue with them and stopped posting on it.

The article I posted above about Mac / Windows security issues seemed to me to explain the issue well. I posted it on the Mac forum for Mac users to read.

Lightwolf
12-18-2003, 05:39 AM
Originally posted by Beamtracer
The article I posted above about Mac / Windows security issues seemed to me to explain the issue well.
Well, it only does so to an extent...

I posted it on the Mac forum for Mac users to read.
Damn, I fell for it again... Anyone know how I can set a filter to ignore the Mac Forum when I search for new messages? ;)
Cheers,
Mike

Beamtracer
12-18-2003, 05:39 AM
Originally posted by Lightwolf

Heck, I hardly even run virus checkers, and there are no personal firewalls on any of our systems... Hey, Lightwolf, don't tell everyone that, or someone might hack into your system!!! :)

Lightwolf
12-18-2003, 05:41 AM
Originally posted by Beamtracer
Hey, Lightwolf, don't tell everyone that, or someone might hack into your system!!! :)
They'll have to get past Opera first :cool: :D

archiea
12-18-2003, 05:42 AM
I masterbate like 16 times a day. I have bad eyesight and excessive hair on my palms. Does anybody find this information as useful?

Lightwolf
12-18-2003, 05:49 AM
Originally posted by archiea
... Does anybody find this information as useful?
No, but you need a spell checker ;)

Ade
12-18-2003, 06:10 AM
If windows 2000 is nothing to do with 3.1 why does it still get blue screen when i unplug a usb zip drive?

As I was saying legacy [problems still are inside windows..
OS9 to osx whole different os.

Lightwolf
12-18-2003, 06:19 AM
Originally posted by Ade
If windows 2000 is nothing to do with 3.1 why does it still get blue screen when i unplug a usb zip drive?

Does the colour if the error screen define the status of an operating system?
You should know that NT-xx blue screens are _not_ the same as win-xx blue screens, just by looking at them.
As for your problem, I have no idea, probably a weird USB chip on your motherboard.
Do you get a blue screen too when you unplug the zip running Win3.1? ;)


As I was saying legacy problems still are inside windows..
OS9 to osx whole different os.
that is the same with the different windows OSes, except that legacy support is a bit more complete on the windows side since many APIs are identical.
Cheers,
Mike

Ade
12-18-2003, 06:26 AM
Lightwolf its a $7Kaus compaq workstation evo6000 dual xeon 2 gigs ram, wildcat system, if the mobo is ****, then i cannot say a thing..
I say its a driver issue, I remmeber a video once when windows 2k was being shown Bill Gates had an imac saying this thing takes twice as long to boot, then went to plug a usb scanner into the win 2k pc and it crashed and the crowd was hysterical..Funny clip.

Same crash screen I got at work.

Lightwolf
12-18-2003, 06:37 AM
Hi Ade,
yup, I guess it is a driver issue in that case... Then again, it is a Zip drive. Does it work on your Mac? I've had nothing but bad experience with Zips (on both platforms), but that's another story...
I dunno, I've been on PCs since 96 (when my Amiga finally gave up), and the problems the Macs I've seen have never made me want to switch.
Mind you, I wouldn't buy a compaq either unless I was forced to ;)
Cheers,
Mike

mlinde
12-18-2003, 03:31 PM
Originally posted by Red_Oddity
btw...yesterday a friend of mine got the W32/Parite.B virus...that would be the 3rd time in my life as a PC user to encounter a virus...
I gotta say as a fairly long-term mac owner/user (I'm passing my 10th year as an owner/operator of Macs) that I've had at least 3 virus attacks as well. Most were in the late 90s (96/97/98, as I recall) so the security issue isn't solved anywhere by any means.
I think the issue that is ignored here, is that M$ has supported Win98 for about 6 years with security updates and general OS updates. Sure, 6 years later they drop support. Compare that to Apple. When's the last time you saw security updates for Mac OS 10.1.x? What about OS 9.x? I know that since OS 10 has core functionality in UNIX there are greater security issues, due to the widespread use of UNIX by uber-geeks. However, Apple has chosen only to provide security to those who buy the new $129 OS upgrade, whilst M$ offers security updates (good or bad) to all OS releases in the last 6 years...

But what does any of this have to do with Newtek, it's products, or policies?

Triple G
12-18-2003, 04:14 PM
Originally posted by mlinde
But what does any of this have to do with Newtek, it's products, or policies?

Exactly. I'm surprised this thread hasn't been locked, moved, or deleted by now. :rolleyes:

toby
12-18-2003, 11:09 PM
"'Unlike Windows, Mac OS X requires an administrator password to change certain configurations, run the system updater, and when installing new software.'

The only current windows version that behaves that way is XP Home. Mind you though, most windows log on to their machines with an administrator account (their fault)."

Were you aware that if you log in as Admin on a mac, you still have to enter your password to install programs... unless it's a 'copy this to your harddrive' type of install

Beamtracer
12-19-2003, 12:39 AM
On my Mac I log-in as Administrator to install programs and tinker around.

When I'm working (in Lightwave and other apps) I log-in under a different non-administrator username.

I've never seen a virus on Mac OS X, but if one arose in the future it would have trouble accessing the vital parts of the operating system because I'm working in a non-administrator username.

As Toby says, even if you're logged into OS X as Administrator, when you want to install software you still must enter another password. Lightwolf, is that what you referred to?

I'm surprised that people have posted that they've seen viruses that infect the Mac OS. Anyone who received a virus for Mac OS X should list its name here. Did it arrive on a Microsoft document (ie MS Word doc)? Did it infect the OS itself?

I'm a bit skeptical that there are viruses that infect the actual operating system, OS X.

Lightwolf
12-19-2003, 02:16 AM
Originally posted by Beamtracer
As Toby says, even if you're logged into OS X as Administrator, when you want to install software you still must enter another password. Lightwolf, is that what you referred to?
Yup, basically, allthough XP isn't configured that way by default. If you're and admin, you can install. It can however (in a corporate einvironment for example), be configured like you describe above if neccessary. I've seen Windows installations that were extremely watertight from an intruders pov (just like you'd have to secure any out of the box **ix installation.).
Then again, if you look at the debian.org hack, you can gain administrators rights if you find an exploit in the system (and in that case it was a kernel exploit). It doesn't mean that a virus programmer or hacker will find and use it right away, but it seems that all current OSes have security problems and can be hacked (mind you, there is a difference between hacking and writing a virus). Heck, you can even hack into an SQL database if the programmer wasn't carefule enough, even over the internet without direct access to the database server.
But I'm wandering off.
Just to stay a bit OT, has anybody hacked LW lately? Any LW scene viruses? ;) (except for spreadsheet :p ).
Cheers,
Mike

Red_Oddity
12-19-2003, 04:13 AM
Originally posted by Beamtracer
Hi Red_Oddity. I'm interested that you have a Mac full of viruses. Is it running OS X? The gist of the story is that the UNIX underpinnings of OS X make it very secure.

The old MacOS (OS7, 8, 9) was basically a completely different platform, so it has no UNIX code in it.

I read an analysis of Mac viruses a few months ago. It said there were no OS-level viruses on Mac OS X.

The only viruses were ones that came with Microsoft software for the Mac, like MS Word. Most of these viruses required the MS email program 'Outlook Express' to propagate. Maybe they should change the name of 'Outlook Express' to 'Virus Express'?

There was a Mac Vs PC thread recently on the Community forum.

On that thread, Windows users were claiming the Mac was riddled with viruses. I actually gave up trying to argue with them and stopped posting on it.

The article I posted above about Mac / Windows security issues seemed to me to explain the issue well. I posted it on the Mac forum for Mac users to read.

No no no. I had 3 virusses on a Mac in total since i started using Macs, and yes those where OS 8 and 9 (worms i believe, not sure those a virusses...either way...they're a pain in the rear anatomy)...
I haven't seen one virus/worm/etc on OS-X yet, so that's okay...it doesn't mean though that OS-X is a safe system, most virusses are installed by the ignorance of the user and besides, how many frustrated 14 year old wankers with a limited budget can afford a Mac, no they go to Wallmart and buy a $600 PC (maybe i'm grossly stereo typing here, but somehow i feel i am right somewhat)

But i also have had 2 virusses on the PC in total myself, and with that Parite.B virus this week that makes a total of 3 (the Parite.B virus was on a friends computer...his compu is connected to mine on the network, but somehow i was spared the annoyances)...
From one of those virusses i know where it came from (i installed an infected program)...silly me...

Wait, i'm lieing here, my brother had that darn MSBlaster virus (but that stupid tit downloads too many junk from Kazaa so he had it sort of coming his way, it was just waiting when...), it literally killed his PC, or it did something because it has been acting really funny since...

So that would be 4-3 for the PC vs Mac in my experience...

Anyway, i said these threads where getting annoying because, well, who really cares, PC and Mac users are both heavilly biased towards the platform they rather use most...so you always try to shed light on the weaknesses of the 'other' system (some strange human psycological behaviour there :D )

I rather have it we spend the time debating this nonsence into something more constructive or less 'inflamatory'
Go write some tutorials or post something in the joke thread...

anyway, that's what i had to say and clear up...

Cheers..

Scott Gammans
12-19-2003, 09:05 AM
Originally posted by Triple G
Exactly. I'm surprised this thread hasn't been locked, moved, or deleted by now. :rolleyes: It's because no one at NewTek is monitoring the forums right now. They're all busy trying to figure out when to decide that they will announce that they are considering making a decision about whether to say anything about choosing to release a 7.5 patch for Panther.

;)

EctoHippy
12-19-2003, 10:41 AM
Originally posted by Red_Oddity
Wait, i'm lieing here, my brother had that darn MSBlaster virus (but that stupid tit downloads too many junk from Kazaa so he had it sort of coming his way, it was just waiting when...), it literally killed his PC, or it did something because it has been acting really funny since...


Actually... to get blaster (or welchia or any of the other variants) you just have to be on the net, running win2k or XP without the rpc patch.

True story: I work as a dept tech support at a university. I was doing an install of XP on a machine. I forgot to unplug the ethernet cable while doing the install. Before the box had completed its first boot I got a call from the IT dept that the machine was broadcasting and it looked like it probably had a Blaster worm variant on it. Sure enough, unplugged it from the net, got a virus diskette and checked... infected with Welchia... you can't even INSTALL XP or 2k without running the risk of getting infected if you are on an open network (The campus does block the port at the perimeter but that doesn't stop someone from bringing an infected laptop in behind the firewall and wrecking havoc) I came home and hugged my mac that day.

Anyway... this is way off topic...
/me returns to lurking

-Matt