Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple has the most insecure software...
- Thread starter maflynn
- Start date
- Sort by reaction score
But the report clearly says the flaws are not of the major variety, and they are in the third party software.
Did you actually read the article?
Specifically this part?
Duh.
In the future don't be so quick to assume the content instead of actually reading it.
If OS X was more popular, there would be viruses. In fact, there were some for older OS Xs I think. I'm not a software specialist but I've read it several times that OS X is more insecure than Windows 7 is but there is greater "market" for viruses in Windows as most users use Windows.
Software is software. Whether it's and OS or app, it's still software. Safari is from Apple. QuickTime is from Apple. iTunes is from Apple. You don't get viruses if you don't use browser in Windows, it's usually a flaw in the app, not in the OS itself
Software is software. Whether it's and OS or app, it's still software. Safari is from Apple. QuickTime is from Apple. iTunes is from Apple. You don't get viruses if you don't use browser in Windows, it's usually a flaw in the app, not in the OS itself
Yep, if you are going to pay $10k bills to somebody to design trojan or virus for your spam business.
You are going to go where you can get the biggest bang for your buck.
Sort of sad that basic business ideas are working in this market.
For the Mac market, it is rather easy to do a porn codec trojan and do a pop-up saying that you need to download a new codec to watch this video.
Edit: for Macs the organic AI is corrupted and easy to defeat.
Actually, it's very rare to get a true virus in any OS. Now-a-days, it's trojans, worms, and the like, that Windows users get. And that's becoming less the fault of the OS, and more the fault of the end user for installing them on their system.
example: Anti-virus 2009 requires a user download and install it. But then you can't get rid of it
It's only time until it happens for Apple... and given their lax security, when the s**t hits the fan, it will go everywhere.
No, there never were. There were viruses for OS 9 and earlier, which was basically a completely different OS. Apple is selling far more Macs now compared to when Mac OS Classic viruses were being written (although there were never huge numbers of them, maybe some dozens), so I think that kind of shoots your theory down.
--Eric
One point I would like to suggest-
Apple may be selling far more Macs from back then, but so are PC's. Although it is refreshing to see Macrumors report that 3.37 million macs have been sold this quarter, and records have been repeated over the last 17 quarters, OSX market share has just barely reached 10% over all, which gives you an idea of how many PC are being shipped the entire time.
If the market had stagnated, then yes, the point of more macs shipping may be applicable. but if you apply a micro example to it:
If, back in 2000, there were 1,000 computers in the world and OSX had 6% share, they would have 60 macs against 940 PC's.
Now imagine in 2010, we have 1,000,000 computers with OSX at 10%. Thats 100,000 Macs, but thats 900,000 PCs. An overly simple example, but one that I think gives a bit of sense to how many pcs there are in the world!
As Charlie Miller has shown, there are vulnerabilities in Mac (and as the Java debacle showed last year) some quite serious. There is even a mac botnet. As Macs become more popular they are going to be exposed to the greatest security hole of all. The user.
-Maw
Actually, it's very rare to get a true virus in any OS. Now-a-days, it's trojans, worms, and the like, that Windows users get. And that's becoming less the fault of the OS, and more the fault of the end user for installing them on their system.
example: Anti-virus 2009 requires a user download and install it. But then you can't get rid of it
It's only time until it happens for Apple... and given their lax security, when the s**t hits the fan, it will go everywhere.
True. Plus, most viruses come through Adobe crapware nowadays because almost everyone has Flash installed and as we know, it's full of holes. Besides, the reason you have malware can usually be found between the keyboard and chair
The Mac Malware Myth or the malware myth
In short, market share does not seem to be the factor for having viruses or any other kind of malware, as Mac OS 8 and 9 (had some viruses) were installed on much less Macs than today's Mac OS X 10.5 and 10.6. Unix seems to be the deciding factor.
In short, market share does not seem to be the factor for having viruses or any other kind of malware, as Mac OS 8 and 9 (had some viruses) were installed on much less Macs than today's Mac OS X 10.5 and 10.6. Unix seems to be the deciding factor.
I should have worded my post a bit differently but my point remains. I use OSX so I don't have to worry about malware, I of course need to USE software with OSX, what good is an OS if you don't use programs. So my point stands. I use OSX to get my work done, but that leaves me more insecure, so before flaming me, why not consider why people use an operating system - to use programs.
I'm not flaming, trolling OSX/apple. I think the architecture of OSX is such that I am confident that viruses won't slip by me, but it seems apple has taken their eye off security for much of their products, hence this report.
don't worry, jobs will just hold a conference. and state Linux/Solaris/Windows has viruses too, and we all get MBP bumpers.
The typical OS X user is more vulnerable to attack vectors like phishing than they are to technical attacks. A better title would be, "Apple has the most security-UNconscious user base."
This is a good example of what I'm talking about. The fact that iTunes, Safari, and Quicktime are all made by Apple doesn't seem to register.
Also, "security" doesn't mean just viruses- a fact that most in this thread have obviously missed. It means buffer/stack overflows, code injection, password encryption/nonencryption, and the policies for dealing with them. Apple is among the worst vendors at taking quick action against major security flaws that are found in their software.
This is a good example of what I'm talking about. The fact that iTunes, Safari, and Quicktime are all made by Apple doesn't seem to register.
Also, "security" doesn't mean just viruses- a fact that most in this thread have obviously missed. It means buffer/stack overflows, code injection, password encryption/nonencryption, and the policies for dealing with them. Apple is among the worst vendors at taking quick action against major security flaws that are found in their software.
Your "point" is based on a misinterpretation of a 2 paragraph article put out by a company that sells anti-malware services and software.
You really don't understand this sort of thing do you?
It has nothing to do with OSX.
These exploits don't run on OSX, they run in the applications. That means that
no matter the OS they will still execute regardless.
This is because many software makers do not spend the time and
money to make sure their code is secure. They get it done and then push it out the door.
If you really want to be paranoid then you need wonder why companies like Adobe continues to make easily exploitable software.
This whole question is framed wrong. It is not whether or not an OS is more or less secure.... the question is.... is the OS secure enough?
OS X is secure enough for people to use it with confidence that they are safe from malware - assuming responsible computing. Downloading cracked versions of software from dubious sites, and using your admin password to install that software does not count as 'responsible'.
People can't extrapolate what would happen if more viable threats emerged based on Apple's current practices. If a viable threat emerges, Apple would presumably respond. It's what every other software maker does, and we have to assume Apple would too.
As an analogy... your house is not the safest place in the world to be. It is however safe enough for you, balancing how you use it and how much money you are willing to spend on security. We live in a small community, and city folk would just laugh at what we consider to be "secure". It's not that people can't lock their car doors, we just don't have to use the locks. But if threat of car thefts increases, then we could.
I think OS X is the same way. The locks are ready to be used, but since the threat is not there there is no need - at this time - to inconvenience the user. And when the threat does emerge, the lock needed to keep the malware out will need to specific to that malware.
Just my 2 cents ....
OS X is secure enough for people to use it with confidence that they are safe from malware - assuming responsible computing. Downloading cracked versions of software from dubious sites, and using your admin password to install that software does not count as 'responsible'.
People can't extrapolate what would happen if more viable threats emerged based on Apple's current practices. If a viable threat emerges, Apple would presumably respond. It's what every other software maker does, and we have to assume Apple would too.
As an analogy... your house is not the safest place in the world to be. It is however safe enough for you, balancing how you use it and how much money you are willing to spend on security. We live in a small community, and city folk would just laugh at what we consider to be "secure". It's not that people can't lock their car doors, we just don't have to use the locks. But if threat of car thefts increases, then we could.
I think OS X is the same way. The locks are ready to be used, but since the threat is not there there is no need - at this time - to inconvenience the user. And when the threat does emerge, the lock needed to keep the malware out will need to specific to that malware.
Just my 2 cents ....
Right now, the battle for security is being fought at the browser and add-on level. What really needs to be done is have the OS help out by limiting what the Web browser can do. For example, a browser should be able to download files, upload files a user specifies, but it should not be allowed to modify files outside its preference directory unless it is a direct user action. This will limit the damage an add-on can do if it gets compromised and allows code to be run in its context. Macs should be able to kick butt at this because of the jail functionality inherited from BSD, as well as the SELinux like security policies.
Even with this, there is always the dancing bunnies problem. No OS unless it takes root or Administrator authority from the user can protect against this.
Even with this, there is always the dancing bunnies problem. No OS unless it takes root or Administrator authority from the user can protect against this.
Apple has the most number of security holes
http://arstechnica.com/security/news/2010/07/apple-the-new-world-leader-in-software-insecurity.ars
This greatly affects iphone users:
Interestingly, google doesn't have nearly as much problems:
http://arstechnica.com/security/news/2010/07/apple-the-new-world-leader-in-software-insecurity.ars
This greatly affects iphone users:
Interestingly, google doesn't have nearly as much problems:
Right, because Quicktime for OS X, iTunes for OS X, and Safari for OS X are the exact same code as their Windows versions.
Oh, wait. That's completely incorrect.
Right. In this case, Apple- as the title of the article clearly states.
Yep, if you are going to pay $10k bills to somebody to design trojan or virus for your spam business.
You are going to go where you can get the biggest bang for your buck.
Sort of sad that basic business ideas are working in this market.
For the Mac market, it is rather easy to do a porn codec trojan and do a pop-up saying that you need to download a new codec to watch this video.
Edit: for Macs the organic AI is corrupted and easy to defeat.
Also remember that most of the latest malware/viruses are coming from China where big money is backing it in their cyber-war on American computing. Naturally they would target the 90% Windows market share.
You know on Windows if you stay away from non-reputable porn sites and other weird sites you won't get any malware or viruses either.
And again:
Btw, you can edit your posts via the
Minor Problems
6. Sequential posts.
Combine your comments into one post rather than making many consecutive posts to a thread within a short period of time.
Unless someone emails it to you - couple of different ways for that to happen; Someone on your network surfs a bad site; You were one of the lucky ones to get the Dell motherboards with malware included. Your visiting brother-in-law, Ralph, decides to check up on his new virtual girl-friend "kitTienNe" ...
Can you still catch bad things from an infected thumbdrive? I don't know it that vector is still available.