backtop


Print 63 comment(s) - last by crystal clear.. on Mar 27 at 3:52 AM

"Mac OS X is like living in a farmhouse in the country with no locks, and Windows is living in a house with bars on the windows in the bad part of town."

The battle between Microsoft and Apple in the computing market has raged on for decades. While Microsoft has a commanding lead in the operating system market with Windows, Apple isn't exactly backing down with OS X -- in fact, the Cupertino-based company continues to grab market share and a large portion of the $1,000+ computing market.

When Windows and OS X users get into arguments on the web, Windows users often point to OS X's tiny market share while OS X users point to how vulnerable Windows operating systems have been in the past to exploits. However, according to security guru Charlie Miller, OS X users should subscribe to the idea that "people in glass houses shouldn't throw stones".

Miller claims to have found no less than 20 zero-day exploits within OS X. Miller will present the exploits at CanSecWest next week in Vancouver, British Columbia.

Miller told Heise Security, "Mac OS X is like living in a farmhouse in the country with no locks, and Windows is living in a house with bars on the windows in the bad part of town."

"They sell lots of computers and nobody [shies away from] Apple computers because of a perceived lack of security," Miller added. "So in their minds, they don't have a security problem until it affects their bottom line, which hasn't been the case, yet"

OS X has made the news plenty of times over the past year for security holes. Last June, Apple finally fixed a Java exploit which went unpatched for nearly a year. In late August, Apple shipped Snow Leopard with a version of Flash that was susceptible to outside attacks.

Miller also took Apple to task last year saying that security protections in OS X weren't quite up to par with Windows 7. He noted, "It's harder to write exploits for Windows than the Mac, but all you see are Windows exploits. That's because if [the hacker] can hit 90% of the machines out there, that's all he's gonna do. It's not worth him nearly doubling his work just to get that last 10%."



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

RE: Bars on the windows?
By alanore on 3/20/2010 9:08:42 AM , Rating: 2
Sadly that is true of all operating systems. The only way to really stay on top of these threats, is to have a good and up to date anti virus.

Both linux and OS-X are way behind windows in terms of having a good anti-virus. It could easily be argued that there isn't enough security threats to them to make it worth while investing heavily in R+D.

OS-X will enjoy its 'farmhouse' security for sometime. It only have ~8% market share of the US and a tiny fraction world wide. If you removed 99.9% of people from world, viruses like the flu and the common cold would die out, there just isn't enough machines to propagate through.


RE: Bars on the windows?
By BikeDude on 3/21/2010 7:09:02 AM , Rating: 2
I disagree.

This year I needed AV for the first time in a long while. I manually scanned an executable using ESET, and ESET said "it's fine". So I trusted the executable a bit more and ran it... I then used ESET to scan the new trojan this resulted in. ESET said the trojan was just fine too... (I repeated the initial scan on a guaranteed clean computer, and again ESET failed to detect the threat)

ESET effectively provided me with a false sense of security. I did a very stupid thing because I was lazy. I should have had a VM to run that particular executable. That would have been worth a hundred antivirus products.

Why slow down the system ALL the time, just to avoid getting infected by the few malwares that AV products are able to protect against? And why pay hundreds of dollars annually for this "protection"? It feels like any minute now a bunch of thugs will knock on my door to demand their "protection" money.


RE: Bars on the windows?
By Luticus on 3/22/2010 9:33:21 AM , Rating: 2
I agree, VPC is my method as well. I do, however, use Microsoft Security Essentials (MSE) and find it to be pretty good, but the VPC is there (with MSE as well) to provide another layer of protection that's nearly foolproof. I don't place my systems life in the hands of any virus scanner, as I've seen them fail to do their job one to many times!


RE: Bars on the windows?
By mechBgon on 3/22/2010 10:18:44 PM , Rating: 2
A considerable amount of malware is VM-aware and will not do its stuff when run in a VM. If you want a real solution, stop running executables that you aren't sure about. Period.


"Nowadays, security guys break the Mac every single day. Every single day, they come out with a total exploit, your machine can be taken over totally. I dare anybody to do that once a month on the Windows machine." -- Bill Gates














botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki