battle between Microsoft and Apple in the computing market has raged
on for decades. While Microsoft has a commanding lead in the
operating system market with Windows, Apple isn't exactly backing
down with OS X -- in fact, the Cupertino-based company continues to
grab market share and a large
portion of the $1,000+ computing market.
Windows and OS X users get into arguments on the web, Windows users
often point to OS X's tiny market share while OS X users point to how
vulnerable Windows operating systems have been in the past to
exploits. However, according to security guru Charlie Miller, OS X
users should subscribe to the idea that "people in glass houses
shouldn't throw stones".
claims to have found no less than 20 zero-day exploits within OS X.
Miller will present the exploits at CanSecWest
next week in Vancouver, British Columbia.
told Heise Security, "Mac OS X is like living in a farmhouse
in the country with no locks, and Windows is living in a house with
bars on the windows in the bad part of town."
sell lots of computers and nobody [shies away from] Apple computers
because of a perceived lack of security," Miller added. "So
in their minds, they don't have a security problem until it affects
their bottom line, which hasn't been the case, yet"
X has made the news plenty of times over the past year for security
holes. Last June, Apple finally fixed a Java exploit which went
unpatched for nearly a year. In late August, Apple shipped Snow
Leopard with a version
of Flash that was susceptible to outside attacks.
also took Apple to task last year saying that security protections in
OS X weren't
quite up to par with Windows 7. He noted, "It's harder to
write exploits for Windows than the Mac, but all you see are Windows
exploits. That's because if [the hacker] can hit 90% of the machines
out there, that's all he's gonna do. It's not worth him nearly
doubling his work just to get that last 10%."
quote: Miller claims to have found no less than 20 zero-day exploits within OS X. Miller will present the exploits at CanSecWest next week in Vancouver, British Columbia.