Is An Apple Macintosh Really More Secure Than A Windows Machine?

Is An Apple Macintosh Really More Secure Than A Windows Machine?

At the end of last week I asked which is the more secure – the Apple Mac or a Windows machine. As there were only a dozen comments its hard to draw too many conclusions but if you trawl the web you will undoubtedly see that there are Apple Mac fanboys as well as Windows proponents who will argue this point until they are blue in the face.

Is An Apple Macintosh Really More Secure Than A Windows Machine?

Security Issues

The truth of the matter is that Windows machines do indeed face the majority of security issues. They have done so for quite some time and probably will do for a few more years to come. Mac users, however, should perhaps try feel some affinity for their Windows brethren as things are beginning to change.

The Apple Mac is not totally immune to viruses, spyware or hacking attempts.

Historically there have always been far more Windows based machines in use than Macs. This has meant that it has been far more lucrative for the bad guys to target machines that run Microsoft operating systems.

Growing Popularity

Now, however, the Mac is really beginning to grow in popularity, meaning that the Apple is becoming a juicier target. Industry experts are tipping the Mac to grow its market share of desktop machines from 5% to 10% over the next couple of years. In the new notebook market those figures are much, much higher. As the Mac’s popularity grows so their attractiveness to hackers increases.

The Times They Are A Changing

The landscape has also changed in the security arena – the hackers, crackers and authors of spam, malware and viruses no longer work alone from their bedrooms. In recent years they have teamed together to form large, dare I say it ‘professional’, gangs and they now enjoy economies of scale both in terms of time and costs. They can send millions of spam emails today for the same cost of sending a few thousand a couple of years ago. If they are creating a new Trojan for a Windows based machine then they now have the time and expertise to dedicate to creating something similar for the Mac as well.

It wasn’t so long ago that there was uproar over a a Trojan hidden inside an illegal copy of iWork ’09 on a peer to peer sharing site so don’t believe that the Apple Mac is invulnerable. The time is coming when the Macintosh will become a genuine target for a whole host of security issues.

Are you ready for it?

About Lee Munson

Lee's non-technical background allows him to write about internet security in a clear way that is understandable to both IT professionals and people just like you who need simple answers to your security questions.

Comments

  1. Interesting question indeed – I’m curious as to whether Michael will return to offer a reply to that…

  2. Thanks, as ever, Justin. Assuming you don’t mind, I’ve quoted this comment in the next post that will go live this evening.

  3. Hi Lee,

    Apple are touting virus protection through the new and more advanced application sandboxing that will ship built-in and active for the Snow Leopard release.

    I believe they’ve been using this via the browsers for a while, and, from what I hear it is absolutely effective at eliminating drive-by attacks.

    In terms of an active antivirus component shipping, I can find no references to this on the apple website.

    Details here:
    http://www.apple.com/macosx/security/

  4. I’m not sure I understand what you mean Jan :S

  5. You read wrong !
    Looking for those posts, aren’t you?!

  6. I read today that Snow Leopard will contain an antivirus.

    Why is that, considering Macs arn’t at risk from such things???

  7. Thats an interesting read Michael, though I’m sure some of your fellow commentators would have much to say about it!

  8. If Macs dont get viruses then someone please explain this from The Washington Post: http://voices.washingtonpost.com/securityfix/2009/08/malware_writers_will_that_be_o.html?wprss=securityfix

  9. Funny, when the virus hoopla started out in the beginning (for those of you old enough to remember), Apple was THE largest computer company in the world. Now any reason why the writers didn’t go for the biggest target? Because it was harder than hell to write virii for the Mac OS. Yes, OSX is UNIX at the core. A system infinitely more adapted than any Windows or LINUX OS for stopping virii / malware. Can it be done? Yes. Can it be done as easily as on a Windows machine? Not a chance.
    Giving the difficulty of application propagation on OSX with the constant upgrades to the UNIX core… it will still be very, very hard to make one that works even half-assed in the next 5-10 years.
    We can’t have our heads in the sand, but the “security” sector also needs to stop the FUD.

    Disclosure: Programmer & Hacker & Cracker. (You’ve probably seen some of my stuff around the Internet)

  10. blah blah blah blah the FUD goes on and on what a bunch of frigtards.

  11. I’m neither foolish nor delusional, and I try not to smoke.

    My Apple iPhone, however, may offer some insight into my current state of mind : http://iphonefreakz.com/wp-content/uploads/2009/07/iphone_weed_app.jpg

  12. Erm, ok, what does ‘FUD’ mean???

  13. Thanks Tanya, I have a feeling the comments here will probably draw the conclusion that I don’t have a good point but we’ll see…

  14. Uhm, this bit: NO ONE HAS BEEN INFECTED

    is actually not true.

    Many have. Admittedly through going through the steps you outline (though not always, there are remote exploit attacks on mac that have been proved to work).

    User error is usually the biggest cause of the spread of malware, and this is where antimalware software actually does a good thing (on any platform).

    But, as long as your sprout rubbish like “no one has been infected”, then many new users, who don’t yet know better, are going to make mistakes and lose valuable data.

    I suspect your thought is it’s their fault? Well, all users started new once, and well all make mistakes. So, perhaps, for their sake, you could stop perpetuating rubbish.

    Best,

    Justin.

  15. Hey Don, sit down man, we’ll plug you in.

  16. I never cease to be amazed at the continuing success of the total myth that the only reason Macs aren’t hit with viruses is because they are smaller in number than Windows. Let me make this clear: it’s false, it’s untrue, it’s a lie.

    But let’s assume this myth were true. It would follow, then, that nobody would waste their time making a virus for a computer with a vastly smaller number. And yet, that’s exactly what happened.

    Many of the few thousand (at most) people who changed their iPod’s OS (an OS X variant) to iPod Linux got hacked.

    Here’s a URL with the story: http://tnerd.com/2009/07/31/iphone-virus-podloso-iphone-antivirus-users-ipod-virus/

    So if hackers are only going after huge numbers of machines, why’d the go after a machine with, at best, only a few thousand users? Hmmm?

    Could it be that iPod Linux is easy to crack? Of course, if that’s true, then the real reason people go after Windows rather than the Mac with hundreds of thousands of viruses is because it’s easier to get into Windows than it is to hack the Mac.

    Of course, that would ruin the myths you live by and disturb your minds with a taste of reality, so the Windows Fanbois will never accept that.

    Sorry to burst your bubble. Oh, and the world is round, too.

  17. Here is the main difference in getting malware, spyware, trojans, viruses on your PC:

    Turn on PC.

    For a Mac.

    Turn on Mac.
    Connect to the internet.
    Navigate to porn site.
    Download app.
    Installer asks if you want to open and load app you just downloaded from internet.
    Click INSTALL.
    Click YES.
    Enter in admin password.
    Launch application.

    See the difference?

    Yes, as lab studies have proved, a PC can be infected in less than 7 MINUTES after just turning it on.

    A Mac? See steps above? Unless the hacker manually sits in front of your computer. Nothing.

    A PC is a tourist taking a nap on a bustop bench with a camera & wallet by his side. A mac is a Marine sitting in an airport.

    Now, do you get it? Sure, an idiot might decide to take on a Marine in an airport but why? There are easier targets – mainly PC’s.

    That is why after 9 years of OSX and 75 MILLION OSX users, outside of MacAfee & Symantec labs, NO ONE HAS BEEN INFECTED. I know it’s hard to believe but it’s simply the truth and the numbers mean nothing. There are versions of WIN servers that number in the few hundred thousand that get infected.

    I know PC users so loath he Pc experience that they are only willing to pay $299 to use a computer and or one with windows but Mac users are willing to pay more because we have a secure, functioning OS – it costs more to buy a Mac but then like a kit car, I don’t have to spend time installing seats or bumpers. I just want to use a computer that starts working the second I turn it on and the second I turn it off and sell it for $500 dollars (that’s the other thing – check out used mac prices and used PC prices). That’s why I use a Mac. But it’s totally your choice. If you are on a budget and need anything resembling a computer, PC is a fine choice just like buying a $500 CAR, it’s still a CAR but if you want more than just basic transportation that might not start 100% of the time, then it’s time to step up after you get a job and make some money.

  18. Hi again, I believe I covered the bit about me no longer working in the antivirus world above.

    I have yet to actually see an article from the av industry that suggests a flood is coming (well, not by anyone reputable anyway.) These samples are coming in a trickle, but they are coming in.

    The scottworld blog post is yet another example of “head in the sand” mentality. A shame, I rather like the blog.

    I guess I tried to get a message out, that doesn’t profit me one bit (I wish :p ), but it is not up to me to persuade you to listen.

    All the best,

    Justin.

  19. Sure, Anne. Anti-virus labs collect (via various methodologies) samples sets.

    Some of those sets are ItW, many aren’t.

    Over the lifetime of the Mac OS X, there have been collected sets in the hundreds. It may be in the entire lifetime thousands (I said maybe thousands), from which the anti-malware companies get the signatures to push out to their Mac, Pc, Linux and mail server products.

    As part of my work, I have seen the sets collected, analyzed and signature sets pushed out.

    I WILLL confess, many are sorted out by quick updates to the OS (as they can be today too), or simply the infection vector is secured. Further, many, many are variations on a single family set, but, at least in the industry, these are classified as a new definition, and as such, a new malware (because they require a signature update.)

    In OS X, the biggest threats have been rootkits. You would be very surprised the number of new rootkits are coming out on OS X — again, many are variations on a family, and if no one is interested in buying protection, there are some free antirootkit programs for Mac about.

    The average anti-malware lab gets 9000 odd new samples per week, many for OS X, Unixes and Linux: of course the vast majority on Windows. Many don’t go ItW, but that doesn’t mean they don’t exist.

    As stated in another post, I no longer work in the antimalware industry, though of course that may change.

    All the best,

    Justin.

  20. Just to make it clear, I no longer make my living working in the antivirus industry.

    So, I have nothing to gain by FUD, but more by education.

    Those who don’t want to hear the message, usually call it FUD, however.

    Best,

    Justin.

  21. Louis Wheeler says:

    This all seems so premature; Snow Leopard will be released in 2 to 6 weeks. It will have much improved security.

    Except for the early Mac Mini with the Core Solo chip, all of the Apple models shipped in the last three years have had Intel VT virtual Technology hardware.

    What this means is that everything will be sand boxed in Snow leopard. I saw a misbehaving Flash plugin in Safari 4 in a leaked Snow leopard picture. All that was necessary to fix it was to delete and restart the plugin.

    In Leopard, you wouldn’t even know what was causing Safari to hang.

  22. Thousands of mac os x viruses? Really? Please give more details. One of the reasons mac users don’t take “blurbs” like the one you wrote seriously is they are so vague that they are meaningless. No details are given, no facts, it comes off as just an another opinion.

  23. Actually, Micheal hit the nail on the head. What Justin, as someone who makes money selling anti-virus software, is saying is that any day now Mac OS X is going to be hit with a flood of viruses. See way above.

    This is just so much FUD. FUD which makes money for those spreading the FUD.

    http://scottworldblog.wordpress.com/2009/04/09/on-macs-and-viruses/

  24. So Justin, as someone who makes money selling anti-virus software, what you are saying, is that “any day now” Mac OS X is going to be hit with a flood of viruses? See above.

    Way to spread the FUD.

    http://scottworldblog.wordpress.com/2009/04/09/on-macs-and-viruses/

  25. A factual error here or there, but the one I’ll draw attention to is this:

    You categorically state there are no OS X viruses.

    Piffle. I am sorry to be rude, but you really do not know what you are talking about; you just made the fact up.

    There are hundreds, if not thousands. And trojans, and rootkits… I’ve working in the antivirus industry for many years now, and have seen the samples.

    Not all have made a successful in-the-wild (ItW) outbreak, which is good; and the security model of Macs is such that most are installed by user error. But it is the new users that will propagate malware.

    This sense of invincibility is what will get most Mac users into trouble.

    Best,

    Justin.

  26. Actually about 97.9% from research stuff I’m reading. The rest is specific to older Unix platforms (the original malware platform), and some Mac.

    I agree, it’s small. It’s still a threat though.

    Back in the days when malware was more about the lone hacker having some fun, and showing intellectual prowess, rather than having some criminal intent, I think, on UX platforms (including Mach (kernel)) you could be forgiven for not bothering *too much*.

    I think that is a dangerous attitude these days when most malware is being “assembled” by criminal gangs for identity theft purposes.

    However, I’m not trying to preach (too much), but with the current attitude and mind-set of Mac fans, there is some pain coming, and it’s not like you haven’t been warned.

    All the best,

    Justin.

  27. “…far more Windows based machines in use than Macs. This has meant that it has been far more lucrative for the bad guys to target machines that run Microsoft operating systems.”

    Well, there you have. The same old completely false starting point.

    Windoze is NOT attacked because it is more popular. If that were so Apache would would be attacked far more than Windows server. It’s not. Because, like OS X, it is, inherently, enormously more secure. Windows is attacked because, historically, it is built like a block of Swiss cheese – e.g. auto-installing programs with no user control or intervention in the way. Some techie could probably give us a yard long list of the fundamental, outrageous, never-fixed problems in the shoddy construction of that OS.

  28. The author of this article must be smoking some powerful stuff 😉

    I am a Mac user, and I’m not delusional that the Mac is impervious to attacks. But the writer of this article is deluding himself by believing that Macs are just as vulnerable as Windows machines, or that the smaller numbers are the reason why there are no viruses for the Mac.

    I have been using Mac OS X for the almost 10 years that it has been in existence, and in that time I have never used anti-virus software, and I have never had one single virus attack. Why? Because there are NO Mac viruses!

    Let me say that again in case anyone is hard of hearing (or reading ;-)) : There are NO Mac viruses!

    There are estimated to be over 200,000 forms of viruses and other malware for Windows!!!

    How many Windows users do you know who have been using their PCs for the past 10 years WITHOUT virus protection, and have not been infected by a Windows virus?

    Even worse, how many Windows users do you know who have been using their PCs for the past 10 years USING virus protection, and have not been infected by a Windows virus?

    There have been a few (and I mean only a few) attempts to create Trojans for Mac OS X. These Trojans don’t spread like Windows viruses, and they don’t install themselves without the users knowledge like Windows viruses (they can only be installed consciously by the Mac user, and only after the user enters their password to install it).

    And the old excuse that “there are less Macs, so therefore there are no viruses for Macs” is an idiot’s justification for putting up with all the pain that Microsoft has inflicted on it’s users.

    Are Windows users masochists?

    Most PC users run Windows. But there are estimated to be over 100 Million Mac users. This is not a small number, and definitely would be very attractive to any virus writer.

    Mac users make up about 11% of all PC users. So that means that proportionally, there should be over 20,000 viruses and other forms of malware for the Mac. Yet there is not one single Mac virus!

    The author of this article is either a fool or seriously deluded.

  29. Tanya Denby says:

    The points raised both by this author and the author at Tech Caddie are valid. In addition to the tips suggested by tech caddie in the post http://techcaddie.com/osx-internet-security/, you might also look at the comments pertaining to overall data security here:

    http://techcaddie.com/osx-data-security/

  30. Let’s do a reality check here. There hasn’t been a real virus released for MacOS X since 2006 (www.securemac.com) and then a whole 49 Macs got it before it died out. Yes there are a handful (7 or 8 at last count) of Mac trojans out there. They are not viruses, they do not replicate, you cannot catch one by visiting a website, opening an email or clicking on an ad. They require the Mac user to download them & install them with his/her admin password. Can that happen, yes. I am also sure there are Mac users who have responded to lotteries they never won and have helped a Nigerian prince. You cannot protect any computer user from being greedy or stupid. Some just are. If you are using a Mac you have a much greater chance of being safe since 99.66% of all malware written is targeting Windows computers.

  31. Let me see… started using Mac OS 7.5 in 1994 = no viruses or malware.
    have used Mac OS X since 2001 to present = no viruses or malware
    Recap no viruses or malware and not virus software through any of that time. Of course doomsday is coming as fans of Windows keep telling us along with virus software venders, one is about misery loves company the other is using fear to make a profit.

  32. In 2000, security experts predicted that any day now Mac OS X will be hit with a flood of viruses. Didn’t happen.

    In 2001, security experts predicted that any day now Mac OS X will be hit with a flood of viruses. Didn’t happen.

    In 2002, security experts predicted that any day now Mac OS X will be hit with a flood of viruses. Didn’t happen.

    In 2003, security experts predicted that any day now Mac OS X will be hit with a flood of viruses. Didn’t happen.

    In 2004, security experts predicted that any day now Mac OS X will be hit with a flood of viruses. Didn’t happen.

    In 2005, security experts predicted that any day now Mac OS X will be hit with a flood of viruses. Didn’t happen.

    In 2006, security experts predicted that any day now Mac OS X will be hit with a flood of viruses. Didn’t happen.

    In 2007, security experts predicted that any day now Mac OS X will be hit with a flood of viruses. Didn’t happen.

    In 2008, security experts predicted that any day now Mac OS X will be hit with a flood of viruses. Didn’t happen.

    Now in 2009, guess what, people who make money selling anti-virus software are predicting that Mac OS X will be hit with a flood of viruses. Zzzzzzzzzzzzzzzzz.

  33. Well… of course I have 😀

    Thanks for the link, its a good one.

  34. I regret, being from the security industry, that David is a little clueless, sorry David.

    Macs are not as “infinitely” secure as you think.

    Please try to remember, a lot of malware originated on the Unix operating systems, and there is still very much an active creation base there. Particularly in rootkits.

    The mac itself is proving to be more vulnerable in ways that Windows patched a long time ago, because the attention of malware writers is now turning to the platform.

    I concede, there is a LOT more malware on the Windows platform, not actually because it is inherently more insecure, but rather because are just a wealth of malware creation tools for the platform, and because of its domination of the market.

    There have been several scary proof of concepts and two real outbreaks on the mac in the last month, amounting to what, is in effect, the same all of last year (there were more proof of concepts last year, but none really went to the wild in any major form), so taking a complacent view of mac security, and I aim this at David in particular, is both to leave yourself open to attack, and to be blinded by a false sense of safety.

    Good discussion Lee.

    Kind Regards,

    Justin.

    Disclosure: I am a former senior manager of an antivirus product software company.

  35. Not a Mac fanboy says:

    More info here – http://techcaddie.com/osx-internet-security/

    Looks like maybe the author has a point after all.

  36. Here we go again… 😀

  37. I think I can guess which you would pick as the winner 😉

  38. Macs are infinitely more secure. The author is obviously clueless.

  39. OSX vs Windoze. Who wins? Hmmmm.

Trackbacks

  1. […] though their main operating system, Mac OS X, does have these elements, there have been holes found in it as […]

  2. […] much the same way that Mac users were once extremely complacent about the risks of malware on their systems, some Canadians seem to […]

  3. […] only started to cover up a major security hole that all of them had. It does not matter if you are a Microsoft Windows fan or an Apple OS X fan; your system had this same problem as well. The problem was the ability to be able to execute code […]

  4. Malware That Changed The World – The OSX/RSPlug Trojan says:

    […] to OSX/RSPlug, users of the Mac were largely untargeted and to this day many believe that the Mac is virtually immune to viruses and other security […]

  5. […] Because everybody knows that Macs don’t get viruses. […]

  6. […] the latest murmurs are to be believed then the Mac, which some people claim is impervious to viruses and other security threats, is about to receive a rather curious […]

  7. […] Mac users don’t get viruses and their machines arn’t targeted by cybercriminals in any way […]

  8. […] 48 Is An Apple Macintosh Really More Secure Than A Windows Machine? […]

  9. […] many Mac users feeling that they are immune from malware, there is a need for such protection in the […]

  10. […] however, the Mac is growing in popularity and so presents itself as a juicier […]

  11. […] was wise and foresaw the vulnerabilities inherent in false operating systems. He decreed that the Mac was the King of Kings and no other false computer systems should be […]

Speak Your Mind

*