Is a Mac really more secure?

This is a false myth.

interesting (i never heard the myth, i just drew that conclusion)... now you got me interested (damn it....) and i definately would beleve your post over mine (thanks for including reference links ) hmm, im going to have to doubt myself and look this up now (can you tell im procrastinating from doing homework?)

I think it's because virus writers use OSX to do their dirty work. They don't want the systems they are using to be infected, so they simply don't create malware for that platform

I think that the security features and its Unix core are what keeps OSX malware-free. Even if OSX has a lot less of the market share, there should still be some malware, but there isn't.

I think with Vista, Windows is going to catch up with OSX in some aspects of security. UAC should make it a lot harder for systems to be infected (at least until someone figures out how to get around it. :rollseyes:

I don't think that the response of the developer has much to do with how secure they are. MS is just as serious about keeping their OS secure, maybe even more because of all the exploits that are used.

The knowledge and actions of the user play a large part in how secure a system is going to be. Computers are only as smart as the person using them. If you choose to install a program and it turns out to be a trojan downloader, that's your own fault. Which makes me wonder, are Mac users generally smarter when it comes to security? Could it be that a majority of Mac users are familar with the problems in Windows and aren't so click happy? Or that because the majority of Mac users are creative profressionals that aren't downloading porn or illegal software? Just a thought...

I was thinking the same. If i dload something from someone else and install it on my osx computer. Osx ask me my password and installs the software. Now if that software was a trojan, then i guess i have add/spy mailware / virus on my computer? Or is osx better protected against this type of attack.

it seems to me that xp and osx are the same in that way.

I think it's because virus writers use OSX to do their dirty work. They don't want the systems they are using to be infected, so they simply don't create malware for that platform

Naw, i have friends who write that {censored}, they do it on linux, they cant afford macs.... pshhh (backtrack <3)

and on the illegal warez, how many mac owners actually pay for photoshop, awnser me that! but other than that, yea, thats very true, tahts why warez is a big windows thing.... and a big virus thing....

Naw, i have friends who write that {censored}, they do it on linux, they cant afford macs.... pshhh (backtrack <3)

 

and on the illegal warez, how many mac owners actually pay for photoshop, awnser me that! but other than that, yea, thats very true, tahts why warez is a big windows thing.... and a big virus thing....

Good points. Actually, I don't think I know anyone that pays for Photoshop (Mac or Windows). :pirate2:

I have been a long time Windows user, since 9.x to Vista. I am aware that it is more prone to viruses than *Nix or Mac OS X. I'm exactly sure the reason for this, possibly because Windows is more mainstream OS and it is used more commonly, (I'm not saying that Mac OS X is unused much, it's just that you don't see too many Macbook Pros in a business conference, it's usually Dell). I don't like to say that Windows is too insecure, as I don't think it is.

How does one "get" a virus? What sites do you have to visit to get infections and such? I'm sure if you have knowledge of the internet and just "know" what sites are harmful you won't get many. It's not like a simple user gets a virus by doing whatever they normally do. Viruses come in Email attachments, but we all know not to open email that has a excel attachment and is from someone you don't know.

Mac OS X and Linux are just as possible to have thousands of Viruses for it, hackers can bypass their security features, they did it to Windows, why not do it to Unix and Mac OS X? No matter the operating system, it will always have vulnerability (even if they are patched).

Still on the topic of viruses, I'm very experienced with the internet and computers, so viruses have never been a real threat to me and my OS (Windows I'm thinking here). I get one and I'm aware how it works and I can't stop it (with the help of a virus scanner, of course).

I've never gotten a virus on Ubuntu or Mac OS X86, not because it's more secure, because no one bothers writing viruses for Linux. Which I think Linux is the most secure operating system. If you want to consider that as me saying I think Mac OS X is more secure than Windows then that's fine.

EDIT: I also wanted to mention that, as someone above that, that anyone who thinks their OS can't get a virus is wrong. Macs will get viruses, and linux too. Another thing with Windows is that macro. I hate Macro, not because of exploits but it seems very useless for productivity and useful for getting bugs.

IMac OS X and Linux are just as possible to have thousands of Viruses for it, hackers can bypass their security features, they did it to Windows, why not do it to Unix and Mac OS X?

Before Vista, Windows doesn't really have any security features to keep software from installing on its own. There wasn't really anything to bypas. You might even have a security program installed on your system, but the majority of people do not keep the definitions up-to-date.

Not saying that the security in Unix/OSX can't be bypassed, I'm sure it will eventually happen. But I think it's going to be a lot harder to hack OSX than a Windows OS. The market share of Windows certainly has everything to do with how much Windows is exploited, but by now you would think someone would want to write a piece of malware for the OSX community (just to shut us up about how secure OSX is, someone's has to have a grudge). It hasn't happened yet, so it makes me wonder how secure OSX really is.

osx is just more secure because there's no point to target something with a 3% market share

osx is just more secure because there's no point to target something with a 3% market share

How about to shoot down the ego about security that is 10 times the size of the average windows user's

Even with a 3% share, there should still be at least ONE active malware infection when you look at the thousands that Windows has, but I have yet to hear of any. I'm hoping the UAC in Vista makes a difference, I certainly think it will. I think the biggest problem was malware installing without any knowlegde of the user.

osx is just more secure because there's no point to target something with a 3% market share

Really?

Then why are at least three companies trying to sell anti-virus software for OS X:

http://www.symantec.com/home_homeoffice/pr...p;pvid=nav10mac

http://www.sophos.com/products/es/endpoint/sav-mac.html

http://www.mcafee.com/us/enterprise/produc...tops/virex.html

I mean, OS X only has 3% market share (not to mention no viruses), so there should be no point, right?

How about to shoot down the ego about security that is 10 times the size of the average windows user's

 

Even with a 3% share, there should still be at least ONE active malware infection when you look at the thousands that Windows has, but I have yet to hear of any. I'm hoping the UAC in Vista makes a difference, I certainly think it will. I think the biggest problem was malware installing without any knowlegde of the user.

I could fix that.... but then id be an {censored}, so im not the person to do it (ive become oddly attached to you guys here... if it was before i became really active here... id do it in a heartbeat! ) and osx cant be as hacked as windows, because if theres that many hacks, they can just update to a new kernel, witch equates to instead of trying to fix a leak with a rag, if its bad enough they can put in a whole new, and different, pipe, or section of pipe.... that and it doesnt have a registry (huge vunerability.... microsoft needs to move away from that soon.... oh, and i just remembered the third reasion, because where as windows you can execute something or install something by just being logged into a full account, in osx it prompts for poweruser password (i think thats what it is... i forget, but you get me.) so even if they did design one it would have to be given explicit permission by the user to run first (aka, it would have to trick them) to access the hole, then it could infect it, but only until the kernal is updated or patched. its just soo much easier to do windows, and if your trying to infect computers, why hit a harder target when you can hit like 1000 times as many computers with something that cant be blocked or repaired as easially?

edit: and im going to google the market share of mac and windows in a min. so that we can end the marketshare arguement agreed? seems civil enough.

U.S. Mac Market Share

1Q 2005: 3.8%

4Q 2005 (AI): 3.5%

1Q 2006 (ZDNet): 3.5%

1Q 2006 (AI): 3.6%

Worldwide Mac Market Share

1Q 2005: 2.2%

1Q 2006 (ZDNet): 2.3%

1Q 2006 (AI): 2.0%

and these numbers came from mac rumors at this link : http://www.macrumors.com/pages/2006/06/20060601164133.shtml

and it was updated june first of this year.

and Bofors, people are trying to sell mac a/v to make $, and it would be easy because youd allmost never have to even make updates

and rollcage, you obveously didnt read my post about the osx malware that i got flamed for (deservingly...) because i was like i hope so, and was (secretly) considering making one, but then i realized the 3 or 4 mac zealots i knew (and hate, i hate os zealots, for any os) wasnt worth making all the guys here that are great suffer from a grudge, (the flames made me actually realize what a mistake i would of made, cause some of em were people who i know and respect.)

edit: and im going to google the market share of mac and windows in a min. so that we can end the marketshare arguement agreed? seems civil enough.

Try looking at this: http://arstechnica.com/articles/culture/total-share.ars

Try looking at this: http://arstechnica.com/articles/culture/total-share.ars

thank you bofors, will do, im sure ill be shocked (and no im not being sarcastic, of course i never really did know so anything would be....)

osx is currently more secure, thats all that matters imo

thank you bofors, will do, im sure ill be shocked (and no im not being sarcastic, of course i never really did know so anything would be....)

There is really nothing shocking there in my mind, it is just that these types of Mac "market share" arguments have been ranging at Ars Technica for years. Usually the question is what, if any, minimum "market share" is required for Apple (or now OS X) to survive.

But they never really had a compilation of good data to work with, so Jeremy Reimer finally decided to do something useful and produced that summary of "market share" data that goes all the way back to the beginning of the PC age. For anybody real interested in the affect of OS "market share" on PC trends that is certainly the place to start.

The only way an OS can be 100% secure is if you never put it online or even use it for that matter. If you used it you might install something with a virus in it or have some stupid script failure or something like that. Abstinence my friends.

I could fix that.... but then id be an {censored}, so im not the person to do it (ive become oddly attached to you guys here... if it was before i became really active here... id do it in a heartbeat! )

Let me get this straight, you are claiming to be able to write malware or otherwise hack OS X?

... and osx cant be as hacked as windows, because if theres that many hacks, they can just update to a new kernel, witch equates to instead of trying to fix a leak with a rag, if its bad enough they can put in a whole new, and different, pipe, or section of pipe.... that and it doesnt have a registry (huge vunerability.... microsoft needs to move away from that soon.... oh, and i just remembered the third reasion, because where as windows you can execute something or install something by just being logged into a full account, in osx it prompts for poweruser password (i think thats what it is... i forget, but you get me.) so even if they did design one it would have to be given explicit permission by the user to run first (aka, it would have to trick them) to access the hole, then it could infect it, but only until the kernal is updated or patched. its just soo much easier to do windows...

But you see at least three reasons why the design of OS X makes it more secure than Windows?

The only way an OS can be 100% secure is if you never put it online or even use it for that matter.

The question here has not been whether OS X is 100% secure but whether it is more secure than Windows and if OS X is more secure is that primarily do to it design or lack or market share.

Now let's talk about this idea of 100% security. What I am concern about is basically two things.

First, I want to make sure that it is not possible for anyone to access my computer's data from the Internet. Now since I am always behind a router with Network Address Translation (NAT) from my understanding, it is impossible for someone on the Internet to actually initiate a connections to my computer. In short, I have to make connections to the Internet, it can not happen the other way. In addition, my router and OS X have firewalls and stealth modes to further prevent any unwanted connections from being initiated.

Second, I want to make sure that I do not get tricked into running any trojan-like software that can allow someone on the Internet to execute code on my machine or access its data via the Internet. I think it is here where the real difference between Windows and OS X is. I mean, one can get viruses and such on Windows just by surfing the Interent, right? You do not have to deliberately download anything, right?

Dose OS X have anything to detect a Trojan or virus in a file?

Let me get this straight, you are claiming to be able to write malware or otherwise hack OS X?

But you see at least three reasons why the design of OS X makes it more secure than Windows?

these are both true, i beleve i could write malware for osx, but how id do it id still have to figure out, i had an easy idea for it to pose as something legit then run the command to wipe the harddrive in w/e apple calles their text window, but thatd be cheating and would be a crappy one... not a real virus or malware, ive only daveled in viruswriting, because after i did it for a bit, i thought of how pissed i get every time i have to wipe the harddrive and quit, cause why put totally random people through that, why do it, and what would i gain from it? and why couldnt both of those statements be true, there is no real debate, windows is less secure than osx, but i never said it was impenetrable, and i was talking more in, i log into the internet, browse around for a week, witch one would be more disease ridden than a whore? windows. hell, my windows laptop had about 30 viri the day after i receved it... (wiped the harddrive.... ughhhhhh) and even if i did write a malware program or virus for osx, just like i said in the last post, it would be patched into worthlessness allmost as soon as it got out (well... if they found a copy? i wouldnt even be able to distribute it....) why do you think that i cant say both? lol. oh, never mind, i think i got it, windows is flawed, more flawed than osx, i did list at least 3 reasions why its more secure (or why windows is less...) but its most certainly not impenetrable, that i never clamed, youd just have to work harder to infect a 4% market share, so why bother (along with above reasions....) and im sure id have a hell of a time trying to do it too.

Dose OS X have anything to detect a Trojan or virus in a file?

Sort of, but I don't claim to have a detailed understanding of these security issues either.

I believe OS X has at least two things:

(1) It can detect an application executing for the first time and ask the user if he really wants to execute it.

(2) It does some checking to make sure executable code is not executed when hidden in data files, like say MP3's. There was an OS X malware prototype like this, executable code masquerading as MP3 file, a few years ago and I believe Apple took some steps to guard against that problem. Likewise, I believe in a recent security patch, Apple took similiar steps to prevent malware from being executed when a disk image that was downloaded is decompressed.

I think there is more, but I have not studied OS X security in detail (and probably should at some point).

... there is no real debate, windows is less secure than osx

Ok, so you agree that "market share" is not the whole story with OS X security and that Windows has some serious design flaws, like the "registry", that will continue to exist in Vista.

i beleve i could write malware for osx, but how id do it id still have to figure out, i had an easy idea for it to pose as something legit then run the command to wipe the harddrive in w/e apple calles their text window, but thatd be cheating and would be a crappy one...

I don't think OS X will erase the booted system partition without asking for the "superuser" password. We know it uses normal Unix file system with permissions and such, so there is quite a bit of security that way.

My questions here are what prevents a rogue program from getting an administrator password on OS X (how are they hidden)?

... and since it must be possible to find them somehow, what stops them from being used by a rogue program (I think OS X's "security agent" may play a role here, but really have no idea)?

My questions here are what prevents a rogue program from getting an administrator password on OS X (how are they hidden)?

 

... and since it must be possible to find them somehow, what stops them from being used by a rogue program (I think OS X's "security agent" may play a role here, but really have no idea)?

I think this should help: http://www.macshadows.com/kb/index.php?tit...password_hashes

From what I understand, it describes the techniques use to keep passwords safe in all version of OSX since 10.0.

I think this should help: http://www.macshadows.com/kb/index.php?tit...password_hashes

Yes, that does answer some of my questions.

To summarize,

(1) It appears that passwords are stored as hashes, not the actually text. This appears, with light analysis, that merely acquiring the password hash, provided the hashing algorithm is good, is not enough to recover the actual password and the password hash itself is otherwise not useful.

(2) on Tiger (10.4) at least, passwords are "shadowed" so that the files containing password hashes can only be read by the "root". This means that unless one is logged on as "root" (which would be usually), that a rogue program would be denied access to the password hash file as a whole: http://en.wikipedia.org/wiki/Shadow_password

Now back to our comparison of Windows to OS X security. Windows uses an insecure hashing algorithm, Windows LM (LANMAN):

Windows LM is very insecure, and can be broken fairly easily.

If you want to enable Windows file sharing in Tiger you actually have to lower your security:

... if you turn Windows sharing on in the Sharing preferences ... OS X warns you that your password will be stored in a more insecure manner...

So, not only does Windows "security" suck ass, interfacing with it exposes a secure operating system like OS X to some risk.

What was this {censored} about "market share" again?

Just one thing about your post bofors, I thought one of the major security points in OSX was that you can't log on as root, that those privileges are kept from the user (even admin). This is to keep any possible badware from being able to modify critical system files. I don't know if you could gain those privileges using the terminal (I would guess, it's Unix), but that would be going out of your way, and it would be password protected with the above measures. Please correct me if I'm wrong, I might be writing a load of bull here

ok. after i finished typing this i went and tried to look for an answer. and this is what I came up with: http://developer.apple.com/internet/securi...urityintro.html

I think that I was very close to being right, and I'll keep looking for more answers.

edit: ok, even admins are kept from root access until you do the whole GUI based sudu command (username and password to confirm action).