Jump to content

Is a Mac really more secure?


Swad

Good reading from Infoworld's Tom Yager regarding what has to be the nastiest piece of Window's malware I've seen. I think it's safe to say that most Windows users - even conscientious ones - have had a least one or two "Thank God for that backup image." moments due to malicious code... I know I have.

 

At the end of the article, Tom dissects what allowed the exploit to occur on his Windows box and (you saw this part coming, didn't you?) then explains why something similar couldn't happen under OS X.

 

I'm no server guru, so I'll take Tom at his word. I do know, however, that pride always comes before a fall, and while OS X is indeed more secure, I'm of the opinion that any dominant OS is going to be exploited.

 

What do you think? Is Windows more vulnerable by its very nature or does OS X have similar but unique security questions?


User Feedback

Recommended Comments



It's now January and no real exploits have been found. I'd say that's pretty good going, considering how many people are trying to find holes in Vista.

 

Well that looks to indeed be true and it is significant. On the other hand, this shows just how bad Windows has really been in the past.

Link to comment
Share on other sites

I say we pester Apple until they make the OS even safer than it is now so it will be even harder for hackers and such to kill it. By that I mean we should ask them to add features such as a malicious code checking system like what Microsoft uses. That way we can protect both Mac and Windows (the checking thing would also check for windows viruses).

 

Hmm.... it appears that wouldn't work since you can't run Windows stuff on a Mac without a virtual machine thing like parallels. I guess we should get Apple to make their own virus scanning program. The program could scan files while they are backed up on another hard drive. It would be an extra feature of Time Machine. That sounds good. Having that check for Windows viruses and stuff would be more helpful than my previous idea.

 

I also say that we convert this topic into a Mac Security idea Box sort of thing. I think we've already established the fact that Mac is more secure right now. But in a few years time it could come under fire. On another topic we decided that Apple was watching this site. I bet that Apple gets ideas for it's OS from places like this so we should try to make special topics to add our ideas in and maybe Apple will adopt them.

 

I'm sure it's hard to follow along with my badly formed post so I'll give a short version:

 

We should work as hard as possible to get Apple to add more security features so Mac can STAY the most secure OS around.

 

If people don't want to convert this topic then I'll just make one especially for that.

Link to comment
Share on other sites

yes, mac os x is more secure,.... statistically

all variables add up.

are Abus locks more secure, shure

 

and the most good things happen on Friday the 13th,

as are the bad ones, statistically speaking.

 

lets add fuel to the fire,....

 

Are Mac OS X users smarter than Windows users ?

( in terms of usage)

 

what's your answer ?

 

cheers, Rob

Link to comment
Share on other sites

I really don't think that OXS users are smarter about the way that they use their computers. Windows users make up the bulk, so most idiots are going to be on it. But I think sometimes Mac users give themselves a false sense of security that they shouldn't have in some places, and I think when/if a OSX virus comes out, it's going to do more damage than a Windows virus. Simply because most Mac users don't protect themselves, (including me, I don't see the point yet). And a lot of elderly people use Macs because of their simplicity, but they don't have the knowledge of phishing and other attacks that aren't platform specific. Some of them don't even turn on their firewalls, and open any attachment/download automatically because they don't know any better.

Link to comment
Share on other sites

hey!!come on..don't say word like 'stupid' or 'smarter than'..this can just lead to a war..

 

both pc and osx user are smart...

 

as for me..i agree that OSX is more secure than microsoft windows but not linux..linux have so many developers that work hard on getting the kernel better..

 

correct me if i'm wrong..

Link to comment
Share on other sites

I agree with hazwan on the name calling, don't be calling uses stupid or whatnot.

 

I disagree with hazwan on Linux and OSX. Just cause you got so many developing on a kernel, it is not more secure. Both OSX and Linux have advantages and disadvantages, but to me OSX has the advantage cause it is streamlined, has STANDARDS (Linux community does not) and can make a better kernel. But both Linux and OSX kick Windows ass in security, because they are both built in Unix.

Link to comment
Share on other sites

WHat I don't understand is how Apple comes out with virus creation tools in XCode and nothing happens, but MS comes out with virus creation code in Virtual Basic and there are tons of viruses.

Link to comment
Share on other sites

Hey you guys, have you heard there's a discussion going on at Macintouch discussing an apparent malware program called Opener, apparently developed by a loosely affiliated hacking group known as the Macintosh Underground. Opener is a startup script found in /Library/StartupItems or /System/Library/StartupItems. It turns on AFP and creates a hidden info folder in each user's public folder, where it stores account passwords and other details.

 

Among the few things Opener tries to do are the following:

  • Opener tries to install ohphoneX, a teleconferencing program - for spying on you through your webcam I'm sure.
  • It kills LittleSnitch before every Internet connection it makes
  • It installs a keystroke recorder
  • Allows backdoor access in case someone deletes the hidden account
  • Grabs the open-firmware password
  • Installs OSXvnc
  • Grabs your office 2004 PID (serial number), as well as serial numbers for Mac OS XServer, adobe registrations, VirtualPC 6, Final Cut Pro, LittleSnitch, Apple Pro Apps, your DynDNS account, Timbuk2, and webserver users to name a few.
  • It tries to decrypts all the MD5 encrypted user passwords
  • Decrypts all users keychains.
  • Grabs your AIM logs, and tons of other settings and preferences with info you probably don't want folks to have... even your bash (terminal) history
  • Grabs stuff from your Classic preferences
  • Changes your Limewire settings to max out your upload and files.
  • The hidden user account is called LDAP-daemon instead of the name hacker used in earlier versions. Looks more innocent than hacker.
  • Even has your daily cron task try to get your password from the virtual memory swapfile
  • It installs an app called John The Ripper - a password cracker that uses a dictionary method to crack passwords
  • installs dsniff to sniff for passwords...

Though I have to admit most people is laughing this Opener threat off, it looks as if the hacker community were training theirs small guns at OSX, will they succeed?.

 

This is a report taken from Symantec:

OSX.Macarena

Risk Level 1: Very Low

Discovered: November 2, 2006

Updated: November 3, 2006 10:42:05 AM ZE9

Type: Virus

Infection Length: 528 bytes

Systems Affected: Macintosh OS X

 

OSX.Macarena is a proof of concept virus that infects files in the current folder on the compromised computer.

 

Threat Assessment

Wild

  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy

Do you feel so secure right now? :whistle:

Edited by Skkeletor
Link to comment
Share on other sites

In my opinion, i'll say that don't ever take thing for granted. Bare in mind that every os sure got viruses. If you're "smart-ass", don't go surf ehem site and so on. And always backup your important data before it is too late :whistle:

Link to comment
Share on other sites

Mac OS X security "myth" exposed :tomato:

According to an article in Techworld Magazine By Matthew Broersma, "Windows is more secure than you think, and Mac OS X is worse than you ever imagined". The writer cites a report made by the Danish security firm Secunia.

 

This year and last year Secunia tallied 36 advisories on security issues with the software, many of them allowing attackers to remotely take over the system - comparable to figures on operating systems such as Windows XP Professional and Red Hat Enterprise Server.

 

"Secunia is now displaying security statistics that will open many eyes, and for some it might be very disturbing news," said Secunia chief executive Niels Henrik Rasmussen. "The myth that Mac OS X is secure, for example, has been exposed."

 

For example, Windows security holes generally receive a lot of press because of the software's popularity, but the statistics show that Windows isn't the subject of significantly more advisories than other operating systems. Windows XP Professional saw 46 advisories in 2003-2004, with 48 percent of vulnerabilities allowing remote attacks and 46 percent enabling system access, Secunia said.

 

Suse Linux Enterprise Server (SLES) 8 had 48 advisories in the same period, with 58 percent of the holes exploitable remotely and 37 percent enabling system access. Red Hat's Advanced Server 3 had 50 advisories in the same period - despite the fact that counting only began in November of last year. Sixty-six percent of the vulnerabilities were remotely exploitable, with 25 granting system access.

 

Now here comes the good stuff:

 

Mac OS X doesn't stand out as particularly more secure than the competition, according to Secunia. Of the 36 advisories issued in 2003-2004, 61 percent could be exploited across the Internet and 32 percent enabled attackers to take over the system. The proportion of critical bugs was also comparable with other software: 33 percent of the OS X vulnerabilities were "highly" or "extremely" critical by Secunia's reckoning, compared with 30 percent for XP Professional and 27 percent for SLES 8 and just 12 percent for Advanced Server 3. OS X had the highest proportion of "extremely critical" bugs at 19 percent.

 

That's certainly an unexpected finding, isn't it?

 

You can see the current Mac OS X security status as of Secunia right here:

 

Vendor Apple

Product Link View Here (Link to external site)

Affected By 97 Secunia advisories

Unpatched 19% (18 of 97 Secunia advisories)

Most Critical Unpatched

The most severe unpatched Secunia advisory affecting Apple Macintosh OS X, with all vendor patches applied, is rated Highly critical crit_4.gif

 

So, what were you guys talking about OS X security? :whistle:

Edited by Skkeletor
Link to comment
Share on other sites

Yeah, one virus compared to 110,000 sure is a major threat.

 

Virii are not really threats. The programmers/companies that open (back)doors for them are. Finally the MoAB project has shown that Apple seems to be even worse than MS, as it does not even react on the well described list of bugs reported. And thats really an interesting, sad but not really surprising result.

 

After being identified as a company with low nature protection standars (http://www.greenpeace.org/apple/) - and nearly every company has reacted on the bad publicity except Apple - it does not really surprise that it is a company with quite bad quality assurance standards (which also holds true for hardware, as we all know).

 

It seems that the only protection OSX has against security threats is its low spread. That is not security. It is just ridiculous. And it is changing with the raising sales numbers of Apple pcs. Lets hope that the quality in all these areas also raises...

Edited by jodo
Link to comment
Share on other sites

Virii are not really threats. The programmers/companies that open (back)doors for them are.

You're confusing threats with exploits and vulnerabilities. There is a very distinct difference. The holes and backdoors (intentional or not) are vulnerabilities, not threats. A virus is a special case of a threat that exploits those vulnerabilities.

 

Semantics aside, Windows has multiple orders of magnitude more threats than OS X. It's like the difference between living in the Bronx (running Windows), and living in a gated community in Beverly Hills (running OS X). Regardless of how good your locks are (how vulnerable you are), they will very likely be tested in the Bronx. Whereas if you live in a Beverly Hills gated community, you can probably get away with not even locking your door, and can probably also leave your keys in the car, and never get robbed or attacked.

Finally the MoAB project has shown that Apple seems to be even worse than MS, as it does not even react on the well described list of bugs reported. And thats really an interesting, sad but not really surprising result.

True, but then Apple doesn't need to have the same level of response that Microsoft does, considering the low threat level. It comes down to the business case. Threats against OS X are rare, and uncritical. Apple only needs to respond quickly to the types of problems that will cause consumers enough grief to switch operating systems.

 

Business case aside, Darwin is open source, enabling anyone outside of Apple to patch kernel vulnerabilities. The M$ community does not have that luxery - they must rely solely on M$ to fix kernel problems - so it's critical that Microsoft have a better response than Apple in this case.

It seems that the only protection OSX has against security threats is its low spread.

Because Darwin and a large number of apps that run on it are open source, Apple has potentially a world population of bug fixers. Windows cannot even come close to that degree of reassurance.

Link to comment
Share on other sites

When viruses on the Mac do become a threat, I will use an Anti-Virus program. Until then, I am not going to slow my system down with unnecessary software.

Edited by goodtime
Link to comment
Share on other sites

Unless I experience it first hand, nobody will ever convince me that OS X or Linux security issues are comparable to those of Windows.

A few days ago I scanned my XP partition with Ad-Aware: it found 72 serious threats.

Then I scanned it with Spybot and it found 70 more.

Note that I don't use Windows much and certainly I don't use it in any dangerous way.

More important: I don't believe that I am your average user. I see average users' Windows partitions fubar on a regular basis because of malware.

 

I have scanned Linux and OS X countless times: I have never found more than 1 or 2 threats at a time, and they were always Windows related. Note that I use Linux and OS X much more than Windows.

 

Concluding: every attempt to suggest that Linux or OS X level of security are comparable to that of Windows is only M$ FUD.

Link to comment
Share on other sites

Quote from www.macintouch.com/opener.html:

A quick Google search of "opener startupitems" revealed a thread at Macintosh Underground Forum Index -> Security & Hacking > Startup scripts.

Apparently this is a startup script whose development is ongoing. It does not look like something that can be maliciously installed, since the shell script can't be installed by just any user on a machine. Although I guess it could be installed secretly by a less than scrupulous shareware program.

 

So I figure, as long as you don't just enter your password and click enter on anything that pops up on your screen,

being aware what you are authorizing to be ran on your system your doing pretty good on Mac OSX.

 

Windows on the other hand, will run/install programs without you knowing about it if you don't have proper protection.

 

Hopefully Vista's new security features are really secure as it claims.

Link to comment
Share on other sites

Hopefully Vista's new security features are really secure as it claims.

 

We shall see. Only time will tell how secure Vista really is. My guess is Mac OS X will still be more secure than Vista.

 

gt

Link to comment
Share on other sites



×
×
  • Create New...