Have an account? Log in to leave your comments!
journal: mac
Which OS is the Safest?
Windows is putting it on display with big arrows pointing towards it saying "Come on, hit me!"
With OSX and Linux making large gains in the OS market people are asking the same question they’ve asked millions of times before. Would these OS’s be safer than Windows if they ever became mainstream?
Well let’s assume just for the purpose of this article that OSX, Linux and Windows suddenly all get a 33.3% market share over night. Which would be the most secure, both in the short term and the long term. Well in the short term I think OSX would the the one that’s most secure. After all it currently has no viruses and it has a very good security system requiring you to enter in your admin password to do anything that could affect the system. It also has another advantage in it’s file permissions, which are also used in Linux. These mean that it is almost impossible to wipe an entire disk clean.
And this is where OSX wins over Linux in the short term. The only thing that has the power to wipe an entire disk clean with ignoring permissions is the all mighty root (hail to root). Root has the power to create but also the power to destroy. Root can do anything. Luckily, it can also be disabled, which is where OSX has the advantage. By default, OSX ships with root disabled, meaning an instant increase in security due to the fact that it is a hell of a lot harder to wipe an entire HD. Granted, it’s still easy to wipe your Home folder.
So why does Windows lose so badly in the short term? Well… it’s current security model just sucks in comparison to OSX and Linux. Admin accounts in Windows are the equivalent to root on a *nix system. That sounds OK, cause it means that all OS’s have them, but where as OSX disables this huge power, Windows decides to give it to everyone, and so makes the default account on all new Windows systems an admin account. Oh dear...
So basically OSX is covering up the target with a cross, Linux is trying to hide it behind a small wall and Windows is putting it on display with big arrows pointing towards it saying “Come on, hit me!”
But what about the long term? Well, this is where things get interesting. In the long term there is no clear leader. Linux is always the fastest OS to get important security updates, because it’s open source, so anyone can fix it. OSX partly benefits from this, as Darwin is open source, but many other areas of OSX that are potential security threats aren’t. And Windows just gets a lot of money thrown at it, hoping that it will plug the holes. So over the course of time Linux isn’t going to be as badly hit, because as soon as a flaw is found it will have been fixed.
Windows security rests it’s fate on Longhorn. Longhorn will bring in a security system a lot like that of OSX, where you need to enter passwords to “bless” applications so they can perform admin functions. It will also have much more secure versions of applications such as Internet Explorer and Outlook Express. Basically Microsoft is realising that they have been going wrong all these years and instead of letting anyone do anything to your computer, they need to limit what people can do on it, unless you give them permission.
So, what about OSX in this future of equal market share? Well it stands there, still strong, but not invincible. It has spyware and trojans and adware. But these are much harder to get onto your system. It will still be one of the most secure OS’s you can buy but it won’t be as secure as we like to see it now. Though until then, let’s be glad that nobody cares enough about OSX to attack it.
 |
7 | 584 |
| comments | views |
thinkback
The OS X malware Pilky talks about is in the hypothetical situation he discusses in the article.
| Nick | Jul. 20, 2005 | |
| 6:26 pm |
There is an incorrect item in the story. Windows’ “admin” account is NOT the same as a “root” account. It is the same as an admin account. The “root” account on Windows would be the “local system” account.
They aren’t quite the same, in other words. See the bottom of this link…
The Mac won’t get 33% marketshare overnight.
I can see it rising (like it is now, at 4.7%), but at a speed where the tight-knited core Mac community and Apple can address and fight any new threat, one by one.
In response to John O, there actually has been one malicious trojan for the Mac. People tried downloading Word 2004 off Limewire and when they opened it it deleted their Home folder. And even though there is no spyware or adware at the moment for the mac, OSX is invincible, it will get these in the future, it’ll just be harder for them to get on.
JohnDonson, thanks for pointing out that, but the point still stands that an admin account on Windows can do a lot of damage, which is why Microsoft is making it so you have to “bless” applications that you want to perform system tasks.
Zonka, I know that the Mac won’t get 33% marketshare overnight but it was kinda of a hypothetical discussion. Most hackers and virus writers want to get as many people possible, which is why they go for Windows. If Windows, Linux and OSX all had equal market share then these people would be more likely to pick Linux and OSX than they are now. That way we can see just how secure they are. And I don’t expect the Mac to ever get a 33% marketshare. I do however see it being able to reach a 10% market share, which is more than enough to attract virus attempts
|
| Jul. 21, 2005 | |
| 2:39 am |
Wow Zonka. Just wow....
The thing about Windows constantly being targetted is there are a number of factors which add up very poorly for Microsoft. First off, Windows is everywhere, it is ubiquitous, and thus the market has the largest number of potential targets. Second, it is inherently insecure by default (and possibly by design?), making it easy for viruses etc. to work.
These (and I’m sure other) factors combine to give Windows a severe disadvantage in the security department. It is a combination of all of these that hackers exploit holes in Windows; it is not one of them alone. Afterall, how often do you hear about security-improving patches for other kinds of software besides OS’s? What about CMS’s like phpBB or Expression Engine? What about the languages these packages run on, PHP, Perl, MySQL, etc.? The fact is, these applications are hit quite often with malicious attacks (this very site witnessed just such an attack several weeks ago, and it was not pretty). Why? Because they can. Is there a large target audience? Maybe, but not compared to that of Windows. Are these applications insecure by default? Not usually, but there are still security risks that get exploited.
OS X and Linux aren’t invincible to everything. Why else would Apple release regular security updates for OS X? One reason is preventive maintenance, patch the hole before it can be exploited. But another, more important reason is because the hole is there in the first place. If OS X’s security were perfect, Apple would have no need to release security updates.
On the other hand, OS X and Linux have extremely good security, which as you point out, prevents pretty much anything that may have been tried. OS X isn’t attacked because attackers can’t break through the defenses; trust me, if they could, they would. Windows is hit so often because its security is shoddy at best and because it has the largest market share, a fatal combination.
| Jul. 23, 2005 | |
| Arden | 6:29 am |
1.
Been running OsX since 10.0. No adware, no spyware, no trojans. Please show me one, I’ve never heard of one actually happening, it would be a first. Proof of concept doesn’t matter, that’s only potential, not reality. I haven’t ever seen one on well over three hundred Macs from many sources, and I fix Macs for a living. The only virus software I ever install is on our company OsX mail server, and that’s for the Windows users protection.
On the Longhorn side, VAPORWARE. It ain’t shipped, so it ain’t s__t.