No, they claim the fewest viruses, which is only true because they haven't been the target of them.
A old synopsis for understanding from Rick, whoever he is:
02/07/08
01:48:09 am, by Rick, 1163 words
Categories: Apple, Microsoft, Unix and Linux, Security
Setting the virus record straight: debunking the market share myth
As Apple continues its slow and steady rise in popularity with consumers, more and more self-appointed security experts on blogs and various tech publications are talking about how the Macs operating system, OS X, is not any more inherently secure or safe from viruses and malware than Windows is. The flimsy rationale for this statement (which more often than not comes without any factual support) is that because the Macs market share is so small relative to Windows, creators of malware have no interest. Those evil hackers would prefer to get more bang from their coding buck, so to speak, by targeting the largest audience possible with their malware.
Not only is there no evidence to support this assertion, but there actually exists a lot of evidence that counters it. And while I may agree that there is a tiny grain of truth to this argument, its not the whole story, not by a long shot. There are many other factors beyond market share that influence a computer platforms chances of getting viruses or having security exploits.
Oh yes, I hear the anti-Apple crowd out there, sharpening their retorts and readying themselves for battle by hammering away at their Microsoft ergonomic keyboards to produce the ultimate manifesto on Why Steve Jobs is a Hippie Megalomaniac Pouring Kool-Aid Down the Throats of the Misguided Masses and How Apple is Irrelevant and Must Die Die Die. Before we reach that point, just sit back and hear me out.
Lets look at all the evidence that undermines this market share argument.
One example that is often cited is the situation we have with Web server platforms, specifically the open source Apache versus Microsofts Internet Information Services (IIS). For years, Apache has maintained a larger, albeit shrinking, market share compared to that of IIS, and yet, its the latter that has historically the most security issues (the most notorious being the Code Red virus). Although the security of IIS has improved dramatically over the last couple of years, it has (and still does by a slim margin) outnumber Apache in terms of security issues. This does not fall into line with the market share argument when trying to explain away viruses.
Bear in mind too that many of the security issues on Windows can be traced back directly to very dumb decisions by Microsoft that have nothing to do with market share: automatically opening attachments in Outlook, leaving ports open by default leading to RPC exploits, sloppy programming resulting in buffer overflows, giving user accounts admin-like privileges, etc. By contrast, Macs have all unnecessary services and ports closed by default and limit user accounts, all of which minimizes the damage that can be inflicted on the system should a bit of malware somehow sneak past the gates.
Heres another example to consider. Apples previous operating system, the Classic Mac OS, never had the market share that their current operating system does, and yet there were viruses for the older operating system. Again, if viruses and security exploits can be explained away by market share arguments, then this should never have happened. Malware creators, so the myth instructs us, couldnt possibly have had any interest in doing that.
Whats funny about the market share argument too is that it really doesnt even apply to the Mac to begin with as it assumes the Mac is a platform unto itself. That was true in the old days, but the Mac doesnt run OS 9 anymore. Its OS X, and OS X is, underneath the pretty user interface, Unix. There are lots and lots of Unix (or Unix-like, if that makes you Linux fans happy) machines out there and theyre all running the same or similar software under the hood and all have similarities in how they operate and are structured. In that sense, OS X is part of a much bigger market. And yet, I dont see a whole lot to worry about from the Unix side of OS X either. Weve seen a few security issues pop up (like the ssh thing a while back) but nothing that has exploded into a major virus outbreak.
One thing that may explain the differences between Unix-like platforms and Windows is the nature of the software that runs on each platform. Much of the software running under-the-hood on Macs is open source. That means anyone, including you and me, can download and look over the source code. When you have lots of programmers looking over the code, security issues can be spotted before they become a headache. This leads to proactive software patching as opposed to reactivethat is, patching after the viruses and malware are running rampant. Windows is closed-source, proprietary software and does not benefit from countless numbers of programmers and hackers viewing its code. In some unfortunate instances, security issues become known only after they have turned into viruses boring holes in your computers brain.
With the latest iterations of OS X, Apple has introduced many initiatives to prevent security issues. One of the most interesting is known as address space layout randomization (ASLR) which is more commonly known as memory randomization. ASLR is important because it makes one of the most common security issues, the buffer overflow, almost impossible to exploit.
For those of you who dont understand it, think of it this way. Imagine the memory of your computer like a map of your hometown. Some vandal wants to change some of the street names to mess with your map. In order for him to do that, he needs to know the exact longitude and latitude of those streets. Its easy for him because he can buy a map of your hometown and get that same information.
The latest version of OS X chops that map up into little squares and randomly rearranges them, but is also smart enough to know how to continue reading the map unhindered by the confusing rearrangement. Nobody is able to buy a map arranged exactly like that so nobody can get the exact information they need to vandalize your map. It doesnt mean they cant. They just cant quite zero in on exact targets anymore.
On top of that, OS X also offers tagged downloading of applications (a system that watches very closely what gets downloaded and run on your computer and alerts the user before it runs for the first time), stronger forms of built-in encryption, more robust firewall features that watch for malware-like activity and application sandboxing to prevent hackers from targeting program-specific vulnerabilities.
Now, Im not naive. I have no doubt that OS X will eventually have security issues that result in some kind of malware. No system is perfect and no amount of operating system cheerleading will change that. Someday, well see the first OS X virus. However, Im confident that these problems will never approach anything like what weve seen on Windows, and theres little reason to think Apples gradually increasing market share will change that.
