Security through obscurity?
So many people seem to assert that the ONLY aspect of security is "how big a target" your OS is. If that's NOT the ONLY factor, then you can't say "Macs would have just as many security problems if more people used them."
Isn't it obvious that there ARE other aspects of security? Like design?
How likely your chosen OS is to be successfully and seriously attacked is the result of two main factors as I see it:
FLAWS
How many holes it has, how easy it is to break into, and how easy or hard it is to patch the problems quickly and without excessive cost or breaking other things. This is the biggest factor, and Microsoft clearly is the worst in this category. OS X, and UNIXes as a group, are far better.
BEING A TARGET
Oddly, security discussions/articles often not only gloss over the flaw factors, they focus on only a SINGLE target factor: Apple's smaller market share. It's true, that does make OS X a less tempting target. Undeniably. But other factors make OS X MORE tempting to hackers.
Factors that make OS X less tempting to attack:
* Fewer Macs than Windows PCs in the world
* Much more difficult to undertake
* Many people hate MS--for their monopoly crimes, and for being forced to use their often-inferior products
Factors the make OS X MORE tempting:
* Many people have a lot of jealousy/spite towards the Mac platform
* The challenge of it and prestige of succeeding
* Macs are worth the most points in cracking contests
* Cracking OS X involves some of the same skills as other UNIXes, which as a group ARE used for many high-profile targets (OS X is partly based on BSD for instance)
* Macs are themselves used for some high-profile targets--and increasingly so. Such as: educational and research institutions, biotech companies, large media/creative companies, Apple themselves, the US Army web site... and VA Tech's third most powerful supercomputer in the world.
* Mac OS X is gaining increasing and very positive attention in IT press--it's no longer off the IT radar
Given all of that, I'd say the motivation to make the first Mac OS X virus is pretty high. Not as high as for Microsoft--but not EVERY criminal programmer on the planet is going to limit themselves to just one platform. Nobody's succeeded yet in making an OS X virus or worm, but I highly doubt that NOBODY is trying. And they have had YEARS to do so.
And they'll succeed some day, maybe soon. There WILL be a first. But there will never be the constant security/privacy risks on the level that Windows users most accept. Not even if Macs catch up to Windows in user base... which won't be happening any time soon
So, assuming popularity vs. security is not the ONLY factor in security... is Mac actually designed better? And if so, how and why?
The short answer is that Macs are more secure because they are based on UNIX (BSD specifically), which has many flavors but none of them are as full of holes as Windows. The well-documented bad design decisions made in Windows, the complexity of hardware Windows has to deal with, and the bloat caused by legacy compatibility issues, will challenge Microsoft for the foreseeable future. Also, OS X is based on the open source Darwin variant of BSD--which makes security fixes developed by others easily applicable by Apple.
That's a quick answer, but oversimplified. I'm really not the one to do the subject justice. So here are some links to explore if you want to learn more--technical details of Windows' problems, strengths that OS X inherits from UNIX, etc.:
http://www.washingtonpost.com/ac2/wp-dyn?pagename=article&node=&contentId=A34978-2003Aug23¬Found=true
http://www.nytimes.com/2003/09/18/technology/circuits/18POGUE-EMAIL.html?ex=1064894400&en=8a463b1175569a5f&ei=5070
http://www.theregister.co.uk/content/55/32449.html
Also see the Dept. of Energy's security bulletins listed by OS here--note how many viruses and other security issues plague Windows (even the newest and most "secure" versions) vs. any UNIX version--especially Mac OS X:
http://www.ciac.org/ciac/bulletinsByType/bul_vendor_list.html
And if you think constant patching and patch-testing is an acceptable solution that makes Windows a good idea, read here:
http://www.csoonline.com/read/080103/patch.html
Patching and keeping Windows up to date is often an impossible task in the real world, since applying a fix can break something else critical to your business. That means spending huge time and cost to test patches--often more time than it takes attackers to exploit the problem.
And what about when MS tries to patch and fails?
http://news.zdnet.co.uk/software/0,39020381,39116180,00.htm
You can find new stories just about weekly on the latest critical flaw or virus for Microsoft Windows. So I won't gather those links--a search on Google or any news site will turn up lots. Suffice it to say that critical holes remain, unpatched, even in Microsoft's top, most "trustworthy" products--like Windows Server 2003. And these flaws are being exploited. Some flaws even wait for months and months and Microsoft never patches them at all.
And here's the much-discussed research paper (20 pp, full of excellent points) regarding how MS technology is designed to promote monopoly at the expense of security--with severe consequences:
http://www.ccianet.org/papers/cyberinsecurity.pdf
(Of course, one of the authors of that paper was actually fired from the company he helped found, due to Microsoft pressure. And many researchers who privately agreed with the project refused to take part for fear of Microsoft retaliation.)
So in summary... no OS is perfect, but Macs are designed better and are less susceptible to security problems than Windows. AND they are less of a target, too. What's not to love?
