Toggle sidebar Toggle sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

OS X - increasing market share and security

netnothing

netnothing

macrumors 68040
Original poster
With Apple's increasing market share in the personal computer field with OS X machines, I have to wonder at what point will OS X start to be seriously targeted by hackers, viruses, malware, spyware, etc.

I'm a recent switcher from March 2007. I love my Mac Pro. I only use my Windows machine for a few tasks. I try each and every day to get family and friends to switch over to the Mac if it's a good fit for them. But the question that is ALWAYS asked is...."aren't Macs more secure than Windows?"

I don't really have the answer.

I know some of the facts such as, Mac are targeted less than Windows machines. This is simple, there are far less OS X machines in the wild compared to Windows machines. But does this really make OS X more secure? I know that both platforms have their black sheep....in Windows case it seems to be Internet Explorer, and how it's basically a part of the OS. I vulnerability in IE, and your entire OS is at risk. I'm seeing more and more that Quicktime is Apple's black sheep. Tightly integrated in the OS with well known exploits.

So I ask...can someone explain 'why' Macs, or OS X in particular, is more secure than Windows?

- From the standpoint of OS X being built on a UNIX foundation. Is this more secure than the NT kernel?
- From the standpoint of users on the system. How at risk are you if you, like so many people, run your OS X account with admin privileges? Is this any better or worse than the default Windows admin account?
- No DLLs in OS X, no registry in OS X. Does this make the system more secure? Or does it just run more efficient?

At what point are OS X machines going to have to run Antivirus programs, and spyware removal tools just like their Windows rivals?

Is it just a matter or time, or is the way OS X is built going to keep it more secure?

Personally, I hate the argument that Macs are more secure simply because they are not targeted as much as Windows machines. Yes it's true....but it's a lousy way of thinking of things. Sooner or later, if the current trend keeps up, Macs are going to keep gaining market share and hackers and going to see them as a viable target. I hope Apple will take OS X security seriously.

-Kevin
 
kbmb said:
I know that both platforms have their black sheep....in Windows case it seems to be Internet Explorer, and how it's basically a part of the OS. I vulnerability in IE, and your entire OS is at risk. I'm seeing more and more that Quicktime is Apple's black sheep. Tightly integrated in the OS with well known exploits.
Click to expand...

So true! I didn't like (or use) Quicktime when I used XP, and I don't use it on Tiger either. I've never been keen on tying a non-essential app to essential ones--not in Windows, not in OS X.
 
Mac OS X is more secure because for anything to infect the whole system it would need to have root access so you'd have to provide your username and password and if you're being randomly asked for that you're more likely to click on Cancel and any spyware or malware would fail. This isn't like ActiveX on Windows where it can be automatically triggered and all hell breaks loose because a good 90+% of the Windows user base is running with Administrator privileges (which is what Windows XP assigns by default when creating a user account, even Windows Vista will give a new account administrator privileges).

User Account Control in Windows Vista tries to work around this but it offers a "continue or allow" prompt where the average user is likely to just hit continue whereas Mac OS X asks you to type your credentials which makes you think a bit before performing the action.
 
iCeFuSiOn said:
Mac OS X is more secure because for anything to infect the whole system it would need to have root access so you'd have to provide your username and password and if you're being randomly asked for that you're more likely to click on Cancel and any spyware or malware would fail. This isn't like ActiveX on Windows where it can be automatically triggered and all hell breaks loose because a good 90+% of the Windows user base is running with Administrator privileges (which is what Windows XP assigns by default when creating a user account, even Windows Vista will give a new account administrator privileges).

User Account Control in Windows Vista tries to work around this but it offers a "continue or allow" prompt where the average user is likely to just hit continue whereas Mac OS X asks you to type your credentials which makes you think a bit before performing the action.
Click to expand...

Ok, so I understand this. Let me ask you, is this true even if you are running with admin privileges on your OS X account?

Personally, I have one account on my machine, my user account. It's the admin account. Now I know that half the people will say, so do I, while the other half will curse me out and say to run as a non-admin.

As an admin, if I try to install an app now, I'm asked for my password. What would change if I wasn't an admin?

And, running as admin, could someone write something to bypass the OS asking me for my credentials?

-Kevin
 
heatmiser said:
So true! I didn't like (or use) Quicktime when I used XP, and I don't use it on Tiger either. I've never been keen on tying a non-essential app to essential ones--not in Windows, not in OS X.
Click to expand...
You don't use Quicktime in OSX? I'd be very, very surprised 😉
 
Southernboy said:
You don't use iTunes then?
Click to expand...

See, that's the kind of stuff I'm talking about. You seem to be gloating at the idea that Quicktime is an inseparable part of OS X. To me, that's not a good thing; that's a bad thing. This was one of the biggest turnoffs for me concerning iTunes on Windows. And it's pretty hard to see how Apple's proliferation of the Quicktime virus is any better than Microsoft's embedding Internet Explorer into the Windows operating system. Both are wrong, as far as I'm concerned. The more Apple takes after Microsoft (whether in "mandatory" applications or in bloated operating systems), the harder it will become to explain just what makes OS X "different" from Windows.
 
heatmiser said:
See, that's the kind of stuff I'm talking about. You seem to be gloating at the idea that Quicktime is an inseparable part of OS X. To me, that's not a good thing; that's a bad thing. This was one of the biggest turnoffs for me concerning iTunes on Windows. And it's pretty hard to see how Apple's proliferation of the Quicktime virus is any better than Microsoft's embedding Internet Explorer into the Windows operating system. Both are wrong, as far as I'm concerned. The more Apple takes after Microsoft (whether in "mandatory" applications or in bloated operating systems), the harder it will become to explain just what makes OS X "different" from Windows.
Click to expand...
Calm down mate, I'm not gloating, just making the point that on the Mac, Quicktime is now a core service, that would be hard - if not impossible - to live without, for many reasons. It's essential to OSX because it now does so much. 🙂
 
Southernboy said:
Calm down mate, I'm not gloating, just making the point that on the Mac, Quicktime is now a core service, that would be hard - if not impossible - to live without, for many reasons. It's essential to OSX because it now does so much. 🙂
Click to expand...

We'll have to agree to disagree. If I could uninstall Quicktime from OS X completely, I'd do it in a heartbeat. 😀
 
kbmb said:
Ok, so I understand this. Let me ask you, is this true even if you are running with admin privileges on your OS X account?

Yes, because even by default an administrator account running under Mac OS X does not have root access -- this is why you're prompted for your password when installing system level software or updates.

Personally, I have one account on my machine, my user account. It's the admin account. Now I know that half the people will say, so do I, while the other half will curse me out and say to run as a non-admin.

As an admin, if I try to install an app now, I'm asked for my password. What would change if I wasn't an admin?

To the best of my knowledge, you'd be asked for the password of an administrator. I'm running as an administrator on my MacBook Pro and I'm a bit too lazy to set up a non-administrator account so I can't verify this but I'm pretty sure that's how it works, as I've seen it in action on a PowerMac G4 running Tiger at my old school.

And, running as admin, could someone write something to bypass the OS asking me for my credentials?

It's a system wide setting, so you'd still be prompted for your password (either through the user interface, or if one were to execute the sudo command) -- whereas Windows does not prompt you for your password or an administrator password when launching a command prompt when running as Administrator.

-Kevin
Click to expand...
I've replied to your questions in-line in bold text.
 
BornAgainMac said:
Well, maybe the marketshare should increase to 90% and this question will be resolved once and for all.
Click to expand...

No need for it to increase to understand it. I'm simply trying to understand HOW secure or insecure OS X is in general and compared to Windows. I'd rather try to understand it now, while OS X isn't the target.

-Kevin
 
heatmiser said:
See, that's the kind of stuff I'm talking about. You seem to be gloating at the idea that Quicktime is an inseparable part of OS X. To me, that's not a good thing; that's a bad thing.
Click to expand...

Yes, but there's a major difference there between Quicktime and IE. Quicktime is only *integrated* into OS X. IE is literally *part* of Windows. OS X would function just as well without Quicktime, but Windows wouldn't even run without IE.
 
kuwisdelu said:
Yes, but there's a major difference there between Quicktime and IE. Quicktime is only *integrated* into OS X. IE is literally *part* of Windows. OS X would function just as well without Quicktime, but Windows wouldn't even run without IE.
Click to expand...

The real problem is how easy it is to use either to run an exploit that would result in corrupting the entire OS.

True, that in most cases it is more likely that IE would/could be used as an exploit. But as long as Apple continues to *integrate* Quicktime directly into the OS, it poses a threat for malicious software to use.

I know how much IE is built into Windows. It's all over. Windows Explorer is nothing more than the IE engine viewing your files.

I don't know however, to what extent Quicktime is integrated into OS X.

-Kevin
 
You'll never get a real answer as to which is more secure, only opinions. Also, the 'right question' should be which is LESS secure, as that's what you really need to worry about. I'd say OSX has fewer known holes, but then there are less people looking and finding them compared to windows. And 'unknown' holes can be worse if a hacker finds them first - they can be actively exploiting machines without anyone knowing for a while.

Re. account security - I'd strongly advise running as non-admin, because there's just not much difference when you actually use it. The only real issue I've come across is that you need to unlock the preferences before you can change them. That shouldn't be an issue once the mac is set up. Apart from that, the only difference is that when you install an app or something, you need to enter the admin account name + password instead of your own.

The fact that OSX asks for your name + password to make system changes anyway is a good thing, and perhaps a bit better than the system in vista, but it wouldn't affect any exploits that bypass the system. A lot of exploits involve privilege escalation - i.e. the virus or whatever gains rights to do what it wants to the system through a bug in the OS or an app, instead of asking for a password.
 
psonice said:
You'll never get a real answer as to which is more secure, only opinions. Also, the 'right question' should be which is LESS secure, as that's what you really need to worry about. I'd say OSX has fewer known holes, but then there are less people looking and finding them compared to windows. And 'unknown' holes can be worse if a hacker finds them first - they can be actively exploiting machines without anyone knowing for a while.

Re. account security - I'd strongly advise running as non-admin, because there's just not much difference when you actually use it. The only real issue I've come across is that you need to unlock the preferences before you can change them. That shouldn't be an issue once the mac is set up. Apart from that, the only difference is that when you install an app or something, you need to enter the admin account name + password instead of your own.

The fact that OSX asks for your name + password to make system changes anyway is a good thing, and perhaps a bit better than the system in vista, but it wouldn't affect any exploits that bypass the system. A lot of exploits involve privilege escalation - i.e. the virus or whatever gains rights to do what it wants to the system through a bug in the OS or an app, instead of asking for a password.
Click to expand...

Very true, nice post. I'm not specifically TRYING to compare Windows and OS X, more just using it as a basis to get perspective.

As for the non-admin account, this is something I'm considering, I'm just trying to understand what effects running in the admin account has to potential exploits.

As for the System Prefs lock down, I do that already in my Admin account. That's a setting in System Prefs to require the unlock all the time.

-Kevin
 
heatmiser said:
And it's pretty hard to see how Apple's proliferation of the Quicktime virus is any better than Microsoft's embedding Internet Explorer into the Windows operating system. Both are wrong, as far as I'm concerned.
Click to expand...

While we are redefining words like "virus" to support our argument, tell us how you feel about the TCP/IP virus that comes installed with every major OS!!!

OSX has ~~10% market share. And the "gloat factor" for the first person to develop a real, functional exploit is very high. So ~~10% of the exploits out there should be developed for OSX... or more due to the gloat factor.

What's the actual number? That tells us a little about native security.
 
kbmb said:
Very true, nice post. I'm not specifically TRYING to compare Windows and OS X, more just using it as a basis to get perspective.

As for the non-admin account, this is something I'm considering, I'm just trying to understand what effects running in the admin account has to potential exploits.

As for the System Prefs lock down, I do that already in my Admin account. That's a setting in System Prefs to require the unlock all the time.

-Kevin
Click to expand...
Thanks for that little tip there Kevin, one little added layer of security to prevent someone from messing around with your preferences (or to prevent yourself if you decide to perform an act of drunken computing).

For those who are wondering, you can find the option in System Preferences > Security > "Require password to unlock each System Preferences pane" 🙂
 
CashGap said:
OSX has ~~10% market share. And the "gloat factor" for the first person to develop a real, functional exploit is very high. So ~~10% of the exploits out there should be developed for OSX... or more due to the gloat factor.

What's the actual number? That tells us a little about native security.
Click to expand...

By that theory, if 10 people are writing viruses with the aim of making as much cash as possible, one in 10 will choose to target a very small market? That doesn't make sense.

What has really happened over the last few years is that the virus writers have stopped going for massive infections hitting millions of PCs. They now target PCs that don't have the latest patches or a decent virus scanner, and use them as part of a bot net (the people with these machines are unlikely to have the skills to even know they've been recruited).

The other thing they do is to target small groups, with a very specific attack. They'll try to target say people who work in accounts at certain companies, and use social engineering to get their software installed as often as they'll use a traditional virus. This way, they avoid detection (at least until the money is in their accounts) so they can pull their scam, make a lot of money, and repeat. I've even heard of hackers leaving infected USB pen drives on the floor of car parks, so that when the workers arrive they find them, take them in, and plug them in to see what's on them.

There's actually quite a lot of good target groups on the mac, so it would make sense that this kind of thing is going on. It may be that it is, and we haven't heard about it. There is one thing that makes me think it's fairly unlikely though - a lot of the groups doing this kind of crime are using 'kits' to create their software, or getting the program built for them. There are a few groups actively developing this kind of software, supplying ready-made tools or custom-built stuff. They even provide support and updates. And all the ones I've heard about produce windows or occasionally linux (if it's targeted at servers) software.
 
psonice said:
There's actually quite a lot of good target groups on the mac, so it would make sense that this kind of thing is going on. It may be that it is, and we haven't heard about it.
Click to expand...

Would that lead us to believe that they are successful, or unsuccessful? What would that lead us to believe?
 
CashGap said:
Would that lead us to believe that they are successful, or unsuccessful? What would that lead us to believe?
Click to expand...

Well, if they're exploiting macs, presumably for profit, and we haven't heard about it, then yes I'd say they are very successful indeed! Much more likely it's happening on a very small scale or not at all though.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back