What makes Macs safer?

Discussion in 'Mac Basics and Help' started by Texas_Toast, Nov 28, 2016.

  1. Texas_Toast macrumors 6502a

    Texas_Toast

    Joined:
    Feb 6, 2016
    Location:
    Texas
    #1
    I always hear that Macs are supposed to be much more secure than PCs, but can someone help quantify this?

    A friend and I were debating this the other days, and I didn't do a very good job defending this point because I couldn't come up with any good examples, other than "There are more people trying to hack PCs than Macs".

    The must be a Top-10 list out there are why Macs are safer to use.
    --- Post Merged, Nov 28, 2016 ---
    Maybe Macs aren't safer?

    Nope, Apple Computers Aren't More Secure Than Windows. They're Just Attacked Less
     
  2. vmachiel macrumors 68000

    Joined:
    Feb 15, 2011
    Location:
    Holland
    #2
    This used to be true based on usage numbers. I would guess it still is based on windows still being used more. The Mac architecture is just different than Windows, one is not inherintly safer than the other. Because the Windows lead was (and still is) so massive, it made much more sense to develop malware for that platform.

    Speaking of malware, talking about "hacking" is such a broad and useless discussion. There are many forms of attack: ddos, virus, malware, exploiting bad code etc. Most "attacks" than I'm aware off are either zero-day exploits, in which case you have to wait for a software update, of malware which you often have to install yourself by accident.

    But then there are attacks happening based on network traffic, like using insecure connections, going to a website with some malicious code than uses a flaw in your browser etc. This requires common sense: don't go to website you deem untrustworthy. Use a content/ad blocker as well, as bad code often gets delivered via ads.
     
  3. KALLT macrumors 601

    Joined:
    Sep 23, 2008
    #3
    Patrick Wardle, which this article spends some words on, is a bit of an alarmist. The problems with Gatekeeper he made a big deal about where theoretical in nature and did not strike at the heart of what Gatekeeper was meant to do. Apple has responded to his criticism with macOS Sierra, so the article is a bit outdated. The problem he addressed was for a very particular kind of software, usually Windos ports, that is distributed as separate files, not a single application bundle or installer package (which is something Apple has discouraged for as long as application bundles have existed).

    The trouble with Transmission and KeRanger was very nasty, but it did not penetrate macOS’ defences in any way. That malware had to be authorised by Gatekeeper and it needed no special permissions to access the user’s files to encrypt them. Any piece of code that you run can do nasty things, that is something you just cannot avoid, unless you prevent yourself from accessing your own files.

    macOS overall is still very resilient to virii and drive-by-attacks and so far the biggest threats come from infected software that the user willingly installs. For that, Apple has greatly emphasised code-signing and the Mac App Store, which are meant to mitigate such risks. More work can certainly be done and it deserves mentioning that Apple has made improvements to the system security in recent years, with features such as sandboxing, XPC services, extensions points and System Integrity Protection.
     
  4. vmachiel macrumors 68000

    Joined:
    Feb 15, 2011
    Location:
    Holland
    #4
    Exactly. Just use a decent content blocker, don't install software that you don't trust (do your research) and don't go to any weird websites and you'll be fine for the most part.
     
  5. theluggage macrumors 68040

    Joined:
    Jul 29, 2011
    #5
    In the 90s, Apple's OS was a hot mess because their attempts to create a new, modern OS to replace it finally fell through.

    In 2001, Apple replaced their aged, kludge-ridden 1984 operating system (MacOS 9) with a completely new, Unix-like system (OS X) designed from the ground up as a secure multi-user/multi-tasking/networked OS and which had started life a few years earlier as a server-only OS. There was a change-over period, during which OS X went through several versions, but Apple managed a pretty much complete transition in a couple of years, after which "legacy" software was completely dumped in favour of modern, substantially re-written code.

    In 2001, Microsoft replaced their aged, kludge-ridden <i>1970s</i> (still recognisably based on CP/M) operating system (Windows 95/98/ME) with a new system (Windows NT/2000/XP), written by the designers of VAX VMS and designed from the ground up as a secure multi-user/multi-tasking/networked OS and which had started life a few years earlier as a server/workstation-only OS. <i>However, it was hamstrung by the PC communities pathological need to retain full compatibility with every bit of DOS/Windows software ever written (or still being developed by teams with tools & skills 20 years out of date)</i>. This meant, to pick one example, that many applications <i>had</i> to run in "Administrator" mode (because that's all there was on DOS/Win9x) and the Mac solution of requesting an admin password before each and every privileged action was unworkable (or just trained users to keep entering their password without question).

    Then, in 2007, this hot mess got even hotter and messier because the next major release of Windows (Vista) was a much-derided train wreck. Windows 7 was OK, but then history repeated itself and Win 8 was a laughing stock. Win 10 seems to be solid on new hardware - its just the upgrade process that was bungled.

    Windows probably "caught up" with OS X around Windows 7, but MS has still been having a hard time stamping out the older stuff. Bottom line: Its taken Microsoft 10+ years to drag their users into the 21st century, Apple achieved that over a couple of years.

    (But, yes, the ubiquity of Windows is also a reason).
     
  6. Zazoh macrumors 6502a

    Zazoh

    Joined:
    Jan 4, 2009
    Location:
    San Antonio, Texas
    #6
    I can think of a few but I'm sure someone will counter each of these. ;-)

    -Default setting is to only allow installs of applications from trusted sources
    -Less third party apps to install as system comes pretty well equipped.
    -Controlled ecosystem hardware manufacture and software provider are the same (Out of the box)
    -Hackers -- ironically hackers have searched the open source software platform inside and out, which Apple allows and most of the security vulnerabilities have been examined by many developers in the wild and already identified and fixed

    Having said those, Macs are still vulnerable and one shouldn't have an unrealistic expectation that they are much safer. Users still mess things up ... ;-)
     
  7. Texas_Toast thread starter macrumors 6502a

    Texas_Toast

    Joined:
    Feb 6, 2016
    Location:
    Texas
    #7
    So you imply that Mac OS-X and Microsoft Windows 10 are equal as far as security goes?
     
  8. kschendel macrumors 6502a

    Joined:
    Dec 9, 2014
    #8
    I do think that OS X has some intrinsic advantages for security, such as a much less monolithic internal structure. A big part of its advantage though is that Windows is more common and therefore a much larger target. "Attacked less" does indeed equate to "safer".
     
  9. theluggage macrumors 68040

    Joined:
    Jul 29, 2011
    #9
    I wouldn't go that far - there are other factors (such as the sheer size of the target) - but I think its far closer than it has been in the past.
     
  10. Texas_Toast thread starter macrumors 6502a

    Texas_Toast

    Joined:
    Feb 6, 2016
    Location:
    Texas
    #10
    That is depressing to hear...

    I expected people to jump on this thread and say that Macs are superior to PCs from a security standpoint.

    What do you think @Weaselboy ?
     
  11. Mikael H macrumors 6502

    Joined:
    Sep 3, 2014
    #11
    - A well-managed computer is superior to a badly managed one no matter the operating system.

    - As @Zazoh pointed out, the default settings in macOS are more sane from a security perspective than some of the Windows ones. Just take the fact that a Mac is pretty much usable out of the box, complete with a working productivity suite, meaning that even pretty clueless users can get going immediately without downloading additional software to their machines (*).

    - The Unix roots of macOS mean that software in user land generally speaking is less tightly integrated into core system functions than in Windows. There's a reason for why macro malware still is a viable attack vector in the Windows world, twenty years after the concept was widely introduced.

    - Being a different OS than Windows means that macOS has been allowed to introduce more secure ways to interact with the computer without the uproar that followed, for example, the introduction of User Account Control in Windows Vista and Server 2008.

    - Apple always were better than most at not introducing features until they were properly useable. Drive encryption, secure messaging, walled gardens and so on weren't new concepts when they showed up in Apple products, but when they did they were designed as sensible default choices, not as absurdly complex third-party software requiring detailed understanding of scientific terms to do their jobs properly.

    (*) Anecdote: It wasn't long ago that I tried to help a relative find Office in the Microsoft store application that accompaniesd Windows 8.1, and the first couple of pages of hits were scam apps charging ~$10 for the ability to view Word documents, rather than the actual Office suite or any information on how to purchase it from other sources.
     
  12. theluggage macrumors 68040

    Joined:
    Jul 29, 2011
    #12
    Not sure that the Mac App Store is a million miles better than that - you certainly won't get offered MS Office as the top hit if you search for "office" or "photoshop" and although I wouldn't go so far as calling the stuff that does come up "scam" there are plenty of offerings of dubious value.

    Anyway, "scam" apps that charge you $10 to do something trivial or that can be had for free elsewhere (where you draw the line is a matter of opinion) aren't necessarily malware.

    I think you're right that things like Internet Explorer and Outlook are more tightly integrated into Windows than Safari and Mail are in OS X. Of course, another big security advantage of Macs is the poor compatibility of the Mac versions of MS Office with Office for Windows' macros (the main justification for running antivirus on a mac is to stop yourself passing on Word macro viruses to PC users...)
     
  13. Mikael H macrumors 6502

    Joined:
    Sep 3, 2014
    #13
    My specific point in this case was that a Mac comes preinstalled with software that covers the need for productivity applications, while in Windows you're forced to find it yourself. At least at the time, Microsoft didn't exactly make it easy for you to find the genuine products, while at the same time allowing apps into their store with logos and names which were confusingly similar to the real deal while providing very little of the functionality.
     

Share This Page