Posted on 02/06/2010 12:09:39 PM PST by driftdiver
When I am asked the question "Which is more secure, Mac or PC?" I find myself stumbling around for a response because I don't have a clear-cut answer. I use both. And I use antivirus software with both.
So I decided to conduct an informal survey of a bunch of security experts and see what they had to say in the hopes that people can use the information to help them come to their own conclusions.
Before I provide quotes from the 32 experts who participated in the survey, along with edited comments from an interview with a Microsoft representative and a link that Apple provided, I'd like to share some relevant research from antivirus vendor ESET.
More than half of Americans believe that PCs are "very" or "extremely" vulnerable to cybercrime attacks, while only 20 percent say the same about Macs, according to this ESET survey. (Credit: ESET)
ESET released the results of a survey in November related to awareness of cybercrime in the U.S. The survey of more than 1,000 people found that while both PC and Mac users perceive the Mac as being safer, Mac users are victims of cybercrime just as frequently as PC user
(Excerpt) Read more at news.cnet.com ...
Ummm...., I’m posting to the thread... the “article” ya know... :-)
He’s a troll. But you’re right I should stop responding to that vile creature.
You’re a troll. You have not addressed the article in any manner.
Stop posting to me.
Good post. People are amazed when I tell them that from the late ‘80’s to the early ‘90’s Macs had far more viruses than PCs, at least where I was working (college computer center). WDEF spread as easily as it was destroyed (rebuild desktop). nVIR was one of the first wildly mutating viruses. The Word Macro viruses were also found on Macs everywhere as the superior for DOS WordPerfect was still dominant on that platform, and Windows was still not ready for prime time.
There were at least half a dozen major anti-virus products. We used Virex for heavy duty and up to date stuff, getting bi-weekly mailings of floppies (we had ftp, no web).
I would like to say that Macs have a VERY intrusive BIOS. That BIOS has historically made the Mac run slower, but it also put in some built in limitations on how viruses can infect and spread. In the 680x0 days, the big trick was emulating the BIOS. Since running OSX on a PC is tricky but not impossible without those BIOS chips, I must assume that is no longer the case.
by Rich Mogull
When people find out I'm a security expert, I can almost guarantee the ensuing conversation will evolve in one of three ways. If they are technologically illiterate, I'll have to explain I don't know anything about trading securities and can't help them with any hot tips. If they use Windows, I'll tell them to back up their data and reformat the system. But if they use Macs, the discussion usually becomes a little more complicated.
There is a misperception among much of the security community that Mac users don't care about security. Since joining TidBITS I've learned that Mac users are just as concerned about their security as their Windows brethren, but they aren't really sure what they need to know. Even the most naive Windows user understands that their system is under a constant barrage of attacks, but the Mac user rarely encounters much beyond the occasional pop-under browser ad and, of course, oodles of spam.
When people find out I'm a Mac security expert, they ask, "Oh, so do I need to worry more about security?", quickly followed by, "Do I need antivirus software?" While the antivirus answer isn't completely straightforward, it's also not all that difficult.
The reality is that today the Mac platform is relatively safe. Hundreds of thousands of viruses and other malicious software programs are floating around for Windows, but less than 200 are known to target the Mac, and many of those are aimed at versions of the Mac OS prior to Mac OS X (and thus have no effect on a modern Mac).
It's not that Mac OS X is inherently more secure against viruses than current versions of Windows (although it was clearly more secure than Windows prior to XP SP2); the numerous vulnerabilities reported and patched in recent years are just as exploitable as their Windows equivalents. But most security experts agree that malicious software these days is driven by financial incentives, and it's far more profitable to target the dominant platform.
Desktop antivirus software is also only a limited defense, and one that's typically very resource intensive. By even the most positive assessments, antivirus software catches only 85 to 95 percent of known malicious software (viruses, worms, trojans, and other nasty stuff) in the wild. This leaves a significant level of exposure, especially considering you're running software that brings your system to its knees whenever you have a full scan scheduled. Antivirus tools are intrusive by nature, don't offer nearly the security they advertise, and can be costly to maintain over time. I personally rely on other defenses to prevent malicious code from ending up on my computers in the first place, and so far (fingers crossed) have never had antivirus software find anything on any of my Windows XP systems. I don't even bother to run it on my Windows Vista systems, due to that platform's stronger security and the limited number of malicious programs that target Vista. When I've tested Macintosh antivirus programs, they typically only find infected attachments in my spam folders. Scanning all your incoming mail at the gateway, maintaining safe browsing habits, and using a browser plug-in or two can be more effective than desktop antivirus software, as I'll discuss.
Even if Mac OS X is no more secure, we Mac users are currently at a lower level of risk than our Windows counterparts. It's reasonable to assume that this dynamic could change, but considering the current level of risk, and the resource intensity of most antivirus software, it's hard to recommend antivirus except under limited circumstances. Here are the factors I suggest you consider before using antivirus software.
At some point, assuming Apple continues to make appealing products, we Mac users will become bigger targets and face a higher level of risk. Adam J. O'Donnell, Ph.D., is the Director of Emerging Technologies at Cloudmark and has recently been using game theory to analyze at what point Macs become more targeted for malicious attack. He states, "Game theory shows that an inflection point will come when the rate at which a malware author can reliably compromise a PC rivals that of the Mac market share. It is at this time you will see monetized, profitable Mac malware start popping up." For example, Windows Vista is a dramatically more secure product than its predecessor. As it's deployed more widely, we could hit an inflection point where the combination of growing Mac market share, and increased difficulty in exploiting Windows, makes the Mac a more profitable target.
How can we avoid this? That's mostly up to Apple. In Mac OS X 10.5 Leopard, Apple began implementation of a number of anti-exploitation technologies that could increase the difficulty in exploiting the platform, but most features weren't fully completed and don't provide the necessary protection to limit attack effectiveness (see "How Leopard Will Improve Your Security," 2007-10-22). If Mac OS X maintains even just security parity with Windows, yet Mac market share stays in the low double digits, Windows should remain the dominant target. We need to continue to pressure Apple for a more secure platform so these technologies are fully implemented before the malicious software market dynamics shift. Better library randomization, sandboxing, and QuickTime and Safari security features will go a long way to protect Mac users.
In short, at this point in time, I don't recommend desktop antivirus for the average Mac user. You only need to deploy it if you engage in risky behavior, need to protect friends on Windows, or comply with corporate policies. It's quite probable this will change in time, so it makes sense to take some reasonable precautions today and stay aware of the world around you. Better yet, let's continue to pressure Apple for stronger security so we can completely avoid resource leaching desktop antivirus in the long term.
Ok now address the other few hundred threat vectors.
You’re a troll. You have not addressed the article in any manner.
No..., first of all... I'm a long-time Macintosh user and I know what I'm talking about in terms of what experiences I've had with Macintosh over 25 years now.
Secondly, I'm giving direct experience about the vast majority of fhe Macintosh users having no problems at all with viruses and with me having only one virus in over 25 years.
This article is about that... I have experience with it, I know Macintosh computers and I am able to tell people who may not know about it the direct experiences I've had, plus me knowing about the experiences of many others in the Macintosh community.
So, this is a perfect topic for me to comment on... :-)
Well, I really should have said no desktop. Both Gnome and KDE have vulnerabilities that can be exploited by clever hackers.
But you can just run X and start a browser from the command line....with a non-privileged account, of course.
Ok now address the other few hundred threat vectors.
You've got a lot of "theoreticals" out there that people yap about -- but the fact remains that the threat is not there -- in reality -- and simply does not happen with Macintosh users, to the point where they simply don't use the anti-virus software. There's nothing "happening" and it hasn't happened -- and with me -- it hasn't happened in over 25 years (just the one I mentioned).
That's just the way it is...
The only ones who are "yapping it up" about supposed "threats" are anti-virus companies who want to sell Macintosh users their "goods"... LOL...
I think Macintosh users are getting the "idea" about that one... :-)
I am a Windows guy, but I also spend a very big slice of time on Linux - I fix computers for a living.
I can be sitting on the System Desktop as user:System in mere seconds on a Windows box, even if I don't know it's passwords.
It is infinitely harder to hack a *nix box, even at the simplest levels, because of the no-man's-land between the system/root and Userland.
I have been fixing computers since the mid/late 80's and I have yet to have *any* computer other than Windows boxen cross my bench with infection (except for those I infected purposefully as proof of concept research).
As I said, I am primarily a windows guy - I use it all the time, and I write for it - But the reason Windows gets more bugs is because it is hilariously easy to exploit, and always has been.
Trouble is users always want more functionality. Sooner or later they’ll install software and bypass the privilege limitation. Plus the average user doesn’t know what a command line is.
The real secret is to keep your system up to date, avoid high risk behaviors and take some common sense precautions. Its worked for me for about 9 years.
Can you point me to a site that will automatically install a virus on my Mac?
I typically surf anywhere I want to and have never had a problem. I also open email attachments. I have never used any form of virus protection.
That only works on the uninitiated. Real security people don’t buy the hype.
This article represented the input of numerous experts in the field. The article was not biased and represented both sides.
I know that hurts but you should get used to it.
Most of the companies mentioned are not “anti-virus” companies. They are companies whose purpose is improving computer security.
Well then I guess you know more than the experts quoted in the article. Maybe they should have just asked you, the desktop tech.
Do you concede there are more threats than just viruses? Do you also concede that there are numerous exploits out there for Macs. Heck even Apple will admit to that.
That only works on the uninitiated. Real security people don’t buy the hype.
Ummmm.... what you mean is that anti-virus companies that need to make money selling their products "don't buy the hype" -- because they wouldn't make any money if they did... :-)
But, as I said, I've been running Intego for a very long time now and nothing is happening... and those are the facts of the matter.... and it's the same thing with the vast majority of the Macintosh users. Nothing is happening.
This article represented the input of numerous experts in the field. The article was not biased and represented both sides.
There are not "two sides" to my experience with the Macintosh... LOL...
There's only one side -- which is the side of "what actually has happened"... :-)
So, when I say that "nothing is happening or going on with viruses" -- I'm not trying to present "two sides" here... I'm only telling you the "one side" -- that is the one side that is happening in "reality"... you see...
I know that hurts but you should get used to it.
If having only one virus in over 25 years and that being back in 1988 or thereabouts... is hurting -- give me more of that hurt... LOL...
“The real secret is to keep your system up to date, avoid high risk behaviors and take some common sense precautions. Its worked for me for about 9 years.”
If you have the time and inclination, could you outline what these precautions are? I am a non-technically inclined person who uses my PC (with Windows) to write fiction, send and receive uploads of unpublished fiction [for the purpose of beta reading], and who visits only a few political sites, writer sites, weather and a few misc. [such as occasionally the Urban Dictionary] sites. I used a paid subscription to Panda for a while, but I kept getting viruses. I’m using a trial version or Norton right now. Any advice you could give would be greatly appreciated.
Absolutely. But I don't think I am an idiot, I don't load programs and/or give root level access except to trusted sources.
Will you admit that there are no viruses that I need to worry about?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.