This security estimation by counting advisories was well debunked a while ago.
However POSIX compliance isn’t that big of a deal.... Windows is mostly POSIX compliant
Windows is partially POSIX compliant through a compatibility layer, as you said, just enough to make the feds happy. In any case, POSIX compatibility is not UNIX certification.
Heck many flavours of Unix (including most Linux distros and FreeBSD) don’t really do any better then that.
Linux and FreeBSD are pretty much UNIX compliant in fact, but two things keep them from getting official certification: 1) You need a company with the cash and control over the source to push compliance, 2) they change so fast they'd be out of compliance by the time they were in. Apple basically forked BSD in order to have the control necessary to get it certified compliant.
That is good from a security standpoint but comes with a real trade off from the administrative overhead aspect....especialy for home users. Admitedly the last time I worked with Mac was only very early OS X.
It works pretty well. You can still call up Terminal and sudo to your heart's delight, but the average user never needs to do that. Some things are actually hidden too well IMHO. For example, you can check a box to enable power management on your hard drives and it works well, but to get the fine-grained control a geek would want you gave to go to Terminal. If I turn on Windows file sharing, OS X starts the service and opens the port, pretty simple.
“This security estimation by counting advisories was well debunked a while ago”
Uh, excuse me READ the advisories.... don’t just count them.
Sword claimed that the only vulnerabilties that exist for OSX were a few trojans that required significant user interaction in order to achieve....
“There are a few trojans... but that require quite a bit of user participation to download, install and run... giving administrator permission at every step.”
That is simply NOT ACCURATE. A simple search on SANS or CERT or any other security site will reveal many OSX vulnerabilties of all different types.... including many buffer overflow style attacks and even some zero day exploits.
Heck... check Apples site at this URL (http://docs.info.apple.com/article.html?artnum=305391) for a list of just one release of patches addressing 25 different vulnerabilties. Go ahead and read the description and tell me how well that matches Swords characterization.
There is no question that OS-X...or heck any MAC OS has less active exploits then Windows (version whatever)... the debate is whether that is due to better inherent security in design....or simply being a small target.
I tend to side with the smaller target camp.... and it’s not like I’m a voice in the Wilderness there.
“Mac systems might be “safer because less people are throwing bombs at them, that doesn’t mean they are more secure”.” - Graham Cluley, senior technology consultant at Sophos
“The only thing which has kept Mac OS X relatively safe up until now is the fact that the market share is significantly lower than that of Microsoft Windows or the more common UNIX platforms” - Neil Archibald
Or maybe we can hear from the guy that beat the Feb 22nd, 2006 “rm-my-mac” challange by getting Root of OSX in 30 minutes.
“”Mac OS X is easy pickings for bug finders. That said, it doesn’t have the market share to really interest most serious bug finders”
Regardles, the point I was making is for an end user.... particulary one that has some tech saavy and has plenty of familiarity with the Windows OS already (like ScoutMaster has described himself).... it’s really a moot point.... it’s not THAT difficult to keep a Windows machine relatively secure and running well.
Mac gets hit less....but it does get hit...and if some-one is really concerned about security... the answer isn’t to buy a Mac and think your magicaly ok..... the answer is to spend a little bit of time and effort educating yourself about safe computing behavior and how to configure whatever flavor of O.S. you happen to prefer properly. No O.S. in existance is a substitute for that....or will save a user from thier own reckless behavior.