Posted on 10/31/2002 9:15:03 PM PST by HAL9000
Apple Computer Inc.'s Macintosh was among the computer operating systems least prone to attack and damage from malicious hackers, worms and viruses in 2002, while Microsoft Corp.'s Windows and the Linux operating systems were the most vulnerable, according to a report by technology risk management company mi2g Ltd.The report, which will be released Friday, presents data on the discovery of software vulnerabilities and incidents of digital attack for 2002, according to a summary of the report released Thursday.
Data from the report is taken from mi2g's SIPS (Security Intelligence Products & Systems) database, which stores information on more than 6,000 hacker groups reaching back to 1995.
According to the company, 1,162 new software vulnerabilities were discovered during the first 10 months of 2002, including vulnerabilities discovered in operating systems, server software, and third-party applications. Of that number, fewer than 25 were attributable to the Macintosh operating system (OS).
Two different versions of Unix shared top honors with Macintosh with fewer than 25 vulnerabilities: Compaq Computer Corp.'s Tru64 and The SCO Group Inc.'s SCO Unix.
In contrast, Microsoft's Windows operating system accounted for the lion's share of new vulnerabilities, with more than 500 vulnerabilities discovered affecting Windows operating systems. More than 200 vulnerabilities were discovered that affected the Linux operating system, according to the information released by mi2g, based in London.
The number of vulnerabilities reported by software vendors and users so far this year is lower than the 1,506 vulnerabilities discovered in all of last year. However, mi2g notes that the pace of discoveries is picking up, with 301 new vulnerabilities discovered in the month of October.
The report also found that 2002 was the worst year on record for digital attacks, with almost 58,000 attacks taking place during the first 10 months of the year, a 54 percent increase from the 31,322 attacks recorded in 2001.
The number of vulnerabilities discovered in an operating system, as opposed to market share, correlated with the likelihood of an operating system being attacked, mi2g found.
Macintosh, which is used on between 3 percent and 5 percent of the world's computers, was the target of only 31, or .05 percent, of all overt digital attacks through October 2002. Microsoft Windows, which is on more than 90 percent of all computers, was the target of 31,431, or 54 percent, of those attacks.
The cumulative economic damage of such attacks, worldwide, was estimated to be $7.3 billion according to mi2g. When taken together with so-called "covert" attacks such as worms and viruses, however, that figure grows to between $33 billion and $40 billion.
Mi2g estimates economic damage by collecting information from a variety of sources and estimating the cost of lost productivity as well as losses stemming from property rights violations, liabilities and share price declines, according to the company.
Mi2g recommends creating new, trusted computing platforms and secure operating systems from scratch, rather than relying on patches to fix vulnerabilities.
Actually, I've written my own OS that is yet to be hacked. It's nothing more than a modified flavor of DOS, but hey it's never been hacked. So I guess you should buy my OS instead of Apples.
I'm not saying MAC os sux. I'm saying this article means nothing becuase MAC doesn't have a large enough online user base.
Duh! and least prone to being on a valid purchase order. ;>) Former geek bump.
/john
If one were to attempt to disrupt the flow of traffic on American highways, one would do far better to target Chevrolets instead of Yugos. That does not mean Yugos are invulnerable to attack, just that they are not worth the time given the attacker's intent.
No, I didn't do it, and I presume you didn't either...
According to Google Zeigist, Windows XP has only 10% more searches than Mac OS X. Yet a default install of Windows XP has had more "hacks and viruses" than a default install of Mac OS X ----- which has had NONE. This is not about market share, its about design. You can keep kidding yourself that this is a marketshare issue but it will not fool the hackers. They know what is easier to break.
You can either deal with the problems or avoid them completely. I choose to use the least hacked OS in the mainstream marketplace because I want to use my CPU to get work done, not waste my time and money to protect it with third party products.
Plus Mac OS X can run more software than Windows XP without the security risk -- because it can run Windows software in a "sandbox" along with Mac OS 9, Mac OS X and UNIX software.
nah, it ain't me! I need to send in a letter to Amazon. That is sad. I don't think y'all are "syncophants" just misguided! :) Plus I know how to use spell check.
Microsoft has a significant installed base of servers and workstations, so it's going to be a large target. Their closed source model makes it difficult for a independent audit of code to reduce the vulnerabilities.
Linux also has a significant and growing installed base of servers, although desktops aren't as widespread as Windows. Since the source is open, it actually makes it easier for people to find vulnerabilities. Fixes for quite a few of these "discoveries" were available at the same time as the vulnerability was revealed, before anyone actually exploited the vulnerability.
Macintosh, SCO, and Tru64 have very small installed bases, in comparison. Although the article tries to gloss over this factor, they don't constitute a big enough target to attract the hacker community.
Tru64 really doesn't have a good reputation for security. Hewlett-Packard (the new owner after acquisition of Compaq) even tried to invoke the DMCA to prevent security researchers from publishing information about a exploit in Tru64 that allowed someone to gain root access.
I don't see MAC on there anywhere. Once again it's a game of numbers. Like I said I have an OS that has never been hacked. NEVER!!!! But then why would anyone waste their time hacking it?
Joe, a VP for Microsoft has already said this concept is bunk. They have admitted that their OS design is riddled with security problems. If you do a search on FR, you will find the article. Its design not market share that makes Windows open to attack. No OS is perfect but most, outside of Windows, actually take security seriously.
Yes it does have CC security certification, if its not connected to a network!. The Register had an article about this bogus claim. What computer is not connected to a network today? Especially in the hands of a home user?
Also the CC cert doesn't cover buffer overflows which is the major problem with Windows.
Plus I wouldn't diss Free Republic. Yea I am married just recently. I am a Republican first, Mac user second. Being a Republican allows me to afford a Mac! :P
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.