In their words: Experts weigh in on Mac vs. PC security

When I am asked the question "Which is more secure, Mac or PC?" I find myself stumbling around for a response because I don't have a clear-cut answer. I use both. And I use antivirus software with both.

So I decided to conduct an informal survey of a bunch of security experts and see what they had to say in the hopes that people can use the information to help them come to their own conclusions.

Before I provide quotes from the 32 experts who participated in the survey, along with edited comments from an interview with a Microsoft representative and a link that Apple provided, I'd like to share some relevant research from antivirus vendor ESET.

More than half of Americans believe that PCs are "very" or "extremely" vulnerable to cybercrime attacks, while only 20 percent say the same about Macs, according to this ESET survey.

(Credit: ESET)

ESET released the results of a survey in November related to awareness of cybercrime in the U.S. The survey of more than 1,000 people found that while both PC and Mac users perceive the Mac as being safer, Mac users are victims of cybercrime just as frequently as PC users.

Meanwhile, Mac users are just as vulnerable to Web-based attacks like phishing as PC users are, and Mac users who fall prey to phishing tend to lose more money on average than PC users do, the survey found. "Viruses are a diminishing percentage of what we're seeing," said Randy Adams, director of technical education at ESET. "A lot of attacks have to do with social engineering and that kind of attack is platform agnostic."

For my survey I asked security experts: Which is more secure for consumers--Mac or PC, and why? Here are their (mostly) unedited responses, in alphabetical order by last name.

Ross Anderson, professor of security engineering at the Computer Laboratory at University of Cambridge: "Computer criminals differ from ordinary criminals in that they're more rational. The bulk of normal crime--burglaries, muggings, car thefts--is done by disadvantaged young men, often illiterate and with drug and alcohol problems. The bulk of e-crime is done by technically sophisticated people living in poor countries like Russia, India, or Brazil. So while preventing normal crime is about sociology, preventing online crime is about economics. Malware writers are rational, as are botnet herders. They would far rather attack Windows PCs as there are lots more of them. So you are much less likely to be bothered by malware if you use a Mac, or run Linux on your PC."

Jacob Appelbaum, hacker and researcher: "It's possible to have a well-secured machine regardless of operating system. Users generally aren't able to secure machines and so this responsibility often falls to the vendor...Mac OS X and Windows both encourage users to download programs from the Internet without any thought for security. Both of those operating systems run many services by default and offer them to anyone who cares to look. While Windows offers digital signatures for some programs, it's still very common for users to run buggy, untested software they download from random places on the Internet. The same is true for Mac OS X. Both suggest that a vendor should offer source code for applications so that users may make their own assessments."

"If you haphazardly visit every link and download every file sent to you in e-mail or posted to your social-networking pages, sooner or later you're going to get nailed. Period. Platforms are passe. Apps are where it's at."

-- Robert G. Ferrell, IS security specialist, U.S. Defense Dept.

Mike Bailey, senior researcher at Foreground Security: "I'm a hardcore Unix guy, but I am happy to say that I have about as much faith in Windows 7 as I do in OS X. Both have a solid design, a great SDL (software development lifecycle), security-minded developers, and a responsive support team. OS X does still have a small edge due to its smaller install base, but it is quickly losing that.

"I still prefer OS X, but due to ease-of-use and customization, not security reasons. In my mind, the OS question is quickly becoming moot, and will soon be replaced by the already-intense Web browser holy wars--especially with Google jumping into the fray there."

Graham Cluley, senior technology consultant at Sophos: "They're both mature operating systems from the security point of view, and as good as each other. But, crucially, it's not about the operating system that is being run on the computer, it's the fleshy human sitting in front of it...I would argue that an Apple Mac user wanting to watch the 'Erin Andrews Peephole Video' is just as likely to download a bogus browser plug-in to help them do that, as a Windows user. And it doesn't matter that Mac OS X will ask them to enter their username and password to install the plug-in--they want to watch the video, they will enter their username and password. Social engineering is the unifying threat that puts all computer users at risk, regardless of operating system. And that's what most threats exploit.

"So, the next question is--when people ask me what kind of computer should they buy for home, which one do I recommend? Well, I recommend Apple Macs to my friends. Compared to Windows (where we see 50,000 new malware samples every day) malware for Mac is still a novelty. Mac malware is becoming more common, is in the wild, and is financially motivated...You can still get hit--but there are a lot less arrows being thrown at Mac users...I do tell my friends that they should run antivirus on their Macs, just like I do on the Macs my wife and I use at home."

Dino Dai Zovi, independent researcher: "Neither. Consumers should see if Apple's iPad or the forthcoming devices based on Google's Chrome OS suit their needs because both are significantly more secure than any general-purpose desktop system, Linux, Mac, or PC."

Nitesh Dhanjani, researcher and consultant: "I realize the market share argument is a cliche, but I feel it is true--OS X wins from a security perspective because it has a lower market share. Windows Vista and Windows 7 have some impressive security controls that are not present in OS X. If we were to flip the market share, we would see a lot more exploitation in the wild. More specifically, browser security is one of the more important items to consider today from a risk perspective. I know Internet Explorer has had a considerable share of vulnerabilities, but the Safari Web browser also has a lousy reputation in the security community--it almost seems a child's play to locate an exploitable condition in Safari. Apple really needs to get its act together with Safari since OS X is enjoying a healthy market share climb at the moment."

Carole Fennelly, director of content and documentation at Tenable Network Security: "I will give you a frustrating answer: the most secure system is the one that you know how to secure :) Meaning if you're pretty knowledgeable in Windows, or even just disciplined enough to keep up with Windows updates and keep your antivirus up to date, there's no reason you can't run a Windows box relatively securely. My mother-in-law has a Windows machine and does very well with it. HOWEVER if you are the type to not let Windows do its updates, tend to click on anything, etc., I'd say get a Mac. I had my parents get a Mac for this reason.

"In short, Mac is probably more secure in that more people write Windows exploits. This would probably change if the majority of people had Macs. Windows requires effort to be secure. Then again, so do most OSes."

"If you look at the number of published vulnerabilities in software and the number of users and compare Windows versus Mac OS you will discover that Mac OS has far more published vulnerabilities per user than Windows does so I think the data pretty much speaks for itself."

-- 3ric Johanson, security researcher

Paul Ferguson, network architect at Trend Micro: "Well, that's a difficult (and tricky!) question to answer--I think that cybercriminals will always prefer to target the platform with the largest user footprint, so it's really not a question of whether a 'PC or Mac' is more secure than the other one, in my opinion."

Robert G. Ferrell, information systems security specialist at the U.S. Dept. of Defense: "Is it more dangerous to take off from a terrorist-infested airport, or land at one? Flippancy aside, I just don't think this question (Mac or PC) has any real meaning today. Far more relevant to me are the browser and e-mail clients a consumer is using, irrespective of the operating system or hardware platform. Even more critical from a safety standpoint is the level of security awareness exhibited by that consumer. If you haphazardly visit every link and download every file sent to you in e-mail or posted to your social-networking pages, sooner or later you're going to get nailed. Period. Platforms are passe. Apps are where it's at."

Halvar Flake, head of research and CEO of Zynamics: "General state of affairs: Vista/Win7 has more extensive countermeasures against attacks and a codebase with presumably fewer security issues. But it's the operating system of the majority of users, hence making it profitable to attack. Attackers will therefore spend lots of time bypassing the countermeasures. Mac OS has fewer countermeasures and lots of easily exploitable bugs, but the market share is low, making it a less likely target.

"In the end, for the consumer, if he doesn't think he'll ever be deliberately targeted, using a low market share operating system is safer as attackers pool their resources for the largest target (even though the largest target might be significantly more secure, technically)."

Joe Grand, president of Grand Idea Studio, hardware hacker, inventor: "Not taking into account the human factor of falling for social engineering, phishing scams, etc., which could affect any operating environment, I would say right now the safer route is Mac OS X, primarily because there just isn't a huge amount of directed attacks against the operating system compared to a Windows environment (yet).

"I hear way more about zero days coming up on Windows environments compared to Mac. Maybe Apple is better at keeping their security issues under the rug. On a PC, if you drop your guard for one moment and forget to keep your products up-to-date, it could be game over. People [attackers] are still focused on targeting Windows (and other associated Microsoft and Adobe products), but that may change at some point. For an everyday consumer that just wants to use a computer and not worry about getting owned with every click of the mouse, I'd go for a Mac."

Jeremiah Grossman, founder and chief technology officer at WhiteHat Security: "To ask that question from a consumer's perspective you probably should be using the word 'safe' rather than 'secure'; two completely different things. 'Secure' is a supermax prison. 'Safe' is a playground in suburbia. Follow?

"Macs may or may not be technically more secure than PCs, but that is irrelevant if NOT getting hacked is most important to you. In the current threat climate, Macs do not get attacked nearly as often as PCs. So in that context, Macs are safer for consumers."

Frank Heidt, CEO of Leviathan Security: "I'm tempted to go with the safe answer that the size of the installed Microsoft base makes Apple 'more secure' because it is targeted less often. The risk landscape for consumers (and enterprises) has changed over the last few years. Operating systems as such are no longer the primary target of consumer-targeted attacks; applications are. In light of that fact, I'd say each operating system has its benefits and liabilities. The real risks lie in the consumer's browser choice, and security habits. From a browser standpoint, I would choose Firefox over IE, and IE over Safari."

Mikko Hypponen, chief research officer at F-Secure: "Mac is more secure, simply because it has less attacks targeting it. If Mac would be targeted more, it could have exactly the same problems as PC does today.

"There's two main reasons why Mac isn't targeted as much as PC:

1) Smaller user base--making it less a lucrative target 2) Lazy attackers--their existing codebase and expertise is on Windows, so they keep creating more Windows attacks. Hey, if they make a nice enough living by writing malware targeting Windows XP, why change to anywhere else?"

3ric Johanson, security researcher: "If you look at the number of published vulnerabilities in software and the number of users and compare Windows versus Mac OS you will discover that Mac OS has far more published vulnerabilities per user than Windows does so I think the data pretty much speaks for itself."

"Microsoft has done more in terms of its inherent security features than Apple has in the operating system. All of that said, Microsoft gets attacked a lot more than Apple does. Right now your odds of being infected as a Mac user by malicious software are quite a bit lower than a Windows user, unless you do stupid things."

-- Rich Mogull,
CEO, Securosis

Paul Kocher, president and chief scientist at Cryptography Research: "The fair answer is that with the latest versions of each operating system there isn't a compelling security reason to pick one or the other. It used to be that Apple was doing a better job, but with Windows 7 Microsoft has caught up. There are some differences; Windows has a better security ecosystem. On the other hand, Apple tends to have more expensive hardware and has a smaller market share, so it attracts fewer malware writers. Both have security bugs. Both need patches. Both can be broken if someone finds a zero-day exploit."

R. Adrian Lamo, threat analyst: "I'm not sure this question is really as relevant as it would have been just a few years ago. The security posture of the average Internet user depends less on their computing platform and more on their browser choice and configuration. My loved ones use Macs, with some gentle encouragement from me, but that's mostly to save me time playing Geek Squad for them.

"Personally, I never had a significant malware issue when I used a PC running Windows full-time--choices and practices define security more than an operating system does. It's worth remembering that, in locating security vulnerabilities, I've often not had to trouble myself with the target operating system.

"There's no one-size-fits-all answer to this question. A PC, common sense, and NoScript http://noscript.net/ [Firefox plug-in] will help a user reduce their exposure profile more than a Mac and no common sense + clicking on anything that flashes. But the former isn't because it's a PC, and the latter isn't because it's a Mac."

Steve Manzuik, senior manager of security research at Juniper Networks: "I think for consumers it really comes down to what operating system they are the most comfortable configuring and using. Windows is by far the biggest target, but this is not necessarily because they are the most insecure but more a result of their dominant position in the market. Regardless of the operating system, the easiest way for an attacker to compromise a system is by going after the application level and causing the user to click, open, or run something they should not. "The trend of patches over the last couple of years from Microsoft, Adobe, and even Apple supports this. Unfortunately, you cannot 'secure' user behavior. But both Apple and Microsoft operating systems, as well as third-party application vendors, can still make a lot of improvements on protecting users. However, those types of changes do not happen quickly as the vendors are forced to consider usability and compatibility."

Gary McGraw, chief technology officer at Cigital: "I have a Mac. Having a Mac is more secure because not that many people have Macs. I think their market share is still less than 15 percent. For every point of market share, the risk goes up. Mostly I have a Mac because it is a better machine, not because it is more secure."

Charlie Miller, a principal analyst at consultancy Independent Security Evaluators: "Technologically speaking, PCs are a little more secure than Macs. Macs have a larger attack surface out of the box (Flash, Java, support for a million file formats, etc.) and lack some anti-exploitation technologies found in PCs like full ASLR [Address Space Layout Randomization]. This means Macs have more vulnerabilities and it's easier to turn a vulnerability into an exploit on the platform. Despite the fact it is less secure, paradoxically, Macs are actually safer to use for most people. This is because there simply isn't much risk of being exploited or installing malware.

"This safeness is purely a function of market share. Since Macs are only around 10 percent of computers out there, and it takes just as much effort for bad guys to write malware or exploits, they tend to spend all of their time targeting PCs. In other words, despite the fact that Macs are less secure than PCs, if you give one teenager a Mac and another a PC and come back in a month, the odds are the Mac will have no problems and the PC will be infected with malware. At some point the market share of Macs will reach a threshold to interest attackers, and then things will quickly turn bad for Mac users."

"If you believe the hype and the flashy commercials the answer would be Mac. But if you take a look at the two platforms, and the mindsets of the companies behind them then the PC wins hands down."

-- Tyler Reguly,
senior security research engineer, nCircle

Rich Mogull, CEO at Securosis: "It depends on which version of Windows we're talking about. Clearly there are major differences between Windows XP and Windows 7. Second is, are we talking about safety versus security? Microsoft has done more in terms of its inherent security features than Apple has in the operating system. All of that said, Microsoft gets attacked a lot more than Apple does. Right now your odds of being infected as a Mac user by malicious software are quite a bit lower than a Windows user, unless you do stupid things, such as download free versions of commercial software. And some of the pornography sites on the Internet, the dark corners of the Internet have stuff that will hurt a Mac.

"But I want to give Microsoft credit because the more advanced features they put into their operating system are superior to what Apple has done. It's really a balance because there's little motivation for Apple to do more at this time. The Mac OS has got some holes in there that Microsoft has closed down. But since it's attacked less there is less motivation for Apple to close the gap."

Jose Nazario, security research manager at Arbor Networks: "While I use Macs, time and time again we've seen they're no more secure than Windows systems. But, at present, you're less likely to be exploited on a Mac because there are just fewer viruses and attackers targeting them. Sadly, there are more tools for Windows like AV [antivirus], personal security suites, etc. The Mac desktop is lagging behind. Also, Apple has often shown less aggressiveness than Microsoft in addressing security issues."

Tyler Reguly, senior security research engineer at nCircle: "If you believe the hype and the flashy commercials the answer would be Mac. But if you take a look at the two platforms, and the mindsets of the companies behind them then the PC wins hands down. If you compare Windows 7 to Snow Leopard, then the simple winner is Windows 7. Microsoft brought in teams of security professionals to look at their code and find problems leading to a more secure product while Apple is often criticized for ignoring issues.

"The idea of the consumer being protected due to lack of market share is fairly obtuse, as more people buy into the product and market share grows, targeted attacks will grow as well. You also have to consider that Microsoft has a patch program in place that provides patches and updates on a more regular basis than Apple, this is something that the consumer should care about, as should they care about the plethora of PC security products that exist.

"The big risk is client side attacks and most of that could be prevented by using adequate software on the desktop, along with common sense while surfing. Until consumers can learn to do this on a regular basis it won't matter if they are running a Mac or a PC...they'll be at risk."

Avi Rubin, computer science professor at Johns Hopkins University: "Right now the Mac is more secure than the PC, but only because the PC still has almost 90 percent of the market. The Mac is no more difficult to hack than the PC, but hackers get much more bang for their hacking buck attacking Windows. So, you're safer on a Mac...for now."

"Mac, because there's much, much less malware out there that targets a Mac."

-- Bruce Schneier,
chief security technology officer, BT

Patrik Runald, senior manager of security research at Websense: "My opinion on this is that if you look at the raw numbers of threats then there's no doubt a Mac is safer. However, I've seen Mac users run/click on anything because of this and that is bound to get them into problem at some point. I'm using a Mac myself."

Bruce Schneier, chief security technology officer of BT: "Mac, because there's much, much less malware out there that targets a Mac."

Joe Stewart, director of malware research at SecureWorks: "The answer is 'for the average user, at this moment in time it is less risky to use Mac OS than Windows.' The paradox is, by promoting that idea we've just made Macs a little less safe, since we are potentially increasing Apple's market share by a tiny fraction, making it more of a viable target over time. Fundamentally Mac and Windows suffer from the same weakness--human programmers make mistakes and users are easily social-engineered. Whichever platform has the most users is ultimately the riskiest to use."

Johannes Ullrich, chief research officer for the SANS Institute: "I recommend Macs. The main advantage for Mac users is the lack of interest from malware writers. Macs don't really have an advantage over Windows systems when it comes to malware. A lot of malware (for example, the recent fake-antivirus examples) is installed willingly by users. Mac users would do the same thing if asked to install software under the right pretense. Right now, there is no well tested anti-malware solution for Macs due to a lack of samples."

Paul Vixie, founder of the Internet Systems Consortium: "Mac is more secure for consumers, for three reasons. First, the code base is smaller and more easily audited. Second, the code base came from the old minicomputer world of UNIX rather than from the old microcomputer world of MSDOS, and things like multiuser and multiprocessor and protected virtual memory have been around longer in the UNIX world than in the MSDOS world. Third and finally, because the Mac market size is smaller, there are fewer users and fewer ISV's [independent software vendors] and fewer device driver writers and it's just not as interesting a target for bad guys."

Vincent Weafer, vice president of Symantec Security Response: "If you look at the security landscape as a whole, PCs tend to be targeted by more attacks then the Mac platform. So, from that perspective, the Mac would appear to have the edge. However, in reality, all technologies are subject to security vulnerabilities, including the Web browsers, common Web browser plug-ins and common applications that run on top of the operating systems. So in reality, consumers can fall victim to online threats regardless of the operating system they're using. Also consider that we're seeing today's cybercriminals almost exclusively going after personal and financial information, and often times, they do this by employing social-engineering tactics, like phishing attacks, that are platform agnostic.

"I think the Mac is less risky, not more secure. The difference is in the threat environment. An analogy would be an unlocked house in an urban vs. rural environment. Both are insecure. One, the rural, is less risky."

-- Chris Wysopal,
chief technology officer, Veracode

It's also important to keep in mind that as any platform gains popularity, its likelihood of becoming targets for cybercriminals increases. Ultimately, what it comes down to is computer users deciding which platform best fits their computing likes and dislikes and then doing everything they can to make sure that they have protected themselves. This includes keeping up-to-date with security patches, having full-featured security software protection, setting sensible policy and controls on how they use their computer--especially in open environments such as free Wi-Fi hot spots--and being aware of how to spot threats and how not to fall victim to them."

Chris Wysopal, chief technology officer at Veracode: "My wife, kids, and parents all use Macs on my recommendation. I think the Mac is less risky, not more secure. The difference is in the threat environment. An analogy would be an unlocked house in an urban vs. rural environment. Both are insecure. One, the rural, is less risky.

Bugs similar to the flaw in Microsoft Internet Explorer 6 that was exploited at Google in China certainly exist in Mac applications, but attackers don't spend the time required to find them and build attacks using them. This is because it is much more often a PC than a Mac between the attacker and the attacker's target."

Peiter "Mudge" Zatko, technical director of National Intelligence Research and Applications for BBN/Raytheon: "Both [OS X and Windows] are particularly vulnerable to client side application exploitation, both still have vulnerabilities at lower levels within file system, network, and directory services, and the content that most people want to view or process is often from unknown sources and requires a fair amount of control of the system for 'proper' execution--e.g. flash etc. But I suppose that 'neither' is not an acceptable answer...If a nonsecurity-paranoid user next door were asking which OS is more secure and was attempting to use that as their sole purchasing decision. I would have to advise them that bad news lies in either direction and they should instead make their purchasing choice based on other criteria such as what tasks they need to perform and what software/support they are looking to utilize.

"Of course, I'd still tell them (either way) to disable all of the JavaScript, Active-X, and plug-ins on their browsers (and other applications...such as PDF viewers and various office applications) and to fight the urge to re-enable all of these hairy areas of risk to watch the latest viral video or view noisy Web sites."

Microsoft

Paul Cooke, director of Windows client and enterprise security: "One of our major goals [for] Windows 7 was to keep malware off the box...When we look at the Smart Screen Filter in IE 8, it was built to help users understand if the sites they go to are safe or are known phishing sites...On top of that there is integration with Windows Live Mail and other features...If you try to download a piece of known unwanted software we will warn the user and tell them this piece of software is known to be bad...Windows running with IE 8 is the only combination of browser and operating system technology that has anything like an XSS (Cross-Site Scripting) filter. It is aimed at helping ensure that when you go to your banking or other trusted sites that you are actually interacting with that site.

"Windows 7 has investments that extend the security enhancements from Vista (like) Data Execution Prevention technology, Address Space Randomization technology, kernel patch protection, User Account Control ... [and new technologies like] Structured Exception Handling Overwrite Protection and Fault Tolerant Heap.

"The Mac and OS X is not a panacea against security methodologies and attacks. You can go on the Internet and see the patches that Apple puts out. Like all operating system platforms they have vulnerabilities. This is something that as an ecosystem, we all have to deal with. I've been a security guy over 20 years and never seen an organization with a commitment to security like Microsoft has. It's why I came here."

Microsoft also directed me to this site and this site for more information about Windows 7 security features.

Apple

Apple did not provide a representative for comment but referred me to this page that says: "Mac OS X doesn't get PC viruses. And its built-in defenses help keep you safe from other malware without the hassle of constant alerts and sweeps."

"The 64-bit applications in Snow Leopard are even more secure from hackers and malware than the 32-bit versions. That's because 64-bit applications can use more advanced security techniques to fend off malicious code," the Apple page says.

The site also says Mac OS X "prevents hackers from harming your programs through a technique called "sandboxing"--restricting what actions programs can perform on your Mac, what files they can access, and what other programs they can launch. Other automatic security features include Library Randomization, which prevents malicious commands from finding their targets, and Execute Disable, which protects the memory in your Mac from attacks."

[n3td3v]

Nothing is secure, the government will get into any computer it wants to. There are very bright people working in the intelligence community who can break both PC and Mac.

There are different types of people using PC and Mac, designers prefer Mac. One isn't more secure than another, and both are desirable to hack for espionage purposes.

The government needs to be able to hack into both and they do that just fine with in-house zero-day.

I can tell you the intelligence community can walk straight into a PC or a Mac right now if it needs to.

There isn't a problem getting into both and one isn't harder than another to break.

[codynews]

Yeah right. Do you really believe that? You sound like one of those people living in an underground bunker.

The world isn't out to get you. The government isn't as competent as you think.

[n3td3v]

My government (UK) is very competent I don't know what your government is like. ;-)

[foveon]

I assume you are using both a Mac and a PC in order to write statements like: 'one isn't more secure than another'.

[veggiedude--2008]

"There isn't a problem getting into both and one isn't harder than another to break."

But the FBI still recommends a Mac over PC. They claim the Mac gives them too many headaches if they have to get into one.

[blusky08]

These so-called experts don't seem to understand the the difference between vulnerabilities and exploits. Also, the marketshare argument is lame because many hackers ply their trade for the notoriety, so Apple should be a tasty target.
As a user of multiple systems, OS X never gets taken down. Can't say the same for the others.

[Forked_Tongue]

n3td3v is right, you can actually google this information that there are intentionally designed backdoors for MS and many of the security software vendors (Nortons, McAfee, Zone Alarm, etc). This also includes the Mac OS as well. Some countries also require such access from the OS (China) otherwise the vendor is unable to sell their wares within their country. The only way you can secure and defend yourself properly is to use a third security software firewall from open source or a country that doesn't have to legally comply with such laws within your home country. This is not a rumor or a tinfoil hat conspiracy, this is also why some countries refuse to use Windows or Mac OS products within their government level activities (Cuba, Argentina, France etc) and are adopting open source alternatives (plus they're free and keeps their government from being vendor locked by a propriety software). Even if you foolishly trust your government you should never ever fully trust businesses or some people who are employed by either.

http://newsworldwide.wordpress.com/2008/05/02/microsoft-discloses-government-backdoor-on-windows-operating-systems/

[The_happy_switcher]

Paranoid much? I'm sure the CIA has nothing better to do than want to get into your computer.

[solitare_pax]

It's not the OS so much as the person using the computer - and the person trying to hack into the computer.

[makardhwaj]

Just because you're paranoid doesn't mean someone isn't out to get you...

[Lerianis4]

codynews, you are so right. I know of people who have been doing some VERY illegal stuff online, but they never get caught.... the reason: firewall software, erasing privacy software, IP address blocking software (I.E. filter out all known government, Hollywood, etc. addresses), etc.

If you WANT to be doing illegal stuff online and be safe doing it, it is VERY easy to do.

[topanaris]

Wow fanboys i know your not gonna take this lying down, i mean its common knowledge that Windows is more secure than a Mac but hey there you go defend you snow kitty that never looks behind behind him thinking he's top-a-da-food chain until a poacher sneeks up and blows his freaking head off. With that said let the flaming begin!!

[cloudmatt]

Luckily the snow leopard is an endangered species so no one really hunts for them. Unfortunately it's gotten so lazy when the poachers do come it'll be a massacre. Pwn 2 Own shows that mac is far more vulnerable every year but no one cares to attack macs in the wild. Every climber wants to climb Everest most wouldn't bother with a grassy hill the challenge is what makes it fun.

[aMUSICsite]

Well I spent 10 years or more running Windows, spending lots of time making sure I have up to date firewall, anti virus, anti spy ware and the like. Still managed to get a couple for nasties on my computer.

The last 10 years I have been running OS X with default firewall and security (and little snitch to double check). So far no intrusions, happily browsing website I would not trust on a PC ;) and no resource hogging anti virus stuff slowing my machine down every time I start my machine.

Now I know if someone really wanted to break into my Mac and targeted me they could. If I click on a fake email it could open up a security hole. If I download one of the pirated OS X apps with embedded trojan then I'm a fool.

Not sure how much more secure W7 is as it's hard to tell. MS always says their new OS is more secure and it's been proved to be false so much that I just don't believe them now. But given the choice of W7 default install or OS X default install I would go for OS X every time as being more secure.

Then again as soon as they sort it out I'll be moving over to Linux because I believe that, like FF, open platforms with open problems get fixed quicker. Both MS & Apple are notorious for sitting on problems the bad guys know exist.

[topanaris]

@youwilldieinsevendays so what your saying is..............................

[youwilldieinsevendays]

That was my very long winded way of saying... I hate it when people make snarky comments about fanboyism, especially before any such fanboyism occurs.

[youwilldieinsevendays]

I couldn't give a toss about the theme of the post or the direction of the comments but why must there always be someone on cnet trying to get in first and make a comment about "fanboys"? Worse than "Firsties!" it is the superior "i'm not a fanboy" (not true - irony much?) fanboy haters that are the true bane of teh internetz..

[stickfu]

@cloudmatt

I`m guessing you missed this..
http://www.pcworld.com/businesscenter/article/187651/apple_reports_record_sales_profits_for_the_holiday_season.html

[veggiedude--2008]

If Windows is more secure than a Mac, maybe it has something to do with the Firewall being ON ?

Every Mac ships with the Firewall OFF by default.

So, if you want to be more secure than Windows, simply turn on your Firewall. But then again, why bother? I've had mine off for ten years now and never had a problem. Unlike my PC, which always seems to be a magnet to pick up viruses and I only visit news sites, it puzzles me no end. So I have to have anti-virus protection on my PC. I have none on my Mac.

[cloudmatt]

@stick

I covered that under the "when the poachers do come it'll be a massacre" section. Way to go apple for selling a lot or at least putting a high enough profit margin on your goods to get more money. It doesn't matter either way. The more macs that get sold the more attraction there will be to attack them and I hope you're bogging yourself down with anti-virus software when this happens because once there are enough apple users for the target to be worth something you'll be jumping smack in the middle of the deep end with out your floaties.

[deniceels]

I would think of it this way: "Be safe, don't be a reckless surfer".

[stickfu]

@cloudmatt
"The more macs that get sold the more attraction there will be to attack them"
more than likely, that`s just common sense

your original post stated:
"Luckily the snow leopard is an endangered species"

see here:
http://www.google.com/search?hl=en&client=safari&rls=en&defl=en&q=define:endangered&ei=c_lmS4SnM4W1tgfFsKG5Bg&sa=X&oi=glossary_definition&ct=title&ved=0CAkQkAE

Don`t tell us you were referring to the four legged variety, the connection is obvious.

Sorry to make you mad

[monkeyfun14]

Why do I have a feeling this article was created just for hits?

CNet loves to create articles that would obviously start fanboy wars in the comments.

Wouldn't be cnet without a monday morning flame war ;)

[cloudmatt]

Yah but you know you'll watch...and probably contribute. while we're having a flaming good time we should add ps3 sucks, intel is a buch of crooks, coke is better than pepsi and the tooth fairy isn't real. DANCE MY PUPPETS DANCE!!!

lol seriously though I know it's cnet's job to get page views and such but your right they bait us with obviously weighted stories sure to get apple and MS fan boys alike frothing at the mouth. Comparing the security between mac and windows is really kinda pointless. Windows wraps it's self with steel plate and posts auto turrets and is still constantly breached where in contrast mac puts up a deer fence and garden gnomes and doesn't even get so much as a door to door Mormon.

It's like saying the best security is to not get attacked.

[Random_Walk]

Yep - it's click-bait. The only name I recognized immediately in that pile was Bruce Schneier - and his response was (I believe) meant to be something the author didn't recognize. :)

No need to tackle the fallacies, misinformation, and to suss out the sales agendae present in half the responses (in the article, forget the talkbacks)... it's been beaten down before.

Not even going to bother with this one...

[tenbosch]

@monkeyfun14 - I was thinking the same thing. And as always, there's plenty of hits and comments. I think they do these types of articles to test their new commenting system. Probably hoping to get dugg too.

[Seaspray0]

@cloudmatt. +1. You hit the nail on the head and that's exactly what all the experts above said.

[stickfu]

@cloudmatt
Cute, but I`m a security expert too, your own description of windows security (must admit paints a cool picture) suggests that there`s something wrong no?
The dear fence analogy is just wrong, sorry there`s a bit more going on, if there wasn`t, despite it`s market share, it would be regularly hacked (about 100 million Macs is a tempting target, heck a 100 million anything is a reason to take notice)
Just for the "street cred" alone is valid reason for finding an easily replicable attack vector.
But I like your post, nice imagery.

[santuccie]

@Penguinisto (a.k.a. Random_Walk):

'... it's been beaten down before. '
>>>>Where and when? I've seen you try plenty of times in vain, and getting pied in the face each and every time like a whupped dachshund who keeps coming back to the scrapper cat for more punishment. Allow me to link back to your most recent attempt (passing off a PoC as an ItW, and merely a DoS flaw to boot), for the amusement of the reader: http://news.cnet.com/8301-13860_3-10443802-56.html

Keep telling yourself it's not really happening; you might just believe it one day. But today is not that day.

[Thranx]

That's the first thing I thought when I read the headline. Fanboy flame fest.

The problem with the article is that the answers we not to the question of "which OS is most secure?" they answered the question "which OS is most at risk?" Very few people will argue that the Mac OS is truely more secure than Vista or 7, or possibly even XP, but that doesn't mean that OSX is at a greater risk.

These discussions need to stop being about "security" and start being about risk. "Security" is a myth. Nothing is secure, it's all just levels of deterance.

[Random_Walk]

@santuccie:

If you can't even comprehend the basic post, then please don't try to talk bad... you're only embarrassing yourself by doing that.

Here's a clue for you: Nearly all of the security folks interviewed up there are either highly-paid consultants or work for some rather big-money vendors - nearly all of whom would like to sell you some security, no matter how much fear-mongering is required to make the sale.

Fact is, there is a mountain of misinformation concerning security online, no matter what OS, app, product, vendor, etc we're talking about, period.

I said nothing about one vendor/OS/etc over another. Get that through your head...

[santuccie]

'Here's a clue for you: Nearly all of the security folks interviewed up there are either highly-paid consultants or work for some rather big-money vendors - nearly all of whom would like to sell you some security, no matter how much fear-mongering is required to make the sale.'
>>>>When a PoC exploit is made publicly available, I would HARDLY be inclined to call it fear mongering. Like it or not, the truth is the truth. If innuendos of professionals being paid to lie to the media helps you sleep at night, then so be it; but you can't apologize for a public demo to which numbers of people - myself included - have been eye witnesses. I will give it to you that another part of the truth is that the only ItW threats out there for the Mac right now are Trojans, but clever hackers are doing a much better job of getting these Trojans in front of both Mac and Windows users these days with pop-ups. And just like a majority of these "highly-paid" consultants (whatever relevance that holds) and employees of security vendors have plainly said, it's practically impossible to secure against the fleshy component of the computer which is the user.

'Fact is, there is a mountain of misinformation concerning security online, no matter what OS, app, product, vendor, etc we're talking about, period.'
>>>>Part of that mountain of misinformation is being spread by you yourself. Two examples are the nonexistence of exploits for the Mac (PoC or otherwise; they're executed locally with authentication, remember?), and the existence of ItW exploits for Windows 7. Whenever you come seeking to address this so-called "misinformation" and "FUD," you rebut with misinformation of your own. And whether or not you find proactive security measures necessary at this point in time, be assured that there are Mac users who have already been victimized by the combination of their own naivety and the malice of third parties who would disagree with you. And they matter more than you and I, because they outnumber us.

'I said nothing about one vendor/OS/etc over another. Get that through your head...'
>>>>Maybe not in this forum, but there's a problem. Unless you want to announce before the world at this point that you were wrong all along about Vista and W7 being exploited in the wild, then little remains to be deduced from your post here. After one quick look at your history, including recent history, do you expect anyone to deduce one iota of contestation from you to vulnerability on the part of Windows? We all know which partisan flag you fly.

'If you can't even comprehend the basic post, then please don't try to talk bad... you're only embarrassing yourself by doing that.'
>>>>And you know everything about embarrassing oneself, don't you? You, who gets shot down every time you come peddling your security memes, and then try to deny your position in the next forum you enter? You, who is not above using two usernames to back himself up, until slipping up and signing "/P" under the wrong one? Coming from you, it doesn't mean a whole lot, sorry.

[santuccie]

P.S.: Forgive the grammar at the end. I don't proofread my posts on CNET.

[Ecrah_X]

Now I'm happy to accept - as you PC users are claiming - Windows 7 is way more secure that Windows XP, I'm also happy to accept that as a result Windows 7 is now just as secure as Mac OS.

Heres my problem; if Windows 7 is as secure as Mac OS X, but more secure as XP then how comes all you Wintards used to - during the days of XP - claim XP was just as secure as Mac OS X and use the 'more market share' argument.

How can 7 be AS secure as OS X and MORE then XP, but XP be as secure as OS X.

So where are here again with you Wintards making the same "oh it's market share" claim, I wonder what we'll be hearing when Windows 8 come out - more of the same I'm sure, "Windows 8 is more secure as Windows 7 but equal to OS X"

Oh and if Mac OS has about 5% worldwide market share, shouldn't then the Mac have a 5% in the virus market share. I mean come on, Mac OS Classic had/has more viruses then MAc OS X and that had/has way less market share then OS X.

[DrtyDogg]

From the article "It's possible to have a well-secured machine regardless of operating system."

[tipoo_]

I stopped reading at "Wintards". What are you, twelve? They are freaking operating systems created by multinational multi billion dollar companies. What exactly is the need to go insulting users of other operating systems? Is your life really that meaningless?

Grow up.

[pepsicola1216]

You obviously didn't read. Windows 7 is more secure, everyone says it, it just gets attacked more. Way to call other people tards when you in fact are a ra-****

[deniceels]

You probably missed out that MacOSX comes in 6 flavours, 10.1 to 10.6, for now. And given it had 1 looonnnngggg decade... it still stands as it is today. But hey, WinXP is surely more secure than MacOSX 10.1-4, oh wait, that a whole lot of MacOSX versions to go up against 1 version of Windows in that period. 'enuff said.

[Ecrah_X]

@pepsicola1216

Where have I said Windows 7 ISN'T more secure then XP - and you say I'm the one who doesn't ready - you really are a cleaver boy?

@deniceels

Fair point about the Mac OS upgrades too - but other then the general security updates when has Apple ever (in the Mac OS upgrades) toughed "oh it's now even more secure" or concentrated on security on an upgrade. Instead they've always touted Mac OS as being secure from the ground up - aka from the first edition - due to it UNIX underpinnings.

Or as they put it, the Mac OS was built with the Internet in mind unlike Windows which is a pre-Internet OS.

Do you seriously think Tiger to be less secure then Windows 7? Or even 10.1 for that matter? If I decide to instal 10.1 should think about installing an anti-virus too?

[Ecrah_X]

I ment....ISNT more secure then XP of Mac OS.

My point was, we keep hearing from Wintards, 'oh forget what we said before, but what we said before holds now' and you keep doing it again and again.

[Forked_Tongue]

Simply because such simply math doesn't explain the situation. Exploit writers are not the average computer user therefore the statistics for the average computer owners of a particular OS doesn't reflect the makeup of the amount of writer's for that particular OS. This would be akin to stating that in the business world that any given company would have 5% mac deployment which wouldn't be true since most companies don't even have a Mac deployed on company premise (every job I've been involved with never had any Macs) simply because the day to day employees needing a computer could do everything in a Window's environment. Since your average exploit writer understands these things they are more similar to a business than a charity, they aren't politically correct being an equal opportunity attacker, they select MS from the pure prejudice that they are the majority, just like how most marketing tactics are done, use the least amount of money for the greatest amount of gain.

[Lerianis4]

It was just as secure as OS9! Which was the Mac system out there back when Windows XP came out! Get a new 'straw man', Ecrah_X, and get real about which OS was out when this other OS was out.

Windows XP's problem was that it was designed when the internet was NOT ubiquitous in people's homes..... therefore it wasn't made with security being one of, if not the, top priorities. As soon as the internet WAS ubiquitous.... it got attacked a hell of a lot more, and it's weaknesses were exposed.

That's why Microsoft released a PECKLOAD of security patches on it, made it so that you had to GIVE PERMISSION for add-ons and ActiveX plugins to be installed in IE7/8, AND made Windows Vista with security being the #1 or #2 consideration.

[Ecrah_X]

@Forked_Tongue

While I see the angle you're trying to come from the problem here is, I'd argue around 5% of business DO use Mac. For example in the Media industry it's hard not to find a Mac.

Socially the Palm OS (now dead I know but was around the last 10-15 years os so) had more viruses then Mac OS yet a substantially lower market share then Mac OS. So go ahead and put you "statistical" and "prejudice" thinking to that

@Lerianis4

First of while XP rein may have crossed OS 9 and OS X its was still mostly during the OS X era due to Microsoft being sooo slow in upgrading - over a decade I believe.

Secondly if you are say XP is just as secure a OS 9 - I'll take that - but OS 9 is nowhere near as secure as OS X. That was one of it selling point.

So thank you for proving my point, it's what I've been saying all this time - when XP was around you all claimed XP was as secure as OS X and it's was the market share that was the problem for MS. Then you said no forget what we said back then, Windows Vista is more secure then OS X but t's was the market share that was the problem for MS. Now your saying no forget what we said back then, Windows 7 is more secure then OS X but it's was the market share that is the problem for MS

Anyone else think their cleaver.

[bananaphonerules]

I agree with @tipoo
I also stopped reading at "Wintards.

@Echrak_X
"Do you seriously think Tiger to be less secure then Windows 7?"
When I installed Snow Leopard it setup my newly formatted MAC without a firewall or a password by default.
When did these basic oversights equal security?

Would my parents know that these were missing? Windows would hassle them to turn on the firewall (which would have been on by default anyway).

Note: I run both Windows 7 and Snow Leopard machines.

[DrMax88]

Other than smaller market share, I think OS X has some advantages on OS level due to its Unix root. I do agree Win 7 is a not bad alternative to OS X. But I still installed NIS 2010 on my 2 PCs. On the other hand, I don't feel the necessary to install any antivirus software on my 3 Macs.

[Chakkan]

I run NIS 2010 as well but not for the antivirus more for the firewall and internet security features, and while i'm not a MAC user I would probally run it on a MAC for the same reasons. Its the web browsers I don't trust not the OS.

[reidjim76]

You are not alone in running your Mac without any security software. Unfortunately, Apple's marketing team has convinced you and most others that you don't need it. And that, right there, is the big problem. As Mac's marketshre rises, more malware will be produced for it. If people ran protection they would be relatively safe. As it stands, they are all sitting ducks. And terribly smug ones, at that.

[Dalkorian]

by reidjim76 February 1, 2010 5:55 AM PST
As Mac's marketshre rises, more malware will be produced for it.

-----------------------------------------------------

Bull. Pure, unadulterated bull plop. It's stunning how many people cling to that old "market share" argument, despite the fact it's been disproven time and time again (OS 9, Palm OS are two prime examples that jump immediately to mind).

M$ must have budgeted millions for their apologist bribery budget recently.

[Yelonde]

I have been using macs for years, and I can tell you that the market share is never going to get above 15%, and that is how I like it. Therefore, there will always be little, to no malware for the mac platform.

[EcuadorHomesOnline]

Between home and work and family, I've had literally dozens of PC's over the years, and I have NEVER had a virus or any problem with malware of any kind, ever. I'm not even sure I'd know how to go about getting a computer virus, even if I wanted to try to purposefully "infect" one of my systems just as an experiment. I am careful about what I download of course, I stick to download sites that I trust to monitor the programs they host (like download.cnet.com, for example!) and of course I don't use Firefox or Netscape since that's just asking for trouble in my opinion. I can't really say much about Apple from a security standpoint, as I really haven't had any recent experience with them. I just know that back when I did use a Mac, it would crash so often that it didn't really matter if it had a virus or not.

[Kori42]

You've got to be kidding. I support quite a few XP machines and help friends with theirs. Tests have shown that if you set up an unprotected XP, it will be infected within 30 minutes of connecting it to the internet (cable or dsl). Try going to http://housecall.trendmicro.com/ Download it to a flash drive and run it from there.
If you have a windows machine connected to the internet, and do not do nightly virus updates and scans, then you ARE infected. I've never seen a PC that was NOT infected unless they took very careful protections every night.

[deniceels]

I took moderate precaution and hadn't an infection on my desktop for the past 8years (though closer to 9, but nevermind)? ouch... nevertheless, safety first on my Mac and Windows laptops and desktop.

[Lerianis4]

Sorry, Kori42, but no..... if you have firewall software on your machine (to keep hackers out) and have the Windows Firewall activated, an otherwise 'unprotected' Windows XP machine will NOT be infected within 30 minutes.

That above is the problem: no firewall to keep the KNOWN bad stuff out of your network by filtering it out.

[sestone]

I've never had a MAC, so I can't really respond to that OS, however, I've had and support plenty of PC's. Now I've certainly run across PC's with viruses or malware and in most cases it's been farily easy to remove and take care of those issues. I've had to reformat a few drives wherein I just couldn't remove all the issues and it was quicker to format anyway. The truth is with any problems I've run into, it's always been a user-problem and it's always been a website that was visited that caused the problem.

I will say that it is not required to run a scan or update every night as Kori42 suggests. As most of the security respondents report, the MAC OSX isn't necessarily more secure, just safer to use because of the install base. That, however, seems to be changing with a lot of users switching to Apple. It's ashame that security is required because so many people can't be truseted.

[locke_and_keynes]

"and of course I don't use Firefox or Netscape since that's just asking for trouble in my opinion"

Netscape I get. I don't know anybody that's used Netscape in about 10 years, and frankly I was shocked to recently learn that Netscape as a browser only officially died in March of 2008 - it's amazing that it lasted that long. So yeah, good call on not using Netscape.

But Firefox? Especially with plugins like Noscript available, you get a pretty secure (relatively speaking, of course) browsing experience. Which browser do you use? Lynx?

[screamapillar]

Kori42 - this is not true. I've used PCs (and Macs) all my life, and I just don't get viruses or spam. I even unstalled the virus scanner on my xp box because it offererd no additional protection to common sense and, in my opinion, created more issues than a virus (such as its constant freaking pop ups and emails etc - a virus wouldn't hassle me this much). I left it unprotected, without XP updates, on constant adsl for a year, no viruses or malware. And yes, I installed a virus scanner to check it was free but then promptly ditched it because it again harassed me.

I'm sure i've given ammunition to those that will choose to misinterpret my comments for their own means, but most of you that use your brains will get what I'm saying: simply that, XP isn't as vulnerable as people who want to justify their own purchases say it is. That the majority of issues are user ones and if you apply the same sort of common sense to your pc as your atm card you'll be fine regardless of your OS. I run both, both are clean.

The advantage to MSx is its unix backbone but it is still vulnerable if the person thinks it is fool proof. Nothing is fool proof, because fools are just so damn good at being fools.

[celticbrewer]

I too have supported windows computers for about 16+ years. Any infections I've seen (and they've been fairly rare) have been the direct result of user stupidity. Clicking on things that obviously were suspect, going to warez/sketch pr0n sites, etc..

I've never seen a PC just magically get infected like Kori alludes too. I had XP for 8 or so years, not even SP1 and no updates or antivirus and I didn't have any issues.

[OziIan]

QUOTE
by locke_and_keynes February 1, 2010 11:26 PM PST
"and of course I don't use Firefox or Netscape since that's just asking for trouble in my opinion"
...
But Firefox? Especially with plugins like Noscript available, you get a pretty secure (relatively speaking, of course) browsing experience. Which browser do you use? Lynx?
ENDQUOTE

It's off subject, and my reply will probably make it worse, but I can't let this go through to the catcher.

Ummmmm ... my understanding is that Firefox uses the Netscape engine. If not, then definitely Firefox has risen Phoenix-like from the ashes of Netscape via the open-source path. That is one reason it works with so many web-sites that are poorly coded to accept only IEx and Netscape, a result of the 'browser wars' of the 90's. Maybe you weren't around then.

Microsoft has apparently had a little laugh at Firefox via one of it's "security updates" which made Firefox as insecure as IEx. Do you really believe the 'bad guys' don't scan the Firefox open source code looking for vulnerabilities?

Firefox add-ons. Well ... the fact that Firefox, and also Cnet download sites pulled two Firefox add-ons from distribution because THEY had trojans within them tell you anything?.

Browsers, OS's or hardware don't guarantee security. It is the software between the ears of the user that provides probably 98% of computer security. Bit like sex, actually - use a condom, don't visit sites where there is a known higher risk of getting something nasty into your system etc, etc.

I happen to use the Wintel platform, but if I had a Mac, I would still take, and use, the same security approaches.

BTW Lynx? The open sourced text-only browser for Linux/Unix? That Lynx? Ummmm .... no .... My choice has been Opera since v3.x. On various Windoze platforms. Works for me. Oh ... you were trying to be sarcastic - sorry - I missed that. :-)

[Alan4ik]

I have both Mac and PC (Vista). Do different tasks on them but use internet equally with Firefox (just got used to it). PC still requires more attention to different problems, while Mac just works. Did have few viruses threats on PC and none on Mac. As a whole thing Mac IMHO more secure but PC has much better security technologies. What would be more secure to keep your hand in container filled with water or keep your hand well protected with a rubber glove in the container filled with a ?austic (acid for instance)?

Considering phishing problems it is more up to the user's knowledge and conciseness than the technology.

[G-Systems]

I gave you a thumbs up for your attempt at objective analysis (subjective, even) of both OSes... I wish I could give you half a thumbs down for not using Chrome 4 lol, but it's ok...

Speaking of Chrome, indeed, these days it comes down to two basic entries: Firewall & Internet Browser. Firewall--take your pick. Most people go with Norton, it seems. I've been turned off of Norton, seeing the damage in efficiency that I have seen done in the past--although, admittedly, more recent users have praised Norton for not being so heavy. I use Comodo... It's free, it works, and I don't surf dangerously. Furthermore, modification of the Hosts file helps tremendously in keeping down the threats and helping internet browsing to happen more rapidly (although I've seen nothing as fast as Linux re: surfing & downloading).

Internet Browser--Google Chrome... Nothing less... Internet Explorer is a joke, and Firefox let IE6&7 bite their necks--now they're zombies too. lol Internet Explorer 8 is considerably faster than IE6&7, but a turtle is faster than a snail as well... Not to mention the extra security features built in to Chrome...and if you like to surf dangerously, Chrome has extensions now--such as the NoScript deal that I hear so many people speak highly about, but that I don't use myself... Maybe I'll try it out...maybe I won't. I feel very secure with my Windows machine at this point, but there's no such thing as full security...

I think Mac is over-rated and became "popular" only in its difference to Windows. People like choices, and Mac provided that. It was marketed as smart, and people bit the bait. The prices were elevated to further feed the "elite" ploy.

With all that said, I loved Mac back in the day! It was actually the first computer system that I learned. They were smart, fast, and hardly ever crash- wait, yes they did, but they were still cool! It feels good to see two American companies slug it out, it's just that Windows wins this round.

[screamapillar]

I guess my concern is that you've had "threats" on the PC - are you saying you got a virus or just that there were threats of them in the media etc? Or perhaps that your security systems worked and prevented you from getting one?

How do you know the Mac hasn't been compromised? Is there even a way of checking? Virus scanners are very poor for mac (and still harass you). It is the "She'll be right" attitude towards the Mac that creates the danger. If you look at the research in the article it clearly demonstrates Mac users get burned as often and for more $$ that pc users.

I don't think that is due to superior security of either system regardless of their pros/cons. I think it is due to security literacy and awarenss of pc users.

[dennisl59]

""Social engineering is the unifying threat that puts all computer users at risk, regardless of operating system. And that's what most threats exploit.""-To me this is the best quote in all the replies. It's the 'I need a mess 'o internet' dimwitted, ignorant home user that's more to blame for all the grief in the Web than an Operating System. In order words, "Hey Stupid, patch your OS, stop clicking on crap pop-ups, and run a daily anti-virus scan" Thank You and now stop surfing the Web and get back to work, Big Brother is Watching.

[cloudmatt]

The main source of all computer problems typically lies between the keyboard and the chair.

[n3td3v]

"Big Brother is Watching."

Getting in is the easy part no matter what method (Social engineering,reverse engineering etc), once you get in you often find the terrorists have their files encrypted.

Just imagine if Windows had stuff like Bitlocker turned on by default, then that when you would see the intelligence services start to cry.

At the moment both are easy to break into, what the real challenge is, is breaking encryption.

It is the real thing that determines if *your* PC or Mac is secure.

Getting in isn't the problem for the intelligence services, its breaking encrpytion is the real challenge once you're in.

[Lerianis4]

n3td3v, sorry, but no... they are NOT easy to break into...... as long as you have firewall software AND software that blocks government IP addresses, as I do. When I need to use a government site..... I allow JUST THAT SITES IP address and no others, to keep the snoopy feds out of my machine.

[Forked_Tongue]

Agreed for the most part but many of the XP problems is based on MS's default setting under both the auto update set at 3am (and doesn't flag itself for the machine being shutdown at that time) and IE having unchecked "Automatically check for Internet Explorer updates" under Tools/Internet Options/"Advanced" tab section (up until sp3 if you manually turned this on and your system updated it automatically unticked it to "off" status). Most people shut off their computer after each usage (and worse sometimes XP turned off the network adapter as a power saving feature and didn't turn it on to restore automatically) and don't leave it on 24/7 plus XP won't check or recommend updates without these setting changes automatically (you can also manually update xp by clicking on ie6 Tools/Windows Update or Safety/Windows Update on ie7+). At least after Vista MS improved it by notifying people if there was an update available which didn't automatically download and install if the person didn't leave their machine on at the given default updating time. While much could be blamed on the user MS could have minimized much of it with future updates to work around an user's habit instead they seemed more concerned about the WGA "patch".

Xp deserves it poor reputation for security simply because MS should have designed the OS on auto update to flag the user for being off at the update check time or better yet force the user to set the time manually, they also compounded the process by not allowing the browser to navigate or close during the download/install process (most users don't realize they could simply open a second browser window to surf) or shutting off the machine interrupted the updating process (something after Vista that has been corrected, it states it'll power off or restart after the update installs). Whenever I repair most people's XP computers I always install Avast/Comodo Internet Security, IO 360 security, and in IE change the default update time/set to check for updates (as well as not to save encrypted pages, empty temp IE files, and turn on memory protection all conveniently in the same area), and not to allow the network card to shut off instead suggesting for them to shut off the machine after usage. I try to eliminate the end user's security upkeep and hope that they'll use a lot more caution the next time around.

[EricJM001]

This may be anecdotal evidence, but I have had both a Mac and a PC since 2004. I can honestly say that I have never done anything special to protect my mac. No virus software, no internet security software, nothing. On my PC I made sure that it's Virus software was up to date, and ran Windows Defender under Vista. On both computers I have never had a security issue. So I think the user is the weakest link in the chain of security.

All that said, I think that a Mac running OS X is a much better experience than Windows, even 7. Sorry fanboys, but your platform is old and getting older. Managing drive letters, ridiculously ancient DOS BOX, and poor media handling.

[Renegade Knight]

Funny, when it came to media handeling I found OS X to be behind Vista and I was primed for OS X to kick butt in the media dept.

[makardhwaj]

What's wrong with managing drive letters? I like managing drive letters. I was in fifth grade when I learnt how to (on MSDOS) change drive letter and prompt and I was so excited, I must have changed it about 50 times. O the little things in life... Thanks for the fond memories of learning about computers for the first time though...

[baboa]

Here's an idea. Why don't we just realize that both system have their strengths and flaws, and realize the biggest security risk for any system is the user.

Just say no to Monday morning flaming!! ;)

[Ted Miller]

Did you notice the Bar Graph? Lets adjust it a bit to "People who own a Mac compared to people who own a PC". I am willing to bet that there will be an outstanding simularity between both.

[celticbrewer]

I bet most people didn't read the article closely. And if you were skimming, you probably wouldn't even notice that graph was by the general users, not the "experts" foretold in the title. Where's the chart on what the experts thought? Nope, I didn't see one either.

But, ya, It'd be interesting to see who exactly responded to that end-user article.

[brienza1975]

CNet loves to start flame wars don't they????

[Seaspray0]

Perhaps, but most of the experts agreed with each other to a large degree on the major points. Regardless of what some fanboy spins, the experts HAVE SPOKEN (pretty much all of them in the article) and that's what people are going to beleive... well, expept for the diluted fanboys. So even though it may be flame bait, it is very difinitive on security and I hope it finally opens some eyes.

[kalel130]

They agreed that users are primarily responsible for the types of attack on a system is the user's fault. It's interesting to note that they don't talk to what degree each system can be compromised, just than a mac user can fall victim to the same phishing scam and malware download as a pc can; but neglect to talk about how actual viruses affect os x. I really don't know, but I kept reading hoping they would talk about the whole UNIX sandboxing thing. That would be more interesting to know.

Interesting to note that most security firms would help contribute to the antivirus/protection software industry and would have sales figures in mind when they say something. As these might be experts, they are not with out bias.

[casanegro]

Yawn,,,

[tipoo_]

Doesn't POSIX compatibility for Linux and Unix (and by extension, OSX) have anything to do with anything? As far as I know, Windows is the only big OS out there which is NOT compliant.

[batpox]

Don't be silly. This is an article about OS security. Whether you are POSIX compliant has nothing to do with it. Perhaps you are thinking of the DoD EAL program?

[tipoo_]

Don't POSIX standards have everything to do with security?

[Seaspray0]

@tipoo. Reference Wikipedia... POSIX (pronounced /?p?z?ks/) or "Portable Operating System Interface [for Unix]" is the name of a family of related standards specified by the IEEE to define the application programming interface (API), along with shell and utilities interfaces for software compatible with variants of the Unix operating system, although the standard can apply to any operating system.

Did you happen to notice that windows isn't unix?

[idnapper]

Next time do a user survey and ask simple and truly relevant questions like:

1. Has your machine ever been infected with a virus?
2. Have you ever lost work time or data due to a compromised system?
3. How much time per week do you spend running/updating antivirus software?
4. How many time a day do you need to deal with an OS level threat (dialog box/alert etc)?

[DrtyDogg]

1. No
2. No
3. None
4. Never

[cdotspace]

1. yes (back in 1996)
2. no
3. 5 minutes
4. 0

[deniceels]

1) no for the past 8-9years (actually going further back)
2) no
3)a few seconds, it just run automatically
4)zero

Maybe you should as: Have the switch of user account login caused data loss (mac users-only)? The ans: probably yes.

[Lerianis4]

Hey, I have had viruses get on my machine..... but usually because of my own stupidity. As people have pointed out, the problem is usually NOT the OS but the idiot in front of the machine that will run ANYTHING... I especially got hit with those 'porn codec' things.... until I realized that a script was blocking me from viewing the thing, then I just did 'VIEW SOURCE' and went to the things from there.

[heulenwolf]

As a user of both platforms, I don't really have a dog in this fight. One thing I would like to point out, however, in response to survey question #1 is that a well-designed exploit doesn't let the average user know anything is wrong. If you aren't running monitoring software or systems to tell you whether your machine has been infected, how would you be able to answer accurately? I'd imagine that users of most of the reported plurality of bot-net infected computers in the wild have no idea their system is infected in any way. A parasite that kills its host doesn't live very long.

[idnapper]

I guess there should be one more question:

What system do you use...

:-x

[idnapper]

Heulenwolf, a virus that does nothing doesn't matter. If you are talking about exploits that affect other machines via your machine, that is a different story. But as soon as we establish which platform is able to be infected without getting sick, we have a winner.

[puresynergyflo]

Actually, a better question to one of these analysts above would be ... is your name really spelled 3ric?

[screamapillar]

Considering most mac users i know either don't have virus scanners or don't use them (particularly not resident) then they wouldn't be able to accurately answer 1. because most viruses don't impact your machine enough or are designed to not be detected. Hence you need a scanner.

[celticbrewer]

Like others suggest, timeframe needs to be a variable.

Who's statistically more likely to have a virus? Aunt mary who just got her first PC last month, or someone who's been "hacking" since the days of 300 baud modems?

[shadymoin]

Woohoo! A Flame War!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

I have been using a mac for now about a year I find it good and enjoyable to use compared to my PC experience! One think for sure now I don't trust any survey or study simply because usually Macs win in these so called consumer satisfaction surveys, I recently had a problem with my Mac, the Logic board needed replacing they replaced it, but screwed the back panel up! I have been 4 times to the Apple store to fix this one small thing.

So in short BS is the word I say to these surveys and studies. And apple if they are listening, no I don't think your Applecare is all that great! But I like the mac simply because it is easy to use, beautiful and sturdy compared to a PC cheap plastic, crackable, worn out look that they get after a years use!

[youwilldieinsevendays]

Apple makes great devices but has pathetic customer support for those few that need it..

[WheresMyLisa]

At least you had an Apple store to go to. And your problem was eventually fixed under Applecare? Great. Where do you take that peecee for warranty service?

[Seaspray0]

@WheresMyLisa. "Where do you take that peecee for warranty service?" If it's a dell, they come to you and do a housecall. Depending on the level of the warranty, the response time can be as quick as 4 hours but usually it's next day repair.

[deniceels]

Well, if you even need a store to sort out your laptop's software, it's probably... 'quality'.

[shycelticwitch]

Sorry youwildieinsevendays... Apple is #1 in customer support. For years now.

[celticbrewer]

"Where do you take that peecee for warranty service?"

you throw a stone in any direction and find someone who has knowledge of a windows computer.

Or you can hope you have an apple store somewhere nearby because it's damn hard to find someone who has an apple, much less knows how one actually works. I think I know one person who has a mac. it's a mac book pro and it's non-functioning, so... I guess I'd be SOL for help.

[Whoshebooboo]

Kudo's to MS for actually responding. Apple seems to have just stuck their head in the sand - and I'm sorry but simply stating that its secure at a few URLs doesn't make it secure.

And to all the so-called *experts* - just as divided as the industry. So this article is pointless and presents nothing that we didn't already know or believe.

Though it does prove that people are just plain ignorant - Mac users for gobbling up the lies in the Mac ads and PC users for clicking on crap links in their email....

[youwilldieinsevendays]

So because apple didn't respond they now have the less secure OS? And the "so-called experts" weren't at all divided (well except for the chump that made the comment about windows having far less security flaws per user, that stupid statement will still technically be correct even if mac os x only had 5% of the number of security flaws, how is that relevant to the comparative security that each user receives?), in fact they overwhelmingly touted windows 7's new security features as superior but cited it's increased prominence versus mac os x as the reason for mac os x still providing it's users with the more safe experience. As for Apple's adverts, they do manipulate the truth a little dishonestly but the fact remains that the one mac os x virus to have been released into the wild has been protected against so their claims of safety against computer viruses true for now, meanwhile windows still has an impressive horde of viruses currently weighing in at around ONE MILLION. Pause for effect.. And many of those still work btw, so actually the apple ads have more than just a little element of truth to them.

[gwailo247]

@youwilldie

The main point I got from the article, which is the one that people have been saying all along, is that the bulk of Mac's perceived security is that virus/malware writers have not been dedicating their resources to go after Macs due to their low market share.

Now that may make you feel all warm and fuzzy that nobody will mug you for your Reeboks cause all the muggers are looking for Nikes, but at the end of the day it does not make you intrinsically safer, you're just lower on the list of targets. Now you may get some smug satisfaction out of that, but in the big picture, it doesn't really bolster your casue.

That's the biggest irony with the Apple fanboys. If your dream somehow comes true, and Mac gets a higher market share (which is some kind of ***** measuring device among fanboys) then all the viruses, stupid users, etc will come onto your side of the field, and your computer will be associated with all the negativity that Windows currently enjoys.

[baconstang]

The two things I came away from the article with:
1) A lot of the these security folks personally use Macs, way more than the 10% in general use.
2) All of them that mention recommending a platform to friends and family say use a Mac, or 'what works for you'. I don't recall one recommending MS.

[rapier1]

Actually, all the experts basically said the same thing. Windows 7 is more technically secure than OS 10.6 but the market share differential makes Windows 7 riskier. However, if the market share shifts much you'll see directed attacks against OS X with much more frequency.

[blusky08]

The market share argument is lame because many hackers ply their trade for the notoriety, so Apple should be a tasty target. Market share has nothing to do with it.

[rapier1]

@Blusky,

I had no idea that you knew more about the impact of market share on internet safety than the people who actually work in the field! Astounding. Or perhaps you didn't actually read the article.

[blusky08]

There are many other professionals who have written articles debunking the market share fallacy--they just aren't represented here. Do a simple Internet search. Remember also that these people make their living from both camps, and are in business because of security issues. But read between the lines--most them recommend Mac to anyone they care about.

[screamapillar]

The market share argument working in one direction until there is extreme pressure.

So both the people that say it is the source of risk (ie the experts quoted in the artcle) and those here that say it isn't are in some ways right. The former are right for obvious reasons, more market share = more bang for buck. It is simple economics. The latter are correct (in a limited way) in that even if Mac increased its share it wouldn't necessarily get more attacks. This is NOT because Mac is more secure. It is still economics. It is still which platform has the biggest bang for buck. Which platform do we (the malware devs) have the most experience in and tools? Ergo, which is it cheaper for us to develop for (so still bang for buck). What we see is that even if Mac got a 30-40% share, it may still experience similar 'risk' (in terms of liklihood of attack) because it will still be more profitable (ie less $ in and more out) to develop virus/malware for MS.

This only has a certain life though. If the market share gets too great for Mac then it will be faced with the same or similar liklihood of risk as MS. MS however are experienced and proactive in dealing with this risk (both in terms of mitigating liklihood and impact of the risk event). Apple are not (consider the Apple virus scanners out there, and the fixing/isolating functions - terrible! Consider the security defaults for SL) The market will be playing catch up to try to defend Mac OS because it is sluggish in comparison to MS because again, MS are more aware of security risks and management (paraphrasing from the article).

I love my Mac but i think Apple's arrogance have left it vulnerable - surely Apple's risk management strategy shouldn't be to hope they are not more successful in the market?

[celticbrewer]

>hackers ply their trade for the notoriety, so Apple should be a tasty target

those FEW hackers (probably script kiddies) who do it for notoriety would attack a website before a personal computer.

Real hackers are in it for the money. That means phishing for financial access, DoS for hire or for blackmail, identity theft, or corportate/government espionage.

No one's going to care about hacking into a mac when there's much tastier targets. And since corporate America primarily uses microsoft products... here we are.

[YaHa96]

Conclusion: You can secure either OS if you know how to. From PC side, Windows 7 is much secure, and OSX from Apple is also secured. They were launched not so long ago, ensuring that every flaw that's been there from earlier versions won't show up in the current version. I believe those programmer, developer, coder or whoever they are have checked everything before launching their products. Besides, without any security softwares both OSes are vulnerable to attacks / hacks / identity stealing.

[youwilldieinsevendays]

I've had macs, i've had PCs, I've had macs with mac, windows and linux all installed at the same time and PCs that also had mac, windows and linux installed at the same time, and I've had problems with all 3, most notably linux because it is mind bogglingly un-user friendly and windows because it is so fragile even the most innocent actions will send it tumbling down, but amongst all my experiences I have never had a security or malware issue. Simple common sense in what you download (and I download plenty) and the use of a decent antivirus/firewall combo in windows (I recommend ESET smart security) essentially guarantees a safe and secure user experience.

[greigner]

As for the OS: The missing answer here is that there is a difference between SAFE and SECURE. Running an updated Mac OS X is undoubtedly s a f e r. Because of its lower install base - simply by the numbers - it is less likely to be affected by malware. However, it is less s e c u r e than an up to date Windows / Linux box. The Microsoft and Linux communities are all-out dedicated to security. For examples of this high standard of security, note the percentage of web servers running Windows and Linux as opposed to Mac OS. Apple can get there with Mac OS... and yesterday was a good time to start working hard on security.

I think commentators and interviewees got off track a little bit with safe use, but the comments were good. Good practices like watching what you click and keeping up to date will keep your computer both safe and secure.

[Renegade Knight]

Windows has more active threats.
OS X has the potentail for more exploits and threats because of what you are getting at for Secure.

It's interesting to see the two concepts in action.

[ecotopian--2008]

Wrong. The Windows & Linux communities are all out dedicated to security because they have to be, due to the underlying weakness and insecurity of the OS. Mac OS X has never been compromised remotely. Not once. This is because security is built in, not bolted on.

[Lerianis4]

WRONG! ecotopian--2008, what WORLD are you living in? Need I bring it up once again: PWN2OWN, where the Max is always the first to be broken into... .PERIOD, ARGUMENT OVER! (Sing this with me in 1000 part harmony!)

[Awesomebase]

Hey Lerianis4; the whole Pwn2Own contest is bunk. It is the equivalent to testing how easy a car is to steal if you leave it out on the street with the doors open and the keys hidden somewhere in the interior. It doesn't matter; every system will get broken into that way. The point is how easy it is to a) locate the system on a network, b) gain access to the system remotely without any info provided as to the system's info or registered users ahead of time, and c) put in your exploit once inside the system. Simply showing what you can do once you have permission to access the system is an almost useless exercise for demonstrating security.

[Renegade Knight]

@ecotopian--2008

OS X and Linux are based on Unix. Apparently OS X has the same core problems as Linux since they both have the same roots. OS X and Linux approach security the same way from the user standpoint.

What exactly was your point? Oh, rigtht, OS X is "better" not because it's actually better but because you like to think so.

@Awesomebase
Actually the P2n2Own is a great example of how Secure a system is. OS X is less secure because it's used to playing in a Safe neighborhood. (Building on greigner's concepts).

[sawengchuan]

@Awesomebase
What if the first OS been pawned is Windows, is it still a bunk?

[sasquatch3]

@ecotopian
Linux and Mac OS X are based on UNIX so your argument is doesn't really work

btw
Pwn2Own isn't bunk
but people's choice of what computer they try to break into probably plays a slightly larger role in what system gets compromised first than OS weaknesses

[revoltism]

First a PC can run Linux which are more secure and better than Mac. Yes, Mac is also a unix-type of computer system but in a different development tree than Linux. Mac is more secure than Windows but to Linux there is a large gap. Mac also try to control their user a lot more.

On Mac and Windows you could get a virus cause of the system. On a linux system that pretty much impossible. On a linux system the only security flaw is the user and that user needs to be really stupid. I mean really stupid. There is a reason why 90% of internet servers are running linux.