Mac OS X's Reputation for Security Wearing Thin

 
 
By Don Reisinger  |  Posted 2009-08-06
 
 
 

Mac OS X's Reputation for Security Wearing Thin


Mac OS X is considered by some to be an extremely secure operating system. Those people claim that thanks to its many security features, users will be kept much safer using Apple's software, rather than risk it with Microsoft's Windows operating system. They claim that proof of that can be found in the sheer number of security vulnerabilities Microsoft has been forced to patch, compared with Apple. Those same people might be interested to know that that logic is starting to show itself for what it really is: a red herring.

Apple released an update to Mac OS X 10.5 Leopard earlier this week. Aside from better compatibility with Airport wireless systems and enhanced Bluetooth reliability, Apple released 18 security fixes. Those security fixes encompass issues giving malicious hackers access to system files, the ability for third parties to exploit an image link to gain access to a user's computer, and more.

It's ironic that Apple, a company that has spent so much time and money railing against Microsoft for its security issues, was forced to release 18 security fixes to ensure its own operating system isn't exploited. On one hand, Apple should be lauded for releasing those security updates. After all, if it failed to address security issues that would put users at risk, it could only mean that Apple simply isn't doing its job. But it did patch those security issues, so perhaps it is.

But it's not the fact that Apple fixed its operating system that some might take issue with. Instead, it might be important to consider the fact that by perpetuating the myth that Mac OS X is extremely secure, it could lead to many more issues for Mac OS X users. In the process, it could cause Apple, a company that has historically stayed tight-lipped on security, to admit that Mac OS X just isn't the secure operating system some people think it is.

It's a Numbers Game
Security is a numbers game. The more people using an operating system, the greater the opportunity for malicious hackers to capitalize. That's one of the main reasons why Windows has been such a target. In the security space, more exploits mean more victims, which mean more cash. In essence, malicious hackers want to target the pool with the highest return. Historically, that has led them to Windows. Going forward, it will continue to be Windows, given its dominating position in the operating system market.

But Mac OS X is starting to gain some ground. Although Steve Ballmer has consistently said that Apple's gain in the OS space isn't important, hackers don't agree. They see an opportunity. They realize that Mac OS X is largely untested and thus probably quite vulnerable to security issues. They understand that there are few anti-virus and anti-spyware programs available to protect Mac OS X users. Most importantly, they realize that the culture that has been cultivated by Apple and its supporters makes Mac OS X an ideal target.

Ignorance Is Bliss




Ignorance Is Bliss

When I discuss Mac OS X with people outside of the tech industry, the most common comment I hear is that Apple's OS is safer than Windows. They claim that "Macs don't have any virus or spyware issues." It's gotten so bad that a local computer store owner recently told me that if I'm looking to stay secure, I need to get rid of Windows and stick to a Mac.

I find those sentiments dangerous. Although I realize that Mac OS X has historically been more "secure," Apple's 18 security fixes tell a different story: Mac users are just as susceptible to security issues as Windows users.

But how did it get to such a point where people believe the rhetoric? Undoubtedly, it has stemmed from Apple.

Right now, on Apple's site, a security page offers a warning to potential Mac owners: "The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box. However, since no system can be 100 percent immune from every threat, antivirus software may offer additional protection."

I find that alarming. "Antivirus software may offer additional protection"? That doesn't sound like a ringing endorsement. In fact, it almost sounds like users won't even need it to stay secure. Contrast that with Microsoft's Security Essentials pack, its insistence on users changing habits and its support of users employing third-party security software, and it displays just how far ahead Microsoft is in recognizing security threats that impact us all.

Looking Ahead

But what about Mac OS X Snow Leopard? Will Apple make security a key component in its marketing strategy going forward? It's doubtful. That quote from Apple's security page? Yeah, that was featured on the company's Snow Leopard security page.

Yikes.

Snow Leopard will be Apple's most-tested operating system to date. With an increase in users and the belief on the part of hackers that Mac users ignore security problems, it could be a hotbed for hacker activity going forward. If that happens and Apple's security woes only get worse, what will it take for the company to finally wake up and realize that the myth of Apple's iron-tight security can't be believed?

Let's hope it's not a major security outbreak.


Rocket Fuel