PCs

Macs are as secure as ever

Erik Eckel responds to the Mac Defender hoopla and other claims that OS X is less secure than it used to be. Here is his perspective on why Macs are as safe as ever.

A few months ago most major news outlets published headlines alerting readers to the dangers of the MAC Defender malware infection. Reports questioned whether the days of Mac security were ending. I reminded readers, at the time, that Mac users are like anyone else and no systems are immune.

Since then the story has essentially died. Apple's provided a patch to address the infection, and I haven't seen or heard of any significant widespread new Mac security concerns since.

Does that mean Macs are infection- and hack-proof? Of course not.

Does it mean Macs are more difficult to compromise than Windows systems? I think so.

Based on what?

This is no Ford v. Chevy or Yankees v. Red Sox debate. I don't have a horse in this race. I use Apple products in my business because they've proven to be more stable and reliable, backups are easier, desktop migrations are simplified, the hardware works better than other brands I've used going back to my first IBM 8086 in the mid-80s, and my office has never experienced a malware infection on one of its Macs.

I can't say the same for Windows. Since the Mac Defender spyware hoopla arose in May, my office has removed exactly one Mac virus from a client machine. In that same period, I estimate we've removed thousands of virus and malware infections from hundreds of Windows machines. While most of those infections were on systems my office previously didn't support or maintain, we still saw a few infections on hardened corporate networks, too, locked down by Group Policy and properly licensed and updated antivirus software.

My point? Windows systems become infected more often than Mac systems, in my experience.

The facts

If anything, new Macs and older systems upgraded to the new Mac OS X Lion OS are more secure than before. The Mac OS presents multiple integrated defenses. Sandboxing makes it harder for a malware infection to wreak havoc by limiting the operations applications can execute. By limiting an application's access to other tasks or processes, Mac OS X better restricts and protects the OS.

Runtime is further improved in Lion, too. Address space layout randomization, known as ASLR, is improved for all applications in the new OS. That means 32-bit as well as 64-bit programs benefit from the random arranging technique that moves data areas around to make it exponentially more difficult for a hacker to target specific code.

FileVault 2, available to new Lion OS users, encrypts entire Mac drives. Further, Apple claims there's no noticeable performance impact. The encryption technology leverages highly secure XTS-AES 128 encryption to protect a Mac's data. FileVault 2 can also encrypt external drives and Time Machine backups, meaning Mac users enjoy the same level of security on external disks and backups, too, while also using it to wipe a machine clean that's being discarded.

TL-DNR

Mac OS X isn't immune from compromise; it's just targeted less frequently and more difficult to crack. Spring reports suggesting Macs are insecure were premature, at least when compared to the Windows alternative.

Share your thoughts

What do you think? Have you or your users downloaded and installed a spyware infection on your/their Mac (supplying the system administrative username and password to complete the process)?

About

Erik Eckel owns and operates two technology companies. As a managing partner with Louisville Geek, he works daily as an IT consultant to assist small businesses in overcoming technology challenges and maximizing IT investments. He is also president o...

51 comments
cbader
cbader

Hows that LDAP vulnerability working out for you in terms of your theory that Macs are inherently more secure?

crap
crap

@kevin While you have a utility to remove any Windows password, the point I'm trying to make it that within a couple minutes I could find out how to reset the admin password and I didn't need a 'utility'. It is running a couple of commands in a terminal on the machine. Yes, clicking bad links and other remote issues are a primary source of problems with any computer, but at least in some ways, with Windows you can make it harder for someone to compromise the machine. On a Mac, Apple tells the user, Sorry, you're on your own. Plus, various people tout just how safe and secure Macs are but when the bad people who target Windows decide to attack Macs, it will be a much easier target. And to reiterate my point, physical access is a very big aspect when someone has access to a machine or steals a machine, at which point they can work on it at their leisure. While Windows has holes in it, a lot of other systems, whether Macs, Android tablets/phones, Iphones, etc. are much easier to dig through their holes.

AnsuGisalas
AnsuGisalas

Wait up a sec, Vulpine, lemme explain :) The thing is, the iPad has made good headway in the corporate market. Lots of iPads are in use by people controlling a lot of money, and who also get into contact with valuable information. This means that the iPads at least have become a quite juicy target. It may or may not be low-hanging fruit, but the payoff makes that less relevant. Better safe than sorry, people, start finding out about security software for your devices of choice!

crap
crap

I'm not totally sure what you are saying... Yes, physical access is one level but it happens all the time when someone steals a laptop or a desktop. This is why, where I work, for users that have laptops and handle confidential information, the hard drives are encrypted. So they are secure if someone steals them. As time goes on, we're going to switch to a more robust enterprise encryption, which will allow computers to be managed easier, at which point more computers will be encrypted.

APSDave
APSDave

The majority of viruses are spread through clicking on bad links or reading bad email. Mac users (and Linux, which I am a proud member of) have lived under a false blanket of security because they haven't seen much evidence of their flavor of OS getting hacked or infected. For years they have been clicking away on links without a care in the world because they couldn't get infected. but now, Apple is in the crosshairs. Their popularity is increasing, so more WILL come. Also, with the proliferation of smartphones, there are even more ways for carefree users to become victims. No matter what OS you are using, it all boils down to the users. If they are trained not to click on links or emails then this will go away for the most part. But, until then, no one is safe.

crap
crap

Where I work we have had a limited number of Macs in the system but we are starting to install more as upper management wants to diversify computer wise. Our department handles re-imaging of computer and some re-purposing of computers. Since we would be seeing more Macs, we started working with them so to better understand the hardware and software. We've discovered that while Macs can be added to Active Directory by third party software, knowledgeable users can circumvent that management. Which doesn't sound very secure to me... On another issue, we had a Mac that we wanted to re-purpose but we did not have the Mac OS re-install disks, so we needed to work with the existing OS install, which was password protected and the user was no longer with the company, so the password wasn't available. I was able to find a very quick Google search, found a way to reset the Admin password and had it reset in about ten minutes. Which again, doesn't sound very secure at all... Am I missing something?

jscott418-22447200638980614791982928182376
jscott418-22447200638980614791982928182376

I think as with many Apple fans they always compare Windows to Mac's in a filtered comparison. Always using XP as a example rather then Windows 7. I have used both Windows 7 and OS X Snow Leopard and now Lion. Never had any trouble with any of them with Malware or Viruses. But its never been about OS X being safer or better. Its about users. Mac's still only make up about 12% of computers. Do we really think any hacker will want to try to attack not only a good OS but one that is only used by 12% of computer users?

graytmind
graytmind

Dare I state the obvious. Could to be as simple as the IQ level in the choice of operating systems and operation thereof. ??

powerman2012
powerman2012

I agree. Apple computers are infected WAY less than Windows computers... but... The 'virus' writers do not target Apple computers; they target Windows computers. The point being, if they (the virus factory/writers) switched gears and began targeting Mac systems... you WOULD see a huge spike in (Mac) infections... and a lot LESS Windows OS infections. Same goes for the Linux flavor systems. Nothing new here.

ScarF
ScarF

Check this out: "I don???t have a horse in this race. I use Apple products in my business..." and, from your profile: "Erik Eckel is a managing partner at Louisville Geek, an IT consulting firm that specializes in providing cost-effective technology solutions to small and medium businesses." I share the thoughts that you have a really big horse in this race and your "analysis" is mediocre and biased at most, since it simply ignores all the previous reports - many of them in Tech Republic - even the most recent ones.

Gisabun
Gisabun

With the release of MacGuard and it's variants, it shows that Macs aren't so secure. The only reason why Macs haven't been hit harder has been because the OS market share. The crackpots that create malware are aiming at Windows users as that is a bigger market share and will find the most novice uers. But with Macs being higher priced, I suspect we won't hear the last of Mac malware because a) Apple couldn't defend the OS correctly and b) Macs cost more than PCs - so they can afford to fork over more money. Face it. apple did badly when it came to addressing the problem. People complained in their forums [and others] and MacGuard support calls hit 25%+ on the issue and all Apple initially said was to by some anti-malware program at the app store [of which Apple gets 30% off the top]. Only after that they released an update that fixed that problem but doesn't solve the underlying problem of how the bug was manipulated. Note the recent issue with the battery software where every one has the same default password. Malware writers can easily manipulate that issue.

alexisgarcia72
alexisgarcia72

Windows 7 and Windows 2008 have all the features you describe as new security technologies you found in a MAC. I don't know how your windows network have too many infections with GPOs and Antivirus. Perhaps users have too many permissions, perhaps you need a lockdown feature (like Cisco Security Agent). Something is missing here, I see a couple of big Windows networks without a single virus hit or problems. You will need firewalls, NAC, IPS, etc to properly secure windows networks, most because users education is not good and people continue to visit lot of bad sites or open spam emails.

Duke E Love
Duke E Love

At least no one is blathering about Linux.

kevin
kevin

I would like to take time to point out something Erik left out of the Mac security equation. There is a very important difference in the Mac OS (any version old or new), which is that 90% or more in built into the HARDWARE and is not loaded from the hard drive, but from ROM (read-only-memory). Thus the major percentage of the operating system cannot be changed by hacking or a virus. My experience with Macs goes back to the first 128K in 1984. Can a Mac become infected? YES After all this is how Peter Norton made his debut with Norton Utilities and Norton Anti-Virus. Can an Infection take down a Mac? Not seriously because the only portion of the Mac OS that is loaded from the hard-drive is the tokenized or localized software. I.E., the keyboard language set for whatever country you live in. Very minimal stuff. With a clean copy of your Mac system you can easily restore even that portion and be up and running again quickly. Some comments already posted are grossly unaware of just how many Macintosh computers are actually in use compared to PCs. This is just more of the age old Ford vs Chevy war. Apple Computer has done a tremendous job of building better computing devices than any other single company on the planet. They maintain strong market shares in every arena they dabble in and ALSO hold on to loads of reserve CASH for development of future devices. But for those who do not want the BMW of computers, or simply cannot afford one, go ahead and buy the Chevy. Obviously, I also own a Ford!

Charles Bundy
Charles Bundy

infest your armpits. So how many fleas are there? :) Erik didn't say a thousand computers; his estimate was in the hundreds. Of course that begs the question of how are they getting infected multiple times, which may have nothing to do with technical hardening issues. We can't stop users from circumventing security intentionally. His evidence of Mac vs. PC security superiority is anecdotal, thus his conclusions are suspect. He should have left it at both systems can be compromised...

Spitfire_Sysop
Spitfire_Sysop

Erik, please go read this post by Deb Shinder: http://www.techrepublic.com/blog/security/black-hat-2011-update-macs-in-the-crosshairs-kaminsky-on-bitcoin/6222 a quote from her coverage of BlackHat 2011: "The talk compared Mac OS X to Windows and concluded that the default settings in OS X can allow easier hacking, and it???s time for businesses that use Macs to get just as serious about security on those systems as they are with their Windows machines." Also, the features you describe in your section "The Facts" are all features that exist in Windows 7 and 2008R2.

Justin James
Justin James

Erik makes this mistake every time he discusses Mac security... he confuses actual "vulnerability" with infection rates. Truth is, the folks over at Black Hat... who I think know a LOT more about security than Erik Eckel, state that OS X is actually MORE vulnerable than Windows 7: http://www.zdnet.com/blog/hardware/black-hat-os-x-networks-are-significantly-more-vulnerable/14130 Or to put it another way, if attacks exploited OS X at the same pace they do Windows, OS X would have more infections, proportionate to the user base size. Funny enough, the last time Erik trotted out a nearly identical article a few months ago, he had already been pre-debunked by ZDNet with a similar report. J.Ja

Geminiibda
Geminiibda

I think that "In that same period, I estimate we???ve removed thousands of virus and malware infections from hundreds of Windows machines." is a little exaggerated unless they are all running unpatched version of WinXP and IE6. I work on a lot of Win7 machines and with the exception of social engineering, I have seen very few viruses. I also do corporate and private work. Social engineering is the hardest one to fight because some users are just not that smart...

Vulpinemac
Vulpinemac

So far my machine has told me every time something has tried to install itself.

Vulpinemac
Vulpinemac

And yes, quite honestly physical access does make a difference. You hear about laptop computers getting stolen every day, so you're quite right there, but desktops aren't stolen as often because, quite simply, they're not as easy to carry and don't offer as much return for the effort. You also have to consider that the average computer thief is out for the cash he can get from the device's sale, not the data he can glean from it. The odds of a targeted theft are much slimmer, but I will acknowledge that they're there. That, then, is my point. Of the over one billion computers in use around the world, the number of stolen computers is almost microscopic. That means that most data thieves are going to try to get access to that data remotely rather than risk getting caught trying to steal it physically. Also, the physical theft of a computer alerts the owner to the risk of that data's theft who can and usually will take immediate steps to protect that data. In the event of personal information like identity theft, the individual would put blocks on all their personal accounts to prevent fraud. Since an identity thief wants to operate as long as he can undetected, stealing that computer greatly limits how much time he has to operate. Again, remote access is safer than physical. However, there are some cases where the thief really does want physical access. About 12 years ago or so, NASA and other government agencies purchased iMacs for some desktop computing purposes. Not because they were these pretty 'gumdrops' but rather because they neither had a floppy disk drive nor had a conventional serial/parallel port for someone to hook up an external drive/printer. For a time, the iMac offered physical security against data theft. Of course, that particular kind of security no longer exists since thumb drives are even smaller and easier to use than the old floppies, but for a while it did work to prevent espionage. Windows has holes and I will grant that with Win7 it has far fewer holes; but when Microsoft issues a security release to protect a vulnerability that existed in Win95, how many more holes are there that we don't know about? I also won't argue that OS X has holes, but they're not well-known and in every case so far they've been in the GUI, not in the underlying UNIX. Considering many of the factors that would encourage data theft from Macs, you would think they'd be as heavily attacked and more successfully attacked than they are. Even now, after more than ten years of OS X, fewer than 1 million Macs have been compromised and in almost no case has a virus or worm been able to spread once infecting a Mac. That's less than one quarter of one percent of all Macs in use compared to more than fifteen percent of all Windows machines currently infected. Physical security and remote security are almost completely separate problems that require completely different protections.

Vulpinemac
Vulpinemac

I won't argue that iPads will make a juicy target--just take a look at what's happening to smart phones. Then again, why is it that there have been no successful malware attacks against non-jail-broken iPhones and yet the Android models are leaking like a sieve? You see, security is more than just hardware and OS, it's the ecosystem it operates in as well. It's true that social engineering could and does allow a trojan to sneak in, but it's hard to 'sneak' that giant wooden horse through the gates of Apple's so-called 'walled garden' first. To the best of my knowledge, at least as of yet no application can be installed on either a Mac or an iOS device without the user at least being notified of it. Granted, some people will fall for these tricks, but the majority know better.

Vulpinemac
Vulpinemac

On Apple's mobility devices, it's a one-click process through Find my iPhone. As for the Mac laptops and desktops, they seem to have set a pretty good record lately on reporting their location and even taking pictures of the thief. This kind of software is available for Windows machines, too.

kevin
kevin

1) You have physical access to the Mac. It's not the same a remote manipulation or a viral infection. 2) I have a bootable disk on my workbench that will remove any account password from any Windows system in the amount of time it takes to boot to CD. Windows doesn't sound any more secure to me? For the rest of you that are doubting what I posted earlier about how the majority of a Mac system is in the ROM, you need to understand HOW that ROM and the routines in it are used by the MAC. While a PC programmer has to manage all the aspects of things like building a Window and adding scroll bars and grow boxes, the bulk of that type of CODE is in the MAC ROM and all one has to do is make a call to the ToolBox and the MAC OS creates the Window for you from out of HARDWARE. If you upgrade the OS of an older MAC and certain ROM code is missing from that older MAC, then more of the NEW OS gets added to the system folder on that MAC. This allows for most of the same capabilities that a newer MAC may contain from it's built in ROM. It is nothing like a PC boot rom or bios! And there is no way to change it. A MAC does have NVRAM that stores stuff like date and time. Than can be changed obviously. And NO I was not making any references to an APPLE II. Which by the way did NOT have EEPROM to store it's OS. Rediculous! Absolutely FALSE! If anyone here doubts what I claim about the MAC OS then contact Apple's Developer Services and they will send you the detailed information you need to write software for a MAC OS. You should then be able to more fully understand how much different the base system is from that of a Windows OS which completely resides on the hard drive as software.

Vulpinemac
Vulpinemac

Or are you trying to tell me you did all of that without physically touching the Mac?

YetAnotherBob
YetAnotherBob

Linux would be much harder than either Mac or Windows, because of the fractal nature of most Linux installations. Ubuntu would be different than Fedora, which would also be different than Slakware or SUSE. However, there were some exploits that were causing some worries for Linux users around 10 years ago. These were mostly Escalation of Privilege attacks. Similar to some of the new attacks against windows 7 systems. Linux has worked out ways to prevent them. Microsoft should be studying what the Linux people did. There are nearly secure Linux systems out there, but they are not very common. Apple uses a broken version of the Unix protocols. Windows seems to be moving to adopting the Unix protocols. We may soon see a situation where Windows is really more secure than Apple. But, they aren't there yet.

YetAnotherBob
YetAnotherBob

Glad to, At Black Hat, Linux is what most of the crackers run. That's because they know enough to keep each other out. For that, you have to be able to modify the internals. Something that Mac and Windows don't excel at. Oh, and BTW, the Mac is usually the first system broken. Windows is a close second. Does this tell you anything?

Charles Bundy
Charles Bundy

A lot of the OS was in ROM ... circa 1985. With the advent of the BSD/Mach fork that is no longer the case, and made it possible to port to other hardware ala Core2Duo ... I just put Snow Leopard on a DELL laptop. Works great, except that Mac hardware BIOS is different from a standard PC and includes the ability to boot HFS+ volumes :) Ref: http://en.wikipedia.org/wiki/Extensible_Firmware_Interface

Justin James
Justin James

If this were the case, things like "Hackintoshes" would not be possible. Furthermore, while Macs *do* have some code in ROMs (it's not OS X code, incidentally, otherwise you never could use the old hardware like KBs with newer Macs), the ROM is flashable like a BIOS. And in fact, these flashable ROMs have been used as attack vectors in the past, so that even if you wiped the drive, the *hardware* would re-infect the system! A few years ago, folks used the keyboards like this, and I believe that there was another recent example as well, using a different piece of hardware. I think maybe you are confusing the hardware that Apple uses instead of a BIOS (I forget its name offhand) with something else... J.Ja

Slayer_
Slayer_

Do you have proof that MacOS is installed to ROM instead of the hard drive?

Vulpinemac
Vulpinemac

... it seems strange that the actual infection rates remain well below 1/2 of one percent while Windows runs between 15%-30% depending on who you read. This, by the way, is in the wake of the Mac Defender attack which supposedly has had the largest effect on the Mac environment of any. Now, why, even after such a publicized event, is Mac infection still so low despite its supposedly greater level of vulnerability?

Spitfire_Sysop
Spitfire_Sysop

I agree. A thousand is a lot. Makes me wonder how many clients he has. Is he counting one thousand computers that were part of a botnet in a single organization? Or one thousand seperate incidents? You would need to find at least 3 infections a day, every day of the year to reach over a thousand incidents.

Justin James
Justin James

... then the holes in the applications. Exploiting the OS has been far less of a focus for attackers for quite some time now. Exploiting holes in apps like Acrobat, QuickTime, Flash, Office, etc. is where the attackers spend their time. It doesn't matter WHAT OS you use, when an app you have already authorized is now ripped wide open. Sadly, Macs ship with and depend upon a variety of apps that are Swiss cheese on security: Safari, and QuickTime are two big ones, people often add Microsoft Office (another security hole), everyone uses Acrobat and Flash (the bulk of Windows exploits come from those two apps, not the OS!), and so on. So, Macs (and WIndows PCs, and Linux machines for that matter) are only as secure as the apps running on them. All too often, we see the exact same security hole in all versions of an app, thanks to the magic of cross-compiling C/C++ code. The same lame buffer overrun error when parsing a file will exist in all versions... J.Ja

YetAnotherBob
YetAnotherBob

The holes are already found, and information on them is for sale on line. The test for such things are done by throwing possible exploits at a system and seeing what gets in. This penetration testing can be done with any system on the network, and is also done by manufacturers before releasing the system. but, there are always unexpected things. You are right about physical and remote security. When I was designing secure facilities, a great deal of effort was spent on physical security. If the bad guys can get to the equipment, then no system is secure. For remote access, Linux is probably the most secure, because the bad guys attack it first, as that is what the least trusting use. For these people, paranoia is a virtue. They pass around fix's to problems, or get problems passed from others, and a very large network of people are constantly fixing things. If Microsoft or Apple were open, they would probably have the same kinds of security communities built up around them. Black hat and the other gathering of that kind are contests to see who can break what others have tried to render unbreakable. Then, they talk about how it was done, and try to make it harder to do anything like that again. That is part of the reason why security is a constantly shifting target. What was secure five years ago is now almost worthless as protection. What works now, is just a game to beat to these people. They are never going away.

AnsuGisalas
AnsuGisalas

Or their own thing? The controlled ecosystem certainly eases oversight. Time will tell if the bad guys find a way in. Exciting, yes? :D

YetAnotherBob
YetAnotherBob

I think you may be referring to the wrong acronym. NV RAM would be Non Volatile RAM, which would be either Flash or EEPROM, (Electrically Erasable Programmable Read Only Memory) Flash is of course a non-volatile RAM technology. That was usually implemented as an array of diodes that were deliberately burned out in certain places to make the "zero's" This made it a WORM (Write Once Read Many) system. As the EEPROM system was both cheaper and more versitile, most manufacturers used EEPROM inside. The old Apples I have disassembled all used EEPROM for the Bios equivalent. As did the IBM, Compaq and Commodore's I saw. The old Altair's didn't, they used a tape BIOS. The flash systems had the problem that occasional power spikes would write to the memory, and stop the computer from being able to be restarted. Radio Shack on the COCO had you tie six knots in the power cord to limit this problem. They eventually went to EEPROM, after first trying the UV erasable technology for flash ROM. It was just too expensive to replace the ROM chip in computers still under warranty. The EEPROM could be reset with a tape drive and a small board. Oh another interesting tidbit is that the flash memory moniker came from the fact that in the early versions (late '60's/early '70's) there was a visible flash on the chip when the memory was written onto it.

Justin James
Justin James

Looking past what people use as their desktop environments and update mechanism on Linux, most Linux machines look fairly the same. You get an exploit for sendmail, bind, etc. and you've got an exploit that will affect most Linux servers providing those services regardless of flavor, and possibly Macs and BSDs as well, depending on the nature of the exploit. J.Ja

JamesRL
JamesRL

One example I know of where there was code in the ROMs was the ability to plug and play. If you had a Mac II, as an example, and you threw a new video card in the system, Apple or approved third party(who conformed to the HW protocols), the system would see it automatically and use it. You could literally swap an old video card/monitor combo for a new one without loading software. Similarly if you threw an Apple brand SCSI HD into the system, it would be mounted automatically. But there were workarounds for non "approved" SCSI drives that you could use, involving software patches. But while this is in some other system's OS, it doesn't make it part of the Mac OS, its really redrawing the lines of where the firmware ends and the OS begins, and has its plusses and minuses.

YetAnotherBob
YetAnotherBob

The computer he was referring to was an Apple II. Like the old C-64, the basic based OS was stored in ROM. One problem that those systems could suffer from was that the ROM chips in some models were actually EEPROM, and could be reset or replaced with certain software. There were a few virii on the floppy disks that did this to the computer. It could totally HOSE the system if it did. Imagine your PC without any Boot ROM. Get the picture? The current Apple computers have much more in common with Windows based PC's than with the old Apple products.

Justin James
Justin James

Look at the number of people actively exploiting Macs... it's very low. I don't know why they don't do it, Mac market share is high enough, the vulnerabilities are there, and there's the false sense of security that makes them an even juicier target. I'm not sure why the infection rates are used to "prove" anything. It's like saying that if you know 100 people who jumped from a bridge and never died, but the only person you know who walks to work get killed by a runaway bus, that jumping off of bridges is safer than walking to work. J.Ja

Vulpinemac
Vulpinemac

Yes, it is somewhat stripped down compared to the desktop version of OS X, but most of that difference is the GUI itself sitting on the underlying UNIX core that is fully certified.

Justin James
Justin James

... that under the hood, it is an extremely stripped down version of OS X, but I may be mistaken. J.Ja

Vulpinemac
Vulpinemac

??? Computing - a self-replicating program able to propagate itself across a network, typically having a detrimental effect. Says nothing about user input. *(also computer virus )a piece of code that is capable of copying itself and typically has a detrimental effect, such as corrupting the system or destroying data. Does not specifically state that it does not need user input. ??? (also Trojan horse )Computing - a program designed to breach the security of a computer system while ostensibly performing some innocuous function. Almost obviously requires user input.

YetAnotherBob
YetAnotherBob

there seems to be a terms confusion. A virus is a program that runs without any input, By definition, it is malware, meaning that it is something you don't want on your system. A Worm is a program that requires input form some person to install or run on a system. A Trojan is a program that the user is tricked into installing on a system, or which a malicious user deliberatly installs. Thus, a Trojan is a specialized case of a worm. Some worms are run from outside the system, some from inside. As to the numbers, be thankful that it was publicised so soon. There is some evidence that Apple knew of it for over a month, and did nothing. The fix turned out to be fairly simple, and the group behind it was doing other things that were also illegal. The Russian police rounded them up, and the control commands ceased. You and all other Apple iPhone users owe a big 'Thank You' to the Russian government. As is usually the case in security, the elimination of one threat is not the elimination of all threats. After all, you only find out about the failures. That is why NO system should ever be assumed 'Safe'.

Vulpinemac
Vulpinemac

If you're talking about the trojans that were recently running, they had next to no overall effect on the OS X ecosphere--less than 1/4 of 1% infected. How does that compare to 15% or more of Windows boxes infected from the same sources?

YetAnotherBob
YetAnotherBob

If you look at what Linux users are actually using, there are 8 to 10 different email programs for the examples given above. This is true for most server functions. The applications are not what matters, in systems with a high security system, such as SE Linux. There, the malware cannot spread. I might agree with you that Ubuntu is not nearly as secure as it might be, but even then, as the most popular Linux version, it is nearly unheard of to find a virus problem. Plus, the Red Hat commercial systems probably transmit and transfer more money each day than Obama's deficit. If there is a target that criminals would want to pick, Linux should be it. But breaks on these systems are rare. When they do happen, it usually turns to involve someone on the inside. From this, I wind up thinking that the Mac isn't as secure as Linux, and it may soon be less secure than Windows. But the Linux email programs are usually small and open. What this means is that once an exploit is found, it is plugged, often the same day it is reported. Apple is still using the old Microsoft trick of just pretending that exploits don't exist unless they are acknowledged. Microsoft has abandoned this as it only made people trust them less. maybe the recent fuss about that Russian worm will have the same result on Apple. Given that, I would seriously recommend that you look carefully before deploying Apple products in any environment which actually requires security. The truth is that Apple computers and Apple phones have already been broken several different ways. Not as much has happened with Linux based computers and phones. I am not aware of breaks at a more than theoretical level on the new Windows Phones, though there is a lot of action on Windows 7. Windows continues to be the major platform that needs the patch up of antivirus programs.

YetAnotherBob
YetAnotherBob

When you are right, you are right. I try never to argue with someone when they are correct. However, I will still maintain that the systems were not really suitable to modern architectures, that is why we don't see them much any more. Oh, and BTW there was also a nifty technology back then that stored a long string of digits sequentially on a long column, and stepped through the columns to access the data, Like the RAM disks you referred to, though it was a power on only tech. In the late '70s these chips would allow you to store and Rapidly retrieve up to a megabyte of data, in a fraction of a millisecond. The were limited to sequential access, not random though. I have seen some proposals to use that architecture for some new RAM drives. But I've never seen a modern (less than 30 years old) product with it. These sequential SSM (Solid State Memory) devices were loaded from a tape drive, if I remember correctly. they were used as a sort of extremely fast tape drive. Like Magnetic Bubble technology, it's another obsolete dream.

Vulpinemac
Vulpinemac

It was an early form of SSD that let you load all your software and have instant access to it. At the time, it was anything BUT slow. Of course, you didn't dare turn off the computer because then you'd have to reload the apps and files all over again. Very volatile compared to magnetic disk at the time. You see, back then Apple allowed a third-party manufacturer to offer plug-in cards for 80-column, RAM enhancement and other capabilities both video and storage related. The company was Applied Engineering and some of those cards went by the name of RamFactor, RamWorks and similar. My Apple II was a 16K when I bought it but a 128K when I finally sold it, not counting the megabytes of RAMDisk on board. I sold it then to earn up enough money to buy an Apple IIe simply because I'd developed a need for the ??? (apple) keys which I couldn't emulate or further modify the older machine to include. About 2 years later I bought my first Mac--a Mac Plus that was already 8 years old.

YetAnotherBob
YetAnotherBob

Yes, but it was as slow as molasses flowing in January. You could also do the same on an old IBM XT. But, almost nobody did, because it was so slow. The computer was constantly swapping in and out memory to disk. Oh, and the SSD is not the equivelant of RAM, it is much more like using the floppy disks, only much bigger. But that's just 20 years of Moores Law.

Vulpinemac
Vulpinemac

... you could put 6 MB of RAM on an Apple II. Ok, really it was RAMdisk, but the effect was equivalent to using an SSD today on a machine over 30 years ago.