A few months ago most major news outlets published headlines alerting readers to the dangers of the MAC Defender malware infection. Reports questioned whether the days of Mac security were ending. I reminded readers, at the time, that Mac users are like anyone else and no systems are immune.
Since then the story has essentially died. Apple’s provided a patch to address the infection, and I haven’t seen or heard of any significant widespread new Mac security concerns since.
Does that mean Macs are infection- and hack-proof? Of course not.
Does it mean Macs are more difficult to compromise than Windows systems? I think so.
Based on what?
This is no Ford v. Chevy or Yankees v. Red Sox debate. I don’t have a horse in this race. I use Apple products in my business because they’ve proven to be more stable and reliable, backups are easier, desktop migrations are simplified, the hardware works better than other brands I’ve used going back to my first IBM 8086 in the mid-80s, and my office has never experienced a malware infection on one of its Macs.
I can’t say the same for Windows. Since the Mac Defender spyware hoopla arose in May, my office has removed exactly one Mac virus from a client machine. In that same period, I estimate we’ve removed thousands of virus and malware infections from hundreds of Windows machines. While most of those infections were on systems my office previously didn’t support or maintain, we still saw a few infections on hardened corporate networks, too, locked down by Group Policy and properly licensed and updated antivirus software.
My point? Windows systems become infected more often than Mac systems, in my experience.
If anything, new Macs and older systems upgraded to the new Mac OS X Lion OS are more secure than before. The Mac OS presents multiple integrated defenses. Sandboxing makes it harder for a malware infection to wreak havoc by limiting the operations applications can execute. By limiting an application’s access to other tasks or processes, Mac OS X better restricts and protects the OS.
Runtime is further improved in Lion, too. Address space layout randomization, known as ASLR, is improved for all applications in the new OS. That means 32-bit as well as 64-bit programs benefit from the random arranging technique that moves data areas around to make it exponentially more difficult for a hacker to target specific code.
FileVault 2, available to new Lion OS users, encrypts entire Mac drives. Further, Apple claims there’s no noticeable performance impact. The encryption technology leverages highly secure XTS-AES 128 encryption to protect a Mac’s data. FileVault 2 can also encrypt external drives and Time Machine backups, meaning Mac users enjoy the same level of security on external disks and backups, too, while also using it to wipe a machine clean that’s being discarded.
Mac OS X isn’t immune from compromise; it’s just targeted less frequently and more difficult to crack. Spring reports suggesting Macs are insecure were premature, at least when compared to the Windows alternative.
Share your thoughts
What do you think? Have you or your users downloaded and installed a spyware infection on your/their Mac (supplying the system administrative username and password to complete the process)?