Home
News
E-mail Newsletters
Blogs
Shark Bait
Knowledge Centers
Opinion
Webcasts
Video
Podcasts
White Papers
Computerworld Reports
Zones
Case Study Library
RSS Feeds
Events
Print Subscriptions


Ads by TechWords

Subscribe to our e-mail newsletters
For more info on a specific newsletter, click the title. Details will be displayed in a new window.
Computerworld Daily News (First Look and Wrap-Up)
Computerworld Blogs Newsletter
The Weekly Top 10
More E-Mail Newsletters 
Preston Gralla's picture
Preston Gralla

Seeing Through Windows

More posts | Read bio

April 1, 2008 - 12:17 P.M.

Why Windows is safer than the Mac

87 comments

Mac users have long gloated that the Mac OS is safer than Windows. The gloating should stop: There's plenty of recent evidence that Vista is, in fact, a safer operating system than Mac OS X.

The most public piece of evidence is the recent "Pwn to Own" challenge, in which security pros were issued the challenge of trying to break into three laptops, a Mac, a PC laptop running Vista SP1, and a laptop running Ubuntu.

The first to fall was the Mac -- and it took a grand total of less than two minutes for security researcher Charlie Miller to break in.

Miller targeted the Mac for a simple reason --- breaking in was like taking candy from a baby.

"It was the easiest one of the three," he told Computerworld. "We wanted to spend as little time as possible coming up with an exploit, so we picked Mac OS X."

More than a day later, hackers were still trying to break into the Vista machine. It was cracked only when the organizers of the challenge changed the rules and made the machine easier to break into, by adding a variety of third-party applications, including Acrobat Reader, Flash Player, Firefox, and Skype. A vulnerability in the Flash Player led to the successful break-in. The Ubuntu machine was never successfully breached.

This latest faceoff only confirms what security researcher Dino Dai Zovi noted a year ago, when he successfully broke into a Mac in a previous version of this year's security challenge. In an interview, he had this to say to Computerworld when asked whether Mac OS X or Vista is more secure:

I have found the code quality, at least in terms of security, to be much better overall in Vista than Mac OS X 10.4. It is obvious from observing affected components in security patches that Microsoft's Security Development Lifecycle (SDL) has resulted in fewer vulnerabilities in newly-written code. I hope that more software vendors follow their lead in developing proactive software security development methodologies.

Here's more evidence that the Mac is less safe than PCs: Swiss Federal Institute of Technology researchers found that Apple patches vulnerabilities slower than does Microsoft. Researcher Stefan Frei said that "the number of unpatched vulnerabilities are higher at Apple" than at Microsoft.

There's other evidence that the Mac is far from safe as well, including the recent release of a Mac Trojan, called Troj/MacSwp-B. According to Computerworld, Sophos says the Trojan, "tries to scare Mac users into purchasing unnecessary software by claiming that privacy issues have been discovered on the computer."

The upshot in all this? If you want a safer machine, get rid of your Mac and get a Vista PC.

[Like this blog? Subscribe to the RSS feed here!]

What People Are Saying

Add new comment
Rate this
Rated 0
124 Votes

Security and viruses

Submitted by Garrett on July 23, 2008 - 11:27 P.M.

Windows proponents are always using the excuse "there are many more Windows users, thats why people write malicious code to attack them"

...That argument, though it is true there are more Windows users than Mac or Linux, is NULL. The truth is, Linux and Mac are more secure because they follow the Unix security model.

When you try to install a program on a Linux machine, the OS asks you for the administrative password to make sure the administrator of the system says it is OK to install the program. Now, if the administrator is dumb, they can provide the password to the OS, allowing the OS to install the program, and that program could be a virus. If the Unix security model is broken, and a malicious piece of software is installed onto the system, it is the administrative user's fault, not the OS's fault.

The problem with Windows is, that the programs themselves have too many privileges. This allows mal-ware and worms to freely install themselves onto the computer, without the user of the computer knowing the malicious code is installed on their system, until it is too late!

But also, with Linux, the code is OPEN-SOURCE...This means that there are literally millions of eyes looking at the code and reviewing it. If somebody finds suspicious/malicious code, it is known IMMEDIATELY, and made public, so everyone else knows NOT to install that specific code.

Also, updates and patches to known vulnerabilities of the Linux distributions are provided every single day. Microsoft only releases updates and patches on the first Monday ("Black Monday") of every month...so it may take 30 days for a known vulnerability or threat to be patched.

...These are the reasons that UBUNTU was the only OS in the PWN to OWN challenge that was not cracked!

Reply | Report this comment
Rate this
Rated -7
39 Votes

Re: Security and viruses

Submitted by Anonymous on August 20, 2008 - 11:31 P.M.

The Unix security model is a joke. It has the concept of a single all-powerful system administrator, which is incredibly insecure. For example, if I want to change a password, I have to run as the administrator, which allows me to do ANYTHING to the system. Ideally, in this case, I should be restricted to ONLY being able to change a single user's password (which is the permissions I really asked for), but Unix doesn't work that way. It's like leaving the keys for the safe on your desk. If someone breaks in through the Unix front door, they have complete access to your entire system.

Likewise, programs in Unix can (and do!) run with the privileges of the administrator that installed them. Therefore, if you can get one of these programs (which often run in the background) to do something nasty by exploiting a bug, you'll be able to do anything to the system because it's running under the all-powerful administrator. This is why it was so easy for that security researcher to break into a Mac.

A better security model would segment/limit what a single user or program can do. When you are granted permission to do one thing, you shouldn't be allowed to do any other harmful thing. Unix was not originally designed to be secure. It wasn't even a thought. Unix and its C language literally invented the buffer overflow. Security in Unix has been a tacked-on afterthought and it shows.

Reply | Report this comment
Rate this
Rated -17
157 Votes

try this on

Submitted by Larry on July 3, 2008 - 1:15 P.M.

Some people say that because there are so many more Windows machines out there, it makes sense that if you are going to spend a lot of time writing some malicious code that it would be for the Windows machine. If you go onto a AntiVirus website though like Symantec for example you will see that many viruses written for the Windows platform rarely affect a large audience. Every now and then you will here about a big one. But the attacks are frequent.

So if I were to spend the time writing one and want to make a name for myself I would think I would try to do it on Mac. Why you may ask. Well because most Mac users have no third party software against viruses which would mean I could infect most of them. Also, because it is old news hearing about attacks on PCs, an attack against the Mac would stand out in the news. Not to mention those people who think PCs are just as secure as Macs would cry out loudly "There you go, we were right."

Reply | Report this comment
Rate this
Rated -17
187 Votes

I remember....

Submitted by Larry on July 3, 2008 - 1:01 P.M.

I have been in this business fro about 25 years and I have done a lot of development/hardware troubleshooting/software troubleshooting/system and network administration, etc etc. I have done pretty much everything and have stood by Windows since around 3.1 for workgroups.

In my home I replaced one of my Windows machines with a iMac about 6 months ago. At first it just sat there with only me using it while I gave my wife some incentive to at least try and use it. I gave her a little bit of training and in a few days she took to it.

Today my kids will access some websites that only work well with IE on one of my Windows machines but overall my whole family loves the iMac for many reasons and wants me to get more so that they do not have to share as much. We all have grown to love it more than PC.

Now I would like to target one thing about this article. Nearly 20 years ago Unix was the bomb and the choice, MS-DOS was the choice on PCs and Windows was just catching on, and Novell Netware was dominate. Security was best achieved on Unix. Windows NT came out and began taking the market from all of them and it was not because it was better. Today it does not surprise me that UNIX based OSs are out for the intel platform and beginning to take market share. Really, if you want to compare, they have stood the test of time and have been more secure since before Windows.

People can talk smack if they want to. I know that my family loves the Mac better and they want more. I have already bought my wife an iPhone, bought my kids iPods, bought my mother a new iMac (she never used any computer before) and she loves it, and I bought a friend up in Virginia a iMac so that we can better communicate. My friend sent me his PC to work on because of all the spyware and malware. I could have saved the data, reloaded it, and sent it back. Instead, I bought him a iMac, loaded VMWare Fusion on it, and imaged up his old machine to run in VMware on the iMac. It blew his mind when he received it.

I would suggest people getting on the bandwagon and try to use a Mac for a while. Then decide. Buying new is more expensive compared to PC. But a PC capable of doing what a Mac can will end up costing more in money and in time. The Mac just works.

Reply | Report this comment
Rate this
Rated +8
134 Votes

hi contact me if u want

Submitted by Riley on July 16, 2008 - 11:14 P.M.

i have used a mac and xp and vista and i can say my favorites are (worst to best) xp MAC than Vista being my favorite! is your pc a xp one that might be why u dont like it. i used to think xp was better but after working (gaming and working) on a vista computr for a few months i went back to xp and just hated it MAC wasnt to bad but i didint like how i was limitted by it. if you havent tried a vista computer then at least give it a quick chance i love it.

Reply | Report this comment
Rate this
Rated +25
201 Votes

Overlooked Factors

Submitted by Anonymous on June 28, 2008 - 9:56 A.M.

Mac OSX has a huge security advantage by being being a UNIX based OS. UNIX has a head start on security just by the way it manages files. Files have owners who can prevent others from various types of access. UNIX tends to be more secure than DOS.

Mac OSX also has thousands less viruses than Windows does. Barely any actually.

Mac OSX can identify any application even if it is dress up as a file. Also, users are prompted before opening an application from the web the first time. So, when somebody clicks on a downloaded file and sees a popup saying its an application, they can tell its a trojan easily.

Reply | Report this comment
Rate this
Rated +5
177 Votes

Well....

Submitted by LOCOCoyote on June 27, 2008 - 10:14 A.M.

I actually use all three (though Suse is my home linux choice). each one has it's +'s and -"s.......

I will admit to liking my Macbook running OS X best (right now...heckit's the newest) but I really don't have a big problem with my vista notebook or my opensuse desktop either.

Reply | Report this comment
Rate this
Rated +22
222 Votes

As for my opinion, the

Submitted by Anonymous on June 20, 2008 - 9:20 P.M.

As for my opinion, the problem on every PC's is that people dont know how to run their computer properly. I started with windows 3.1 and the first time I saw windows 3.1 it is very easy to use. When I encountered a MAC I was hard as a stoned.dont know what to do, I dont know what those icons are. Unlike the first time I saw windows 3.1 I started to use it with ease. But not with Mac. Problem with windows is that it is very very easy to operate wich also brings it to the cons side. On Mac My friends cannot play the latest games online for they are not compatible with the MAC. And One of my friend encountered a weird thing with the Mac it is getting slower everyday. And when he check his email some email was missing. So for me it will depend on how you operate your machine and touch the one you know more.

Reply | Report this comment
Rate this
Rated -9
211 Votes

Ubuntu

Submitted by Anonymous on June 14, 2008 - 6:06 A.M.

UBUNTU REMAINED UNBREACHED and its free!!!!!!!!
Downplay that if you want, but UBUNTU remained unbreached

Reply | Report this comment
Rate this
Rated -46
286 Votes

Bad reporter

Submitted by wow on May 8, 2008 - 4:34 P.M.

You guys need to read this reviewers other articles... he's a total dip s**t. He attacks macs and twist facts to his liking.

My Opinion?

cheap price=bad comp

medium price=good mac/good windows

High price=very good mac/good windows

Reply | Report this comment

Related Posts

Live Mesh first look: The future of computing?
Microsoft: The power behind selling iPhones
Security pro: Kill Safari browser now
Report: Apple is at the bottom of the environmental barrel

Today's Top Stories

Wall Street's collapse puts IT spending in (some) peril
IBM launches Bluehouse, a Facebook for business
Oracle tries to step up on high-end databases
iPhone grabs top smart phone spot
Microsoft fights Ballmer testimony in 'Vista Capable' suit
Apple doesn't need Jobs, analyst says
About Us Advertise Contacts Editorial Calendar Help Desk Jobs at IDG Privacy Policy Reprints Site Map
CIO Computerworld CSO DEMO GamePro Games.net IDG Connect IDG World Expo Infoworld
The Industry Standard ITworld JavaWorld LinuxWorld MacUser Macworld Network World PC World Playlist
Copyright © 2008 Computerworld Inc. All rights reserved. Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.