Mac security, Windows security

I came across an interesting article today from CNET’s Elinor Mills - see http://news.cnet.com/8301-27080_3-10444561-245.html - asking a whole battery of security mavens to compare security on the two platforms.

Oddly enough, although she quoted a blog by Randy Abrams that cited a survey ESET sponsored for some figures on perceived cybercrime vulnerability, she didn’t talk to us, as far as I know. But on a quick scan, most of the comments seem to have been perfectly sensible.

Apple, of course, declined to talk directly but referred her to their page on OS X security (http://www.apple.com/macosx/security/). You know, the one that says that OS X doesn’t get PC viruses (true, but that’s not the same as saying that Macs have no issues with PC viruses, let alone other malware - however, I’ll come back to that one again), and that “Every Mac ships with a secure configuration so you don’t have to worry about understanding complex settings.”

The 11th Law of Data Smog applies: “Beware stories that dissolve all complexity.” (Data Smog: Surviving the information glut, by David Shenk: Abacus, 1997.) Apple is not entirely wrong, but only because it’s focusing on a very narrow aspect of security and ignoring such inconveniences as OS X malware (yes, it does exist), attacks on the user rather than the system, and the fact that some people don’t use their Macs in splendid isolation from the rest of the computing community.

David Harley FBCS CITP CISSP
Security Author/Consultant at Small Blue-Green World
Chief Operations Officer, AVIEN
ESET Research Fellow & Director of Malware Intelligence

Also blogging at:
http://avien.net/blog
http://www.eset.com/threat-center/blog
http://smallbluegreenblog.wordpress.com/
http://blogs.securiteam.com
http://blog.isc2.org/
http://dharley.wordpress.com