Yesterday, I came across a lengthy but interesting critique of Apple security – OS X – Safe, yet horribly insecure – by the anonymous author of the All That Is Wrong With The World blog (well, that’s an ambitious project, even if the blog had been restricted to security, which it isn’t…)
I’ve been irritated by the “Apple is immune” argument since the 90s (long before OS X hit the streets, in fact), so I have some sympathy with the post’s irritability, and not just because he cites as a reference a book to which my colleague Mr Harley contributed.
Nonetheless, my first thought was “yes, but surely we’ve moved on from there” – in fact, that book came out three years ago, and both the threats and the countermeasures have changed since then, as David would be the first to agree. So I was inclined to agree with those commentators whose view was “some good points, but rather a glass-half-empty view.”
But then I read the 67 comments currently attached to a Telegraph article that is also cited in the post. And all the usual stuff is there:
- There is only one Mac Trojan. Wrong on two counts: first, there is quite a bit of Mac malware these days, though the quantity is ridiculously small compared to all the malware that targets Windows; second, the fake AV that’s upset so many fanboiz recently is not a single Trojan, but a family (and the nature of the attack is a bit too complex to describe purely in terms of the binaries).
- Windows is “insecure by design”. Come on, chaps: you can’t talk about Windows as if Windows 95 is king, unless you think that most Mac users are still on OS 9.
- (In)security is all about OS vulnerabilities. And its companion piece “only viruses matter and social engineering attacks don’t count.”
- The world is divided into intelligent Mac users and dumb, Mac-hating Windoze users. Well, no-one whose worldview is that stereotyped is going to pay any attention to me, so I won’t waste time on that one. Well, except to point out that I’m actually one of those intelligent Mac users. 🙂
I’m not enthusiastic about Apple’s security strategy of denial, but when I read some of this stuff, I have to think that the security problem here is not primarily Apple and its somewhat misleading advertising, nor even the (still relatively few) criminals specifically targeting Mac users, but a certain quirk of psychology among some Mac users (an aggravated Halo Effect, if you like) that couples a certain aggressive snobbishness about their chosen platform with an escalating fear of being proved wrong.
Or to put it another way: loving Macs does not mean that I always love Mac users. On the other hand, I’m guessing that cybercrims are getting increasingly fond of them and relishing their naivete.