Channel 9 Forums - Coffeehouse - Mac OS X with 100 bugs still safer than Windows

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

corona_coder — Thu, 12 Jul 2007 14:51:31 GMT

Of course, Mac OS X based on Unix, Windows not. Linux is still safer than both. What I like is how the anti-virus guys trying to spread the FUD.

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

harumscarum — Thu, 12 Jul 2007 14:54:37 GMT

Here is your chance Massif!

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

Ray6 — Thu, 12 Jul 2007 14:57:54 GMT

harumscarum wrote:

Here is your chance Massif!

Chance? Chance to do what?

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

rjdohnert — Thu, 12 Jul 2007 15:01:39 GMT

UNIX is not hacker or vulnerability proof, neeither is Linux. The only system that can be hacker proof is one disconnected from the net. The security guys are not spreading fud. The only reason why UNIX wasnt cracked more in the 70's is becausethe Internet wasnt around.

corona_coder wrote:

Of course, Mac OS X based on Unix, Windows not. Linux is still safer than both. What I like is how the anti-virus guys trying to spread the FUD.

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

stevo_ — Thu, 12 Jul 2007 15:06:40 GMT

Dunno, it seems a bit confused, theres a quote that says 'yadda yadda os x attacks are insignificant to windows yadda yadda', but it doesn't seem to be taking into account that os x share is also insignificant to windows..

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

corona_coder — Thu, 12 Jul 2007 15:10:04 GMT

rjdohnert wrote:

UNIX is not hacker or vulnerability proof, neeither is Linux. The only system that can be hacker proof is one disconnected from the net. The security guys are not spreading fud. The only reason why UNIX wasnt cracked more in the 70's is becausethe Internet wasnt around.

Hackers had the same amount of time to exploit Unix as they have Windows and Dos. Network connections had nothing to do with it. Windows and Dos falls every time. Unix doesnt and Linux most certainly does not. Its the design of the system, while Microsoft was busy trying to build an OS with which to lock in their monopoly the Linux and even Unix groups were building a more secure OS that doesnt crack under pressure. Bill Gates put out a memo having to tell his programmers to pay attention to security, which showed Microsoft didnt care from day one. When have you ever seen a memo like that have to come from the kernel group or ANY Linux or Unix vendor for that matter?

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

Stefán Jökull Sigurðarson — Thu, 12 Jul 2007 15:21:04 GMT

I'm having a BBQ with some friends tonight. Mmmm grilled chicken and lamb chops!

What are ya'll having for dinner?

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

Massif — Thu, 12 Jul 2007 15:21:35 GMT

harumscarum wrote:

Here is your chance Massif!

You're right!

But with their superior security what are we going to do? We're Doomed!

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

ScanIAm — Thu, 12 Jul 2007 15:46:24 GMT

corona_coder wrote:

rjdohnert wrote:
UNIX is not hacker or vulnerability proof, neeither is Linux. The only system that can be hacker proof is one disconnected from the net. The security guys are not spreading fud. The only reason why UNIX wasnt cracked more in the 70's is becausethe Internet wasnt around.

Hackers had the same amount of time to exploit Unix as they have Windows and Dos. Network connections had nothing to do with it. Windows and Dos falls every time. Unix doesnt and Linux most certainly does not. Its the design of the system, while Microsoft was busy trying to build an OS

Er...you mean while Microsoft was making billions selling an OS?

Beer28 wrote:

with which to lock in their monopoly the Linux and even Unix groups were building a more secure OS that doesnt crack under pressure.

I'm not sure how you could say that. There aren't enough people using it to qualify as 'pressure'.

Beer28 wrote:

Bill Gates put out a memo having to tell his programmers to pay attention to security,

Yes he did. Now how is that a bad thing?

Beer28 wrote:

which showed Microsoft didnt care from day one.

Ah...ok. It's possible that MSFT didn't care at all about security from day one. It's also possible that they were too busy making money that they didn't have the luxury of time to sit back, take a bong hit, and come up with new ways to hack a system.
*nix guys, on the other hand...

Beer28 wrote:

When have you ever seen a memo like that have to come from the kernel group or ANY Linux or Unix vendor for that matter?

See, now you're just being silly.

*nix doesn't have vendors, groups, or memos either. It has dirty hippies, bowls, and "karmic insight, dude".

Get it right.

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

Xaero_Vincent — Thu, 12 Jul 2007 16:05:18 GMT

Haha... you'd think with 500 distributions, there would be a vendor, community groups, and memos.

I'll be sure to name the hippies with computer science degrees and can program far better than anyone I know.

I think your forgetting that the real hippies dont contribute anything to free software but advertisment that sucks. But since Windows has 95% marketshare, its far more likely that the vast majority of hippies are using Windows.

Peace man!

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

Pop Catalin — Thu, 12 Jul 2007 16:07:15 GMT

corona_coder wrote:

Of course, Mac OS X based on Unix, Windows not. Linux is still safer than both. What I like is how the anti-virus guys trying to spread the FUD.

Oh boy! oh oboy! my pizza with tomatoes, mushrooms, and onions as toppings and extra cheese is gonna arive soon. Yummy!

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

JChung2006 — Thu, 12 Jul 2007 16:08:42 GMT

corona_coder wrote:

What I like is how the anti-virus guys trying to spread the FUD.

Why's that? Professional courtesy?

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

Xaero_Vincent — Thu, 12 Jul 2007 16:09:46 GMT

Pop Catalin Sever wrote:

Oh boy! oh oboy! my pizza with tomatoes, mushrooms, and onions as toppings and extra cheese is gonna arive soon. Yummy!

Got to have the garlic cream sauce!... Screw the beef and sausage.. its all about the chicken!

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

Nitz Walsh — Thu, 12 Jul 2007 16:28:58 GMT

From the article:

ZdNet fluff wrote:

However, despite all these vulnerabilities, the Mac's resilient platform, its advanced automatic software update tools and the apparent lack of attention from malware authors means Apple users are far safer from attack than users of Windows.

Uh...excuse me? Advanced automatic software update tools? As a Mac admin for the better part of the last 4 years, I would have loved to see OSX Update anywhere close to the level of Windows update. The complete lack of un-installing patches is laughable (especially as one broke our network binding which was not revealed in testing), not to mention the average size and seemingly complete lack of QoS for network bandwidth throttling (albet I can't confirm this). There's little that's "advanced" at the way OSX updates - heck the size alone of the patches released in a year dwarfs what MS puts out.

Edit: Oh, no way to automatically install OSX updates either. You can download them, but the user still has to initiate the install unless they're using Apple's software update service on a local server.

Yes. Very "advanced" (cough.)

The article is stating the obvious; malware writers don't target a platform with a tiny market share like the Mac has currently in relation to Windows. Well, duh. Regardless, Vista makes things so difficult for malware writers I'm not even sure if that will continue to be the case.

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

keeron — Thu, 12 Jul 2007 16:42:54 GMT

yum !

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

Dharma Punk — Thu, 12 Jul 2007 17:49:07 GMT

So, if I want to lead an exciting and thrilling life, I should use Windows?

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

j0217995 — Thu, 12 Jul 2007 18:34:22 GMT

I think I ate too much for lunch... I'm very sleepy which is a dangerous combination when you are trying to teach a class. I wonder if I can nap while on break?

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

Soviut — Sat, 14 Jul 2007 15:25:39 GMT

corona_coder wrote:

Of course, Mac OS X based on Unix, Windows not. Linux is still safer than both. What I like is how the anti-virus guys trying to spread the FUD.

Unix was notoriously insecure back in the day. Ever heard of a guy named Kevin Mitnick (free kevin, etc.)? He went to jail several times for hacking Unix systems in the 70's and 80's.

Just because its unix doesn't make it more secure. Same goes for linux and OSX.

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

andy_hanger18 — Sat, 14 Jul 2007 15:54:54 GMT

The short of it is ... Why would anyone hack Linux or Mac?

A few people find vunerabilities in operating systems and software as its their job. The find it, tell the vendor to give them a chance to fix it, then make the vunerability know so people can look out for it.

Unfortunately there are far more people who look for the same issues then exploit them with Trojans and Viruses etc. They want to cause as much damage and mess as they can. Some even get a kick out of the misfortune it causes others. The more people who suffer the better.

Now, if Windows has approx 95% of the market share then its natural people would spend time attacking that system. Why waste their energy on the (relatively) few people who use the lesser common OS's.

If it were the other way around and, say, the Mac had the 95% share of the market then people would set their sights on hacking that OS. You'd hardly hear of a Windows exploit.

Its as simple as that really.

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

Rossj — Sat, 14 Jul 2007 16:31:20 GMT

andy_hanger18 wrote:

The short of it is ... Why would anyone hack Linux or Mac?

Ah the market share argument. By the same token, why would anyone hack Vista? Maybe, and I speculate, its much touted security is a result of low market share? I don't believe that - but surely the argument holds?

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

AndyC — Sat, 14 Jul 2007 16:58:47 GMT

Rossj wrote:

Ah the market share argument. By the same token, why would anyone hack Vista? Maybe, and I speculate, its much touted security is a result of low market share? I don't believe that - but surely the argument holds?

Not entirely. The main aim of hacking into a system these days is to allow the running of malicious applications as part of a botnet. There is a lower barrier to entry if your mass-mailer (or whatever) is already running on Windows. Particularly given that a vulnerability in Vista is quite likely to also be present in previous versus of Windows.

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

BryanF — Sat, 14 Jul 2007 17:13:01 GMT

Rossj wrote:

andy_hanger18 wrote:

The short of it is ... Why would anyone hack Linux or Mac?

Ah the market share argument. By the same token, why would anyone hack Vista? Maybe, and I speculate, its much touted security is a result of low market share? I don't believe that - but surely the argument holds?

Not really. The difference there is that Vista's share is growing by millions a month simply due to the normal rates of the PC industry. It'll be a solid number two behind XP in probably a year.

EDIT: Grammar fixes.

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

LarryOsterman — Sat, 14 Jul 2007 19:30:58 GMT

AndyC wrote:

Rossj wrote:

Ah the market share argument. By the same token, why would anyone hack Vista? Maybe, and I speculate, its much touted security is a result of low market share? I don't believe that - but surely the argument holds?

Not entirely. The main aim of hacking into a system these days is to allow the running of malicious applications as part of a botnet. There is a lower barrier to entry if your mass-mailer (or whatever) is already running on Windows. Particularly given that a vulnerability in Vista is quite likely to also be present in previous versus of Windows.

I disagree. I agree with your central premise (the goal these days is to get malware on the box), but disagree that Windows provides a lower barrier of entry.

The unpleasant fact is that most malware gets installed by the user. They download the free smileys and get 0wned. Most botnet clients will run just fine as a normal (non admin) user. After all, what do botnet clients do? They mostly send spam, or participate in DDOS attacks or surf the web and you can do that from any OS without requiring root privileges.

Right now, most botnet clients are written to Win32, so Windows clients are the most attractive.

Remember that botnet herders are fundamentally lazy - they don't want to have to work to find targets for his botnet client, they wants to get the largest number of clients with the least work. They can choose to target the OS with 5% market share or the OS with 2% market share, or they can choose the OS with 90% market share.

I know which one I'd go for (if I was inclined that way).

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

Bent Rasmussen — Sat, 14 Jul 2007 23:25:50 GMT

The answer to Microsoft's security problem is to drastically loose market share. I'm not quite sure the black suits'll bite that bullet tho'.

But you're right of course.

The best solution is probably networked blacklisting.

Coffeehouse - Mac OS X with 100 bugs still safer than Windows

AndyC — Sun, 15 Jul 2007 10:02:13 GMT

LarryOsterman wrote:

I disagree. I agree with your central premise (the goal these days is to get malware on the box), but disagree that Windows provides a lower barrier of entry.

Well I meant a lower barrier in the sense that anyone who was writing malware for XP will already have skills in Win32 and an existing code base that can be reused or modified. So even if we assume that Vista and Mac OS X had comparable market share, it doesn't follow that they are in the same position as far as being a potential target goes.