I would tend to disagree, because a user can install an app in the application directory in OS X and write over it, which means a virus or trojan can too. That by default makes OS X less secure than it really should be. OS X at the core is an open source system and the flaws and vulnerabilities are widely documented and available for all to see. Typically at security conferences Macs are normally the first to get hacked, and at the last one I think the Vista laptop didn't get hacked at all.

OS X is typically no better than other operating systems in terms of number of advisories, or severity of advisories if you track them by companies like secunia. OS X has had 11 advisories, 78% of them highly critical and 18% of them remain unpatched. Vista had 26, 38% critical, and 100% are patched.

No, I think the reason you don't see as many viruses is simple economics. A hacker can toss together a PC for $250 to blow up to their hearts content, but an iMac will set them back $1200. Of course now with hackintoshes that's changed, but until OS X went intel there wasn't any route for a virus writer except buying a real Mac, which simply wasn't going to happen.

I would agree except for one thing Sarge.


Getting a virus into OSX and getting it to spread like in the Windows world would be a big feat. Someone would do it if it were so easy just for the ego trip and the news attention. Too many loonies out there...

Speaking of Loonies . .
If nothing else, Steve Ballmer would pay someone to do it !!

Bored tonight Sarge?

I just thought of this:

Microsoft is already known worldwide for it's Malware !

It's called Windows !!

In responding to Carp... the fact of the matter is that there are no viruses for OS X in the wild. Yes, security companies that also happen to sell you "solutions" have mistakenly classified a Trojan or two as a Virus. If you take the time to investigate any of the specific issues, that point will be made clear. I've blogged about it in more detail here.

http://technicalconclusions.wordpress.com/2009/09/11/the-reality-of-macs-and-malware/



Sarge, I'm not sure of the point you're trying to make here. The Application directory may be open, but the existing apps generally are not. The application directory is open because any user can install an app, provided it doesn't need to install anything into the system folder (which is protected for a reason). Running a trojan from your home folder is no different from running it in your application folder. Now, having the ability to install something into the system folder is a legitimate security issue that you have not addressed.



Unfortunately, you're skipping many critical details when you make these claims. For starters, none of the systems were hacked on the first day. The Macs are only hacked after the relax the rules to the point where reality doesn't matter. That is, they couldn't just hack the Mac as is, they had to have the user do something specifically. As to the hacks themselves, they are not just discovered that day. The researchers come to the even with exploits they've already proven to work. Finally, I'm not aware of the event you refer to where Vista was not also eventually hacked. Please provide details on that one. Black Hat event, right?



Unfortunately, you're quoting meaningless statistics. You only know the percentage patched based on what Microsoft tells you. How do you know they haven't been contacted about an exploit but haven't patched it yet?

http://www.computerworld.com/s/article/9140704/Unpatched_SMB_bug_crashes_Windows_7_researcher_says



I believe there is partial truth in what you are saying, but I don't agree with the reasons you've presented. In fact, with the hackintosh example, you've already contradicted yourself. The fact is, Apple as been on Intel for years now and that hasn't changed a thing. There have been multiple Virus attempts, but none have been successful.

I will say this, Microsoft has done some things right. Their implementation of ASLR is currently better than Apples. However, Apple's BSD background has proven to be more effective than NT. Apple also doesn't have known gaping holes like ActiveX in their browsers for a reason.

Thanks for the link SteveS

No, those numbers are from secunia, a security company that actively researches and tracks such issues. Unpatched critical flaws aren't meaningless statistics, they're poor security on Apple's part.

I think we're arguing about two different things here. Yes, I agree with you that publicly known issues that companies like Securina are tracking should be patched by Apple on a more timely basis.

However, I maintain the notion that the statistics you're quoting are largely meaningless. For example, when an exploit is found, the researcher/hacker has a choice on how to proceed next. Some might try to use the exploit in the form of a virus, trojan, etc. Some will contact the manufacturer (Microsoft, Apple, etc.) and some might also choose to make it more publicly known such that companies like Securina can track it. The point is, exploits are found on all systems on a routine basis. At no point in time can you confidently say "all exploits are patched". That's simply not the case, regardless of who makes the claim. Though, to your point, it's never a good thing when there are publicly known issues that are not patched.

From/what/Ive/seen,most/OSX/threats/require/direct/physical/contact/with/the/targeted/machine,or/require/some/action/on/the/users/part.
Of/course,there/was/the/QT/exploit/which/was/easily/disabled/simply/by/switching/off/auto/launch.
The/Flash/and/Adobe/PDF/exploits/which/were/application/specific/rather/than/OS/specific.