Myth or Fact? Is Mac OS X Really More Secure than Windows?
- Apr 6, 2007
- Article is provided courtesy of Que
- The Biggest iPhone OS 3 Features and How to Get The Most Out of Them
- Essential Mac Skills for the IT Professional
- 20 iPhone/iPod Touch Apps to Check Out
- Finding Alternatives to NetRestore
- Choosing the Best Remote Support and Management Tools
- Making the Genius in iTunes 8 Even Smarter
- The Top Three Windows/Mac Client Management Options
- Best Practices for Businesses Running Windows on a Mac
- The Top Five Solutions for Mac/Windows Client Deployment
- Ten Features Still Missing from the iPhone
- Top Ten Myths and Misconceptions About Mac OS X Server
- Macs in the Enterprise: Top Ten Assumptions, Myths, and Misconceptions
- Planning for and Supporting the iPhone in Business Environments
- Buying an iPhone 3G – What You Should Know Before Heading to the Store
- What You Need to Know About the iPhone 3G and iPhone 2.0 Update
- The Top 10 iPhone Accessories
- The Top 10 iPhone Applications
- Myth or Fact? Is Mac OS X Really More Secure than Windows?
- Understanding and Backing Up NetInfo: Ensuring the Recovery of Local Mac OS X User and Machine Data
- Imaging for Intel Macs Part 2: How to Efficiently Deploy Windows with Mac OS X on Intel Macs
- Imaging for Intel Macs Part 1: Why Intel Macs Increase an Administrator's Workload and How Best to Manage Their Deployment
- Backup Basics Part 3: General Tips for a Backup Strategy
- Backup Basics Part 2: Demystifying Backup Media
- Backup Basics Part 1: Demystifying Server and Workstation Backup Methods
- Mac Deployment Tools: An Overview of the Best Ways to Roll Out a New Mac Lab or Update an Old One
Sorry, this author hasn't posted any blogs.
Like this article? We recommend
101 Reasons to Switch to the Mac (Digital Shortcut)
If you boot up and surf the Web using a Windows PC without installing or configuring any security tools, it will likely pick up some piece of spyware, some adware, or a virus on it pretty quickly. By contrast, you can surf the Web using a Mac without changing any of the default install settings for months without problems. This is what most people point to as proof that Mac OS X must be more secure.
What really makes this example seem like evidence of Mac OS X as a perfectly secure operating system is that there are very few viruses or other forms of malware that have been created to exploit flaws in Mac OS X. There are multiple reasons for this; chief among them the fact that there are far fewer Macs in the world than there are Windows PCs. As a result, most malicious code writers choose to target Windows so that they can have a much wider impact.
Another factor is that until recently Mac OS X was designed to run only on Power PC processors, which use different instruction sets and assembly language than Intel or AMD processors. Although not an impossibly large hurdle to malicious users, this meant that malware needed to be coded with a payload specific to Power PC hardware rather than simply converting an existing payload to work with exploitable flaws in Mac OS X. Combined with the smaller user base, it historically resulted in far less interest in targeting Mac users.
Security by obscurity, however, is not proof of a secure operating environment. It might not even be a comforting thought because it can lead to a general lackadaisical attitude toward security and widespread infection should a rapidly propagating virus or other malware be developed. The truth is that although there have been few instances of malware or widespread attacks targeting Mac OS X, the platform is not perfectly secure. In fact, it does have a variety of vulnerabilities.
Kernel Weakness
One of the weaknesses in Mac OS X is its combination of BSD Unix with the Mach kernel. The BSD nature of Mac OS X offers several security advantages: securelevels, a multiuser access control model, and the ability to limit the access that applications have to the kernel and other core operating components. All this offers improved security compared with most Windows releases.
However, the fact that the BSD architecture sits on top of the Mach kernel presents a weakness because it’s possible to use Mach-specific kernel services to circumvent BSD security features by passing system calls and instructions into the kernel itself. This could allow a malicious user with knowledge of the Mach kernel to carry out a number of normally restricted activities.
There are also a number of known vulnerabilities to the Mach kernel. As with most kernel vulnerabilities, they are primarily related to system calls. Some of them have been used in the past to develop rootkits capable of patching the kernel and allowing a malicious user to infiltrate a system without detection. Apple has prevented known rootkits from being used to compromise the current release of Mac OS X. However, there continue to be ways in which malicious users or code can infiltrate the kernel and, by extension, compromise the entire operating system.
Account Sign In
View your cart