Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

cancel ×

549 comments

first (-1, Offtopic)

onthost (928770) | about 8 years ago | (#15659698)

first post

EffPeee!!! No Surprise Here (3, Informative)

eno2001 (527078) | about 8 years ago | (#15659700)

Anyone who is in "the industry" knows this. They just like to say the things people like to hear though...

Re:EffPeee!!! No Surprise Here (4, Insightful)

DieNadel (550271) | about 8 years ago | (#15659772)

True.

I think we'll never see mass-migration influenced by arguments like those on the article.

People has been saying that security is THE good argument for switching forever, be it Linux, Solaris, BSD or Mac folks, but this has never been a sufficient argument to fuel the switch.

Maybe what we need is not a system with better security and similar software suit. People will only change when we have a system with better security and SAME software suit (or at least one that has similar interface).

Most users are lazy, and they don't want to learn how to use new interfaces.

Re:EffPeee!!! No Surprise Here (2, Insightful)

eno2001 (527078) | about 8 years ago | (#15659841)

You are correct sir. However there is one other way it would happen. A major security disaster that really eats nearly everyone's data on the Windows platform in such a way that it can never be recovered and backups won't work because the fundamental OS itself is completely at the mercy of the cracker(s) who staged the attack. At that point, people won't want to use Windows and would be forced to move. Of course, something like that could never happen now, could it? ;)

Re:EffPeee!!! No Surprise Here (4, Insightful)

mgblst (80109) | about 8 years ago | (#15659858)

I wonder what goes through the mind of the average person, when thinking about buying there next computer. Do they buy PCs because that is what they always have had, and it is what everyone they know has? Or is it a certain love for applications that aren't on macs. (surely not) Is it the salesmen in the stores, pushing pcs?

EffPeee!!! No Surprise Here-Stereotypes:The sequal (1)

Anonymous Coward | about 8 years ago | (#15659894)

"Most users are lazy, and they don't want to learn how to use new interfaces."

As witnessed by the historic non-movement of users from DOS to Windows 3.1, or OS 9 to OSX

Re:EffPeee!!! No Surprise Here (0)

Anonymous Coward | about 8 years ago | (#15659790)

I don't get why it's recommending macs when there's a far easier, cheaper and more secure way to secure yourself from malware. When all you have to do is stick an Ubuntu CD into the drive, migrating away from Windows costs nothing - there's no point spending so much money on new hardware to run MacOS.

EffPeee!!! No Surprise Here (/.) (0)

Anonymous Coward | about 8 years ago | (#15659815)

"Anyone who is in "the industry" knows this. They just like to say the things people like to hear though..."

Geeks are the sexiest people on the planet!

However.... (5, Insightful)

ArcherB (796902) | about 8 years ago | (#15659706)

As more users make the switch, so will the malware coders.

That said, it will be years before OSX overtakes Windows, if it ever does. Still, with OSX's mature tried-and-true UNIX core, I don't see as many problems as with MS's OS.

Re:However.... (1)

aadvancedGIR (959466) | about 8 years ago | (#15659761)

OS X may be better by design, it still can do nothing against some kind of threats. If someone is stupid enough to click on anything he receive from IM and has the right to install programs, he is screwed whatever its OS. Currently, this hadn't infected Mac too much simply because hackers did associate them with "bunch of lusers".

Re:However.... (4, Insightful)

God'sDuck (837829) | about 8 years ago | (#15659780)

If someone is stupid enough to click on anything he receive from IM and has the right to install programs, he is screwed whatever its OS.
except, on a Mac, before it does anything vicious you have to give your login password to the sudo command window. Vista will (fina-freaking-lly) have this, but, if it doesn't improve dramatically from the beta, those windows will have popped up so often that people will just click through. On my Mac, when that window pops up, I *notice* -- since it's quite rare. so the true idiots will still get smacked...but the general public will have to do quite a bit more to actively screw their system.

Re:However.... (4, Informative)

sqlrob (173498) | about 8 years ago | (#15659809)

Not completely true.

You don't need admin privileges to screw a users account and do "useful" things. Point of example - MyDoom.A didn't need Administrative privileges for anything it did.

Re:However.... (1)

God'sDuck (837829) | about 8 years ago | (#15659857)

herm...point taken...

Re:However.... (0)

Anonymous Coward | about 8 years ago | (#15659818)

#!/bin/sh
rm -rf ~


doesn't require sudo.

Re:However.... (4, Insightful)

mdwh2 (535323) | about 8 years ago | (#15659873)

except, on a Mac, before it does anything vicious you have to give your login password to the sudo command window.

And how will that help? If a user is willing to click to run untrusted programs, he is willing to type a password to do so. This will only help in cases where a user does not have the priviledge to install programs (which the OP explicitly discounted by saying "and has the right to install programs").

Re:However.... (1)

rizzo420 (136707) | about 8 years ago | (#15659912)

does the mac allow blank passwords or are you required to have one? my guess is that the more people with blank passwords, the more likely it'll be they'll have problems.

the funny thing is, i've been running windows for years and the only time i got a virus was in 97 or 98 when anti-virus software use wasn't as widespread (i had it, but they didn't update defs as often then). i got the elvira virus, it was pretty neat, but luckily, it wasn't the bad version where it wiped your C drive. a floppy disk i used in a computer lab or borrowed from a group member must have been infected. since then, i have never had a virus or spyware infection. it's called smart computing. the more lusers start using macs, the more problems we'll see with them. just like with firefox/IE. the more people use firefox, the more vulnerabilities will be exploited.

Re:However.... (2, Insightful)

ArbitraryConstant (763964) | about 8 years ago | (#15659923)

Privilege escalation attacks are pretty common (on all UNIXes, not just MacOS), it isn't safe to assume malicious code needs you to type your password.

Re:However.... (3, Informative)

gumbi west (610122) | about 8 years ago | (#15659800)

On a Mac you actually have to confirm that you intend to run a new app the first time that you run one. The basic idea is to make one more click for these instances. It's not perfect, but it is more secure than not having it.

Re:However.... (0, Troll)

CogDissident (951207) | about 8 years ago | (#15659822)

The average luser will just click the ok screen every time. This is because macs make you hit so many ok buttons that most people don't bother to look. "Do you want to download this?" yes. "Do you want to open this window?" yes. and so on and so on because it can't tell a real possible threat from normal activity.

Whatever... same with Windows (1)

sheldon (2322) | about 8 years ago | (#15659876)

Now every frickin time I want to run some executable I have to click "Yeah, ok, fine, do it".

Do you think I read the stupid dialogs? Nope. Not a chance.

Confirmation prompts are not security. They're just a CYA so you can tell the user "Well, we warned you".

"bunch of lusers" (1)

dominikbal (986947) | about 8 years ago | (#15659811)

Windows users are not?

Re:However.... (1)

gitreel (628922) | about 8 years ago | (#15659900)

That was my thought. This ties into the security through obscurity method. There is a flaw in this theory. As more users switch, the bigger of a target for hackers.

First Post (-1, Offtopic)

Anonymous Coward | about 8 years ago | (#15659707)

OMFG, I did it!!! Yeah!!!!

Re:First Post (-1, Offtopic)

Anonymous Coward | about 8 years ago | (#15659725)

no you didn't
fuck off

YUO FAIL IT (0, Offtopic)

SpokeBot (884906) | about 8 years ago | (#15659732)

hahahahah loooooser

Re:First Post (2, Funny)

neonprimetime (528653) | about 8 years ago | (#15659751)

RTFA! If you were using a MAC you woulda got 1st post, but since your WinBox was infected with malware it slowed your internet connection down.

The MSFT Security Analogy (4, Interesting)

neonprimetime (528653) | about 8 years ago | (#15659708)

Microsoft has pledged that the latest version of its operating system, known as Vista, will be its most secure yet.

  • Win95 - There weren't even any doors or windows in the house
  • Win98 - They installed doors & windows, but left them all open
  • WinME - They accidentally broke the glass out of the windows
  • WinXP - They fixed & shut the windows, but the door was left open
  • WinVista - They shut the doors & windows, but still forgot to lock them

Re:The MSFT Security Analogy (4, Funny)

cHALiTO (101461) | about 8 years ago | (#15659856)

* WinXX (after Vista) - They built the walls around the doors and windows.
* WinYY (after WinXX) - They blocked the chimney
* WinZZ (after WinYY) - They rebuilt the walls, this time out of bricks, instead of paper.

Not for much longer (1)

harmlessdrudge (718066) | about 8 years ago | (#15659711)

With Boot Camp Windows can soon infect Macs.

Re:Not for much longer (0)

Anonymous Coward | about 8 years ago | (#15659824)

Ummm. so you are saying windows will still be infected? Move along nothing to see here.

10 most "common" kinds? (2, Interesting)

Anonymous Coward | about 8 years ago | (#15659713)

I love my mac, but articles like this are somewhat misleading. Surely the reason the top 10 pieces of malware are Windows only isn't something as mundane as the 90% / 10% market saturation of windows vs. Mac devices. Even if the same malware app was on ever single mac connected to the net, it still wouldn't show up in this top 10.

Re:10 most "common" kinds? (4, Insightful)

codegen (103601) | about 8 years ago | (#15659823)

urely the reason the top 10 pieces of malware are Windows only isn't something as mundane as the 90% / 10% market saturation of windows vs. Mac devices. Even if the same malware app was on ever single mac connected to the net, it still wouldn't show up in this top 10

I love my mac too (all four of them). There is a bit more to it than that. A large part is the predominant number of windows. To effectively spread, a virus must have reasonable access to new hosts to infect. Also, the harder it is to infect, the more hosts the virus must have access to in order to spread. The concentration of macs is low enough that this significantly inhibits the ability of viruses to propogate.

But there are also other issues. The article notes that email virus have become the most predominant malware. Certain email client programs are much more suceptable to these viruses that others. A large number of Windows users switching email clients would reduce the number of viruses significantly. I can tell everytime a new virus comes out, I suddenly see

  1. Email from people I know use windows machines. One prof in our department always seems to be unlucky enough to get hit with zero day attacks.
  2. Bounces from bad email addresses to my address when the virus chooses my email address from the address book of someone I know who gets infected to use as the sending address. At least most of the viruss scanners have become smart enough to stop sending infection notices for viruses known to spoof return addresses

Re:10 most "common" kinds? (1)

codegen (103601) | about 8 years ago | (#15659838)

Ooips, typo, I meant to say the artcle said the most widespread problem, not the most predominant.

Mea Culpa.

Wait I can do this!!! (0)

Anonymous Coward | about 8 years ago | (#15659716)

arhum,

Mallware, what about Finder.

A nice fp true to the spirit of slashdot.

Alright Microsoft... (1)

LeddRokkenstud (945664) | about 8 years ago | (#15659718)

Alright Microsoft, it's time to start producing some spyware/malware/viruses for the Mac!

Re:Alright Microsoft... (1)

jejones (115979) | about 8 years ago | (#15659877)

<tinfoil_hat>How do you know they haven't already done so for the Mac, or for Linux... or funded such activity by others?</tinfoil_hat>

Macs safer... (4, Funny)

Decameron81 (628548) | about 8 years ago | (#15659720)

"Security firm Sophos Security has released a report claiming that Macs will be more secure than windows for some time to come."


Wow, they managed to predict the present.

This just in.. (4, Funny)

Rob T Firefly (844560) | about 8 years ago | (#15659721)

..people want to attack bigger targets more than smaller ones.

I'm just going to keep all my important stuff on a TI-99/4a [wikipedia.org] from now on. Let's see the botnets get hold of that!

Re:This just in.. (1)

julesh (229690) | about 8 years ago | (#15659797)

I'm just going to keep all my important stuff on a TI-99/4a from now on. Let's see the botnets get hold of that!

They probably can, but only if you have Extended BASIC and the dual floppy drive add-on.

Re:This just in.. (0)

Anonymous Coward | about 8 years ago | (#15659821)

Yes, but does it run Linux?

Re:This just in.. (1)

flyingfsck (986395) | about 8 years ago | (#15659837)

Yup, my TRS80 is perfectly secure...

Why Bother? (2, Interesting)

argo747 (935004) | about 8 years ago | (#15659724)

Why would I write a piece of malware that would only target a small segment of the market? If one wanted to further one's nefarious plans wouldn't it be smart to go after the biggest slice of the pie?

Re:Why Bother? (5, Insightful)

99BottlesOfBeerInMyF (813746) | about 8 years ago | (#15659806)

Why would I write a piece of malware that would only target a small segment of the market? If one wanted to further one's nefarious plans wouldn't it be smart to go after the biggest slice of the pie?

That would depend upon your goal, now wouldn't it? For botnets, it is probably too difficult compared to the return to go after OS X boxes, but for other types of malware it makes some sense to add OS X as a secondary vector for a cross-platform worm. If, for example, you're gathering credit card numbers and accounts to online stores, you'll get a better return from OS X boxes than from Windows machines since you eliminate the chunk that is pirated and running in the third world, and basically limit yourself to the wealthy first worlders, and usually even the higher end of that group. You also, unfortunately, are targeting a lot of the security expert crowd, almost guaranteeing early detection of your worm.

If, however, your goal is hactivism or prestige, well the first worm that targets OS X machines and actually propagates significantly in the wild will be big news and generate a lot of press. It is an ideal target, if you can pull it off.

There is plenty of motivation to attack OS X boxes, but the difficulty of doing so, due to more reasonable security and architectural choices and because the skillset of malware authors is usually very Window's platform specific has played a big part in making sure that it has not yet been a concern.

Re:Why Bother? (1, Informative)

Anonymous Coward | about 8 years ago | (#15659872)

If, for example, you're gathering credit card numbers and accounts to online stores, you'll get a better return from OS X boxes than from Windows machines since you eliminate the chunk that is pirated and running in the third world, and basically limit yourself to the wealthy first worlders, and usually even the higher end of that group. You also, unfortunately, are targeting a lot of the security expert crowd, almost guaranteeing early detection of your worm.

Not true – a lot of Mac users are just ordinary people who have been using Macs forever, and just wouldn't want/need to have anything else. For example, someone I know – who runs a school computer lab full of Windows systems – has been a Mac user at home for years, and she's got the latest OS X and everything, and she's a very smart person, but as far as computer security, etc. goes I don't think she'd be quite up to the same level as most of the /. crowd. (Her mother's also a Mac user – never used anything else – in her eighties or somewhere around there, so it's probably not so much the security or anything as it is just what she's familiar with.)

[Posting anonymously to protect their identities]

Re:Why Bother? (0)

Anonymous Coward | about 8 years ago | (#15659830)

To get control of millions of boxes without any competition.

Re:Why Bother? (1)

julesh (229690) | about 8 years ago | (#15659884)

Why would I write a piece of malware that would only target a small segment of the market?

Because that small segment, accustomed to not being targeted by malware authors, might be less likely to take precautions that would prevent you achieving your goal than the larger segment. You may therefore get a higher penetration for lower effort.

Note: malware does exist for non-Windows systems. I had a Linux box owned by a BIND-worm a few years back. The worm failed to propogate onto my machine properly because it was badly written, but it managed to break down the door at least.

Linkys (0)

Anonymous Coward | about 8 years ago | (#15659727)

Here's a link [sophos.com] to the Sophos webpage with more detail, and a whitepaper [sophos.com] which you can download if you fill in some contact details.

Call home (2, Interesting)

mwvdlee (775178) | about 8 years ago | (#15659728)

The first and foremost thing MS should do to make Windows more secure is to disable the call home when installing WinXP. From the moment it logs in, it is prone to attack and the user is left defenseless upto the moment installation is completed and a zillion trojans have had ample time to install. Atleast make it so the call home is performed AFTER I had the chance to install a virusscanner and firewall.

Re:Call home (1)

God'sDuck (837829) | about 8 years ago | (#15659825)

or, more simply, have the installer block all ports and programs except the installer until the install finishes.

Re:Call home (1)

Richard_at_work (517087) | about 8 years ago | (#15659892)

Uh you do know you can defer the activation check until later on, it doesnt have to be done as part of the install? This gives you ample time to install a firewall et al before having to go online to carry out the activation.

Defenseless? (1)

Medievalist (16032) | about 8 years ago | (#15659917)

The first and foremost thing MS should do to make Windows more secure is to disable the call home when installing WinXP. From the moment it logs in, it is prone to attack and the user is left defenseless upto the moment installation is completed and a zillion trojans have had ample time to install. Atleast make it so the call home is performed AFTER I had the chance to install a virusscanner and firewall.
You're doing installs with the hardware hooked up to a public network? I don't think the problem is with Microsoft's plan here.

Install with the net and phone wires unplugged. Or, if you have the tech chops, install with the network wire plugged into a private secure network containing only a WSUS server [microsoft.com] and pull your updates right away.

I hate the whole concept of software that automatically "calls the mothership" anyway, but that's a different rant...

...Again? (5, Insightful)

GundamFan (848341) | about 8 years ago | (#15659729)

Well sure... follow the money... There is no point in compromising a Mac but if you hack Windows you have a marketable product. After the pigs sprout wings and Macs take over the 95% market share lets see how many proffesonal hackers turn there attention away from Microsoft's products. Saying OSX is more robust than Windows XP is irelivant... where there is a will there is a way.

malware's not the only problem (5, Insightful)

Speare (84249) | about 8 years ago | (#15659730)

Maybe the OS-dependent malware is on Windows but not MacOSX, but there are still some serious computer-delivered attacks that don't depend on the operating system. Social exploits like phishing and pay-forward scams still attack the gullible on any platform. Cross-site scripting exploits can still put web services such as PayPal and Amazon at risk. This has little to do with the platform, and I think many MacOSX fans are falsely smug over the whole thing.

Security through... (5, Insightful)

Spykk (823586) | about 8 years ago | (#15659738)

If you really want to follow the security through lack of marketshare model then you should install os/2 or dos.

Macs and... (4, Insightful)

snwod (721177) | about 8 years ago | (#15659739)

Linux, right? Seriously, though, this is going to start the usual flamewar, with both sides refusing to budge on the views about their systems. Nothing new. I run Windows (for games...and Linux for most everything else...and I do like Macs, but haven't been able to get one recently), and haven't had a virus or malware problem in years. I run a good firewall/anti-virus combo along with using Ad-aware and the rest. I don't click on banner adds and I don't install strange pop-up programs. Pretty simple really.

Re:Macs and... (2, Insightful)

jizziknight (976750) | about 8 years ago | (#15659802)

I've run windows for years WITHOUT any anti-virus, only Ad-Aware (and recently Windows Defender for the realtime aspect) and haven't had a virus or malware problem. I think these sorts of things have a lot more to do with user stupidity than anything. "Hay, guys I got an email from someone I've never heard of with a screensaver attached!" *click* "Oh, shi..."

Re:Macs and... (1)

buddyglass (925859) | about 8 years ago | (#15659893)

Ditto. And that's running IE and without anti-virus software. All you really need to do is:
  1. Sit behind a cheap $50 router.
  2. Regularly update Windows/IE with critical patches.
  3. Not use Outlook.
  4. Only run software obtained from a "trusted" source.
That said, my parents, brother, and most of my friends have all had their systems miserably infected at one time or another. Apparently it's difficult for people to follow these simple rules.

Switch to abacus, pen and paper (1)

10Ghz (453478) | about 8 years ago | (#15659740)

I heard those are immune to just about ALL malware out there, and will remain so for eons. And the technology has been tested and troubleshot for centuries, so it's basically bulletproof.

Re:Switch to abacus, pen and paper (1, Funny)

Anonymous Coward | about 8 years ago | (#15659779)

b00kw0rm/.2A v.2 has been shown to be highly effective against paper, using the so-called 'muching' vector. Security services are still working on a reliable advanced detection method. As always we recommend all users create backups of their paper, preferably secured in the 'read-only' laminated medium.

Re:Switch to abacus, pen and paper (2, Funny)

10Ghz (453478) | about 8 years ago | (#15659803)

"laminated medium"

Gold-pressed latinum! w00t! Oh, you said "laminated"? nevermind....

Re:Switch to abacus, pen and paper (1)

kmo (203708) | about 8 years ago | (#15659896)

I heard those are immune to just about ALL malware out there, and will remain so for eons.

You must not have encountered a toddler with a crayon.

This is bunk... (0)

Anonymous Coward | about 8 years ago | (#15659741)

I'm a Mac user, a Windows user, and a Linux/BSD user, and I can tell you straight up that while Windows takes more effort to lock down, almost nothing in this world prevents people's stupidity -- succumbing to a phishing email or clicking on an embedded link when you know you shouldn't -- no matter what OS you choose to use. There are dumb OpenBSD users just as there are smart Windows users.
I work in IT security and while malware will continue to plague us, the crafty stuff like phishing and pharming are getting more crafty and difficult to spot. You may tell yourselves that you'll never fall for something like phisphing or pharming and maybe you won't, but the vast majority of Internet users are susceptible anf gullible enough to click on something.

Re:This is bunk... (0)

Anonymous Coward | about 8 years ago | (#15659926)

dumb OpenBSD users

Just out of curiosity, have you ever tried installing it? Because if they're just regular users on someone else's system, I might be able to understand that, but as far as installation and administration goes, OpenBSD's a very techie-oriented system, and I'm pretty sure that anyone who could understand the OpenBSD installer would have more than enough sense not to install malware, etc. (does it even exist for OpenBSD?)

"Some time to come" (0)

Anonymous Coward | about 8 years ago | (#15659742)

"Some time to come" translates into when Mac's have a big enough market share for malware developers to consider it worthwhile. When that occurs, they'll actually put forth serious, financially-driven effort into discovering flaws in Apple-branded OS offerings.

Remember, while you do have the malware that is purely destructive and just flat-out hates you, the vast majority of malware is developed for $$$.

So, if malware is a product designed to make the developer $$$, then the developer is going to go after the biggest market share that isn't filled up with too much competition.

Windows is still that market.

It may be true but... (0, Flamebait)

xtracto (837672) | about 8 years ago | (#15659783)

But I think people using Apple computers are the one with less technical knowledge, at least that was what the MAC was about (no?), to let "everyone else" use a computer. So, if there was a company creating malware for that computer now, with almost no "active protection" I believe they could get a nice perecentage of the userbase to fall into their claws.

Re:It may be true but... (1)

99BottlesOfBeerInMyF (813746) | about 8 years ago | (#15659846)

But I think people using Apple computers are the one with less technical knowledge...

Not really. A lot of people who use macs are clueless, but a significant portion of the security professional industry is also using macs. Think of the attempt to spread a worm using a dropper on a mac discussion site that happened last year. The trojan itself was discovered, analyzed, and documented everywhere within hours and the infection was contained at the source.

So, if there was a company creating malware for that computer now, with almost no "active protection" I believe they could get a nice perecentage of the userbase to fall into their claws.

Due to the general makeup of machines on the internet, it would likely have to be a cross-platform worm to actually propagate. Also, most malware authors are Windows people, with a skillset dedicated to that platform. Most of them simply don't have the skill to write a mac worm. Macs also present a tough target, with good default settings (mostly) and some well thought out and time tested design choices. Trying to go from adapting existing Windows malware to writing from scratch malware that will actually work on OS X is a pretty big jump. If it happens, it will likely be for reasons of prestige, not purely monetary concerns.

Apple fud cake (3, Insightful)

Xiph (723935) | about 8 years ago | (#15659743)

This is just another of those articles that claims Apple is safer, because it's less of a target.
It reads the new updated statistics about the problems of ms windows, and clichés it's way to declaring apple fairly safe.
this article does admit apple has security flaws, but does not extend it beyond that.

In short, the article doesn't do much to bring perspective, or depth to an already longwinded debate.
In my opinion, changing to apple because it's less of a target is comparable security through obscurity.

Real security comes through proper training of administrators and users. Real security does not come with the operating system

Oh oh!! (0, Troll)

SirCyn (694031) | about 8 years ago | (#15659748)

I want to say something totally obvious and have is posted on Slashdot too!

User is the problem (4, Insightful)

LiquidCoooled (634315) | about 8 years ago | (#15659749)

The user is the most infectious part of any system.

If a user has permissions to run any program he wants then malware will remain.
In a corporate environment, the users' rights should be such that unknown applications cannot run.

Home users don't have the same protections and must rely on virus checkers and spyware scanning to tell them that "this screensaver your mum sent you is infact a trojan which will send itself out to all your friends".

Windows, Linux, Mac, BSD are all susceptible to users' bad decisions.

(and the critical mass of malicious folks exist in Windows, but that could change quite quickly)

Its the same argument of firefox vs IE (5, Insightful)

tont0r (868535) | about 8 years ago | (#15659750)

When firefox came out, there werent any problems with it at all. Pops wouldnt happen as often. No 'ZOMG ACTIVEX WILL EAT YOUR FACE' or anything like that. But mostly because 95% of all people were using IE and firefox was about 2%. Now that firefox is more popular, people have found ways around it. Firefox is still great and they do a great job at patching it up (much better than IE). But the Macs are in the same boat. Its a small market right now, but as they get more popular, there will be viruses and exploits for it just like windows. The only argument is will they fix it faster than microsoft does?

Re:Its the same argument of firefox vs IE (1)

mrxak (727974) | about 8 years ago | (#15659798)

I thought the argument for Firefox was that it is a faster browser with good standards support and less bloat...

Re:Its the same argument of firefox vs IE (1)

mdwh2 (535323) | about 8 years ago | (#15659919)

Indeed, by the logic that people apply to Macs, Opera is the most secure browser because hardly anyone uses it, and everyone should switch to using that.

And now, apple wants to run Windows? (1)

WindBourne (631190) | about 8 years ago | (#15659760)

I find it funny that apple wants to run windows alongside. They would be better off pushing wine to avoid all the local issues that Windows has.

Re:And now, apple wants to run Windows? (1)

MSFanBoi2 (930319) | about 8 years ago | (#15659813)

Except for the fact that WINE is a serious pain in the ass, doesn't support all the DirectX goodies it should, has problem with mouse control, has issues with some network features, has serious issues with sound, accelerated video and a bunch of other things that make most people say fuck it, and reboot to Windows...

The REAL reason OSX is more secure than Windows (3, Funny)

mwvdlee (775178) | about 8 years ago | (#15659762)

The script kiddie tools are available on Windows only.

Less Targeted = More Secure? (4, Insightful)

CPIMatt (206195) | about 8 years ago | (#15659769)

The article doesn't say that Macs are more secure than Windows. It only says that they are less targeted by malware. Two different things. Bad, Slashdot, Bad!

*Troll*

-Matt

OSX (0, Offtopic)

Joe The Dragon (967727) | about 8 years ago | (#15659771)

Too bad that osx only runs on apples hardware and If thay thing that the only desktops thay going to make a $600 mac mini with pos video and a $1800 and up one with with 2 cpus and good video + slots is going to work. Thay need a mac with one cpu and good video + slots if thay want for more people to have macs.

vista might be semi secure until... (0, Redundant)

insanemime (985459) | about 8 years ago | (#15659773)

I have messed with vista and they tried to do a MAC thing by making the system stop when you try and change something with the system and having you click continue to verify that you actually want it changed. Good idea, except that it prompts you on EVERYTHING. Change your screen saver? HALT..VERIFY. Want to check network connection setting? HALT...VERIFY. I think this will end up getting really annoying and people will disable it (like we did with the test of vista beta).

Simple (1)

ConallB (876297) | about 8 years ago | (#15659784)

!worthhacking != Secure

Misleading metrics (5, Insightful)

Kope (11702) | about 8 years ago | (#15659788)

Saying that the most common malware only effects Windows, therefore Macs are more secure is simply bad reasoning.

What matters is rate of contact and rate of infection after contact.

A well configured Windows machine, with a good up-to-date virus/spyware scanner and firewall which prevents unauthorized registry changes is pretty hard to actually infect.

I'm sure that "out of the box" Macs are better. But it's not "out of the box" that I care about. My concern is level of security during actual operation.

I have no problem believing that Macs are more resistant to malware, but this measure doesn't show that to necessarily be the case.

Re:Misleading metrics (1)

Kope (11702) | about 8 years ago | (#15659814)

Gah -- bad sentance structure makes me sound like an idiot:

Yes I know what firewalls do.

When I wrote "with a good up-to-date virus/spyware scanner and firewall which prevents unauthorized registry changes" the "which" is refering to the virus/spyware scanning not the firewall.

Not that this'll actually teach me to poof-read.

Where's the "duh" button when you need it? (2, Funny)

MrSquirrel (976630) | about 8 years ago | (#15659789)

Windows is more used than OS X (90% marketshare) and Microsoft is more hated than Apple -- of course Windows is going to be "more vulnerable"... because more people are going to target it! (Analogies: start your engines!) That's like saying "You're more likely to get shot in Chicago than SmalltownUSA" Well duh, because there are more people and more guns in Chicago than SmalltownUSA (Apple is SmalltownUSA if you couldn't figure that out). Apple's operating system has its flaws, Windows has its flaw, Linux has flaws -- security flaws will probably always exist (until the robots write our code for us... IN OUR OWN BLOOD) and as long as they are around, people will always try to exploit them. It's not wonder the top 10 malware pieces are for Windows considering Windows' HUGE marketshare (Analogy remix: wouldn't it be smart to pick out a particular bank to rob if it has 90% of the world's money?).

The popularity myth (0, Troll)

MikeRT (947531) | about 8 years ago | (#15659794)

Microsoft is not hit so much because they are popular, they are hit because their whole development and security model is badly employed by others. How much software can run on a limited user account in Windows without any issue? OSX is far beyond them in this respect.

I've noticed that most of the people who advocate the popularity myth are not programmers. Whenever I have asked them just what they actually know about programming, I often get the usual populist bullshit "does that really matter?! Who do you think you are, elitist?"

How stupid do you have to be to believe that all designs are fundamentally the same? That's what the popularity model assumes. It assumes that OSX is more secure only because it hasn't had any scrutiny. Maybe so, but its flaws are its own. It might be worse than Windows, but if it is, it's because of OSX's design and implementation.

obscure != secure (4, Insightful)

spyrochaete (707033) | about 8 years ago | (#15659801)

They said the same thing about Firefox but that's starting to change. Mozilla is fixing holes all the time and I'm starting to see ads that get through Adblock (stupid Mediaplex). This is just an article about security through obscurity - the best kind of security according to too many Apple fans I've talked to.

Faith in obscurity means you'll be totally unprepared when disaster strikes.

lazy reporting (0)

Anonymous Coward | about 8 years ago | (#15659805)

I actually emailed the beeb about this, yet another slippage in their understanding. They should lay off writing up the crappy 'entertainment' stuff and use the money saved to buy some tech writers.

"Sophos security said that the 10 most commonly found pieces of malicious software all targeted Windows machines."

--"most commonly found". as over 90% of desktops run windows, although corrent the statement has as much impact as saying "crashes between cars are the most common accident on the roads".

even if the infection rate across all machines was the same, that would still make the "most commonly found" all come out as windows.

tag (1)

Errtu76 (776778) | about 8 years ago | (#15659820)

This is the first time i see a story accurately tagged 'duh'

That's not what the article says (4, Insightful)

Tim C (15259) | about 8 years ago | (#15659826)

The summary here says:
The report listed the 10 most common kinds of malware, and noted that they can only infect Windows systems.

However, the BBC article linked to says:
Sophos security said that the 10 most commonly found pieces of malicious software all targeted Windows machines.

In contrast, it said, none of the "malware" were capable of infecting the Mac OS X operating system.


Kinds of malware means categories - eg trojans, viruses, etc. That's absolutely not what the BBC article says.

No really,... (0)

Anonymous Coward | about 8 years ago | (#15659828)

How much did apple pay to get this posted on slashdot?

Sober-Z 'worm'? (1)

BenjyD (316700) | about 8 years ago | (#15659829)

Isn't Sober-Z just another email trojan - it seems to require the user double clicking on the attachment to run. No system is safe against trojans.

Re:Sober-Z 'worm'? (1)

the linux geek (799780) | about 8 years ago | (#15659883)

If the trojan contains a Windows-only executable or vulnerability (as most do), then chances are pretty good it won't infect a Mac.

So what you're saying is... (1)

martinultima (832468) | about 8 years ago | (#15659834)

You can't hack an OS X system in 30 minutes? [slashdot.org] Granted, they were literally asking for it, but the point remains that it was hacked in a very short period of time, and you kind of have to question the security stuff there.

Personally, I'd say that it would make a lot more sense just to switch to Linux – not only does it work with your existing PC hardware, but it's also usually free or inexpensively-priced. And despite what a lot of people have claimed, it's really not very hard to install or use – as a distribution maintainer myself, I get a lot of e-mails, etc. from users, and most of the time if there are problems, they're usually either really small things after installation, almost never something that would render the whole system entirely unbootable. (A lot of my family and friends are using it now too, without any sort of problems, and considering that they were all Microsoft junkies for years it's not as insignificant as it may seem...) Obviously I may as well promote Ultima Linux [ultimalinux.com] here, but there are many others [distrowatch.com] available – I'd stay away from Ubuntu, I've had some bad experiences with it myself*, but the hell with it, you have a choice, so you choose what's best for you.

Of course, if security's the number one priority and absolutely nothing else matters, the only way to go is OpenBSD [openbsd.org] ... it's also pretty damn fast, too, even on a P-133/80MB laptop.

Having said all that, I do have to admit my iPod nano is the best thing since sliced bread...

*Tried it out in my spare time, mostly out of curiosity (I sometimes like playing around with other systems just for the hell of it)... among other things I've noticed: No wireless support, slow as hell, and it uses GNOME, which I can't stand. And don't even get me started on apt-get.

DISCLAIMER: Probably some bias in there, since I'm a distro maintainer myself. Take with a grain of salt...

Re:So what you're saying is... (1)

99BottlesOfBeerInMyF (813746) | about 8 years ago | (#15659922)

Granted, they were literally asking for it, but the point remains that it was hacked in a very short period of time, and you kind of have to question the security stuff there.

They were more than asking for it, they did most of the work for you. If you build a Web interface that gives anyone who asks an account on your Linux box and you don't restrict it in a VM or jail, and you disable several other security mechanisms, well the same thing will happen as did on OS X. Basically the test said, "yup just like every other workstation UNIX that is not designed for high security installations, OS X has some local privilege escalations."

Personally, I'd say that it would make a lot more sense just to switch to Linux - not only does it work with your existing PC hardware, but it's also usually free or inexpensively-priced.

For some of us, out time is worth enough to justify a small up front cost to save time daily (for those uses where OS X does save time over Linux). For others, Linux simply does not support applications we need to use, because there are no good alternatives on Linux.

I'd stay away from Ubuntu, I've had some bad experiences with it myself*, but the hell with it, you have a choice, so you choose what's best for you.

99% of users don't have the expertise or knowledge to make this determination. They just use whatever comes on their computer. Telling them "macs don't get viruses like Windows does" is understandable to them. Telling them to evaluate a nonspecific set of Linux distributions and pick the one for them, install it, and learn new ways of doing things, is a non-starter.

Of course, if security's the number one priority and absolutely nothing else matters, the only way to go is OpenBSD...

Nope. If security is the number one concern, the only way to go is hiring someone who knows what they're doing. They may or may not recommend OpenBSD for a given application. I like OpenBSD and use it daily, but it is not a cure-all.

Probably some bias in there, since I'm a distro maintainer myself. Take with a grain of salt...

The truth of the matter is, different OS's are the best choice for different people with different tasks. Linux is the best choice for a lot of people who are using Windows. OS X is the best choice for a lot of people using Windows. Windows is probably the best choice for some Linux users. We need to help people find the best choice for them rather than make generic statements about what everyone should be using.

But, but, but weren't TWO GUYS abandoning the Mac? (5, Funny)

alcmaeon (684971) | about 8 years ago | (#15659843)

What does it all mean? Sort this out for me, Slashdot.

Foolproof! Simply foolproof! (1)

Lord of Hyphens (975895) | about 8 years ago | (#15659850)

1. Write malware for OSX 2. ??? 3. Profit!

Macs are not just more secure... (3, Informative)

celotil (972236) | about 8 years ago | (#15659860)

They're also easy to perceive as being "user friendly", stylish (if aesthetics matter to you), very versatile, and over-all are just more "welcoming" to those people who don't know a lot about computing in general and easily anthropomorph their PC's into something that "hates them" every time a program suffers from buggy construction.

My parents and an Aunt just bought themselves new computers - Dad got a 20" iMac, Mum got a 17" MacBook Pro (not a single problem with heat or "moo" yet), and Aunt picked a 13" MacBook (she hasn't said anything about problems yet either) - based on my recommendations and their experiences with Windows installs degrading overtime - seriously, barely touched PCs and Windows had to be re-installed at least once every six months, even with anti-spyware/virus and firewall software and hardware.

They bought them with a three-user licence of Windows XP as well - for those few programs that they use that aren't on Mac OS X - and are now quite happy doing a lot more on their computers, and watching a lot less television, than they were before.

Most of the time they're booted up into Mac OS X. Sometimes my Aunt uses Windows for when she's working on Family Tree's, and once Mum installed Mac:Office she stopped using MSN on Windows so it's already been left alone after two days. Dad doesn't know why he's got Windows, it just seemed like a good idea to him, and I'm getting him off of it slowly because seriously, he doesn't use his computer for anything that he can't do in Mac OS X; when he does need Windows though, it'll be there on another partition waiting to be used.

Macs are the best computer for the general consumer to buy today, whether it be a Mini, an iMac, or a MacBook (Pro or "Regular"), simply because the core OS that comes on them provides a good place for a "noob" to learn about the web, email, writing letters, making movies, playing with photography, simple programming, etc... and because of Mac OS X's overall design and default configuration (very important because no "noob" is going to first secure their PC when they unpack it) it is a secure place to play.

With the change to Intel CPU's they become even more useful across the broad spectrum of people using computers because suddenly that program that you had to use for work and couldn't change for something else cheaper or OSS can now be run on Windows... natively on a Mac; allowing you to "cool off" from Windows once in a while by rebooting and firing up iPhoto or iMovie, potter around with that masterpiece you're gonna release one day to rival The Big Lebowski, and then reboot and get back to work.

There was virtualisation software before but now Parallels and the Intel CPU switch has made Windows in Mac OS X even more practical, and now Windows can be run while enjoying some of that OS X security. You're firewalling Windows XP with Mac OS X! You, the noob, has his own UNIX firewall! Now how cool is that?

If you've got the cash and a looking for a good all-round computer, get a Mac. If you don't have the cash, save up and then buy a Mac. If you're a gamer... get whatever the hell you want because you're likely to have already set you're mind on something and anything else is just "bogus", and if you're a Linux/BSD geek like me, well... one day you may want a Mac and run Gentoo or something else on it, but I'm personally enjoying this use I have of my Dad's older iMac G5 and am seriously considering turning my Gentoo Desktop PC into a server and buying a MacBook Pro like Mum's for my main machine. :)

Stupid Argument (0, Redundant)

the linux geek (799780) | about 8 years ago | (#15659862)

What really irritates me is people saying "Oh, Windows is more widely used then UNIX, so THAT's the only reason it's less secure." The fact is that a huge majority of servers run UNIX/Linux then Windows, and said UNIX servers are far more secure then Windows ones. (I speak from experience, as I administer both UNIX servers and Win2k3 ones.)

In other news... (4, Funny)

rbarreira (836272) | about 8 years ago | (#15659867)

In other news, a team of scientists has collected a list of the 10 most common human illnesses, and has concluded that it's much safer to be an ant since they're invulnerable to them.

Security What? (0)

Anonymous Coward | about 8 years ago | (#15659888)

Wow... Bleeding edge discovery by Sophos. Man... The stories are getting worse by the hour. If you are going to write/steal code that will inflict pain to users, do you write/steal it for the minority or majority? -Hex

The same was for Firefox... (2, Insightful)

dominikbal (986947) | about 8 years ago | (#15659890)

The same was said millions of times about Firefox. Now, millions of people switched to Firefox, and Mozilla Dev Team release critical security updates more often than Microsoft for IE. Not because the MS is lazy to patch their browser, but because FF is even more buggy and door-open. We just "didn't know" it before, because only one dozen of people around the world used it back in 2004. Oh, and there is no ActiveX support. Call it a Microsoft peace of shiat, which you never want to use, BUT think if this is really a way. Removing features to be "secure" ? That is something like "Do not drive fast, and there will be no car disasters". Yes, we buy all those Benzes to drive 20MPH. Same goes for any Mac. People just don't know about it yet.
Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...