Wednesday, January 18, 2006

Secure Macs

Mac OS may not have the gaping holes that let viruses spread, but worms, spyware and even keyloggers are out there.
They can't spread as easily, and most would only be installed by a careless user clicking "Accept" on a dodgy install dialog, but the regular stream of security fixes from Apple's software update service makes it clear that there are real dangers.
This, of course, is precisely the same way that viruses get spread on Windows machines.  The “gaping holes” in Windows are the result of the very feature that makes Windows more prevalent than Macintosh – easy administration.  People that run large networks want to perform maintenance remotely without asking the user permission first.  

When you make it easy to administer computers remotely you expose yourself to the risk that some of those other systems are malicious.

Any Mac user who believes they are totally safe is being reckless with their files and personal information. What's worse, they are also being reckless with mine.
One reason why there aren't many malicious Mac programs is that there are fewer Mac users out there, but the fact that some have been written shows that they are possible in principle.

Yep, he is exactly right.  Virus writers typically are in it for bragging rights, what glory is there in proclaiming “I wrote a virus that infected 10 Macs!”  Most of them also fancy themselves anti-establishment warriors and Microsoft is the digital equivalent of The Man – and everyone knows how satisfying it is to stick it to The Man.

When (and I do think it is when) Macintosh is capable of running on any Intel PC the state of things is going to change.  Macintosh makes a lot of sense for users that have little or no need to network computers together.  Forcing people to use only their proprietary hardware has kept Apple out of the game for way too long, but once they get wide acceptance they will have to realize that they will have a large target on their chest.  

Mac isn’t inherently more secure, they are just far fewer reasons for malicious users to make them pay for it.

No comments:

Post a Comment