- Last post
- 6 Responses
Regardless of which side you're on (though as a true computing enthusiast, you shouldn't be taking sides), you've heard the arguments back and forth on the which operating system is truly safer – Mac OS X or Windows.
It is of the opinion of Charlie Miller, a well known Mac security guru, that even Snow Leopard, the latest version of Mac OS X, isn't as safe as Windows.
One key point is that Snow Leopard still doesn't have ASLR, or address space layout randomization, which randomly arranges the position of key data making it harder for hackers to target for exploits.
Miller said to TechWorld that Apple didn't change the ASLR from 10.5 to 10.6: "Apple didn't change anything. It's the exact same ASLR as in Leopard, which means it's not very good."
Apple didn’t completely missed the chance to tighten up security in Snow Leopard though, as the new QuickTime solves a lot of the issues that Mac OS X had before.
"Apple rewrote a bnch of QuickTime," said Miller, "which was really smart, since it's been the source of lots of bugs in the past."
One thing that Snow Leopard did adapt, which Windows has had since XP SP2, is DEP (data execution prevention). With DEP, buffer overflow attacks are much harder to execute.
Despite Miller's opinion that Windows is the more secure OS, the large install based of Microsoft-based systems make them a much more attractive target for hackers. Still, Miller would like to see security on all platforms.
"Snow Leopard's more secure than Leopard, but it's not as secure as Vista or Windows 7," he said. "When Apple has both [in place], that's when I'll stop complaining about Apple's security."
and yet another can of worms is opened...
Ok but I've never had a virus on a Mac in 25 years. Could it be that hackers try to build viruses for Windows, don't bother with Macs and that's why it's safer to be on a Mac? - even if Windows built a safer OS?
- Yes. 5% market share does not make you a great target.mekk
- And how do you know you don't have a virus if you don't run a virus check? Every year at the Black Hat conference in Vegas they have contests and talkszarkonite
- and it's pretty clear Mac has a rich ecosystem of viruses. They look at your traffick, steal your pwds, sell your data, etc.zarkonite
- for example: https://www.itworld.…zarkonite
- "Windows client machines have far greater protections within the OS – especially within the heap and stack ..."zarkonite
- @zark, I've tried several virus scanners on macs over the last 25 years, from home to workplaces. None has ever turned up anything, ever.monospaced
- additionally, with the unix kernel, it's extremely difficult to install a root level virus without the user knowing ... unless it's just a phishing attackmonospaced
- ok, but you can't deny the reality that security experts are pretty much unanimous in saying macos is not more secure. There's no fundamental reason it would bezarkonite
- here's a rootkit for macos: https://www.blackhat…zarkonite
- sorry, link is too long for notes: https://ubm.io/2FPGM…zarkonite
- A classic virus os something from the early 00's. Attackers nowadays go for places where large amounts of cc data are held or try to fake sites to make you givemekk
- them some data. This is completely disconnected from the OS. The choice of your OS is not relevant to your security anymore. Use different and hard passwords!mekk