about Mac OSX security

[riviera74]

Is Mac OSX actually secure? If so, care to explain this article. More importantly, will Apple actually fix these vulnerabilities?

http://www.dailytech.com/article.aspx?newsid=15832

[Chun¢]

I'm fairly sure that its secure for one of the reasons (or the only one, i don't know) that fire fox is secure, it just doesn't have a big enough market share.

[just brew it!]

No OS is truly secure. You level of vulnerability is a combination of many factors, including the security model used by the OS, how securely critical OS functions are coded, how well users and system administrators adhere to best security practices, and how much malware is out "in the wild" that is trying to target the OS.

Furthermore, all desktop OSes compromise security in the name of functionality and/or ease of use to some degree. Windows (up through Windows XP) probably more so than others.

As the article indicates, OS X's reputation for being more secure is based at least in part on the fact that it simply has a small market share, making it a less attractive target for malware writers.

[just brew it!]

I'm fairly sure that its secure for one of the reasons (or the only one, i don't know) that fire fox is secure, it just doesn't have a big enough market share.

Firefox actually has a pretty decent share of the browser market these days. It has a much larger share of the browser market than OS X has of the desktop OS market.

Most browser vulnerabilities these days seem to be from plugins anyhow (Flash and Java)...

[derFunkenstein]

Ehr...Chunc, Firefox has a pretty huge market share compared to OS X.

That said, this is another Jason Mick article, and he goes in the same pile as John C. Dvorak and Charlie Demerjian - they all have some sort of irrational hate for a company and any material written about said company can generally be ignored. Occasionally it may be on point, but it's usually quite a while before it happens.

OS X puts no limitations on what can be done to your home folder. Generally you have to download and run an app that can breach security. Combine the two and now you have something that doesn't need admin permissions to affect the currently-logged-in user. I have a feeling this is true in any *nix environment. Vista's overzealous UAC scheme probably does make Vista harder to hack but it's one of the reasons that Vista's adoption is (relative to other MS OSes) relatively low. Windows 7 is much more lenient and as a result may or may not be vulnerable to this sort of attack as well.

[FubbHead]

http://www.pcworld.com/article/141763/m ... ource.html
http://www.macworld.com/article/57616/2 ... izovi.html

So it seems Vista is pretty secure, especially considering its considerable user base. OSX seems to do a little worse, but as said, the impact of this is probably far less because of its relatively small user base.

But I have to wonder if there's any difference how thorough the different systems is tested, though, as it's easy to suspect it's relative to the size of the user base (ie. importance, sort of) aswell as accessability to information/code/whatever, no?