http://www.informationweek.com/story/showA...SSfeed_IWK_news

"Linux and Unix, including the Mac, had 2,328 vulnerabilities last year, compared with 812 vulnerabilities for Microsoft Windows, according to the U.S. government's computer security group."

I mean, they combined linux and unix so they dont say how much the Unix/OS X had but {censored} thats still a 3:1 ratio to windows. Im surprised.

Let the flame war begin... :-)

The problem with headline grabbing quotes like that is three-fold,

1) The figures aren't weighted - a vulnerability could be something like a way of changing your homepage setting - to the ability to elevate your permissions to root.

2) Comparing open source to closed source OS's is unfair - its much easier to find vulnerabilities in open source code - and they can be fixed quicker - although it doesn't always follow that they are. How many vulnerabilities has Microsoft catalogued that it isn't letting the rest of us know about? Theres no way of incorporating that into the figures.

3) The number of vulnerabilities in an operating system isn't the only measure of security. For example BeOS could have thousands more vulnerabilities than windows but i would have a hell of a lot lower chance of being compromised than i would with windows because hardly anybody is out to get BeOS users.

The government said this? I'm not sure about others here, but I have a hard time believing what the government says with Bush in office But seriously, macs have much better security than windows, I have yet to hear of any major mac hAx or viruses created for macs that have done substantial damage. I also have seen nor heard of any spyware for the mac. But that's probably going to change once the intel macs come out...

i dont really think that macs have better security than windows, or vice versa. i think the only reason macs have never been hit with anything major is because the majority of public users (generally being idiots that will click on about anything that says "CLICK HERE!!!") use Windows. So why is a hacker going to waste his time writing a virus that would take out a small portion compared to the portion of computers to hit with windows.

I personally dont by that OS X is as security tight as they want you to believe, i think they can just get away with that claim because of what i just said. They also wanted you to believe that there processors were better than intel at a time..

I agree about the majority of public windows users being complete idiots online by clicking on banners/downloading spyware, and it also true that a majority of businesses use windows (giving hacker/virus incentive), but I still really dont see any spyware flaoting around for the dumb mac users. But again, switching to intel will mean a flood of viruses and hacks for mac

Do we really need another Mac is better then windows and windows is better then Mac thread.

here we go again....... and again....... and again....... and on..... and on...... and on....... (you guys must be feeding on energizer battery)

my statement is simple: OS vulnerability is user dependent. that's it.

I say let the old boys go at it! Let them go at it all night if they want to!

This is, after all, a "discuss and learn" thread. (though it is admittedly arguable how much "learning" is actually going on here :-p)

Well. I'm bored. Noone's calling. Let's give my 5 cents

I'd say there are three major types of holes
1) Holes that are in standard services. I.e. in apache that comes bundled with osx, or in the tcp/ip stack.
2) Holes that are in an application/framework (Ie, you visit this evil-site on the net that has a malicious script of some kind) (NOTE! "stupid" users clicking "Yes" To install "This 1337 software" does not count in this category).
Interesting in this category is like, any program counts. Say, if somoene found a hole in the unix cmd "ed" (old-wack-editor, very very few people use it), that could say, make it execute arbitary code (bufferoverflow), it'd count as a "security vulnerability" in the statistics. However the number of affected people would be minimal. However, this code wouldn't allow you to gain "control" of a computer, unless it was the 'root' user that used the editor. Several UNIX systems being opensource, People find these kinds of bugs by simply scanning through the code (Belive me, people do this, for fun (...)). Also, I'm not sure how US gov.t. Count, do security holes found in pre-release software count? I.e. If a pretty big Opensource utility found a security hole only present in pre-release versions. I'm sure they'd present it anyway, as (some) security minded people might be using it. Also adding to the statistics.
hm. I kinda lost myself in my argument. Can't recall where i'm heading..
3) "Holes" that really are users not being prevented from doing stupid things (Ie, installing some odd program). Media seem to like to focus in this cathegory..


ohwell. bottom line. I should read the article from US.govt instead of bitching.
I'd like to know what kind of holes they count.. and how many of them comes from code written by a linux hacker studying in highschool (No offence, everyone's been there ;D )

balh, just ignore me.

And the government was so right about Iraq having WMD. Really tired of threads like these. baah, I had nothing else better to post.

I went through the list and just counted how many were actual core flaws of the OS's. Microsoft had well over 250 then I stopped counting. Apple finished in at just 54.

Think again.



I believe there will be a few more exploits as people begin to run cracked mac os X copies on non apple hardware and are a lot more common, but I still think macs will remain pretty safe..

Giving mac os X some of the massive marketshare will really put it to the test... along with linux.. Apple better be giving those developers some raises...

It's the interesting thing about choice, you have windows and you have unix/linux and then Mac OS X 86 shows up and you want that too! find one that suits all your needs and be happy, dual boot, indeed triple boot, but don't moan when the OS in question is not even a release.

The only secure OS I know is a live-CD (no matter if Linux,M$ or OSX) with no access to my HD's and my internal network, after each reboot everything is gone. Every OS (no matter if Linux,M$ or OSX) has some vulnerabilities so that no OS is really secure.
The US government said M$ is more secure than Unix? No one (here in Europe) believes what the US government is saying

You forget about loading a snapshop of a OS in vmware is secure as well. You only loose ~5gigs of space on your drive. But at USD$103 for a 250gig drive, I don't think it will hurt you that much

It's safer for surfing or these kind of things but you still have a host OS witch is running VMware and maybe vulnerable for worms or an attacker when you are online.

Well anything with a Point Of Entry (POE) are susceptible to attacks. Even if you aren't connected to the internet or a network, how will you get any productivity done? You still have to use a CD, USB Stick, or Floppy, all which are POEs. What's the point of having a car if you don't want to drive it because you might get in an accident?

Computer users tend to rely on Antivirus manufacturers to help them clean house. All it takes is common sense. I don't have an antivirus running on my production system mainly because they take up so much resources. I also know not to browse in dark waters unprotected. My network has an email server that has both spamassassin and clamav running and the both DSL modem and switch/router have the firewall configured securely.

Why would there be more hacks and viruses now that macs run on x86? It's not like viruses are written in assembly, or evolve by themselves. It's still a different OS, regardless of HW platform. They still need to be written for their specific OS. Unless apple gains a very significant increase in their market share, and malicious users beging to concentrate on OS X,it's still going to be the same.
...more viruses because of intel....pfft

What they don't tell you is that to access these on OSX, the virus has to have access to a administrator password.

I thnk tht windows is ten times unsafer than mac or linux


LINUX and MAC ROCK

Well that was certainly a scientific analysis

According to an article at Lockerknome:



http://channels.lockergnome.com/osx/archiv...n_windows.phtml

I know all OS devs are guilty of "security by obscurity". It all all comes down to how resposible you use your computer.

Hear hear. I agree with domino.

I'm running my Windows with its built-in Firewall on and using AVG as an antivirus and I never got any virus problem.

And yes I think with Mac jump to intel platform, viruses made specifically for macintosh will hike. Why? Because many people will then own a mac because they can easily dual-boot with Windows and thus buying an Apple computer becomes a sensible option for average joe.

More userbase = more virus. It's just that since macintosh is built on a BSD core, I don't think the virus will have a widespread infection unlike a Windows system. Let's just hope that Vista adopts a better security measurements.

That's a FUD, the last Unix/POSIX virus is decades old and it was non-intentional and the security hole was corrected.

YES
The statement of supposed fact is flawed..
Why

In the real world no one on a Mac got a virus.. thats zero.
I have no antivirus and heaps on my windows box and antispyware and am very security conscious and still managed to get 2 viruses on Windows XP this year.
I am a computer tech so know what I am doing.

S the answer everyone trots out is they only have 5% share so noone cares
well 5% share is sales of new systems per year the actual number of people running Macs has been shown to be well over 10%

So there is not one person who could be bothered to write a working virus for a Mac ?
let me say even at 5% of all the millions of computers on the planet some ONE at least would have done it and hacked in and got a supposed reward for it.

If they only reason a person writes a virus for a computer is personal gain then it would have been done already

The simple fact is zero is zero and thats the REAL world

We all know that virus' isn't the problem with any unix distro. The point is, you take the same vulnerabilities in any unix system and use it against a Mac OS, you will be in trouble. Virus' are not the same as weekness's in SSH, cups, or apache. This thread wasn't meant to address virus', rather weakness's in unix itself. Granted that 99% of so called Mac users don't run services that unix serves and dominates against windows services. They simply are not aware of such vounerabilities.

The server side is just one side, when they do run personal servers and install some scripts, the script also has weeknesses due to the way it was written, php, mysql, or apache. That isn't a "Mac" problem, but it might as well be since those services are installed by default on all Mac Operating Systems. MySQL is an exception...

I finally ran into a computer with anti-virus software on it (i think it was norton)!!! Talk about a paying for nothing but piece of mind!! It even scanned the iPod when you plug it in!!

Considering only Windows has had the "log on to the net and get owned in 5 min" problem, I think it is rather cut and dry. Also, as others have said, the way the problems are reported and what is considered a security problem seems to differ in a few cases. Not sure why you'd lump Linux/Unix/MacOS together, though. On linux they do tend to count app vulnerabilities against the OS anyway.

In the end, though, an OS is only as secure as the person using it.

How absolutely true. I have lost count of the number of Windows users I've set up with soft firewalls, virus scanners, popup blockers and so on, only to discover next time I visit them they've either turned them all off or they haven't updated the things. Some people just don't have a clue and I'm getting to the point where I can't be bothered - if they want a ton of spyware and to run a mail relay for all the phishers in Russia, good luck to them.

yes, Metrogirl. I totally agree- I spent over an hour last night helping my neighbor remove the same Spyware infestation that I spent 2 hours removing remotely over VNC on my dad's PC last weekend
And they'll both ask me about the same problem again within 2 months guaranteed
However, the only point in this thread I really agree with that is relevant, is that the more people there are using any given OS, the more vulnerabilities will be reported for it. 1- there is a larger population for hackers to detriment, and thus more incentive for them to do so. 2- The more users there are who have a given problem, the more it will be reported, analyzed, and whined over. The fact that the US government put out a report that indicates otherwise does not surprise me at all... Since when has this government ever been even remotely based in reality? Stem cell research? Evolution? Gay marriage? Global warming? C'mon people, the US government is a bunch of friggin morons who can't see the real world past the inside of their own colons - into which they have their heads so deeply imbedded! F@#K Bush!

*btw- I am a proud US citizen... Proud to hate the government I did not elect in 2000 (still bitter)

Microsoft gives more to the Republican party. Apple gives more to Dems. Why am I not suprised to see a government report trying to bash OSX... yes I like my tinfoil hat thankyou.

thats 812 THIS YEAR not counting all the OTHERR ones to 0.o 2328 for mac plus like 3 total...maybe even less lol WOO FLAME WAR!!!! *drops match*

Not this thread again - i thought it had forever been consigned to the back pages of the forum. Oh well - may the best troll win.

Flame war? I once thought this was a respectable board that offered perspectives, not troll invitations.

we all gotta blow off steam sometimes @_@...lol