Macs suck too

If you’re a Windows user who has ever been infected by malware, and you’ve posted about it on facebook, twitter, or a blog, some Apple fan-boi has likely told you “That wouldn’t have happened if you used a Mac!” There is some truth to that, but the implication that Macs are inherently safer or more secure than Windows machines is simply false.

Please don’t take any of this as a rant against Apple in general or Macs specifically, or believe that I think Windows is far safer than Mac OS X. I don’t own a Mac, but I love my several-year-old iPod as well as my son’s iPod Touch (way more than my wife’s Walkman). I’ve used Macs a number of times in the past few years and damn, they’re slick. Apple has by far the best visual design team in the world – things generally just work the way you expect them to and in some cases, even better.

I’m primarily a Windows developer, and I’ve written tons of software for Windows over the last twenty years. I am slightly less experienced when it comes to Macs, but I have plenty of experience on other unixes, and modern Macs aren’t that different. I have done some Mac work in recent years, and in my previous job I worked on NeXTStep, which was essentially the predecessor to Mac OS X. If you’re comparing the unix systems of the 90’s with Windows 95 or 98, then yes, you can certainly say that the Windows operating system itself is less secure, because security just wasn’t a consideration when those systems were created. Unix was built from the beginning to be a multi-user operating system, and so there had to be separation between different users on the same machine, and between normal uses and super users. But Windows was designed to be a single-user OS, so the assumption was that you were doing everything, and since this is your machine, you should have access to everything. Multiple users, administrative privileges, and even things like file permissions were added later and for a while, there were lots of things that just didn’t support these features very well. But over the years, more and more software was changed to use the new security features, and Microsoft gradually deprecated and then completely disabled the old insecure methods of doing things. I know we at Sybase had to make changes to our software to deal with security-related changes when new versions of Windows were released.

Right now, when it comes to spyware, viruses, worms, or things like that, I can’t really argue the fact that if you are using a Mac, you are less likely to get infected than if you are using a Windows machine. But the reasons for that have nothing to do with how safe the operating system is. There are two primary reasons:

  1. Macs are simply less popular than Windows. This doesn’t mean that they’re inferior, but if you look at market share, Windows machines make up almost 90% of all the machines out there. If you’re going to write a virus that will take over a machine for use in your botnet or have it scan a machine and send you somebody’s credit card information, why would you write your virus specifically for a computer that only 5% of all computers are running? You’d write it so that it could infect as many people as possible, and that means Windows. I know of no viruses (virii?) that affect the BeOS operating system, but is that because it’s completely secure? No, it’s because nobody uses it.
  2. Mac users are generally more computer-savvy than Windows users. We all have a brother or cousin or mom or Aunt Helen who knows nothing about computers but has one just for email and browsing facebook (and installing fifty browser toolbars). How many of those people own Macs?

Every year at the CanSecWest computer security show in Vancouver, they have a contest called “Pwn2Own” where contestants try to find and exploit security vulnerabilities in various pieces of software (usually browsers) on various platforms. The winner wins the hardware they broke (hence “Own” in the name) as well as cash. The contest began in 2007, and the only platform broken that year was the Mac, though it looks like it was a Mac-only thing at the time. Every year since, it’s definitely been a multi-platform contest, and every year (2008, 2009, 2010, 2011) the Mac is one of the first platforms cracked. In 2011, it took five seconds. It shouldn’t be surprising that Apple software developers are just as likely to write buggy software as the rest of us.

As the platform becomes more and more popular, people are indeed beginning to write viruses for the Mac. This one ironically poses as anti-malware software in order to get people to install it, just as many Windows malware programs do. This might be a good time to remind people that a web page cannot detect viruses on your computer. If you see a banner on a web site saying that your computer is infected (or your computer isn’t running as fast as it could) and you should click here to install something that will fix it, they are lying.

I find it ironic that Mac people keep advising their friends to get Macs in order to be safer. If people keep doing this, two things will happen: Apple’s market share will increase, and more and more non-techies will be using Macs. This will make Macs a bigger target, and more malware will end up being written for Macs. The act of telling people to use Macs for safety is actually making them less safe. So if you’re an Apple person who’s constantly telling all your friends that they should be using a Mac, it’s really in your own best interest to shut the hell up.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s