Sign in with
Sign up | Sign in

Security

Apple MacBook Review: Part 2
By

Macs are NOT hack-proof. They are not inherently more secure than Windows PCs. In real-world use, however, OS X is more secure. Why is that so?

Myth #1: The average Mac OS user may be more tech savvy than the average Windows user and less likely to succumb to social engineering.

This may actually be true. Before you fire off that email to complain, keep in mind that the Tom’s Hardware audience isn’t the average Windows user. You’re at the upper echelon of the group that builds PCs, keeps up with the latest technology trends, and does its own research before making a tech purchase. I’m not saying that Mac users are smarter than Windows users. Just the averages. If you think about the ubiquity of computers in North America, Europe, and Asia, then the average Windows user should in fact be close to the 50 percentile for the global population. If you think you’re better than 50 percentile, then you, too, are better than the average.

If you look at the market, it makes sense. US Census data has long shown the association between level of education and household income. Since Macs are inherently more expensive, it would follow that the average income of a Mac owner should be higher than the average income of a Windows owner, and along those lines, the average education of a Mac owner should be higher than that of a Windows user. That bears out in large surveys. About 70% of Mac users have a college education whereas only 54% of Windows users have a college education according to a 2002 Nielsen study.

Ultimately, it’s not the “average” that matters--it’s the least tech savvy in any group that ruins it for the rest of us.  Take spam for example.  Recent work from UC Berkeley and UCSD determined that out of 350 million pharmaceutical spam messages sent via the Storm botnet, 10,522 users visited the site and 28 people tried to actually make a purchase. It’s those users that make spam profitable and make it a problem for the rest of us.

At another level, there is some truth to this claim because Mac owners have to be consciously making a switch to the Mac. Either they’re technically savvy users who are comfortable dealing with cross-platform issues or they're technical neophytes who are still smart enough to know that they don’t know anything and therefore choose the Mac as their one method of trying to stay safe. It’s the Windows users who don’t know even know that they’re vulnerable who drive the statistics up.

This myth is true if you consider the statistics; the myth is unimportant.

Myth #2: Mac OS X have a superior design

In theory, Vista should be the better-designed operating system. Microsoft actively invests in extensive security capabilities and the Address Space Layout Randomization in Windows Vista and recent security analyses comparing number of risks and “days at risk” show that Windows Vista users actually fare better than Mac OS X users.

The problem is that these analyses are limited to “security holes we know about” and get patched. Suppose two operating systems have 1000 holes in them. If one manufacturer patches 400 of them, and the other only patches 40, which is the more secure system?

The answer is neither. It only takes one hole to compromise the entire system.

Myth #3: Macs are targeted less frequently.

Malware is profit-driven. Since there are fewer Macs on the market, the hypothesis is that commercial malware operators will not target the Mac until they reach a critical threshold market share. At some point, Macs will reach critical mass and it will be as big of a target at Windows.

An analysis performed by the Director of Emerging Technologies at Cloudmark and published in the IEEE Security and Privacy has an interesting hypothesis. Using game theory, he predicts that Macs will become an economically-feasible target once the platform breaks 16% market share. Even with the success of the Mac, we don’t see Apple reaching that level for a few years (if that). Then, once the Mac reaches that level of market share, the assumption has to be that developing malware for that Mac costs the same as developing malware for the PC, and this may not be the case.

In 2008, there were 1.5 million different pieces of malware targeting Windows machines. There are less than 200 pieces of malware targeting the Mac.

Myth #4: Pwn2Own

This one comes from the comments section of our State of the Personal Computer piece from late last year.

The story about the Pwn2Own contest is that a hacking contest was held to see if Windows Vista, Ubuntu, or Mac OS X was more secure. Hack the machine, and you win the computer. The MacBook Air fell 2 minutes after the start of the contest. Windows Vista fell the next day. Ubuntu remained unhacked for the entire 3 day competition. Therefore, Macs are the least secure, followed by Windows Vista, followed by Ubuntu Linux.

That’s how the story goes.

The details are where things get interesting. It’s easy to imagine Pwn2Own as this free-for-all death match with hundreds of hackers going at it for glory and fame. In fact, Pwn2Own was a contest with very rigid rules. You had to wait in line to attack a target. Only one team had an opportunity to hack a machine at any time. Each opportunity was 30 minutes, and if you are unsuccessful, you have to go back to the end of the line and wait your turn. You can only wait in one line at a time, and you can only win the contest once. First come, first serve.

Only four teams participated.

Day 1: Win the notebook if you can do a true remote execution attack. No attempt was made.

Day 2: Web browsers and mail application will now be allowed. The organizers of the competition will visit a Web site or receive an email. The winner of the MacBook Air knew that he had a previously undescribed flaw in Safari that would win the competition. He was the first in line that day. Hacked in 2 minutes.

The two minute story makes for a great story and lots of publicity for both the conference and the security researcher, but no one really talks about the time spent BEFORE the contest to discover the exploit.

Day 3: Common plug-ins are now installed. The Vista notebook is hacked via an Adobe Flash exploit.

The two-man team that took down Vista did so with their personal MacBook Pro notebooks. Although the Vista notebook wasn’t the first to go that morning, the Flash exploit that affected Windows Vista also affected the Ubuntu Linux machine that had Adobe Flash installed. The contestants just weren’t interested in trying to win the Ubuntu machine. No one signed up to try to hack the Ubuntu Linux notebook according to the organizers.

So, when you read an article talking about Pwn2own, the fact still remains that OS X has not been the target of active remote execution exploits or browser holes in real-life. Current OS X malware exists only in the form of Trojans in which the user is willingly installing software and willingly entering the administrator password.

Ask a Category Expert

Create a new thread in the UK Article comments forum about this subject

Example: Notebook, Android, SSD hard drive

Display all 19 comments.
This thread is closed for comments
  • 3 Hide
    tinnerdxp , 27 January 2009 14:25
    That's it... I am not reading this BS any more... Mac, mac, mac all the time... and still using the same buzzwords - time machine, better this better that... Taken purely from Apple's website... And the comparison of the hackintosh vs legit OS X on a the same Mac? :) )) That's just ridiculous... It's like comparing if XP in VMware will outperform the standalone installation? What is the point of this? The whole idea of hackintosh is to install OS X on a machine worth xyz... This is strictly the reason - to avoid paying Steve Jobs soooo much for the design that covers the eyes, ears and (apprently) brains of people who believe that the outdated hardware might be worth that much! I still stand my grounds that this guy does not have a clue what he is talking about... Macs users are more intelligent? Based on the survey from 2002? wtf? If we take 100% of computer users in the world and we'd assume that 15% of them are Mac Users and the rest uses windows - guess which group will have more novice users? Obviously windows users - just by the number of them - another silly comparison that does not bring anything new to the table... And I literally cannot stand reading about the TimeMachine anymore... ever heard of backing stuff up yourself? Ever heard of Cron + Tar + Gzip? And what kind of software is soooooo fantastic on a Mac? Author mentiones Adobe CSx, Office, and? And what else? TimeMachine? (again!) I know more examples of good software for a Mac than the author - which just makes the article irrelevant, amateur and sponsored by Apple. Period! Steve Jobs created a fantastic marketing strategy that became a trend, a trend that will bite back when Macs will become just a bit more popular, when people will eventually notice the idiocy behind the design they bought for ££££ and how they have been all ripped off... The funny point to this story however is... that Steve is still making good money on the leftovers from the enthusiast's market. We make the prices drop... Steve is making money off it... Hopefully this will change when EU commissions will "look into" the Coppertino business model and BAN the Safari as a built-in browser, BAN new MacBooks with no-user-replaceable batteries, and BAN the whole idea that something MUST depend on something in order to work... Now a puzzle for Mac Users: Please find buttons on your fancy Mac that move the cursor to the beginning / end of the line - commonly known as "Home" and "End" buttons. Well - perhaps new OS X Grizzly 10.7 on Intel i7 (as soon as Steve will afford to buy them for nothing and sell to you for 4x the price) will have it! :) 
  • -1 Hide
    mi1ez , 27 January 2009 14:46
    Erm, actually, this is the first mac article we've seen in months. I find it quite interesting. Don't get me wrong, it's not gonna get me moving over to the fruit-loops, but an interesting article NTL.
  • 0 Hide
    mi1ez , 27 January 2009 15:01
    I have to admit though, I thought the idea of the hackintosh comparison was to run OSX on a better specced machine?
  • 0 Hide
    tinnerdxp , 27 January 2009 15:17
    Absolutely mi1ez - comparison on the same box does not make any sense - it's like comparing "Wine" to "Windows XP" - it is just pointless...
  • 0 Hide
    LePhuronn , 27 January 2009 16:28
    @the author

    WHY are you installing a hacked OSX onto a MAC? You don't need to! And surely the only "hacking" that goes on with OSX are the boot loaders and installers to circumvent the EFI - I didn't think the actual OSX kernels were patched any more.

    As a result, your test is totally pointless and irrelevant. As tinnerdxp has pointed out, the Hackintosh is about non-Apple branded hardware running OSX, so why didn't you install it on an identically-specced PC and compare that way?

    Sigh...although mi1ez is right in pointing out these two are the first mac articles in a while, they are certainly making up for it!

    I wonder if Best of Media actually read these comments? I wonder if the US site is generating as much annoyance or full of Mac fanbois?
  • 1 Hide
    daglesj , 27 January 2009 17:16
    I just love the way folks who would scorn Macs for their weaknesses such as poor value for money, who then buy one then just totally change their minds and those problems 'magically dissapear'.

    A case in point a buddy of mine ws always value concious. He would not have touched a Windows laptop unless it had all the ports, good ram, a dvd burner etc. and all for $500. His firm he works for then did some good staff deals on Macs so he bought one. His reason after a week of ownership? I quote -

    "Welll its more to do with it fitting in with my lifestyle. Its like lifestyle furniture!"

    I neary spat beer over him as I laughed at such pretentious BS. He'd have done the same a week before.

    Anyway a week later I was looking at the Macbooks on the Apple site and was surprised that the Macbook (at the time) didnt have a dvd burner. I thought that rather odd when you could pick up a $400 laptop with one. I looked it up on some forums and the defence from the Mac folks was that and I quote -

    "Well only musicians and movie makers really need to burn DVDs! Its not essential!"

    SO later that week I was sitting with a mate in the pub and I was telling him this. We agreed to put this question re. the Macbook to our newly Macinised buddy and see what his response was. Our Mac biddy arrived and we let him settle down and then we mentioned the macbook dvd situation. Now remember this is the guy that 2 weeks previous wouldnt entertain a item if it didnt have all the bells and whistles and cost next to nothing. His response and I quote verbatim -

    "Well its really only musicians and movie guys that need to burn DVDs!"

    Cue more beer all over the table.

    Does every Mac come with a Invasion of the BodySnatchers pod?
  • 0 Hide
    marshallman , 27 January 2009 17:39
    Interesting article, thanks.

    Not sure I agree with office productivity though. Also by new 'desktops' do you mean Mac Pro's? Because don't iMac's have mobile components, therefore = rubbish for gaming... ?
  • 1 Hide
    Belinda , 27 January 2009 18:01
    Part two is even worse than part one. It's just drivel with no point other than to post a paid by Apple Ad for their computers.
    What was the point of qouting a myth then trying to prove it wrong? Myth one about Education and Mac users being more intelligent and tech savy?? How many well "educated" people fall apart at the prospect of changing a setting on a PC, millions.
  • 1 Hide
    LePhuronn , 28 January 2009 00:35
    Intelligent and tech-savy users would bawk at the concept of a) mobile parts in a desktop (iMac) and b) no ablity to upgrade the hardware in any meaningful fashion.
  • 3 Hide
    Anonymous , 28 January 2009 02:31
    So, which creepy corner of apple's site did the author get pretty much all of his marketing buzzwords and crud from. This (and the previous article) are clearly a paid-for ad from apple.
    Seriously, claiming a mobile 9400 GPU is capable of running CoD just beggars belief. Truly a case of drinking the apple cool aid.
    Oh, and the alleged reason for the switch in the first place is completely bogus. No tech in their right minds would EVER use ANY symantec protection software (unless forced to by their bosses), you lose ALL credibility and your listed history of your computing experience and the OS'es you've used in the past seems completely falsified based on this single fact.
    Go work for apple where your stealth marketing might be more appreciated and you can worship the dying Steve Jobs before hes worm food.
  • 0 Hide
    Anonymous , 28 January 2009 06:34
    "you can worship the dying Steve Jobs before hes worm food" jess thats a tad harsh. steve jobs is clearly good at his job. upselling is eveyware, he just dose it better.
    and if i were to say something like this about you just cause you can get people to part with there money you'd be foaming at the mouth with looking to tear me a new one.
    dont get me wrong i dont agree with apple tax but then agen i dont have to buy one (personl choise dose come into play) so i just dont care. but to point to one person and say its all there fault is just plane spitfull.
  • 2 Hide
    Anonymous , 28 January 2009 18:54
    The self-styled impecunious author, who than bandies around words such as Quad core Mac, Core I7 and current spec GPUs, as was once famously said "Let them eat cake". The Macs do have some nice styling touches, and offer a high quality finish, however they do seem to have been adopted by the buy / rent an identity brigade. So by questionning the validity of the APPLE, you are actually opening a window to their soul and all its fear of becoming seperate from the flock. Remember, that the "lifestyle" marketing departments are staffed by adults, for whom apperance was all at school, and whose inability to express their fears & regrets to their peers, meant they learnt to self-harm as a cry for help, often ignored by parents obsessed by their status in society, for whom the bottle or the pill was thier panacea
  • 1 Hide
    daglesj , 28 January 2009 21:31
    Think different - Buy something other then Apple.
  • 1 Hide
    Anonymous , 29 January 2009 08:18
    I love how he goes out his way to mention things that are really picky and uses those to back up his statements about the Mac Being better and then at the end quickly rattles of 3 or 4 things as quickly as possible for why a PC is better. And then goes on to mention how they arent that big a deal anyway, lol.

    EVERY time I have this arguement with the guys in work who prefer Mac their entire arguement boils down to this.

    'If I have a windows PC I always end up having to break it when something stops working.'

    I then go down the route of pointing out the lack of software and game support etc etc etc to which they say

    'Yeah but then I just need bootcamp' or 'Yeah but if i do xyz it will work'

    Hypocrites, the lot of them. You're paying MORE for LESS at the end of the day and you still have to use workarounds to get the same level of service as you would have with your PC. (If its even possible at all)

    I really think the level of journalism on this site is starting to rival that of your everyday tabloids. Tom's that is NOT a good place to be going. You really need to get a boot up the backsides of these writers and get some serious stuff on this site. To be honest I actually think this article is a bit of an insult, does this guy think I'm stupid enough to be fed this blatent crap?

  • 2 Hide
    Anonymous , 29 January 2009 12:28
    Well, honestly, switching from Linux to Mac (what I've tried to do) isn't such WOW as you're saying for switching from windows.
    After a day or two of "WOW"s you realize that the bastard randomly freezes and crashes (talking about apps, not OS) and watching the color wheel isn't something you'd like to watch all day.
    Other than this, you _MUST_ work as "apploe thought you will work"- focus follows mouse option? Nada. No home/end/pgup/pgdn/insert/del keys. Home/End shortcuts are inconsistent from app to app (sometimes they work PC way, sometimes they work the mac way). Working with 20 opened windows? Suuuuure. What about USB 1.1 to hard drive (sometimes it just fallbacks by itself!) on mbp for 2k EUR?!
    QWERTZ (slovenian) keymap? Yes, but you must either use 3-key shortcuts for some keys (@) or use alternate version of keymap and lose ability to choose between windows of the same app....
    ...I could go on days and days. Sorry but Mac just isn't what "they" say it is. It has more issues than linux 10 years ago.

    But it looks nice tho :-/
  • 0 Hide
    daglesj , 29 January 2009 16:21
    I must also point out too that my buddy who switched to Mac...well what was the first thing he did with it? Installed Bootcamp and XP!

    He runs 95% of the time in bootcamp/XP. Thats one expensive and not so powerful PC.
  • -1 Hide
    Belinda , 29 January 2009 19:21
    But it looks nice and now he does not have to go buy a whole new computer everytime he gets a virus.
    The stuff in this article is just bazzar.
  • 1 Hide
    PhReaK2007 , 29 January 2009 19:36
    LOL, well I see we all have a rather emotional response to the article. On the other hand this is the first ever article I have read about a mac beginning to , well kinda the end, they tend to be boring. I must however mention that this is the first time I have read about the " time travel/warp-thingy" sounds nice.
    @tinnerdxp - you say " Cron + Tar + Gzip " ... mmm how many average PC users out there even know what the word backup means, not even mentioning "cron" or any for of compression ?? But I understand you could get bored and irritated with MAC articles. . . then why read them at all ??
    I would however like to see " hackentosh" installed on a similarly priced pc -not similar specd PC ( cuz lets face it, the price is the important part) and then measure the performance with the mac, that would be more fair.
    I used to work next to a "Maccie", she used to go on and on about the performance of her damn mac, she used it for Photoshop, and I used my pc for email and what not as an IT support tech, she never got it that her MAC was running 4Gb of Ram and my XP machine was using a mere 256mb, just a simple example. Sure a MAC looks fancy and all that, but i don't think it is worth all that. If I want to go a more secure route I would rather dual boot Ubuntu ( which I am doing rite now). I really dont see any reason to go the mac route. This article did not convince me. It was informative and gave me a nice look at a mac..
  • 1 Hide
    magicker , 30 January 2009 22:47
    lol

    my fave bit was:
    Quote:
    If these systems offer Core i7 quad-core CPUs, a modern GPU, and arrive at a reasonable price, I’ll be the first to get one to dual boot Vista for games and OS X for everything else.


    I guess that is his get out of jail phrase.

    I recently priced up what my £1500 quid new build would cost from a mac shop.. I lost count at £3300