Linked by Eugenia Loli on Tue 1st May 2007 00:35 UTC
Privacy, Security, Encryption Dino Dai Zovi, the New York-based security researcher who took home USD b10000 in a highly-publicized MacBook Pro hijack on April 20, has been at the center of a week's worth of controversy about the security of Apple's operating system. In an e-mail interview with Computerworld, Dai Zovi talked about how finding vulnerabilities is like fishing, the chances that someone else will stumble on the still-unpatched bug, and what operating system - Windows Vista or Mac OS X - is the sturdiest when it comes to security.
Thread beginning with comment 236024
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[2]: Track record
by Umbra on Tue 1st May 2007 05:55 UTC in reply to "RE: Track record"
Umbra
Member since:
2006-03-06

It's not like Apple's track record is much better. Since 2005, OSX has had nearly as many Security Updates as Windows, and many of those updates have been massive, at least one fixing over 40 flaws, and multiple updates fixing over 20.

Do you think computer security is a one time event ? A one night stand ? No, computer security is an ongoing never ending process. Apps change, apps grow, can do more and behave differently by each new versions. The OS does also evolve.

After 5 years on the market none of the 25-30 million Mac OS X users have had their Mac OS X systems infected with viruses nor spyware. The end results for Mac OS X after 5 years on the market is one or two unsuccessful worms that where more like a proof of concept - plus one hole in Java (but never the less - a serious enough one)

Edited 2007-05-01 05:58

Reply Parent Score: 5

RE[3]: Track record
by andrewg on Tue 1st May 2007 12:12 in reply to "RE[2]: Track record"
andrewg Member since:
2005-07-06

Which really goes to show that with all the security vulnerabilities many, if not most, have been identified by others that people who tend to write viruses, worms, etc are not bothered with a relatively small user base.

Your rebuttal completely misses the point. Whether or not anyone has bothered to take advantage of all the bugs in MacOS is not the point being made, the point is that OSX has had as many bugs as Windows.

Microsoft has gone from having the worst develpoment policies/processes relating to security to being a model for all other vendors excluding maybe OpenBSD.

Reply Parent Score: 5

RE[4]: Track record
by mouth on Tue 1st May 2007 13:14 in reply to "RE[3]: Track record"
mouth Member since:
2005-07-06

Which really goes to show that with all the security vulnerabilities many, if not most, have been identified by others that people who tend to write viruses, worms, etc are not bothered with a relatively small user base.

If the size of the user base was the main reason why no one is writing malware for Mac OS X, then why was Mac OS 9 and previous versions a target? Why is it that I ran Virex on my older Macs (to protect them from viruses in the wild), but my last three Macs (all OS X) have not suffered the same fate?

The user base excuse does have some merit (my BeOS installation is running fine with no real malware threat), but OS X has a huge banner on it asking for it to be compromised. As Umbra stated above, there are 25-30 million OS X users out there, and this is no small number. The target is rather large, and even better, the users would most likely be unsuspecting.

Reply Parent Score: 4