Slashdot Mirror

← Back to Stories (view on slashdot.org)

Study Recommends Mac OS X as Safest OS

Posted by michael on from the safety-first dept.

rocketjam writes "The British security firm mi2g has concluded a comprehensive 12-month study to identify the safest 24/7 computing environment. In the end, the open source BSD and Mac OS X came out on top with the fewest security breaches against permanently connected machines worldwide in homes, small businesses, large enterprises and governments. The study found Linux to be the most breached environment 'in terms of manual hacker attacks overall and accounts for 65.64% of all breaches recorded'. Windows was the most breached environment in government computing and led Linux, BSD and Mac OS X by far in economic damage caused by breaches." We mentioned their previous study too. As before, the study ignores the thousands of automatically-spreading viruses for Windows.

5 of 370 comments (clear)

  1. Before people go nuts... by daveschroeder · · Score: 5, Informative

    ...this study is talking about manual exploits, and says as much:

    The study also reveals that Linux has become the most breached 24/7 online computing environment in terms of manual hacker attacks overall and accounts for 65.64% of all breaches recorded, with 154,846 successfully compromised Linux 24/7 online computers of all flavours.

    This is likely because of the great number of Linux servers, and the wide variety of network services and ports open to the world on such servers.

    And it does, in fact, make distinct reference to Windows malware (self-propagating worms, viruses, etc.):

    Malware proliferation

    The recent global malware epidemics have primarily targeted the Windows computing environment and have not caused any significant economic damage to environments running Open Source including Linux, BSD and Mac OS X. When taking the economic damage from malware into account over the last twelve months, including the impact of MyDoom, NetSky, SoBig, Klez and Sasser, Windows has become the most breached computing environment in the world accounting for most of the productivity losses associated with malware - virus, worm and trojan - proliferation. This is directly the result of very insignificant quantities of highly damaging mass-spreading malware being written for other computing environments like Linux, BSD and Mac OS X.

    Also interesting:

    For the record, neither mi2g Ltd nor the mi2g Intelligence Unit have a business relationship with Apple Computers and we do not own any shares in that corporation. Previously, the mi2g data for one month was considered to be too small a sample and not representative of the global environment within which different types of entities - micro, small, medium and large - exist. We have addressed those concerns in the new study. The critics were against the previous study which also came out in favour of Apple and BSD, because the entrenched supporters of Linux and Windows felt that mi2g was guilty of 'computing blasphemy'. In subsequent months, mi2g's reputation was damaged on search engines and bulletin boards. We would urge caution when reading negative commentary against mi2g, which may have been clandestinely funded, aided or abetted by a vendor or a special interest group.

    There are a wide variety of reasons to expect that Mac OS X is a significantly more secure computing platform than Windows in a non-server/desktop setting; this study only further confirms that.

  2. Re:Sure, but... by friendscallmelenny · · Score: 5, Informative
    I couldn't agree LESS.

    I think mac users are a very bimodal group. There are lots of pros, comfortable with various OS's. However, there are tons of totally clueless folks.

    I cleaned up a lot of macs in the pre-OSX days when a handful of annoyances like macro-viruses were common.

  3. You have been trolled by Mi2G by Anonymous Coward · · Score: 5, Informative


    Mi2G are about as expert in computer security as your local nursery school, they are basically a fraud outfit that decieve companies by using FUD in order to transfer cash from company accounts to the chairmans pocket, and slashdot linked them up
    and you wonder why no one subscribes and blocks slashdots adverts

    in the security scene they are worthless

    Register article

  4. Mac OS X default security settings by MrMartini · · Score: 5, Informative

    One important factor with Mac OS X security is its default security settings; when someone buys a new Mac, takes it home and starts it up, their firewall is enabled, all of their sharing/webserving services are turned off, and their root account is disabled.

  5. Numbers show: Windows not more secure than Linux by Morganth · · Score: 5, Informative

    According to Netcraft, Apache outnumbers IIS 3:1, and I'm making the (valid) assumption that most Apache web servers run on Linux. Let's also make the other assumption that most 24/7 machines are web servers (that most servers accessible on the net are web servers).

    So, Netcraft has 37,620,349 Apache servers on-file, compared to 11,679,222 IIS servers. Mi2G has reported 235,907 successful breaches. First of all, to give you an idea of the sample size, that's 0.5% of all servers recorded by Netcraft! But let's give them that, since this is a sample of breaches occuring in a relatively short time period.

    Now here comes the real news. 59,419 of computers recorded as breached are Windows, whereas 154,846 of computers recorded as breached are Linux (mi2g's numbers). Let's take those as percentages of all Linux [*nix] servers, and of all Windows servers. Looks like 0.4% of Linux servers have been breached, whereas 0.5% of Windows servers have been breached. So Windows is a little less secure, by my metric.

    Now, this is a little unfair, because my assumption above (that Apache servers run Linux) is wrong. Many Apache servers that Netcraft picks up run BSD and could even run Mac OS X Server, I guess. Even taking this into account, the breach rate would be about the same for the two OSes (probably a little bit better for Linux).

    What this doesn't take into account in terms of the Windows/UNIX debate are the hidden costs of an IIS server in terms of administration, virii, stability, reboot requirements, etc. the list goes on and on. It also doesn't take into account SOME hidden costs of Linux/BSD servers, but those are minor compared to the Windows annoyances (trust me, I know: I administer a Windows server, unfortunately).

    That said, I do think BSD probably is more secure, and I use Netcraft's "longest uptime" as one of my metrics. To me, it seems the longer a site is on the Internet, the more statistical chance it has to get attacked. That ALL of the top uptime sites on Netcraft's list run BSD shows me that BSD is a pretty rock-solid OS for servers, that you can leave them out there in the wild for years without worry.

    The real bottom line is that software that runs on UNIX-like OSes tends to be more secure, and this usually has not too much to do with the OS. For your box to have real security, the system administrator has to be smart (or the distro has to come with Smart Defaults, like I believe Debian does in the Linux world). The only real way to prevent security breaches is to be a smart administrator: to think ahead and secure your boxen before it's too late.

    All this study shows me is that no OS is a "magic bullet," that breaches occur on unprotected machines regardless of your OS. No one blames car manufacturers/designers for stolen in-dash CD players if you stupidly forget to lock your doors.