Slashdot Mirror

← Back to Stories (view on slashdot.org)

Study Recommends Mac OS X as Safest OS

Posted by michael on from the safety-first dept.

rocketjam writes "The British security firm mi2g has concluded a comprehensive 12-month study to identify the safest 24/7 computing environment. In the end, the open source BSD and Mac OS X came out on top with the fewest security breaches against permanently connected machines worldwide in homes, small businesses, large enterprises and governments. The study found Linux to be the most breached environment 'in terms of manual hacker attacks overall and accounts for 65.64% of all breaches recorded'. Windows was the most breached environment in government computing and led Linux, BSD and Mac OS X by far in economic damage caused by breaches." We mentioned their previous study too. As before, the study ignores the thousands of automatically-spreading viruses for Windows.

8 of 370 comments (clear)

  1. Why isn't BSD in the title? by Anonymous Coward · · Score: 5, Insightful

    It's ranked as safest, too.

  2. Oh Dear God by Anonymous Coward · · Score: 5, Insightful

    This study is pretty much useless. Essentially what they're reporting is that of all manual hacker attacks that are successful, most of them happen on Linux, and Mac OS has the least of them. This does not mean that Mac OS is more secure. It may simply mean that Mac OS is less often attacked, or the MAc OS is less often used in 24/7 environments.

    Show us a report studying attempts/successful attempts ratio, and it might actually mean something.

  3. Fun with percentages by rackhamh · · Score: 5, Insightful

    Wouldn't it be more useful to provide statistics on the percentage of *each environment* that suffered breaches -- e.g., 17% of Linux machines suffered breaches, 28% of Windows machines, 19% of OS X machines?

    Unless I've misread the article (which is possible), the numbers they provide don't seem to take into account the *prevalence* of each environment.

  4. Re:Isn't it the least used? by BlaKnail · · Score: 5, Insightful

    Yes, you are wrong to think this.

    First, the study shows linux subject to the most manual attacks. That doesn't jive with your logic.

    Also, see the oft repeated marketshare of webservers. Apache is by far the most used, but subject to far less attacks than IIS.

  5. Logical fallacy by daveschroeder · · Score: 5, Insightful

    I know you're just joking, but for others who actually believe this, it bears repeating:

    If that were true, then apache would have the most exploits of any web server, since it has the greatest market share. However, that is not the case: Microsoft IIS is by far the most exploited web server, with only around 20% marketshare.

    Additionally, lesser marketshare does not automatically imply anything with regard to security. Sure, it's *targeted* less, and people might spend less time attacking it, but that does not mean it is less secure. In fact, there are numerous technical, design, and architectural reasons that, e.g., Mac OS X is more secure than Windows. A few examples would be: no ports or services open by default, services that are used are likely to be open source services like apache and OpenSSH which receive in intense scrutiny so that theoretical holes are closed before they become practical ones, there are more layers of abstraction between an email attachment and it actually becoming a meaningful exploit, prompting and notification for administrative-level or elevated privileges, less likelihood of standardization on a single email client reducing the exposure of a single point of attack, etc.

    And sure, marketshare helps too, in terms of things like the statistical likelihood of the next host encountered/scanned by a piece of Mac OS X malware also being Mac OS X. But that's no where near the whole story.

  6. The manual Linux breeches are significant though.. by StressGuy · · Score: 5, Insightful

    I've been tinkering off and on with Linux for a while now and I'm by no means an expert. About a year or so ago, I got the Knoppix liveCD and did a hard install with it, making it essentially a mixture of Debian stable/testing/SID. Anyway, one day I fire up Quake and, instead of the normal music, it's playing this "We are the Animals" crap. The startup script even says, "This version of Quake has been hacked". I try to install Bastille but can't quite get it to work on this mixed-Debian install. I also can't un-install it.

    So, now I'm using SuSE - mainly because it has built in security functions and is easier to configure. I kinda wish I could just go with something like Slackware and set all of it up myself, but I have limited tinkering time these days.

    I suspect that a growing population on non-expert Linux users could be a potential security vulnerability.

    --
    A goal is a dream with a deadline
  7. Think of the prestige! by slinky259 · · Score: 5, Insightful

    It's been widely repeated by many of my compatriots that Macs are simply more secure because they have a tiny user base. However, hacker culture is based on egos, correct? Imagine the fame one could gain by creating a virus that infects Macs too - they'ed be able to smash the "Macs don't get virii(?)" claim and they would get attention - for some people, good or bad doesn't matter.

    I'm sure a Mac virus for OS X has at the very least been attempted. Why hasn't it succeeded at spreading all around?

    OS X really is more secure

  8. Re:Before people go nuts... by Brandybuck · · Score: 5, Insightful

    This is likely because of the great number of Linux server

    Wait! Everytime Microsoft makes this argument in defense of Windows shoddy security, Slashdot laughs them down. Suddenly the argument is valid for Linux?

    --
    Don't blame me, I didn't vote for either of them!