Study Recommends Mac OS X as Safest OS
rocketjam writes "The British security firm mi2g has concluded a comprehensive 12-month study to identify the safest 24/7 computing environment. In the end, the open source BSD and Mac OS X came out on top with the fewest security breaches against permanently connected machines worldwide in homes, small businesses, large enterprises and governments. The study found Linux to be the most breached environment 'in terms of manual hacker attacks overall and accounts for 65.64% of all breaches recorded'. Windows was the most breached environment in government computing and led Linux, BSD and Mac OS X by far in economic damage caused by breaches." We mentioned their previous study too. As before, the study ignores the thousands of automatically-spreading viruses for Windows.
As a Mac user and Linux guy, I have to say that this kind of study is a little tilted... how many Mac users and Windows users really know how to record a breach into their machine? Neither ships with process accounting on out of the box, to my knowledge.
I recently had some puke engage in comment spamming my website. Traceback revealed he was using a Windows XP machine infected with the Subseven trojan. I'd be willing to bet that breach was not recorded.
I can't find the source of the reported breaches. How did they determine which breaches to investigate? Were they only breaches reported to them? I can state for a fact that many companies do not report breach attempts to anyone. So this investigation probably isn't of a very accurate sample pool.
Developers: We can use your help.
I am glad you pointed out that this is about manual exploits, NOT about which OS has the best security. If we were talking strictly about vulnerbility the story would be quite different. Quite simply, Mac OS would lose (IMHO): http://www.computerweekly.com/articles/article.asp ?liArticleID=131513&liArticleTypeID=1&liCategoryID =2&liChannelID=22&liFlavourID=1&sSearch=&nPage =1
Not that this matters. But it's also good to know its safe. But how many people actually direct connect to the internet? Doesn't it make sense to have some sort of cheap firewall/router box to protect you?
It's either on the beat or off the beat, it's that easy.
I moderate therefore I rule!
--
The response to the 'popularity' point for Linux vs Windows is that the popularity of Windows does not come close to explaining the statistical difference... Counterexamples include considering that Linux is a fer more popular internet server than Windows is, but still gets fewer total exploits in that field.
For Linux Vs Mac, It's harder to say that the difference is or isn't due to the market share, and the authors are simply acknowledging that. Perhaps, in time, someone will do a study to attempt to distinguish that difference (and we can then bash and/or praise that to our hearts' content)
Free Software: Like love, it grows best when given away.
My own anecdotal experience would be roughly the same (sans OS X experience). I have known someone whose Linux box was rooted, but it, too, was a manual attack. Windows goes without saying. OpenBSD goes without saying, too (oppositely, of course).
Linux is a very good general purpose OS, but it's development is volatile enough that it requires a conservative approach with respect to security. I would use an older more mature kernel along with manually paring down the rc directories and inetd.conf, among other things. OpenBSD, on the other hand, is stripped out of the box, and the user must add services. I generally feel that Solaris ranks more with Linux, in that a manual hardening effort really is necessary. Never would I put Windows on the Internet--it would be like swimming in the ocean with steaks tied to my legs.
-- "Makes Little Debbie look like a pile of puke!" - Moe Szyslak
The sad thing is that they apparently went through a lot of effort to collect data, but at least as they've presented it the data makes it impossible for anyone to draw any conclusions. The whole thing was wasted effort unless they've got some more data they didn't bother putting into the study, that can show successful attacks as they relate to attempted attacks against each platform, or at least related to how many of each platform are actually installed and meet their criteria.
Don't blame me; I'm never given mod points.