Why is Mac OS considered more secure than Windows?

Any box poorly managed can be a nightmare - no matter what.That just argues for more user education and choice in the market IMHO, but many will disagree (blinders don't make your world any safer - you just choose not to see the dangers). The fact is that there is no perfect security available from any vendor - ever.

People will make mistakes. You should plan for those mistakes and think for yourself. That's the first step in practicing security - learning to think for yourself and taking ownership of that security. You owe a responsibility to everyone else to be secure as possible. Incidents will happen and there is no complete, 100% guaranteed, bulletproof solution (regardless of what anyone might tell you).

So, my question would be - how much have you educated yourself about practicing security on your machine? Do you tend to try to learn more, or put minimal safeguards in place and call it quits (as in: you believe you have done enough to meet the minimum standards)?

That's the crux of the issue - not a religious flame-war, but education, choice and diversity. People should be free to choose what works for them and spend time educating themselves about what to watch for, what to do and how to really work securely in their environment. If those practices are not observed, then no OS is any more secure than the other.

Google's Chrome OS will be another point in the global OS competition as well, and it what it brings to the table is yet another blurring of the line toward a Network OS - a dream that has never been realized before. It may or may not be more secure than today's traditional desktops or laptops. It may be the web-top OS. Only time will tell for certain.

Whatever comes in the future - only education and practicing what you learn will make the difference, and even then - it still won't be 100% secure. nothing ever is, regardless of what claims people make. There is always someone who is smarter and whose job of breaking security is far easier than actually securing things. That job is very tough, because you only have to fail once to be blamed - they only have to succeed once to achieve their goals. For a thousand successes, you get no accolades, for one failure - you're blamed.

I would rather see people focus on being secure and practicing good security versus people thinking one OS or the other is the only solution. That thought is inherently incorrect.

I've been using Macs for 21 years and never once had a virus or spyware on my system. I've been online for 15 years, so I've been interacting online and downloading files and emailing for that long, and still not had a problem. I run virus software once a year, and have never found anything. I was always under the impression that Macs were more secure simply because less people used them and therefore hackers didn't invest time creating viruses to invade them.

But I think that might be changing. With the launch of the iPod, Macs became more popular, and they are now a considerable percentage of the market share (estimated at 10%: http://digg.com/d3zl3J). I build websites for a living, and we used to be okay if it didn't work on a Mac (unless it was focused on the design community), but today we must consider the Mac since 8% of users are on Safari, the Mac-native browser.

Back in April there was a report of an iBotnet released that effected on Macs (here's an article about it from CNN: http://www.cnn.com/2009/TECH/04/22/first.mac.botnet/index.html). It was reported because it was so rare. But I think with the increase in Mac sales we might see these more often, but still not nearly as prevalent as a PC. A good anti-virus program I'm sure could keep the system safe.

Hope this info helps.
Bonnie

Hi,
Essentially is a question of efforts in hardening a system, *nix are really flexible and could be rendered effectively secure thanks the research/documentation around these systems.

Windows is monolithic, closed so became harder to interact, configure/figure out why something happens etc. and last but not least the presence of malware.

Building a secure Window station is possible, with great efforts, monitoring, good firewalls etc.

There are samples of well implemented Window servers, but is an harder work and in these years we have seen as the number of sysadmins of linux systems presented an exponential increase.

From this..born the ' *nix OSses are more secure ' =)

Regards,
Giuseppe 'Evilcry' Bonfa'

The above comments highlight many of the problematic areas of Windows. In my experience one of the major problems is the compatability issues with Windows when you require newer functionality. It generally involves some major updates which can introduce new security problems, which in turn involves Patching. Even in a small environment this can be very difficult, ensuring that you are secure yet retaining functionality...going forward may not necessarily be the best thing but in the Windows world more often than not you are forced down this route, ie Automatic Updates. It appears that the differentiation between Windows Server and Home is more so than say Linux home/Server, Mac and other Unix flavours aka the same code but scaleable. As others have said it is possible to build a secure Windows environment but you must consider the maintainability of it. Exploits within Windows mean that not only Microsoft but vendors are in a situation of continuous change which does not bode well for a stable environment. So not only is it a Maintenance/Management issue but also a Cost Issue. It is worth doing some research into the amount of security fixes that have been issued with your proposed Windows solution against a comparable Mac/Unix/Linux one and then make your judgement accordingly. Sorry if the answer is not precisely what you want but this is one of those 'It Depends' type of questions. There is plenty of information available on this subject for you to research.
HTH
Dave

I think that the main difference in security of Windows and Linux OS lies in their global approach to the architecture of a system.
The Linux way is making self-sufficient programs with limited functional. It means that a program is well tested and doesn't have problems with integration.
The Windows way is integration in one program many functions, and it leads to complicated testing, serious integration problems, and as a result, security holes.

Security is first and foremost in implementation and management. The OS is only one factor. From a technical stand point, the applications are the more susceptible to attack then the OS. So an insecure web application (for example) will be just as insecure on Windows, Mac, Unix or Linux.
Most security breaches are due to misconfiguration and bad practices. While "first day exploits" exist, they are not the main cause for security breaches.
I will say that Unix (and Unix like) OS's are more robust in handling application errors then Windows, and I find this a more important factor in selecting an OS.

Microsoft sat on critical flaw for two years - ActiveX flaw patched last Tuesday was reported back in 2007

http://www.v3.co.uk/v3/news/2247842/microsoft-sat-critical-flaw-two

Any Apple system should have antivirus software and a firewall to protect it, just like Windows.

Go with the platform that offers you the best business functionality, then get the necessary software and hardware to protect it.

IMHO, that means Microsoft simply because of the vast amount of powerful software available... and also because I'm a Microsoft Certifed Partner.

I should add that in my 29 years in this business I've not had a single client running an accounting package, a database, or a mail system on an Apple computer. (Wait... I take that back... I did have a single-user client running on an Apple II back in 1987. It had a 5mb hard drive!)

We have a printing client where all the sales people and designers use Macs, but they use a Microsoft Exchange server for email, and the accounting department uses Windows and Microsoft Dynamics GP.)

I *am* impressed with the Apple stores and the Genius Bar... just don't ask them about debits and credits.

Kirk Alexander
http://www.ceoteams.com

It's worth pointing that Snow Leopard has virus scan built in -- http://blogs.zdnet.com/security/?p=4104

There will always be vulnerabilities no matter which operating system you choose. Apple has a very strong OS built on the Unix platform, and their development team is constantly working on identifying weaknesses and issuing patches for them (in the form of software updates).

You also may consider that the bulk of the business world runs on the Windows platform, so if I were a hacker looking to do a lot of damage, I'd get more "bang for buck" going after Windows OS users than Mac OS users.

Regardless you should use the OS that makes most sense for your organization and business goals. Its the responsibility of your IT staff to ensure that your company stays safe regardless of which operating system you choose to use.

The MAC OS is more secure for sure. I am not qualified as a hardware geek but 20 years ago, I understood the basic concept pretty well. And MS is building it's newer OS on Unix principles.
MS DOS was the foundation of Windows to start. The chip makers built their processor and RAM chips around that platform.

Inherent is that is a memory "page swapping" process that creates many critical points for the proper handling of memory. MAC systems designate a block of contiguous memory for each application opened. As a result, the OS can protect that memory better. Perhaps this is what Stanislav alluded to.
All virus target applications but if the application is spread out all over the memory it is more vulnerable.

In reality, this is not necessarily a fault of MS since no one expected to be counting bytes in gigs in the '70s. Have they been slow... perhaps. But they do have responsibilities to their developers, supplies and consumers get it right. They are the 600 lb gorilla.

Hi.

You've asked one of the killer questions that really has no straight forward 'black and white' answer.

Your answer is actually another question "Why is Unix and it's derivatives more secure than a MS Windows platform?".

Random and initial thoughts while slurping coffee...

An MS Windows environment can be tightened incredibly well, it can managed and monitored. Sometimes the securing can be undone by 'users'. If we didn't have 'users' bringing in CDs, USB keys and browsing the Internet our lives would be a lot easier.

MS Windows is an easier target for individuals intent on bringing it to its knees due to:
a) market share
b) large MS employed development teams
c) fudged architectural synergy
d) 3rd party applications

Unix and the many Linux derivatives are in the majority Open Source projects welcoming all types of development, expertise and community commitment to make something successful and work. Solid development from the ground up makes for a cohesive architecture.

There are 10s of thousands of Virus / Trojan / Worms apparently about to drain the life out of our PCs but if machines are secured sufficiently with proper design from both internal and external considerations life should be pretty painless. On the flipside Mac OSX has fewer than 100 known virulent nasties.

Internet facing web services in the majority of world today are facilitated by non-Windows applications, it's later down the line and behind DMZs where the Windows Back Office applications are used.

Deciding on your purchase for your business is also about working out what is fit for purpose for the intended role. You may be steered by clients distributing MS Office documents, Adobe Photoshop files, CAD etc... It may be prudent to standardise for support TCO accepting the few exceptions can be justified for their role.

Hosted solutions are becoming more of an option as the world moves forward to the IT Cloud. This of course may be too much too quick but places the responsibility on another company to provide services, such as e-mail, as well as facilitating BC and DR if required. Your company data may be too sensitive of course but again that's another discussion.

MS Windows can be secured incredibly well, just disconnect it from your network and you'll never have a problem again ;-)

Regards,
Darren.

There is a very good reason why modern MacOS is more secure than Windows.
It is called good architecture and security by design.

The sad reality is that folks at Microsoft did not care much about computer security until probably about year 2003 when they realized that they have starting losing business because of poor security...

Windows was designed for non-networked Personal Computers (emphasis on Personal and not-networked). Back in the 80-x and 90-x PCs simply did not require the level of security which is absolutely necessary for multi-user shared systems/mainframes or systems talking to other systems across computer networks. Back then the only way to get a virus on to your PC was to get it from an infected floppy disk. And back then the viruses were mostly written for harmless fun and plain vandalism.

Nowadays you can infect your Windows PC with a silent information-stealing Trojan just by visiting a perfectly legitimate website (for example reading someone’s blog). Un-patched security holes in windows mean that even if you visit a perfectly trusted website like hotmail.com for example or even THIS ONE the ad banner displayed by the advertisement network at the top of the page could contain malware which can SILENTLY INFECT your PC and start stealing your confidential data from your hard drive as well as capture every single keystroke when you type in your password and bank details.

People who claim that a Windows PC can be made secure do not mention about the fact that it is NOT SECURE OUT OF THE BOX. They must have a lot of work done by an expert to harden the system.

If you are a small business and don't have a skilled IT department who knows how to properly secure Windows workstations and network, install, configure and maintain firewalls, install regular software patches for all software that you are using as well as antivirus updates - you are far more vulnerable than if you run Macs. Don't get me wrong you still do need a firewall and an antivirus on each computer even with Macs, but Windows machines require much more effort (and cost!) to keep them secure.

The reason why PCs became so much more popular was the historic fact that they were cheaper and had far more useful business applications than Macs. Microsoft made the emphasis on availability of useful business applications rather than on security and won the market share.

I agree that people should use good security practices whatever operating system they use. This is 100% correct. However in the fast-moving business world you cannot expect your business users to also be computer-security-savvy and stop then from browsing websites or reading emails which they have to do as a part of their job.

Yes, Macs are not 100% secure (nothing is) and there are viruses out there targeting Macs, but it is a tiny fraction compared with Windows-based exploits in the wild. I don’t even want to mention how many un-patched security holes are still in Windows (All versions) and how long it takes Microsoft to patch them (at least one month).

So to summarize why Mac OS is more secure than Windows:

- it was architected with layered security in mind based on (Windows had security bolted-on later)

- it is more secure “out-of-the-box” (Windows requires a lot of work to harden the security)

- it has far less viruses and malware targeting it (rough ratio 1 to 100 000)

- any reported vulnerability is patched within a couple of days (It takes Microsoft takes an average of one month to release a patch. There are still a lot of unpatched holes with exploits “in-the-wild”)

Dear, Mac is based on Unix system which is the BOSS of all systems and it has a very tight permission structure not like the new kids on the block "Windows" also there are way more servers running linux which is a unix based too for that reason it is really worth investing in a linux virus/trojan which can be easily ported to Mac so the very first comment is not TRUE the fact is Windows is the fragile system and the people behind it just care about impress people visually and sell more ..them try to fix..em like the very famous VISTA and still people buy windows OS ...no Comments..