Thursday, February 17, 2005

OSX v Windows

I just read this article. The author wonders why people put up with the viruses and worms that attack Windows installations when one could just buy a Mac and engage in worry free computing for the rest of their lives. I agree that preventing attacks on a Microsoft's operating system does add considerable complexity for novice users, and at best minor annoyance for power users. I also agree that OSX is a far superior implementation of an operating system based mostly on the face that it's a Unix variant. But I think this kind of blanket assumption that OSX is impervious to viruses and worms is shortsighted and dangerous.

While the general security model that OSX inherits from Unix has more than proven itself over the years and it is extremely difficult for any process not running as root on a Unix machine to do damage outside a user's accessible data, that doesn't mean that you can't do damage. Consider a small process that simply deletes a users data and empties the trash. Very damaging if one does not have the proper backups.

The author also fails to mention the possibility that applications running on a Mac might expose buffer overflows or other bugs that could make it possible to damage a system. Keep an eye on CERT advisories, you might be surprised how many issues are Unix applications with bugs. These tend to be fixed very quickly, but failure to patch an application can result in damage. How many viruses for Windows attack up dated applications? None. Only users who fail to install the security patches are attacked (I can't ingnore the fist time install paradox however).

I think the real crux of the matter here is that attackers will attack the broadest possible audience. Why write a virus for a Mac when you can write one for Windows? To say that OSX is invulnerable is not considering all of the facts. To say that right now, OSX is convenient would be more responsible.

For the record, I'm considering a Mac, but not for the reasons mentioned in the article.

1 comment:

Anonymous said...

Mossberg at the WSJ has a similar article.

I don't know why anyone puts up with it either...