The gang on MacBreak Weekly, to which I was listening on my commute this morning, touched on the recent spate of trojans accompanying illicit copies of iWork and Photoshop CS4. They rightly commented that this is really only a problem for idiots who supply their admin password to install shady downloads. But they (I am using “they” because I don’t recall which member of the panel actually said it—they all seemed to agree) also suggested that it is still a matter of time before the Mac community’s security complacency bites it in the rear. Meaning, the time will come when teh evil haxxorz target Mac OS X full-bore and Mac users start to suffer the same unwitting security problems that have plagued Windows users for decades.

This is the point where I think they are wrong, for two reasons.

For the first, I point to a pretty old Daring Fireball article which John Gruber has referred to in security-related posts over the years. I think his comments on market share are important. While Windows commands an overwhelming PC OS market share, its share of malware is disproportionately more overwhelming, compared to Mac OS’s. I would add to that datum the fact that if you look at individual exploits/hacks/whathaveyou, the worst Mac OS problems have never approached the epidemic nature of Windows’ viruses and botnets. They are shut down rather quickly, or they are too flawed to propogate effectively to begin with.

My second point is to refute the idea that hackers aren’t already actively trying to penetrate and exploit OS X. Seriously? Have you read the comments of any die-hard Windows users lately? There has to be more than a handful of compentent programmers nefarious enough to write viruses and with an interest in getting a Mac virus out there, profit in it or no. Particularly when you look at my first point; while the ratio of Windows exploits to Mac exploits does not match the OS market share ratio, I would guess that the ratios of programmers attempting said exploits is more similar. My conclusion: they are trying, but Mac OS X is a robust enough platform, owing to some combination of inherent engineering and a system that encourages good user practices¹, that it is difficult to exploit.

Ultimately, my belief is this: Apple (its designers and engineers) makes good stuff; they do the right thing, they care, and they’ve given usability and security some thought. Microsoft doesn’t, and hasn’t. Or, if they have, it hasn’t come through in their final product. Coming full circle back to John Gruber again, it might have something to do with his Auteur Theory of Design.

Update - Daniel Eran Dilger has a new article on this very topic.

Tags: Apple

This entry was posted on Wednesday, January 28th, 2009 at 2:57 pm and is filed under Apple. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.