It happens to be a topic du jour in world of computer viruses, there’s a huge fight going on, said David Perry, director of global education at Trend Micro Inc.
The debate got a little more public recently, when experts from Sophos Plc issued a report that had some headline writers screaming Ditch Windows for Mac.
It seems likely that Macs will continue to be the safer place for computer users for some time to come – something that home users may wish to consider if they’re deliberating about the next computer they should purchase, Sophos senior security analysts said.
The statement, which reflected the fact that there are about 180,000 different pieces of malware, mostly targeting Windows boxes, was attributed to either Graham Cluley or Ron O’Brien, depending on which side of the Atlantic you were on.
It’s really a reflection of the behavior of the consumer rather than an indictment of Microsoft or endorsement of Apple, O’Brien told us later.
The bottom line is that given there’s maintenance and management associated with maintaining a safe and secure Windows environment, if an individual is not willing to exert that effort, it may well be that a Mac is a better use of their resources, he said.
O’Brien, Trend’s Perry and Dave Cole, director of Symantec Corp’s Security Response, all agreed that Macs haven’t seen the kind of malware activity as Windows because the Mac is still a minority operating system.
At the end of the day, the point [Sophos] is making is accurate, Cole said. Attackers are motivated financially. They’re going to go after the biggest market share, like telemarketers… they play the numbers.
According to Perry, the debate in the antivirus community is about whether Mac is intrinsically more secure, or whether it’s just de facto more secure.
In other words, is the Mac de facto secure because it’s intrinsically secure, or just because nobody is attacking it? Is a bulletproof window being attacked by a demolition ball less secure than its untouched sugar glass equivalent?
It may be possible that Windows is more secure by the design of the code, but in practice it doesn’t matter as Windows is the majority operating system, Perry said. We pretty much all agree that the de facto better security you get in a Mac is because it’s not the majority operating system.
He said he doesn’t know any virus experts that don’t have a Mac somewhere in their collection of computers – mainly so they can beat up on them, testing for vulnerabilities.
Whether Macs will ever be a platform that is attacked is debatable. It will largely depend on Apple’s market share, but some say it will also depend on how loudly the Mac community plays up the security of the OS.
Apple’s recent American TV advertising, for example, takes a shot at the number of Windows viruses.
The Apple-using community is begging to get smacked down, Perry said.
Almost invariably, when somebody lays down the gauntlet, something comes so far out of the left field that we have to change our definitions to describe what happened, he said, noting the different types of attack that have emerged over the years.
The debate is likely to continue, particularly after Windows Vista, which has numerous security upgrades, is released next January.
In the meantime, some security experts will still tell their non-technical friends that Macs should be considered an option for reducing security headaches when buying a computer.
What’s most important for these users is ‘What’s the threat landscape out there?’, Sophos’s Cluley said. The sheer quantity of malware exists for one OS and doesn’t exist for the other.
He added that most of the hate mail he has received so far came from Unix users.
