Study Recommends Mac OS X as Safest OS 370
rocketjam writes "The British security firm mi2g has concluded a comprehensive 12-month study to identify the safest 24/7 computing environment. In the end, the open source BSD and Mac OS X came out on top with the fewest security breaches against permanently connected machines worldwide in homes, small businesses, large enterprises and governments. The study found Linux to be the most breached environment 'in terms of manual hacker attacks overall and accounts for 65.64% of all breaches recorded'. Windows was the most breached environment in government computing and led Linux, BSD and Mac OS X by far in economic damage caused by breaches." We mentioned their previous study too. As before, the study ignores the thousands of automatically-spreading viruses for Windows.
Before people go nuts... (Score:5, Informative)
The study also reveals that Linux has become the most breached 24/7 online computing environment in terms of manual hacker attacks overall and accounts for 65.64% of all breaches recorded, with 154,846 successfully compromised Linux 24/7 online computers of all flavours.
This is likely because of the great number of Linux servers, and the wide variety of network services and ports open to the world on such servers.
And it does, in fact, make distinct reference to Windows malware (self-propagating worms, viruses, etc.):
Malware proliferation
The recent global malware epidemics have primarily targeted the Windows computing environment and have not caused any significant economic damage to environments running Open Source including Linux, BSD and Mac OS X. When taking the economic damage from malware into account over the last twelve months, including the impact of MyDoom, NetSky, SoBig, Klez and Sasser, Windows has become the most breached computing environment in the world accounting for most of the productivity losses associated with malware - virus, worm and trojan - proliferation. This is directly the result of very insignificant quantities of highly damaging mass-spreading malware being written for other computing environments like Linux, BSD and Mac OS X.
Also interesting:
For the record, neither mi2g Ltd nor the mi2g Intelligence Unit have a business relationship with Apple Computers and we do not own any shares in that corporation. Previously, the mi2g data for one month was considered to be too small a sample and not representative of the global environment within which different types of entities - micro, small, medium and large - exist. We have addressed those concerns in the new study. The critics were against the previous study which also came out in favour of Apple and BSD, because the entrenched supporters of Linux and Windows felt that mi2g was guilty of 'computing blasphemy'. In subsequent months, mi2g's reputation was damaged on search engines and bulletin boards. We would urge caution when reading negative commentary against mi2g, which may have been clandestinely funded, aided or abetted by a vendor or a special interest group.
There are a wide variety of reasons to expect that Mac OS X is a significantly more secure computing platform than Windows in a non-server/desktop setting; this study only further confirms that.
Re:Before people go nuts... (Score:5, Insightful)
The problem with this study isn't that it can been seen to say that Windows is more secure than Linux (which it doesn't say, specifically denies it's saying it, but with Linux users will think it's saying and flame away).
The problem is that they claim to be trying to find the "most secure" OS, and then look at the % of total attacks against each type of system instead of the average per installation of each type. If I set up 5 insecure "A" machines and 100 more secure "B" machines, and find that there were 5 attacks against the A machines and 20 against the B machines, I can conclude that the B machines are least secure because they account for 80% of attacks, or that A machines are least secure because they're attacked 100% of the time vs. 20% of the time. The raw numbers are completely meaningless in the context they're presented in, and the "news alert" itself show they're either intentionally misleading people or they're incompetent and need to hire a statistician with a big clue stick.
By the way, I do think the BSDs are probably "more secure", as they claim, but their methodology makes me ashamed to share their opinions.
Re:Before people go nuts... (Score:5, Insightful)
I'd feel the same about someone who said that evolution was a better theory than creationism, and went on to "prove" it with fake fossils they made in their basement. Being right for the wrong reasons is just as bad as being wrong.
Re:Before people go nuts... (Score:5, Interesting)
The sad thing is that they apparently went through a lot of effort to collect data, but at least as they've presented it the data makes it impossible for anyone to draw any conclusions. The whole thing was wasted effort unless they've got some more data they didn't bother putting into the study, that can show successful attacks as they relate to attempted attacks against each platform, or at least related to how many of each platform are actually installed and meet their criteria.
Re:Before people go nuts... (Score:4, Insightful)
Indeed. I wonder about the relevance of absolute figures in such a study. I mean, I can top all these amateurs with my own home-made kernel Skimpy, 0 breaches recorded (fact that I am the sole user intentionally omitted)
Meaningless (Score:5, Insightful)
Anyway, just in the last fews days I can think of at least one exploit requiring users of real player (on ANY platform) to "update their software" lest they be rooted by a malicious video stream. Previous hacks mentioned in the article were related to both Real and Quicktime being vulnerable to malicious skins.
Since I don't use either of these pieces of crapware I guess I'm 100% safer than everyone else and I don't have to worry about being rooted - because, after all, it's just bad software that makes you vulnerable, not being a warez whore and installing every piece of shit toy on your system that catches your eye.
Re:Meaningless (Score:4, Insightful)
Re:Before people go nuts... (Score:4, Insightful)
Re:Before people go nuts... (Score:2)
Are you saying that mi2g is ineffective in the world of security? Are you saying that they are powerful?
Re:Before people go nuts... (Score:4, Funny)
Security by obscurity? (Score:3, Interesting)
Re:Before people go nuts... (Score:5, Insightful)
Wait! Everytime Microsoft makes this argument in defense of Windows shoddy security, Slashdot laughs them down. Suddenly the argument is valid for Linux?
Re:Before people go nuts... (Score:2)
Infact, Linux could be identical to BSD in certain situations. This is a key fact that is not a factor in Unix vs. Windows comparisons.
Linux shares many of the same apps with every other common version of Unix on the planet.
This means that being smug and using BSD won't necessarily have any practical impact on you.
Re:Before people go nuts... (Score:4, Interesting)
The response to the 'popularity' point for Linux vs Windows is that the popularity of Windows does not come close to explaining the statistical difference... Counterexamples include considering that Linux is a fer more popular internet server than Windows is, but still gets fewer total exploits in that field.
For Linux Vs Mac, It's harder to say that the difference is or isn't due to the market share, and the authors are simply acknowledging that. Perhaps, in time, someone will do a study to attempt to distinguish that difference (and we can then bash and/or praise that to our hearts' content)
Re:Before people go nuts... (Score:3, Informative)
According to Netcraft [netcraft.com] Apache has the biggest web presence. Admittedly Apache is not Linux, and there are many Windows boxes out there with Apache, but it does give a good idea of the spread of platforms out there.
Re:Before people go nuts... (Score:3, Insightful)
According to Netcraft Apache has the biggest web presence.
If you read the words carefully, they can be saying the same thing. This is a case where you have to read with your skeptometer turned to High. Look carefully at the exact words, and ask yourself what exactly they mean.
Microsoft has long claimed that IIS is the most successful commercial web server. Note that word "commercial". Apache isn't for sale; it's free from
Re:Before people go nuts... (Score:3, Informative)
There are more types of servers than just web servers/servers presenting web pages.
E.g. mail servers, irc servers, telnet/ssh servers, ldap servers, servers used for firewalls, ftp servers, DNS servers, various application servers, etc., etc., etc.
When talking about security, don't get hung up only on web servers. Granted, they are among the most exposed, but they are not the only ones open to network traffic.
Why isn't BSD in the title? (Score:5, Insightful)
Re:Why isn't BSD in the title? (Score:2, Informative)
Re:Why isn't BSD in the title? (Score:2)
Re:Why isn't BSD in the title? (Score:5, Informative)
Re:Why isn't BSD in the title? (Score:3, Insightful)
Which BSD? (Score:3, Insightful)
Re:Which BSD? (Score:2)
I would equate the percentage of breaches somewhere in-line with the percentage of instances as a server PC. We all know that Apache on Linux makes up a large majority of webservers out there.
What bothers me is that they fail to mention the percentage of exploits on desktop machines as wel
Re:Which BSD? (Score:4, Insightful)
They were also talking about desktop users in small businesses and homes with a fast, always on Internet connection. Out of the box, Macs come with most network software turned off, which makes them less vulnerable. Still, a well social engineered trojan can infect any system, if the user can be tricked into running the malware and giving or having the needed admin privileges to allow installation. No Mac is vulnerable to any of the self installing malware programs that will destroy or zombiefy a Windows box, sometimes in minutes after being connected to the Internet. I don't think it is possible to write a self-infecting malware for a Mac that doesn't require user interaction.
Re:Which BSD? (Score:2)
Seriously though, FreeBSD is the most likely - it's got the most market share of all the BSD flavours.
Manual breaches... (Score:5, Insightful)
That's a software issue. Most people manually breaching systems are nmapping, finding services that are vulnerable, and exploiting them.
Furthermore, unlike worms, crackers might not know what operating system the site is running until they attempt to infiltrate it. It's not like people go looking for Linux boxes randomly.
I think that the argument that Linux is installed on more target machines than the other operating systems is acceptible here, even though it is somewhat fallacious when it is used to defend Windows security against automated attacks like viruses and worms.
Re:Manual breaches... (Score:5, Informative)
I have many, many sshd/firewall logs that disagree with that. See here [seclists.org] for some details of what people do if they can get in.
Crackers look specifically for Linux because your chances of finding an amateur administrator are far greater with Linux than BSD, Solaris, etc. I'd say it's also true of OS X, except Apple does a pretty good job of forcing updates down users throats which helps keep them fairly secure. There's tons of RedHat boxes out there that haven't been updated since RH EOLed the product line. And there's some pretty juicy tidbits to be found on them. I contacted a company that had been compromised in the afore mentioned group of attacks. Their box had their customers' credit card numbers on it, and with the keylogger installed in the rootkit, they were facing having other boxes that had been exposed.
crackers might not know what operating system the site is running until they attempt to infiltrate it.
Only the dumbest of script kiddies doesn't know what OS they are getting attacking.
less users = less exploits (Score:4, Funny)
security through obscurity. Fewer AmigaOS exploits these days too.
-/flamebait-
(i'm joking.. just couldn't resist.)
Logical fallacy (Score:5, Insightful)
If that were true, then apache would have the most exploits of any web server, since it has the greatest market share. However, that is not the case: Microsoft IIS is by far the most exploited web server, with only around 20% marketshare.
Additionally, lesser marketshare does not automatically imply anything with regard to security. Sure, it's *targeted* less, and people might spend less time attacking it, but that does not mean it is less secure. In fact, there are numerous technical, design, and architectural reasons that, e.g., Mac OS X is more secure than Windows. A few examples would be: no ports or services open by default, services that are used are likely to be open source services like apache and OpenSSH which receive in intense scrutiny so that theoretical holes are closed before they become practical ones, there are more layers of abstraction between an email attachment and it actually becoming a meaningful exploit, prompting and notification for administrative-level or elevated privileges, less likelihood of standardization on a single email client reducing the exposure of a single point of attack, etc.
And sure, marketshare helps too, in terms of things like the statistical likelihood of the next host encountered/scanned by a piece of Mac OS X malware also being Mac OS X. But that's no where near the whole story.
Re:Logical fallacy (Score:3, Insightful)
You're absolutely correct. The joke was exactly that: presuming a 1:n relationship between #ofUsers and #ofExploits. This more truly would be a measure of how appetizing the platform is to black-hats. There are naturally far more variables in that equation, most especially how well the platform has been designed, but we who feel "all bugs are shallow given enough eyes" should be conscious "all platforms have exploits, given enough eyes".
Re:Logical fallacy (Score:2)
According to an older study by netcraft, IIS runs on at least 50% of the servers out there.
Lies, Damned Lies & Statistics (Score:4, Informative)
If OS X/BSD systems comprised only
And...were the attacks against unique machines? Or once machine A was found to be vulnerable, were there 200 different breaches against that machine? One badly configured system could really blow it for the rest.
Finally...which of the "attacks" were against the OS and which were against the applications? MySQl and Apache run on all their listed OSes. If it was a misconfiguration of those, which OS is really not relavant.
They might have the data, but they do not expose enough of it for me to have any confidence in their conclusions.
Pure marketing hype.
Re:Logical fallacy (Score:2, Insightful)
I don't see activism as the primary goal of the majority of windows exploits. Most seem to be greed or mischief. Am I wrong?
Re:less users = less exploits (Score:2)
Re:less users = less exploits (Score:3, Interesting)
You don't know the lineage of Apple II OSes, do you?
ProDOS is the Apple II port of SOS (essentially - a disk can actually have an SOS.SYSTEM and a PRODOS.SYSTEM, along with A2 AND A3 versions of programs). GS/OS is the 65816 port of ProDOS, with a GUI added.
Think of the prestige! (Score:5, Insightful)
I'm sure a Mac virus for OS X has at the very least been attempted. Why hasn't it succeeded at spreading all around?
OS X really is more secure
Re:less users = less exploits (Score:2)
I'd be terrified to put an Amiga up today...
What abour Market Share?? (Score:3, Insightful)
Re:What abour Market Share?? (Score:2)
That common notion by Microsoft is usually followed with 1000 examples on
Oh Dear God (Score:5, Insightful)
Show us a report studying attempts/successful attempts ratio, and it might actually mean something.
"safest", not "most secure" (Score:3, Interesting)
They didn't say it was "most secure", they said it was "safest". That adjective takes security-through-obscurity into account.
It's kind of analogous to buying a home in a rural town vs. a downtown metropolitan area -- your neighbors leave their house unlocked all day, but since there's only about zero-point-two reported burglaries in a ten-mile ra
EROS is the most safe! (Score:2, Funny)
It is the most secure because:
- It is build around a capability system
- It has no applications
- The scripty kiddies don't know it is there
I haven't heard of any break-ins in EROS!Re:EROS is the most safe! (Score:2)
Wrong! You can't be happy running DOS...
Re:EROS is the most safe! (Score:2)
Fun with percentages (Score:5, Insightful)
Unless I've misread the article (which is possible), the numbers they provide don't seem to take into account the *prevalence* of each environment.
Re:Fun with percentages (Score:5, Insightful)
Personally, I'd like hacks to be reported in relation to hours in operation per year -- so if you've got two Linux servers up and one gets hacked once, you get 1:17532. It's probably reasonable, given that we can assume most servers are just going to be up all the time, to simplify this to hacks per operational systems out there.
(I still think it's somewhat bogus to dismiss out of hand the "more virii are created on Windows because it's more popular" approach while using exactly the same approach to explain why people hack Linux systems. If Windows remained the easiest system in the world to compromise but only had a
Re:Fun with percentages (Score:2)
It certainly would be a worthwile thing to know. However, even this statistic wouldn't necessarily tell you which is 'safest'. There could be another skewing factor, such as "the companies that tend to attract serious hacking attempts by competent hackers tended to run [insert operating system here], but arbitrary attacks by know-nothing hit [some other operating system]." Looking at the data in this study, it seems like a lot of damage took place (a) on Windows machines (b) on home computers. Well what
Re:Fun with percentages (Score:2, Troll)
First of all just about every security patch requires a reboot. Also if the security patch upgrades quicktime you need to actually interact with the gui or the install won't go.
No real port system means you have to manually install everything or depend on somebody else to put together an install and hope it covers your needs. The alternative is to rely on a third party ports such as darwinports (buggy), fink (not a lot of software) and pkgsrc (small and not
Interesting corollary... (Score:5, Funny)
Just like the millions of clueless Windows users.
What about.... (Score:2, Funny)
The manual Linux breeches are significant though.. (Score:5, Insightful)
So, now I'm using SuSE - mainly because it has built in security functions and is easier to configure. I kinda wish I could just go with something like Slackware and set all of it up myself, but I have limited tinkering time these days.
I suspect that a growing population on non-expert Linux users could be a potential security vulnerability.
Yep (Score:2)
Re:Yep (Score:2)
Re:The manual Linux breeches are significant thoug (Score:3, Funny)
NooB (Score:5, Funny)
Bah. Your manual Linux breeches are no match for my automated OS X pantaloons.
Re:The manual Linux breeches are significant thoug (Score:2, Informative)
Security through Obscurity (Score:3, Funny)
You have been trolled by Mi2G (Score:5, Informative)
Mi2G are about as expert in computer security as your local nursery school, they are basically a fraud outfit that decieve companies by using FUD in order to transfer cash from company accounts to the chairmans pocket, and slashdot linked them up
and you wonder why no one subscribes and blocks slashdots adverts
in the security scene they are worthless [attrition.org]
Register article [theregister.co.uk]
Breaches Recorded (Score:5, Interesting)
I recently had some puke engage in comment spamming my website. Traceback revealed he was using a Windows XP machine infected with the Subseven trojan. I'd be willing to bet that breach was not recorded.
Microsoft Longhorn Declared Saftest OS Ever (Score:3, Funny)
Any thinking computer professional will see that Microsoft's Longhorn Operating System has had 0 malicious security breaches over the past year. It is obscene to think that anyone with half a mind would not switch to such a secure platform. Our masterfully elaborate computer models lead us to undoubtably confirm that Microsoft's Longhorn Operating System will be the most secure Operating System until it is released, sometime in the later part of the great year 2015. At that time we believe it will experience a downward trend and will be replaced by BSD as the most securest of all Operatinginus Systamicuses around. This indisputable change will be due in large part to the unquestionable and horrifying death of the BSD platform. Indubitably.
Both ways (Score:3, Interesting)
I'm not arguing that a hacking attempt is as bad as a worm. The article does state that the economic impact of worms is much greater. However, worms are written because of known vulnerabilities in systems, which is the same reason for manual security intrusions.
Sources? (Score:4, Interesting)
same problem as last year (Score:3, Insightful)
First problem: what is a breach? If someone takes down a hosting company's Linux server that is hosting 5000 domains, and someone else takes down a Windows box with one domain and an OS X box with one domain, is that counted as 5000 Linux breaches, 1 Windows breach, and 1 OS X breach, or is it 1 breach of each OS?
Second problem: total number of breaches is a pointless number to look at by itself. For example, if you had 100 Windows servers and 1000 Linux servers, and you had 50 of the Windows server breached and 100 of the Linux servers breached, that would be a 50% breach rate for Windows and a 10% breach rate for Linux. But the way Mi2G reports it they would say 33% of the breaches were on Window and 67% on Linux, so Windows is twice as secure.
Re:same problem as last year (Score:3, Informative)
You are implying that Linux servers host more domains/computer than Windows or OS X boxes do. Apache is the main web server type for Linux and it also runs on Windows and OS X. Are you saying there
Mac OS X default security settings (Score:5, Informative)
Not only safe but fun! (Score:4, Interesting)
Not that this matters. But it's also good to know its safe. But how many people actually direct connect to the internet? Doesn't it make sense to have some sort of cheap firewall/router box to protect you?
And in other news ... (Score:5, Funny)
And in other news, a new auto-safety study by the National Traffic Safety Commission has shown that SUVs are no more dangerous to drive than other types of cars. This conclusion was reached by ignoring roll-over accidents, which are due to the SUV's design, and are thus not caused by the driver.
Linux Insecurity. (Score:2)
I Recommend Mac OS X as One of the Best OSes. (Score:5, Informative)
I did not think of using a Mac until my last year in college when my FreeBSD box crapped out numerous time during my final software engineering project. I spent all my graduation money on a Mac and I still think that it was a good move because I get the power of Unix and Open Source with a nice interface and a system that does not crash and accepts almost anything I choose to stick in the USB port.
My primary reasons for using a Mac are:
I still can use all my office applications without problems. Office for Mac is not bad at all!
As a Unix dude who runs several boxes at home, I find it almost impossible to use windows because I am am glued to Terminal from time to time. I tried Cygwin and I do use it at work; however, I do not like it as much due to the lack of complete intergration into my box.
Mac has been secure for me. Although I consider myself to be a power user, I do have a girlfriend who likes to download all sorts of crap and click on everything that flashes. I haven't had problems with viruses so far.
Mac OS 10.3 has never crashed on me. I do not remember a single time when something went wrong to the point where I had to do cold boot.
Darwinports rule. Open Source programs just the way I like them :)
Mac is based on Unix and that is a key because I like maintaining all my systems in the same way. For example, I can run the same backup scripts with almost the same variables across all my boxes.
Plug-n-Play, as opposed to Plug-n-Pray on Windows. So far, I had no problems with digital cameras, USB keys, scanners, printers, etc. Plug it in and it works.
Human-Computer Interaction and Mac GUI. I cannot stress this enough: details are important! Natural things, like dragging an image from Safari browser or to iChat's icon, make our lives easier. Smooth fonts appeal greater. Software applications, just like people, will be taken more seriously if they are well polished. Thankfully, Apple spent an enormous amount of time and money on HCI research and then turned the results into something productive. I like OS X because it feels more natural than any Windows edition I've used so far.
This is a small one, but CD burning works with OS X without any problems right out of the box. No additional software installations needed. This list was enough to convince me :)
Re:I Recommend Mac OS X as One of the Best OSes. (Score:2)
I can't for the life of me figure out why this is so incredibly *COMPLICATED* on Windows. (Note: yes, I've heard it's easy in XP, but I've never used XP).
I tried for about 3 hours one day to burn a freakin' ISO on a Win2K box. Nothing but headaches. Gave up. Booted Knoppix. It took less than 5 minutes to go from "man -k record" to ejecting the burnt CD.
This "study" is pointless (Score:2, Flamebait)
*If* one left a computer on the Internet accessible to all kinds of hackers, then blah blah blah
Things like that never happen (what sane person would do that). You want a secure firewall - you get a real firewall (or one of those firewall on floppy thingies). You want a secure server in DMZ? Pretty much any OS will do.
You want a secure desktop on LAN? Almost the same - with little precautions taken. It certainly doesn't require a BSD or Mac.
Re:This "study" is pointless (Score:2, Informative)
what sane person would do that
I would, and I think I am, technically, sane. Picture this, your mother knows nothing about computers, has disposable income, and would like to look at web pages and exchange e-mail with all her friends. Maybe she is in a wheelchair and lives in a snowy climate. What do you do? You buy her an imac plug it into a DSL line or a cable modem, set it to auto-login and put big buttons on the desktop for her mail and web browser.
Maybe you have been running windows too long, so
Quick! Discredit it! (Score:2, Troll)
Need to specify which distro of Linux (Score:2)
Rather than futz with a full Debian reinstall I erased the disk and put Slack on. Slackware has fewer services on by default, and furthermore its rc.d is much simpler and easier to tweak by hand. (What can I say, I'm a fan of just going in there with vi and configuring things myse
mig2 themselves run Redhat! (Score:2, Insightful)
Linux Apache/2.0.46 (Red Hat) 19-Oct-2004 217.154.246.214 Mistral Internet
Numbers show: Windows not more secure than Linux (Score:5, Informative)
So, Netcraft has 37,620,349 Apache servers on-file, compared to 11,679,222 IIS servers. Mi2G has reported 235,907 successful breaches. First of all, to give you an idea of the sample size, that's 0.5% of all servers recorded by Netcraft! But let's give them that, since this is a sample of breaches occuring in a relatively short time period.
Now here comes the real news. 59,419 of computers recorded as breached are Windows, whereas 154,846 of computers recorded as breached are Linux (mi2g's numbers). Let's take those as percentages of all Linux [*nix] servers, and of all Windows servers. Looks like 0.4% of Linux servers have been breached, whereas 0.5% of Windows servers have been breached. So Windows is a little less secure, by my metric.
Now, this is a little unfair, because my assumption above (that Apache servers run Linux) is wrong. Many Apache servers that Netcraft picks up run BSD and could even run Mac OS X Server, I guess. Even taking this into account, the breach rate would be about the same for the two OSes (probably a little bit better for Linux).
What this doesn't take into account in terms of the Windows/UNIX debate are the hidden costs of an IIS server in terms of administration, virii, stability, reboot requirements, etc. the list goes on and on. It also doesn't take into account SOME hidden costs of Linux/BSD servers, but those are minor compared to the Windows annoyances (trust me, I know: I administer a Windows server, unfortunately).
That said, I do think BSD probably is more secure, and I use Netcraft's "longest uptime [netcraft.com]" as one of my metrics. To me, it seems the longer a site is on the Internet, the more statistical chance it has to get attacked. That ALL of the top uptime sites on Netcraft's list run BSD shows me that BSD is a pretty rock-solid OS for servers, that you can leave them out there in the wild for years without worry.
The real bottom line is that software that runs on UNIX-like OSes tends to be more secure, and this usually has not too much to do with the OS. For your box to have real security, the system administrator has to be smart (or the distro has to come with Smart Defaults, like I believe Debian does in the Linux world). The only real way to prevent security breaches is to be a smart administrator: to think ahead and secure your boxen before it's too late.
All this study shows me is that no OS is a "magic bullet," that breaches occur on unprotected machines regardless of your OS. No one blames car manufacturers/designers for stolen in-dash CD players if you stupidly forget to lock your doors.
My conclusion, too (Score:5, Interesting)
My own anecdotal experience would be roughly the same (sans OS X experience). I have known someone whose Linux box was rooted, but it, too, was a manual attack. Windows goes without saying. OpenBSD goes without saying, too (oppositely, of course).
Linux is a very good general purpose OS, but it's development is volatile enough that it requires a conservative approach with respect to security. I would use an older more mature kernel along with manually paring down the rc directories and inetd.conf, among other things. OpenBSD, on the other hand, is stripped out of the box, and the user must add services. I generally feel that Solaris ranks more with Linux, in that a manual hardening effort really is necessary. Never would I put Windows on the Internet--it would be like swimming in the ocean with steaks tied to my legs.
enough! (Score:4, Funny)
And here's the twist, the fanclubs are also the hackers, they not only have to try and own the other teams boxes, they have to defend their box!
Once and for all, let's see who's got the OS and the skillz!
hence the keyword "manual" (Score:3, Insightful)
And as before, michael just can't help adding his two cents to a story submission, rather than posting a comment in response to it like everyone else, subjecting his opinions to the moderation processes.
If only Slashdot admins could be elected rather than appointed...
misread your header... (Score:2)
Re:Isn't it the least used? (Score:5, Insightful)
First, the study shows linux subject to the most manual attacks. That doesn't jive with your logic.
Also, see the oft repeated marketshare of webservers. Apache is by far the most used, but subject to far less attacks than IIS.
Re:Isn't it the least used? (Score:5, Insightful)
Regardless, you can certainly look at the users for the source of these numbers. I think it's harder for a Windows XP desktop user to "get hacked" than a Linux user. Why? Because Linux operating systems, with all their power and flexibility, can be compromised because it's easy to make a mistake. I'm sure you know users that run as root and do all kinds of ridiculous things. Does that mean Linux is insecure? No.
Likewise, I'd point at Windows desktop users and ask - "do you know if you've ever been hacked?" Everyone wants to say no, but most people have no idea how to tell. Or what counts as a hack. So how will you measure the number of attacks? If you ask a Linux user, I think you're immediately more likely to get an educated response because the users are generally more attuned to their computers and how they work.
It's hard to take a report like this very seriously because it has to overcome some fundamental issues.
Re:Isn't it the least used? (Score:2, Insightful)
I don't think it's possibe to really say that Unx (or Linux or OS/X) would be just as vulnerable as Windows if they had more users and were therefore bigger targets.
Re:Isn't it the least used? (Score:2)
This is an old saw that is repeated endlessly. So what how many users OSX has, I can do my computing MUCH more safely than with Windows, and now according to this article, even Linux. The Linux stats surprised me. Who cares WHY my house doesn't get broken into. Is it because I live in a low crime area, have strong locks or nobody likes the things I have? The bottom line is that I sleep better at night not having to worry about getting broken into and getting ripped off.
It so ha
Re:Isn't it the least used? (Score:3, Interesting)
Re:Isn't it the least used? (Score:2, Informative)
Yes, one of the first things taught in many network security classes is that security through obscurity is not reliable. The implication here is that Mac OS X is more secure because of the security measures in the OS, not because no one has bothered to look for or exploit flaws.
Re:Isn't it the least used? (Score:3, Funny)
Re:Isn't it the least used? (Score:3, Informative)
Re:Isn't it the least used? (Score:3, Informative)
Re:Previous Slashdot article contradicts this one? (Score:3, Informative)
(disclaimer blah blah I own a mac blah blah)
Re:Sure, but... (Score:5, Informative)
I think mac users are a very bimodal group. There are lots of pros, comfortable with various OS's. However, there are tons of totally clueless folks.
I cleaned up a lot of macs in the pre-OSX days when a handful of annoyances like macro-viruses were common.
Re:Sure, but... (Score:2)
You should clarify that statement. "....when a handful of annoyances like microsoft office macro-viruses were common."
I'm a huge OSX supporter, and I wouldn't touch a mac with PRE OSX. OS9 and below are such different worlds from OSX. OSX is a developer's dream environment. I wouldn't spend my own money on any other platform no matter how cheap a NON OSX machine is. And price is not a valid
Re:Sure, but... (Score:4, Insightful)
I think it has to do with the fact that there is much malware written for OS X, and that the OS Security model is better to begin. There is no root account and there are no ports open by default.
erm... (Score:2)
much less malware
Sorry, I'm tired.
It's "Mac", not "MAC". (Score:2, Informative)
Please don't use the term "MAC". That's an acronym for Money Access Center.
"Mac" is the correct term and is short for "Macintosh".
Re:It's "Mac", not "MAC". (Score:2)
do people understand, in context, that "MAC" in this case means "Mac"? i believe people do. end of story.
i don't capitalize my sentences properly on my online posts. i'm lazy. do people understand what i'm typing? i hope so. what difference does it make?
yeah, this will read as a troll-ish claim, but i'm a Mac fan. and every time i read the claim about "MAC", i think it's irrelevant and certainly redundant, esp. on
Re:Annoying.... (Score:2, Informative)
OK, MAC=Mandatory Access Control, Message Authentication Code, or Media Access Control
Mac=abbreviation for Macintosh
Being less popular is a property that may make a system safer. But, less popular systems are not necessarily going to be safer. If windows 95 only has 1% of the market in 20 years, is it going to be safer that Mac OSX? Mac OSX has several security features that make it less exploitable than any current windows offering. It still has a long ways to go, and MS could make windows more sec
Re:No FPU... OpenBSD Not Working (offtopic) (Score:2, Flamebait)
Re:Netcraft's methodology is flawed... (Score:3, Informative)