Mac Style: Security Archives

March 27, 2005

Virus Contest Announced, And Then Cancelled

DVForge have announced and then withdrawn a virus writing contest. If you can infect a standard Mac with a virus, you win $25,000! And if you're a Symantec employee, you could have stood to win $50,000. This is in response to a recent piece of FUD released by Symantec warning about the potential security risks in Mac OS X.

Posted by Dan at 11:28 PM | Comments (0)

Symantec Bring Out The FUD

ZDNet are covering some new reporting that apparently, Symantec have published some FUD (fear, uncertainty and doubt) in a warning to Mac users that the platform could well be a target for virus, malware and spyware writers as the Mac takes more of the desktop market.

The main problem with their comments and arguments is that the security of a system is related to the size of your market share. There are many products that prove this theory wrong, yet analysts seem to pull this out every now and again.

Take for example, Apache. Apache web server is the most popular web server on the Internet, and has been for a long time. It's market share is huge compared to its competitors, the only thing is, it has the least number of vulnerabilities. Microsoft's Internet Information Server on the other hand, has a small percentage of market share, and yet, has the highest amount of vulnerabilities.

If you look at some simple differences between the security setup of Windows compared to a Mac, you can see that just from the design, you are much more secure on a Mac.

In a default install of Windows, your user is given full administrative privileges, this means that any program you run as a regular user has the ability to write to system or program files. This means that a security hole could allow a virus or malware full access to your system.
Windows encourages you to use Internet Explorer, which is highly insecure and has an extremely high amount of vulnerabilities published against it every year. Some of them even go unpatched for a long period of time. Mac on the other hand encourages you to use Safari, which is based on the Konqueror engine, a much more secure web browsing technology.
On Windows, Internet Explorer is heavily built in to the operating system. So much so that Microsoft have tried to claim in court that they cannot separate the two. This is a very dangerous design decision. If you place Internet browsing on the same security level as operating system functions, you potentially open your computer to anything that Internet can throw at you.

And that's just a few examples of security that doesn't relate to market share, rather, design should be used for a more accurate assessment.

Posted by Dan at 11:21 PM | Comments (0)