Apple's Mac OS X NEVER had superior security

Some Apple fans won't like our story about Mac malware going from a game to something more serious. But scowling over the details won't make a painful reality go away.

The reality being that -- contrary to popular opinion among Apple fans -- Macs have never been superior to Windows boxes from a security standpoint.

True, Mac users have enjoyed almost clear sailing as hackers put all their firepower into attacking Microsoft machines. The technology with the fattest market share will always be target number-one.

But that didn't make Apple's technology more secure. It was simply the smaller fish in the pond.

My thoughts are on this subject in light of a story I just edited from my friend and CSO contributing writer Robert Lemos about a game theory inching closer to reality. From his report:

The emergence of a serious malware construction kit for the Mac OS X seems to mimic a 2008 prediction by a security researcher. The prediction comes from a paper written in IEEE Security & Privacy (in .pdf), which used game theory to predict that Macs would become a focus for attackers as soon as Apple hit 16 percent market share.

Last week, security researchers pointed to a construction kit for creating Trojans for the Mac OS X as a major issue for Mac users. Currently, three countries -- Switzerland, Luxembourg and the United States -- have Mac market share around that level.

"The kit is being sold under the name Weyland-Yutani Bot and it is the first of its kind to hit the Mac OS platform," Peter Kruse, partner and security specialist at security firm CSIS, writes in a blog post. "CSIS finds this crimekit to be quite disturbing news since Mac OS previously to some degree has been spared from the increasing amount of malware which has haunted Windows-based systems for years."

Weyland-Yutani Bot, named for the corporation in the 1979 movie Alien, is currently being sold by its developers. While it is not the first attack on the Mac OS X, crimeware has enabled criminals in the past to scale up attacks quickly.

"What is happening is that people are testing the waters," says Adam O'Donnell, chief architect of the cloud technology group at SourceFire and the author of the 2008 paper. "It just becomes economically viable to do it, so you start seeing these attacks becoming more common."

The 2008 paper used game theory to calculate when attackers would start seeing a payoff in focusing on the Mac OS X over Windows. It simplified the problem by assuming that all PC users ran antivirus software and that no Mac users did. The assumptions helped reduce the problem down to two factors: the effectiveness of the defenses and the marketshare of the dominant platform.

I've been covering the Mac vs. PC security debate for a long time, and to be honest, I have nothing against Apple. I use a Windows box and have an Android instead of an iPhone, but that's not because of security considerations. And my company uses a mix of Macs and PCs.

But I always believed the Mac crowd gets too worked up whenever someone comes along to question the security of their beloved devices.

They've always pointed to the lack of attacks against the Mac. But that lack of malicious activity was more about the good luck that can come with a smaller market share.

It's time they took a sober look at the dangers they're about to come up against.

To Apple's credit, there are signs the company itself is taking this more seriously.

CSO contributing writer George Hulme wrote in March about how, when examined in their entirety, recent steps taken by Apple show a concerted effort by Apple to strengthen the security of its Macintosh computing platform. He wrote:

Proactively engaging with the Apple security community is Apple's most recent move in what appears, from the outside, that the company is stepping up its security game. Earlier this year Apple reportedly hired noted software security expert David Rice. That personnel move followed the hiring of Window Snyder, former security lead at Mozilla, last year.

"They've hired a number of high-profile people," says Rich Mogul, founder and analyst at researcher firm Securosis. "They've since fallen into the Apple vacuum, but I most definitely get the feeling that Apple is taking security more seriously."

Also, two independent sources close to Apple report that the company is aligning a security member as part of each product team, though CSO has not been able to confirm this.

Steps like this can only be good news for consumers of Apple products, enterprises, and Apple's own ambition to gain a larger piece of corporate sales.

In the big picture, I see the events in Lemos' story as good news for Apple. There's no better kick in the pants than evidence that the bad guys are finally looking your way, saliva dripping from their mouths.

This may be the part where we really will see if Apple's defenses will be tougher than those of Microsoft.

Microsoft has sunk lots of time and treasure into security in recent years, and the results have been noticeable.

Let's see if Apple can do better.

--Bill Brenner

Insider: How a good CSO confronts inevitable bad news
Join the discussion
Be the first to comment on this article. Our Commenting Policies