Is the Mac Really More Secure than Windows?: Page 3
|Recent Alignment Articles|
Tracking The Malware Battle
Web 2.0 Security: Application Scanners
Spam Bust: The Lessons of Yesmail
OS X, as I also mentioned, installs the default desktop user with administrative privileges. This bothered me to my kernel when I first set up my Mac, so I went out of my way to turn that off. It turns out that it was quite easy to do, but requires a bit of care and feeding. Even though my desktop user no longer has admin privileges, whenever I install an app, I have to authenticate as root to the UNIX sudo utility so that the app can be written to /Applications.
This works great, but often results in an application that is owned by my desktop user. Any time I install an app, I have to go through /Applications with chown and relinquish ownership to the root user so that my desktop user (or a piece of malware) is not able to write to the application in question.
Windows, once again, shows its security-retrofitted roots here. Normal desktop users generally have far too much write-enabled access to a Windows installation, even if they do not have administrative privileges. (Ever try logging in without admin privileges and seeing if you can delete things in /Program Files or WINDOWS? Youll be surprised and you better have a good backup )
Qualitative score: OS X gets a B- while Windows gets a D.
So, where am I going with all of this? Well, its clear to me that both operating systems have significant security weaknesses as well as strengths. The fact is that a user who wants to be secure can be reasonably secure on either system. And I didnt even compare features like out-of-the-box firewalls and suchwhich both systems offer (as of SP2). On the other hand, neither is adequately secure in its default configuration.
With my UNIX familiarity, though, I was able to easily and quickly configure my OS X system to be pretty secure. It took me no more than 30 minutes to remove admin privileges from my desktop user and tighten down the file access permissions in the /Applications folder, for example, and keeping things clean and tidy isnt tough either.
So, Im comfortable in saying that Im more secure on OS X than I ever was on Windows. When you also factor in the fact that nearly all the worlds existing malware is written for Windows systems, my comfort factor increases significantly. That all could change over night, of course, if the malware authors turn their attention to OS X, but even if they do, I for one am more comfortable with running a tight ship here on a UNIX-derived system than on Windows.