A zero day exploit is a piece of malware that takes advantage of a vulnerability that is not generally known, so there are no patches, updates, or workarounds to keep it from being used. Unless the person who discovers the zero day exploit informs the creators of the software being exploited the vulnerability probably won't patched until after someone writes some type of malware that takes advantage of the exploit.
If you, like me, are a big fan of Apple Macs, you know that Apple likes to tout the security of OS X and the Mac. If you are an honest Mac user you realize that OS X has vulnerabilities. Some have even been exploited, if not very successfully.
Charlie Miller is very good at what he does - find security holes so they can be patched before the bad guys can take advantage of them. His years of work in computer security have given him a good perspective on the state of Mac security vs Windows security, and that insight produced one of my favorite quotes on the subject:
"Mac OS X is like living in a farmhouse in the country with no locks, and Windows is living in a house with bars on the windows in the bad part of town."
In other words, Macs are safer, because there aren't that many people trying to break into them. Windows computers are more secure because the security holes are constantly being patched. As much as I wish it weren't so, the analogy works.
You're an idiot.
ReplyDeleteCare to elaborate?
ReplyDeletesteve jobs has programmers exploiting windows security flaws just to drive sales. mac os has such a small market share no one cares to write code to steal info from its users because no one with cash is using it.
ReplyDeleteI doubt your first statement is true, and I can show where at least 3 people (the 3 pieces of Mac malware in the wild) care to write code to steal info from Mac users, but Mac does have a miniscule user base compared to Windows.
ReplyDeleteHmmm, I guess the first commenter was right. I just wasted time arguing that there are people who write malware for the Mac, as if that were a good thing. ;)
#3
ReplyDeleteNo one with cash is using it? I am a photographer and media consultant and I can tell you people with money are using macs.
With the exception of me because I just spent 4k on my new macbook to make sure I had all the software I need for work.
I can say, people with apple products do have money, and tend to spend it on all the neat little accessories that go with apple products.
(I think I came back from SxSWi with $300 worth of extra tools, because I needed them at the conference)
Market share has always been a weak argument.
Lots of malicious tools are written in languages like Java. The great thing about java is it will run on almost every system equally, provided you have the new run time environment.
Every OS has vulnerabilities that are known and unknown. Windows is easier to hack because of how it is built, around a web browsers.
OS X is built around Unix, that ancient OS that has been in development for the past 50 years.
The great thing about Unix is, vulnerabilities are harder to find because the OS has been locked down pretty tightly.
Not sure where I was going with this. Bert, you owe my a Donut for getting me all worked up!
I'll get donuts payday. Can't have Simon riled up for too long. ;)
ReplyDeleteI have an iMac. I like it but recently had a hard drive crash and lost everything. People who have owned Macs long time tell me I do not need virus protection on my computer. I also don't know about spyware and male-ware. Can any of that do harm? What is your opinion?
ReplyDeleteI have had over the years a number of computers. None seem to be too trustworthy, all PCs except the one I now have. They all seem rather fragile and a great ability to lose your information.
It's important to always backup all of your important data, whether it's your financial information or family pictures. That's true no matter what flavor of computer you use. That's probably a good subject for a post in the near future.
ReplyDeleteWhen it comes to virus and malware issues, it gets more complicated. But the simple fact is, right now there are tens of thousands of malware such as virus, spyware and trojans for Windows computers. They infect millions of PC's worldwide. It's been demonstrated that an unprotected PC will be infected within minutes of connecting to the internet.
There are, that I am aware of, three recognized pieces of Mac malware at the moment. Although they have all been in the wild for at least a year, I'm not sure they've managed to infect over 100,000 machines.
That doesn't mean you can't get malware on a Mac. It does mean that you can get on your Mac without any kind of anti-virus or anti-spyware software and be reasonably sure you aren't going to get infected with anything within moments of going online. You can even be reasonably sure that you won't be infected within days of going online. Most individual Mac owners don't use anti-virus, and the vast majority of them aren't even aware there are malware for the Mac.
So that's my longwinded way of saying any computer - even a brand new one - can suffer hard drive crashes, so you need to backup important data. And any computer can be infected with malware - even Mac and other *nix variants. It's just several orders of magnitude less likely on non-Windows computers.
I've used an iMac for about 3 years now. It is the most awesome machine I've ever had. Got it when two PCs died in the same week. I will not go back to a PC. I've never gotten a virus or malware, and the Mac is pretty much self-contained. Like the commercial: It just works! If you want to tinker, get a PC. If you want to work and be more productive, get a Mac. It's wonderful how everything "fits" and "works" without ten dillion windows you have to click.
ReplyDeleteI will, however, check out (again) the need for anti-virus and malware since there are now three of them out there.
Thank you for the information. I tend to not be as vigilant as I should because of this wonderful machine. I will check it out.
Bert, thanks for the quick comeback on this. I'm going to get some protection because I spend a lot of time on the internet. I just don't know what kind of protection. You want to recommend one? Not necessarily a brand name, although I would welcome that, but the level of protection?
ReplyDeleteA big thanks.
ReplyDeleteI have one more question. I had a hard drive crash, lost everything, including severals softwares. Before crash, I could open any e-mail. Now I cannot open much of what I get. What do I need to fix this?
ReplyDeleteI'd need a more information, and even so, I might be completely mystified. I'm going to suggest a couple of email groups you can ask. They have the advantage of hundreds (or thousands) of users who may have solved the same problem.
ReplyDeletehttp://www.listmoms.net/mac-l/index.html
http://tech.groups.yahoo.com/group/macsupportcentral/
For the best help, list your Mac, OS version (10.3.9, 10.5.8, etc) and the email client you are using (Mail, Entourage, Thunderbird, etc), as well as what happened with your HD crash.
I'm on both lists, so I might answer, but if I don't, somebody will.