Cutting Through the OS X Security Rhetoric

[Guest LilBambi]

TMO Reports - Cutting Through the OS X Security Rhetoric

Much has been written about future, potential problems with OS X security, but so far no widespread documented issues have occurred. On the heels of Monday's report from The SANS Institute that Mac OS X vulnerabilities are on the rise, The Mac Observer took a look at some of the recent rhetoric surrounding the operating system's security.

There are reports noted in this article including Brian Krebs at Security Fix on the Washington post, and Scott Bradner in a column at Network World.Here's something from the Bradner report entitled Mac OS X gets wrong kind of attention at Network World:

Recently there has been a growth industry in pundits whining about the security of the Apple Mac OS X operating system. To read some of the coverage, you would think someone deciding to use OS X instead of Windows would have to be dumber than a fence post. Methinks the security worries are rather misplaced and may be the result of hyperventilating, nontechnical reporters and some gloating on the part of Windows users.

He goes on to say that "One would have to be dumber than a fence post to assert any set of software as complex as a computer operating system and all of its application programs could ever be totally secure."Scott Bradner also points out:

The buzz also has excited the hacker community to try to tarnish the Apple image. There have been a few actual OS X attacks found in the wild (that is, the software is being used, not just a security-expert exercise) but not many. Last I read, there were fewer than five, compared with many thousands for Windows (even if many were exploiting the same underlying vulnerabilities).

It is amazing to me that anyone could equate the security 'woes' if you want to call it that of Mac OS X or Linux for that matter with those experienced by Windows users.Sure they are increasing as you would expect for an OS (or the software that runs on that OS) that is gaining even a small amount of ground into the typically MS centric PC world.But I think Apple does do itself a disservice by taking so long in the fixes. Even if only a small percentage ever experience the vulnerabilities, they are still Mac users that have been affected by it, and the problem deserves to be fixed before more exploits are written for the vulnerability.I personally believe that critical vulnerabilities - particularly in network (read: Internet in particular) facing programs - should take priority in any OS - and the fixes should likely come out of cycle for patches even if only as a stop gap measure until a more permanent fix is available - and we certainly don't see that happening with any of the current OSes consistently.

[epp_b]

All I'll say is, I can't wait for the spoofs of those stupid TV ads...

[Guest LilBambi]

Hadn't thought of that