Security firm claims Mac security is "10 years behind"
 

Security firm claims Mac security is "10 years behind" Microsoft
By Chris Foresman

Not content to dispel the "myth" that Macs are impervious to malware last week, Kaspersky Lab CEO Eugene Kaspersky is sounding the Mac malware alarm again this week. During the Info Security 2012 conference, he claimed that Apple is 10 years behind Microsoft on the security front.

"I think [Apple is] ten years behind Microsoft in terms of security," Kaspersky told CBR. "For many years I've been saying that from a security point of view there is no big difference between Mac and Windows. It's always been possible to develop Mac malware, but [Flashback] was a bit different. For example, it was asking questions about being installed on the system and, using vulnerabilities, it was able to get to the user mode without any alarms."

Kaspersky suggested that OS X's relatively low incidence of malware over the last decade has caused Apple to fall behind, while the abundance of viruses, worms, and trojans targeting Windows forced Microsoft to step up its game.

There's some truth behind that thinking—Windows 7 is by far the most secure operating system Redmond has built. But Apple hasn't entirely rested on its laurels for the last ten years. The company has added malware detection to OS X, continued to remove default installs of popular exploit vectors like Flash and Java, and added features like address space layout randomization (ASLR) and sandboxing to prevent one application exploit from affecting the whole system.

Furthermore, Apple intends to improve security in the next version of OS X, dubbed Mountain Lion. Features like ASLR and sandboxing will have a more robust implementation in Mountain Lion. Meanwhile, Apple is also adding a new feature called GateKeeper, which allows users to limit software installs to either the Mac App Store or to only verified developers.

The recent hubbub over the Flashback trojan has certainly raised concerns over the security of OS X, and we agree that Apple could do more to be responsive to malware threats when they are discovered. But to suggest Apple is "10 years behind" belies the efforts it has made to secure the OS from different angles.


Mircosoft has been the victim of its own success. Since it has spread around the world as the leading computer OS, roughly 96% or slightly better of the world computers have Microsoft on them.

Until recent years, Apple was content with it's share of computer users. To be honest, I don't know that much about Apple other than it is based on Linux. Apple has always attempted the walled garden approach until economics drove it to using IBM clone machines. Now the main difference as I understand it is the OS and chip instructions and other than that, it's about the same as everyone elses.

What has changed with Apple is that it was no longer content with having 4% or less of the world market share. In the last decade, it has steadily pushed it's brand until it now rests slightly above 12% in the world computer usage.

Now years ago, Mac fanboys would make fun of all the malware out for Windows. They are not making as much noise anymore with the newest malware, Flashback.

What has changed, hasn't been so much the OS, it's the numbers of users. Malware writers write for impact. When they release one, they often have specific goals in mind. One of them is staying below threshold of having the attention of antivirus writers. Just like the malware writers, developing signatures to recognize malware takes time. The antivirus folks want as much impact for their work as the malware writers do. Until enough computers are infected, no signature will be written to counter them. Staying below that threshold is prime in many malware writers goals.

When the Mac broke 10%, it became numerous enough to make it worth the while to go ahead and write malware for the Mac. That's where we are today.

From now on, the Mac computer will no longer enjoy the security through obscurity. It's come of age in the real world.