Risk
3/30/2007
02:49 PM
Mitch Wagner
Mitch Wagner
Commentary
50%
50%

Is The Mac More Secure Than Windows? Does It Matter?

Is the Mac more secure than Windows, in some absolute measurement of security? And does it really matter? Senior writer Sharon Gaudin talked to a few security experts and reported the consensus that, despite a recent increase in reported security flaws, the Mac is still more secure than Windows. But it's doubtful that'll change anybody's buying decisions -- Windows users know that their software has security pr

Is the Mac more secure than Windows, in some absolute measurement of security? And does it really matter? Senior writer Sharon Gaudin talked to a few security experts and reported the consensus that, despite a recent increase in reported security flaws, the Mac is still more secure than Windows. But it's doubtful that'll change anybody's buying decisions -- Windows users know that their software has security problems, and yet they use it anyway.

McAfee last year said that reported Mac vulnerabilities increased 228% in the past three years, compared with a 73% increase for Windows. And Apple is lagging behind Microsoft in issuing bug fixes, with Apple taking an average of 66 days to patch vulnerabilities, while Microsoft took three weeks.

But the Mac is still safer than Windows, says Johannes Ullrich, chief research officer at the SANS Institute. It's just not as safe as Apple pretends it is.

Read the rest of the article for more information and discussion.

The security comparison is interesting information. But just how useful is it? I've never encountered anyone who cited security as a reason for buying a Mac. They buy a Mac for stability, ease of use, because they're doing graphics or multimedia or some other application for which the Mac is best. They buy a Mac out of desire to stick it to Microsoft, for which many people in the user community have an irrational hatred. But I've never heard anybody say, "I bought a Mac because it's more secure."

Let's hear it from the Mac users out there. Why'd you go with the Mac?

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2130
Published: 2015-03-05
Cisco Secure Access Control Server (ACS) provides an unintentional administration web interface based on Apache Tomcat, which allows remote authenticated users to modify application files and configuration files, and consequently execute arbitrary code, by leveraging administrative privileges, aka B...

CVE-2014-9688
Published: 2015-03-05
Unspecified vulnerability in the Ninja Forms plugin before 2.8.10 for WordPress has unknown impact and remote attack vectors related to admin users.

CVE-2015-0598
Published: 2015-03-05
The RADIUS implementation in Cisco IOS and IOS XE allows remote attackers to cause a denial of service (device reload) via crafted IPv6 Attributes in Access-Accept packets, aka Bug IDs CSCur84322 and CSCur27693.

CVE-2015-0607
Published: 2015-03-05
The Authentication Proxy feature in Cisco IOS does not properly handle invalid AAA return codes from RADIUS and TACACS+ servers, which allows remote attackers to bypass authentication in opportunistic circumstances via a connection attempt that triggers an invalid code, as demonstrated by a connecti...

CVE-2015-0657
Published: 2015-03-05
Cisco IOS XR allows remote attackers to cause a denial of service (RSVP process reload) via a malformed RSVP packet, aka Bug ID CSCur69192.

Dark Reading Radio
Archived Dark Reading Radio
How can security professionals better engage with their peers, both in person and online? In this Dark Reading Radio show, we will talk to leaders at some of the security industry’s professional organizations about how security pros can get more involved – with their colleagues in the same industry, with their peers in other industries, and with the IT security community as a whole.