|
|
| Mac vs Windows Part 1: Security | | Date Created: May 03, 2005, 09:35 AM |
There seems to be a lot of confusion and misconception on the security of the two operating systems and I'm gonna try to clear it up right here and now. First off, forget all that you have heard, read, or seen on T.V. These reports are from, for the most part, non-techs who are regurgitating a report which was done by a company whose data was bought and paid for by ?. Not only is this being done, but it is being done in a way which is incorrect. Data is data, anyone can take data and distort it to make their point...
Let me say, as a guy who fixes computers and gets paid to break into networks for a living, that there is no comparison. Mac has far better security...
THERE IS NO COMPARISON...
This is not due to the market share...
I understand, and agree, that there are more Windows machines out there and, to do more damage, it would be more likely that a bad guy would try to break into, or write a virus, a keylogger, or a spybot for a Windows machine. That is a good and valid point, but the point that is rarely brought up is that, market share aside, it is easier to do.
If I write a virus, keylogger, or a spybot for a Windows machine, all I need is a "delivery vehicle" for it to infect the Windows machine (email, browser, an open port, etc). What I mean by this is: All I need is a Windows computer that is on and I can do my thing (and most people do just that - they walk away from their computer leaving it on and ready to go)...
A Mac on the other hand, is the complete opposite. To install anything, ANY PROGRAM OF ANY TYPE, the user has to "OK" it by giving the computer his/her username and password. Any time you try to install anything on a Mac, it will ask permission. This is why there have been no great infections on a Mac - if you suddenly got a pop-up asking if you want to install something what would you do? You'd hit the "Cancel" button, right? This simple step is probably the largest security measure which sets the two OS's apart from one another...
To install anything on a Mac, the user has to be there and he/she has to give permission; to install something on a Windows machine it just needs to be on. This is the largest security issue, in my mind, between the two OS's. There are other important issues to address, but this is, by far, the most important...
Why did I bring up Viruses, Keyloggers, and Spybots as security concerns? Cause this is a bad guy's way into your machine...
Let's say you have a 50 machine office of Windows machines. A virus via email, or one of your employess "clicks" on a link which takes them to a site which installs a virus, infects your system. One system infects 25 within a half-a-day. While the IT department is running around trying to get this virus beat, another email (or another employee clicks on a link which takes them to a website which installs ?) is sent to 5 other employees which installs a keylogger or spybot.
So while the IT department is running around dealing with a virus, a keylogger was slipped in through the backdoor. If this keylogger happens to be a worm which infects other computers, the bad guy will soon be able to spy on your entire organization and no one will know it. If that keylogger happened to be a worm of some type it will probably be on all of your computers within just a few minutes. A keylogger's job is to log all of the keys you type and send them to a database somewhere on the Internet. A spybot can do everything a keylogger does and more, and your IT department will never know what's going on, cause the data your computer is sending to the bad guy's server just looks like you're visiting a website on their screens...
Once the bad guy has the info he needs, he can access your computer. All he needs is one computer - one computer and he owns your network. Once he owns that one computer he can install and run a few programs to get everything else he needs to own every computer on the network, including your servers...
It's just a small step from there and then he owns your data. Once he has that - he's rich, and you have to make that embarrassing phone call to tell the world that your server and data has been broken into...
Notice that he never once tried to break through the firewall - he didn't need to...
Notice that he didn't need to use any social engineering skills - he didn't need to...
With Windows networks, the bad guys never have to leave their house. All they have to do is write a few lines of code (one virus and one keylogger/spybot), find a way to deliver it to your system (email is the most likely way), and read his server logs (the info your computer is sending him). He can do this to multiple computers on multiple networks over-and-over concurrently...
This scenario just does not happen on Mac, Linux, or Unix networks. The worst that would happen is that you would get a few users who would click on a bad email and maybe one or two who would give the program permission to install. So it ends at a few computers, the IT department deals with them in a few minutes and we all go on with our day...
On this last note, most viruses are in fact written for Windows, so even if the original virus made it all the way through the user's permission to install nothing would happen anyway...
Worst Case scenario on a Windows network - your data is owned and you never know about it, and you IT department is running around for a few days cleaning the computers. They miss the whole thing cause they're too busy dealing with the other...
Worst case scenario on a Mac - you have to deal with a virus on a few computers and have a talk with a few employees about that little pop-up box that says "Would you like to install this program?"... |
|
|
|
|
