The Myth of Insecurity

Great article here covering the technology media’s discussion of security on the Mac.

It’s long been a peeve of mine that people claim *nix and the Mac by extension are insecure because they’re not widely deployed (this ignores the majority deployment of Apache webservers on *nix based systems, which the article doesn’t cover). The fact is that’s simply not realistic. The article rightly points out that UNIX based operating systems including MacOS X get nearly equal scrutiny to Windows from security experts, and that it’s in fact easier to examine the former because of its open source nature.

Choice quotes:

In the years since, […] claim that ‘Windows was more secure than anyone thought’ didn’t do anything to actually safeguard Windows users from years of active malware problems, and the ‘worse than imagined’ security in Mac OS X didn’t result in any viruses turning up, nor even any real Mac malware problems at all.

According to Microsoft, IE is an innovative part of Windows that is impossible to remove from its operating system. If that’s the case, how is it that vulnerability counters artificially separate IE and Windows when reporting on the overall security of the platform?

No amount of numbers can erase the huge expense involved in decontaminating, patching, and cleaning up Windows PCs, something that has no equal on other platforms. Microsoft insisted that Windows XP was the most secure Windows ever, at least until the release of Vista when it conceded that XP was riddled with architectural flaws that Vista thoughtfully fixed. Vista is now the most secure Windows ever, but based on previous awardees of that crown, that doesn’t mean much.

Recommended reading for all.