Hacker: Windows More Secure Than Mac OS X
8:21 PM - September 21, 2009 by Marcus Yam
Hackers just like the PC more.
Regardless of which side you're on (though as a true computing enthusiast, you shouldn't be taking sides), you've heard the arguments back and forth on the which operating system is truly safer – Mac OS X or Windows.
It is of the opinion of Charlie Miller, a well known Mac security guru, that even Snow Leopard, the latest version of Mac OS X, isn't as safe as Windows.
One key point is that Snow Leopard still doesn't have ASLR, or address space layout randomization, which randomly arranges the position of key data making it harder for hackers to target for exploits.
Miller said to TechWorld that Apple didn't change the ASLR from 10.5 to 10.6: "Apple didn't change anything. It's the exact same ASLR as in Leopard, which means it's not very good."
Apple didn’t completely miss the chance to tighten up security in Snow Leopard though, as the new QuickTime solves a lot of the issues that Mac OS X had before.
"Apple rewrote a bunch of QuickTime," said Miller, "which was really smart, since it's been the source of lots of bugs in the past."
One thing that Snow Leopard did adapt, which Windows has had since XP SP2, is DEP (data execution prevention). With DEP, buffer overflow attacks are much harder to execute.
Despite Miller's opinion that Windows is the more secure OS, the large install base of Microsoft-based systems make them a much more attractive target for hackers. Still, Miller would like to see security on all platforms.
"Snow Leopard's more secure than Leopard, but it's not as secure as Vista or Windows 7," he said. "When Apple has both [in place], that's when I'll stop complaining about Apple's security
Hacker: Windows More Secure Than Mac OS X - Tom's Hardware
I've always suspected that if Apple had more than a fraction of the OS marketshare to deal with their heads would pop.
8:21 PM - September 21, 2009 by Marcus Yam
Hackers just like the PC more.
Regardless of which side you're on (though as a true computing enthusiast, you shouldn't be taking sides), you've heard the arguments back and forth on the which operating system is truly safer – Mac OS X or Windows.
It is of the opinion of Charlie Miller, a well known Mac security guru, that even Snow Leopard, the latest version of Mac OS X, isn't as safe as Windows.
One key point is that Snow Leopard still doesn't have ASLR, or address space layout randomization, which randomly arranges the position of key data making it harder for hackers to target for exploits.
Miller said to TechWorld that Apple didn't change the ASLR from 10.5 to 10.6: "Apple didn't change anything. It's the exact same ASLR as in Leopard, which means it's not very good."
Apple didn’t completely miss the chance to tighten up security in Snow Leopard though, as the new QuickTime solves a lot of the issues that Mac OS X had before.
"Apple rewrote a bunch of QuickTime," said Miller, "which was really smart, since it's been the source of lots of bugs in the past."
One thing that Snow Leopard did adapt, which Windows has had since XP SP2, is DEP (data execution prevention). With DEP, buffer overflow attacks are much harder to execute.
Despite Miller's opinion that Windows is the more secure OS, the large install base of Microsoft-based systems make them a much more attractive target for hackers. Still, Miller would like to see security on all platforms.
"Snow Leopard's more secure than Leopard, but it's not as secure as Vista or Windows 7," he said. "When Apple has both [in place], that's when I'll stop complaining about Apple's security
Hacker: Windows More Secure Than Mac OS X - Tom's Hardware
I've always suspected that if Apple had more than a fraction of the OS marketshare to deal with their heads would pop.