15 May 2006

Windows, Macs and Viruses

As of today, there have been exactly two documented, successful pieces of malicious software — viruses, trojan horses, worms — that affected users of the Mac OS X operating system, since it was released in 2001. And these two failed to spread much, affecting probably a few dozen people, and doing no harm. I expect there to be a small number of additional Mac viruses this year.

By contrast, there are over 100,000 reported viruses for Windows, some of which have affected millions of people and have done significant economic damage. As for spyware, I know of no documented cases on Mac OS X, while there are certainly thousands on Windows. These Windows viruses and spyware can’t run on the Mac operating system, even on Macs powered by the same Intel processors used by Windows PCs.

Macs are definitely a minority share of the PC market, but they are quite a bit more than 0.01% of it, and the millions of Macs out there, with their reputation for imperviousness of viruses, certain have to be a tempting target for hackers looking for credibility. Mac OS X is simply a better product. Someday, I will return to the Mac fold.

Hat Tip to NewMexiKen.


Anonymous said...

Mac's Suck. You're just not technically saavy enough to realize it.

As soon as more people buy mac's, there will be more viruses for it.

Here is a really good example of why specifically they suck


Jon W. said...

There at least three factors that contribute to the Mac's perceived security advantage: fewer vulnerabilities, better application of the principle of least privilege, and obscurity.

Windows, as well as other Microsoft software, has arguably had more vulnerabilities. However, there are some components that Windows, OS X, and many Linux distributions have in common, such as graphics libraries. An exploit was published not too long ago that could put a system at risk for simply displaying an image in a browser or email client.

The damage that can be done is usually proportional to the power of the user who has been compromised. If you can delete critical system files, then an image that you view in vulnerable browser can likely do so as well. Windows users, for both technical and social reasons, almost universally have administrative privileges that let them do a lot of damage, such as rendering the system unbootable. Mac users are generally limited to trashing their own data, which is hopefully backed up somewhere.

The Mac's smaller market share has probably afforded it a form of "security through obscurity." I don't know if the relationship between market share and virus share is logarithmic, linear, or exponential, but the increasing size of the targets virtually ensures that more attacks will hit the mark. Mac users should not assume that they are impervious to attack.