Comments on: My Thoughts On ‘MacDefender’ and What It Means for the Mac Platform Moving Forward

By: Alex Jordan

Alex Jordan — Thu, 26 May 2011 20:08:50 +0000

Both of you hit it right on the nose. There are technical elements to this problem, but users also have to be on their toes, and keep a look out for possible threats.

By: Laird Popkin

Laird Popkin — Thu, 26 May 2011 16:43:28 +0000

While quality of software coding affects security, and arguably open source software is generally more secure than proprietary software (many eyes, etc.), there are also fundamental design decisions that affect security. Microsoft’s fundamental design for Windows favors features over security repeatedly, and every time they create more opportunities for security problems. For example, ActiveX is designed specifically to let code easily install and run on your computer, the Windows Event Model lets all applications see everything going on in your computer, multi-user filesystem security was added as an afterthought, etc. All other OSs are designed with security as a fundamental requirement, which means that there are fewer opportunities for security holes, and when there is a security hole the impact is usually more limited. That being said, every revision of Windows evolves a bit towards being a secure operating system, but since Microsoft will never be able to undo some of their early, insecure design decisions (because they don’t want to break Win32 apps from running), they will always have more security problems than other operating systems.

By: Paul

Paul — Thu, 26 May 2011 14:31:47 +0000

You’re right that it’s unlikely we’ll ever see anything like the Windows hell of pervasive viruses. OSX really is better engineered from the ground up in this regard, at least when compared with previous versions of Windows.

But there’s no doubt we’ll see more and more trojans, and other malware of the ‘social engineering’ variety. And the real solutions to these threats are user education, not new technologies. There’s nothing an OS can do to prevent you from authorizing the installation of malicious code. Much like a lock manufacturer can’t stop you from opening the door for a murderer.

As users, we’re just going to have to pay more attention. And spread the word to our parents, who are probably used to paying even less attention than us.