Anyone who is even passingly familiar with this debate will often see a lot of disparagement from both sides. Mac users are called "elitist" or "fan boys" while Windows users are described as "sheep", "lemmings", and "Borg" (that last one is personal favorite of mine and so your mileage may vary).
As a longtime user of Apple products, I too participate in these debates on a regular basis. A recent forum for them has been IRC channels. One user I frequently debate uses the same tactics as practically all other die-hard Windows users, but with a sort of compromising twist. She claims that OSX and Windows merely two different toolsets for two different jobs and that each has their own set of problems. This implies a few wildly incorrect things:
1. That OSX and Windows are doing different things with their computers.
Platform-specific computer activities do not even become an issue for most, if any mainstream consumer computer users. These users are writing and reading email, doing word processing and spreadsheets, browsing the Internet, enjoying digital media, and playing games. It is only in that last category which shows Windows having any real advantage over OSX and is based on the economics of game development and distribution rather than some advantage of the operating system itself. Industry specific applications for such areas as science and engineering face a similar question when developing software. Nothing about Windows makes it any better for these niche applications other than its installed user base when working with a limited development budget.
2. That OSX and Windows have merely DIFFERENT issues which are EQUAL in number.
This kind of asinine statement truly reveals the lack of knowledge regarding the operating systems in question. I will be the first one to admit that OSX and its Linux cousins are not flawless or even impenetrable. Yet, when considered alongside Windows, they certainly appear to be both of these. Pointing this out, however, results in seeing that tried-and-not-so-true comeback from a Windows zealot:
"Windows has a bigger user base and thus is more of a target than smaller markets like OSX and Linux."
At first blush, this would seem to make sense. There are lots and lots more Windows users in the world than there are Linux/Unix/OSX users and thus a bigger target. Yet, this seems odd when we consider the fact the vast majority of websites are served on Apache servers (running some variant of Unix/Linux) as opposed to Microsoft's IIS. And how many viruses and exploits were aimed at these server platforms? To date, the biggest and most damaging exploits have been see IIS as the target. CodeRed, CodeRed.A, and IISWorm targeted huge numbers of IIS servers before their own internal coding self-terminated.
Number of webservers running respective operating systems:
Denial of service attacks can target both Apache and IIS servers, yet these attacks come from Windows-based machines which have been infected with some kind of malware to begin with. Thus, the popularity of a platform does not mean increased targetability.
A possible reason for why IIS is more easily targeted than Apache is the sheer complexity of the software code. While this may or may not reveal the actual inherent flaw differences between the two systems, a comparison I found fascinating was made in how the two differ in the number of RCP (remote call procedure). Essentially, everytime the software sends a "call" to a system file, it is accessing specific points in memory. These calls are what usually result in "buffer over-run" exploits. Thus, the more calls to memory, the more opportunity for an exploit. A graphically mapped comparison between the two can best show the stark difference:
Apache, on a Linux server:
IIS running on a Windows Server:
This pretty much demolishes the idea that popularity breeds targetability. It's a presumptive notion which claims to read the minds and motives of hackers and virus-writers. If it was a matter of mere fame or money gained from extortion, what potential malware writer wouldn't LOVE to be known as the one who put Mac users in their place once and for all?
Yet, the myth persists, in large part, because of the continual declarations of companies like Symantec, arguably one of the biggest anti-virus software makers out there. Consider this dire warning from Symantec in 2005, headlined "Mac OS X faces hacker threats: Symantec". Yet, the next year's report didn't mention anything about a Mac security threat at all. Why? According to a Symantec spokesperson:
"Symantec didn't include the top 10 attackers or the top 10 malicious codes for this report. What they chose to do instead was to focus on the top 10 new attacks with malicious code and there were no threats that registered in the top 10 category that pertained to Mac OS X,"One could easily draw the conclusion that an increase in Mac market share would be an increased opportunity for new anti-virus software sales. Thus, a company like Symantec would see a vested interest in conflating even a POSSIBLE threat to Mac users, such as in their 2006 announcement of a "proof of concept" virus dubbed OSX.Macarena. They soberly informed us their virus definitions had been updated to allow for quick removal of the malware from an infected machine. The implication here is they are looking out for us Mac users and thus we should all be worried about the seeming virus hoardes waiting at the gates.
Yet, according to another security firm, OSX.Macarena shows how unlikely a massively disruptive Mac virus is, rather than the opposite. According to Sophos, the code writer for the virus commented in several places on his difficulty in getting the thing to even work:
To build this thing, I use Xcode, but it is really very buggy, and it needed lots of help to produce working code
So many problems for so little code.
A technology consultant for Sophos went on to say:
"This is a proof-of-concept virus with very limited spreading ability. Frankly you're more likely to be struck by lightning than troubled by Macarena. No-one should panic, and while this is an indication that hackers are showing an increased interest in targeting the Mac OS X platform it is still a lot safer place to be than Windows."
No comments:
Post a Comment