Mac OS X inherently secure, hackers not interested

How do hackers profit from their success?

While the glory from hacking millions of sloppy Windows systems is one thing, the glory from breaking into a secure OSX system would be worth a lot more points. Anybody can stroll down the street, few climb Mount Everest, and then only with a huge support team.

Tom

The real reason we see a lack of virii and worms for the mac is that there are not the ready made script generators for the mass "hackers" to use nor do most of them even have access to a mac to create a script generator to begin with. The responsible approach to security apple has taken as well as the quick release of security patches when holes are identified have prevented a proliferation of malware on the platform.

Funny nobody ever said OpenVMS was unhackable becuse of its small marketshare. They say it is is unhackable becuase nobody was able to hack it.

The Irony here is that Windows NT was derived from VMS... go figure.

It's not hackers, but crackers and virus writers. And they profit by renting out botnets (large networks of zombie PC's gotten under control with the help of spyware or viruses, rented e.g. to spammers for their use), capturing credit card info using installed key loggers, extortion by threatening with denial-of-service attacks using their botnets etc.

And although I agree Mac OS X is inherently a bit more secure than Windows, it probably wouldn't be that difficult to have a wide spreading virus on the Mac.

The reason is that I do not think it is difficult to trick most people into entering their admin password in a fake authentication dialog box (e.g. thrown up by a fake installer package), and after a program gets admin privileges it can do pretty much anything it wants.

User gullibility/stupidity is extremely hard to protect against, and is for a large part independent of the underlying OS.

Lots of money to be made.. threating to release company info, hacking banks and transfering money, pop-ups via hacking.. I'm sure there are more.

Not that i'm defending this crappy, re-hashed article at all. Tom is correct. there would be much more notariaty in hacking OSX than windows from a personal achievement standpoint..

"User gullibility/stupidity is extremely hard to protect against, and is for a large part independent of the underlying OS."

But since that is the case with every single OS, then it is a moot point. It levels the playing field so all you have left is the security within the OS.

"But since that is the case with every single OS, then it is a moot point. It levels the playing field so all you have left is the security within the OS."

It's not a moot point at all, it simply means that the security within the OS is simply irrelevant a lot of cases. All these people inadvertently installing spyware on their Windows machines could do it just the same on Mac OS X.

someone posts the "mac's don't have the market share" arguement on why they aren't attacked more often...

http://www.theregister.co.uk/2003/12/16/windowsstyle_security_hell_stalks_mac/

youre talking user security over computer security. 2 different arguements... My point still stands. If it's irrelevant as you say, then why bother discussing OS security at all? lol

there are differences in the way Win and OSX gives privledges to the user. But since the user security is the same across the board, you have to focus on the OS security!

"you're talking user security over computer security. 2 different arguements..."

I'm saying that "user security" in many cases completely overrules the whole "computer security" thing.

"My point still stands. If it's irrelevant as you say, then why bother discussing OS security at all?"

I never said it was irrelevant, I said it was irrelevant in a lot of case. As in "most problems with spyware and many problems with viruses on windows have nothing to do at all with OS security, and would happen in exactly the same way under Mac OS X with those same users".

"There are differences in the way Win and OSX gives privledges to the user. But since the user security is the same across the board, you have to focus on the OS security!"

No, because then you create an unrealistic and false sense of security.