BUT I do not buy into Gates “security through obscurity” BS. ALL Windows versions are inherently more vulnerable to viruses and worms than Apple. Trojans are a different story but they won’t spread from Mac to Mac through email or texting. That’s a BIG difference.

Even worse, the days of things like the “I Love You” worm are long, long gone. These days, you could lose your personal information and not be aware of it. This is probably happening to many security-complacent Mac users today, and they don’t know it and think that it can’t happen to them.

This is just one reason to go with Microsoft: The folks in Redmond are (these days) very proactive, honest and open about security, and they don’t control the media the way Apple seems to.

I suspect that if many Mac users were afflicted, and they didn’t know, but Apple did figure it out, Apple wouldn’t tell anybody. They sell more computers that way.

Anyone with a brain stem and a mind that they control can figure that one out. Alas, so many mac users are blind to this.

I agree, ActiveX can be a security issue if the end user pays no attention to warnings (e.g. who signed that ActiveX control?) or if some numskull turns the privilege warnings off*, but this is very old technology and the need to support it will ultimately go away. Microsoft makes sacrifices to make old business applications work, in a secure way – is that a problem?

*IMO Microsoft-haters often justify their animus by living in the past, and deciding that security measures are evil and nobody is every justified in putting up with them. But, that’s just like refusing to wear seatbelts in a car – “Seat belts? WTF? We never had to wear seat belts before” – and then, when your head goes through the windshield, blaming the car manufacturer.

Greg, I have no idea what you mean by “system of certificates and access lists, and incomprehensible questions asked of the user…”

You’re correct: if the Eclipse installer were signed, it still means you’re trusting the authors at some point, and since it’s open-source, there isn’t much of an organization to value its own online reputation. But, it would be better than what there is now – an unsigned, un-authenticated executable, given admin access rights to my client OS – which is rife with attack vectors!

“Seat belts – we don’t need no stinkin’ seat belts! The manufacturer told us that these cars never have accidents!” Hmm, sure sounds like Apple Inc. lying about how secure their machines supposedly are.

Your Eclipse question is a good one. Most of the apps have md5 checksums on them, which are downloaded separately, and this will protect you from tampering post-publication. Pre-publication tampering is basically indistinguishable from malware in the code itself, so you need to trust the authors at some point, same as when you pay for software. There’s also the option of building the code yourself; even if you don’t, it may help to know that other ‘arms length’ users are doing that, so if there’s malware in it, it’s likely to get found. You can always create one login for development and another to do your banking and so forth — assuming that your OS has mechanisms to keep those separate, of course. That’s probably a good idea on any platform.

Apple does this, of course, as you can see if you follow the news (at least the shadow of this): Apple does it’s best to control the information around any security issues around Apple products, which is, they do it *very very well* because Apple excels at secrecy, controlling the information and controlling their brand. Sometimes the truth comes out, and you wonder, “How come we didn’t hear about this before?”

Apple has certainly been practicing security through small market share, because although – long ago, in the days of Windows 9x – MSFT security was pathetic ( Apple reminds us of that in their brilliant “I’m a Mac, I’m a PC” ads, in which universe MSFT is *still* shipping Windows ME) they surpassed Mac security with Windows XP SP2, and have been pulling ahead ever since.

Security by small market share (i.e. the blackhats might not bother targeting those machines, because of reduced returns) is not a type of security, but it masquerades as security. So, what to call it? Security by “we’re probably OK, because there’s a more lucrative target over there” ?

You are correct about the advantage of open source, in that everyone can see it and in theory the good changes outweigh the bad in terms of making it more secure.

You are mistaken about MSFT security strategy. Yes, MSFT has lots of proprietary code; that’s how this corporation fulfills its corporate obligation to make money. NO, MSFT never relies on this for security. MSFT employees have been extensively trained on security issues, and security is very, very important there and improving security is highly rewarded behavior.

Example (although I’m getting tired of trotting out this example repeatedly, it’s an important lesson): the Conficker worm. Conficker exploits a security hole that was found *by Microsoft* *by Microsoft’s security strategy* and patched in October 2008. When did Conficker show up in the wild? November 2008. Compare those dates. The only machines infected by Conficker were those victmized by bad decision making on the part of some admin, i.e. the default self-patching behavior was changed and those machines never got the patch.

Is that not proof enough for you? … I’d love to hear the cult-of-Jobs perspective on what those events mean.

Oh, actually, I know the cult-of-Jobs perspective: MSFT stopped improving when it shipped Windows ME, which OS is laughable by today’s standards IMO. That’s right, MSFT fired every engineer in 1999 after Windows ME, and has been selling the same thing ever since. NOT.

On the Posix standard: that’s useful if you want to run unix-based utilities or web servers, but there’s a reason that Apple is the only entity to have success bringing that to people’s desktops. Most people aren’t geeks; they want their computers to be useful and easy-to-use.

I remember testing an early Mac OS X and getting “Posix error 60″ repeatedly. The only work-around was to reboot the machine. Obviously, Unix isn’t perfect either.

Greg, I have a favor to ask you, since you seem to be involved in the open-source community: Please help these people find a way to create responsible entities, and digitally sign their applications after a standard security procedure. I recently downloaded the Eclipse IDE and it wasn’t digitally signed. How do I know who built the binary, or who messed with it, or if there isn’t malware inside? I don’t! I took a deep breath and installed the anonymous binary anyway, but I’m pretty unhappy about that.

Regarding the ‘security by rarity’ angle which you were driving at, Linux may have only a small percentage of all the machines on the net, but it has a pretty substantial percentage of the servers which would count as ‘high-value targets’. That wouldn’t happen if it was as leaky as you imply. Linux security is not perfect, but is not a delusion, my friend.

So, what about Apple? I was very pleased when they decided to switch to a POSIX-compliant base, thus leaving msft alone out there. Apple users: do the secure components make use of open source libraries (e..g OpenSSL), or is it proprietary like MSFT? Or a mix? How do people feel about that?

OK, I like what you did with WHS. Wasn’t aware of that functionality, requiring another machine. Will you really be able to keep using that in 5, 10 years when your primary OS is required to be Windows 8.5 Plectrum or something, Vista no longer being supported in any way? And of course the machine you have hosting WHS won’t be able to run WHS Plectrum, despite being still perfectly adequate for the actual application you want to run on it. You’ll still be able put Linux on it, and run about 200 lines of python to do that backup server.
@marc will limit myself to that…