OS Insecurities and Myths

by John Martellaro , 1:40 PM EDT, April 10th, 2007

<script language="JavaScript" src="https://bullseye.backbeatmedia.com/bullseye/adserver/253/712/viewJScript?pool=3160&type=3158&pos=30&zone=5000&redirect=ajs&dontcount=1"></script> <noscript><a href="https://adserver1.backbeatmedia.com/servlet/ajrotator/253/712/clickCGI?pos=30&zone=5000"><img src="https://bullseye.backbeatmedia.com/bullseye/adserver/253/712/viewCGI?pool=3160&type=3158&pos=30&zone=5000&redirect=ajs&dontcount=1" border="0"></a></noscript>

The core of Mac OS X is BSD Unix, and that OS has been around for two decades in open source form, inspected by all concerned. That's why Mac OS X is more secure than Windows, according to InfoWorld.

For a long time, apologists for Windows have been arguing "security through obscurity." However, if it has a CPU, hackers will try to attack it, and Mac OS X has been a big target for a long time.

"The difference isn't market share, it's the foundation of the operating systems. Given that most virus authors and hackers are in it for the ego, don't you think that there would be a huge incentive to be the first one to write a widespread OS X, Linux, or FreeBSD virus?" Paul Venezia asked.

The key is the foundation of the OS. If the OS is designed on a shaky foundation, everything on top will suffer. When Apple moved its customer based from Classic Mac OS 9 to Mac OS X, they did so consciously with the idea that they needed a firm foundation for the future. But that meant leaving every Classic app behind in the long term.

Microsoft has never been able to make that commitment and retained the backwards compatibility with Win32 apps. That has put a strain on their whole Windows OS. "Simply put, Microsoft had the chance to beat Apple to the punch and make a giant leap back in 1997 or so, killing off the existing Win32 platform in favor of an NT-based client and server that did not have to run legacy applications natively. They didn't, and we are still paying the price for it today. Even if you're not running an MS OS, most of the spam in your mailbox came from zombie Windows systems in the control of spammers," the author noted.

While Microsoft was reaping the rewards of this compatibility, Apple took the time to move its entire customer base to a highly secure BSD Unix OS. "Microsoft didn't. They're faced with massive-scale exploits like the spreading ANI vulnerability, Mr. Venezia concluded. "That affects every Microsoft OS, server and workstation alike, across the board. This gives us a glimpse into the code shared between generations of Microsoft OSes, and it's not a pretty view."

A quote from Henry Spencer was noted, "Those who don't understand UNIX are condemned to reinvent it, poorly."