Well, they don’t actually say “Apple is blowing it,” but only because that’s not the way boffins talk. I translated for you. Security experts question Apple’s approach to avoiding malware and browser hijacks, saying that the process isn’t formalized enough within Apple and not enough is being done to make sure that the OS touting itself as the secure choice actually is so. With the growing market share and increasing surface area of the OS (Exchange support, increasing third-party presence, mobile integration), it may be that the threat is growing faster than Apple’s efforts to combat it.
Clearly it’s not a major issue right this moment, since Apple users are hardly clamoring for extra security (though that’s possibly part of the problem) and the major hack attempts are almost exclusively against Windows machines. But if Apple were to increase its liability overnight with a huge increase in market share, would they be prepared for the onslaught that would ensue? Hackers themselves say most don’t even bother with Mac exploits because there’s no benefit other than proving a point (Mac botnet why?), and Apple doesn’t listen (or pay) anyway.
As repugnant as it sounds, Apple will need to take a page from Microsoft’s book in this area. Years of combating viral threats, malware, and so on (partially through their greater exposure and partially, it must be admitted, through bad programming) have resulted in a well-oiled machine which responds quickly and decisively to the threats which appear almost comically frequently. Apple should preemptively strike in this case and establish a real security center type division, headed by someone who really knows what they’re doing. I’m sure there are measures in place already, but if security pros repeatedly say the risk is increasing and Apple’s not doing enough, then additional measures are warranted.
“Years of combating viral threats, malware, and so on (partially through their greater exposure and partially, it must be admitted, through bad programming) have resulted in a well-oiled machine which responds quickly and decisively to the threats which appear almost comically frequently. ”
What are you smoking and could I have some of it please.
I guess that “well-oiled” machine is why stuff like Conflicker still happens all the time.
Oh yeah. It’s the USER’S FAULT (because, according to MS, their security model is so good, only lazy, know-nothing users can eff it up). That sounds like a security fail in my book.
I’m not excusing Microsoft’s failures, though you don’t mention any of the threats they promptly or preemptively addressed. It’s about response time and working on a large scale. Conficker and other things are going to happen to Apple, and if they don’t have a serious security detail, they’re going to get dinged worse than MS did.
And honestly, yes, it is the know-nothing users who are getting infected. If the hackers turned their attention to Apple, it’d be the same set – people who don’t pay attention to what and where they’re browsing, and don’t care about updating their OS or running software to better secure their system.
Utter nonsense stirred up by hair-on-fire bloviators who have a financial interest in selling security software to Mac users, who rightly know that Cornficker and their ilk could not be successful on the platform.
Yes, Macs can be vulnerable. But not on the same scale as Windows. In certain areas, Windows is better than OS X when it comes to security. If you think Apple isn’t prepared when the time comes, then you haven’t been paying attention. Right now it’s to their advantage to market themselves as so secure they don’t need to take measures. It’s true at this point. Not one single exploit that can be transmitted from one Mac to another. Only malware embedded in stolen Photoshop CS4 and iLife ‘09 on torrents.
Apple actually had an Intel version of OS X the whole time, and only launched it when it was really needed. I’m betting the same way will go with security measures. One of the most unpleasant things about XP, Vista and 7 is the security hoops one has to jump through on an almost daily basis (I have both XP and 7 running on VMWare). Why do the same to OS X before necessary?
Just my guess, I don’t now for sure.