What a Relief! MacIntel Not More Vulnerable

Submitted by Mike Rothman on Tue, 2006-01-31 13:23.
::

It seems I'll sleep better tonight, given that eWeek's Larry Seltzer has clarified that MacIntel devices will be no more vulnerable than Mac PowerPC's. There has been a bit of huff over the last few days (mostly perpetuated by the media) about how Apple moving to the Intel processor family will make it easier to find vulnerabilities. It's good to hear a reasoned explanation about why that is crap.

I won't sleep easier just because I have become a Mac convert. I'll sleep easier because finally someone in the media is calling out the various chicken littles out there that have nothing better to do than speculate about what will or won't happen. There are a lot of bad things that can happen. We need to spend time more productively making sure we minimize the risk of those things happening and that we can contain the damage if something does happen.

Just to level set, think about a few facts:

  1. Every OS has vulnerabilities
  2. Vulnerabilities are not an issue until exploit code is available
  3. Exploit code rarely (like less than 10%) appears for a specific vulnerability
  4. Even if a patch is available, some percentage (upwards of 50%) of people don't patch
  5. Unpatched morons get nailed if exploit code appears
  6. The rest of the world doesn't care about the exploit code

These facts continue to be proven over and over again, and still people don't learn. And this would apply to both Windows and Mac equally if not for "The Path of Maximum Impact." This dictum states that hackers and fraudsters go for the most prevalent OS (Windows) because they have the highest likelihood of finding the most people that are unpatched to wreak the most havoc. To be clear, they want to create havoc, regardless of whether the objective is to bring down networks or perpetuate fraud. Hackers don't waste their time trying to attack the Mac because it's just not worth it to them. Apple makes it a bit harder, yes. But the reality is there aren't enough users to make it pay.

So why do users care? Because ultimately it gets back to the same thing. Keep your systems patched, whether they are Macs or Windows devices. Most importantly, train your users to not do stupid things. Stupidity does not play favorites and is just as likely to happen on a Mac platform as Windows. Create smart users and it doesn't matter which OS you use.