Another argument ..
.. to use OpenOffice/LibreOffice instead of Microsoft's idea of *cough* productivity *cough*..
A security hole in Microsoft Office for Mac OS X is being exploited to hack and spy on Asian activists at odds with the Chinese government. In the past few days, spear-phishing emails - highly targeted booby-trapped messages - were sent to Apple users in the Uyghur community, which is an ethnic group of people mostly (but not …
Or another argument to patch software more frequently than once every 3 1/2 years.
There is a buoyant market in zero days - it makes patching important, but not the all out protection against malware. Avoiding Microsoft and Adobe products, however, appears to be a good step to take..
My apologies if that makes it appear I agree with Eadon :)
It's not about being immune, it's about being less vulnerable due to having diversity...
If there's a monoculture then you know exactly what software your targets will be running, and what vulnerabilities that software has.
Diversity is the main reason that drive by attacks against browsers have started targeting ubiquitous plugins (java, flash etc) rather than the browsers themselves.
A Mac can become infected, if the user messes up and puts something from Microsoft on it. (The story proves that)
Getting close to buying my first Mac as Microsoft is rapidly becoming the McDonald's of the computer world. Trying to do so many things, they can't do a single thing right.
An OS vulnerability is different to an application vulnerability.
Most OSes tend to attempt to stop bad things being installed or executed. But if the hack is via some tool you already have installed then how on earth is the OS going to guard against it?
All software has bugs, lots of software does too.
"Most OSes tend to attempt to stop bad things being installed or executed. But if the hack is via some tool you already have installed then how on earth is the OS going to guard against it?"
Why would an OS allow an application like MS Office the privilege escalation necessary to install some remote control/spying software?
Not really fair.
Much of the vulnerabilities in Windows were due to a culture of providing lots of features and power to software developers. But at the same time not thinking about how to restrict this power to those who would misuse it.
ActiveX in the browser, active desktops and so on.
OSX having been built on top of a Unix underpinning has had the security model escalation there from day one.
I'll give you that one. Though I have never used Mac OS X so can't speak for its security model I have spent quite a lot of time using BSD and can't argue that it was way ahead of Windows (and even Linux, at least up to a few years ago) when it came to security.
That said the Mac OS X and Unix (This was originally a Unix backdoor) security methods didn't seem to help in this instance, that may be more down to user error though.
It may be worth pointing out that the OSX platform wasn't the issue - it was the mistake of installing Microsoft products on it. That proves conclusively that the virus problems on Windows are a Microsoft problem - the moment you port something from that environment on another platform you introduce the same risks there. I'm pretty sure that if there was an MS Office for Linux you'd have the problem there too.
In general, it's fairly easy to keep a Mac clean: no Microsoft, no Adobe and keep a lid on online Java use.
Now, try to keep a Windows box clean without taking it offline altogether..