Peaches Posted May 9, 2009 Report Share Posted May 9, 2009 May 8, 2009 12:06 PM PDT Yet another reason why Macs need securityby Jon Oltsik "As expected, my blog this week about Macintosh security generated a lot of comments. Some were personal in nature (author's note: I really do know the difference between a Trojan and a virus but typos happen), some were quite thought-provoking. I did receive some interesting data from a colleague from IBM. According to the X-Force 2008 Trend & Risk Report (PDF) released early this year, Mac OS X Server and Mac OS X top the list of operating systems with the most disclosed vulnerabilities for 2008. Each accounts for 14.3 percent, and has been in the top five in each of the last three years. Rounding out the top five were: Linux Kernel at 10.9 percent, Sun Solaris at 7.3 percent, and Microsoft Windows XP at 5.5 percent. The purpose of this data is to compare the total number of disclosed vulnerabilities with each individual operating system. Vulnerability data is submitted to the Mitre Corp. and then appears in the CVE (Common Vulnerabilities and Exposures) List. This is not a perfect study as there are common vulnerabilities across different operating systems. Additionally, the Windows-based total vulnerability "footprint" is much larger than the Mac because of the size of the Windows installed base. Finally, this is a cumulative study but the data does not break down the vulnerabilities in terms of how critical they are. All that said, the X-Force data puts the whole "Mac is secure and Windows is not" discussion in perspective with some real numbers. I don't think IBM has an ax to grind here. "story at CNET - http://news.cnet.com/security/ Quote Link to post Share on other sites
isteve Posted May 9, 2009 Report Share Posted May 9, 2009 This doesn't say anything. How many are not disclosed? "does not break down the vulnerabilities in terms of how critical they are." Then this is useless info. If something has a vulnerability but there is no way to exploits it, should it even be on the same list as a vulnerability that is easily exploited. Quote Link to post Share on other sites
iccaros Posted May 20, 2009 Report Share Posted May 20, 2009 I am confused.. So Apple, and Linux distributions tell people that there are issues and release patches, and are said to have more security holes based on this number.. so the only thing you need to be secure is to not tell people of the issues, like some companies do. the number of published bugs, shows that they care more about security because they will let you know when they find them, and not hide them to protect their image. Quote Link to post Share on other sites
isteve Posted May 20, 2009 Report Share Posted May 20, 2009 Actually many of the holes with the mac OS are in the open source Mach Kernel. Not much apple can do to hide that. Even though they sometimes acknowledge holes, they like MS many times take there time with patches so they don't break other software. The last update 10.5.7 replaced something like 1600 lines of code fixing 60+ holes and less then half were known by anyone other then apple. Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.