The Truth About Security: Mac OS X versus Windows

I responded to a tech columnist on July 21 about an article that ticked me off.

The topic? The relative security merits of OS X versus “other OSes.” The spin? Pure, unaldulterated FUD (fear, uncertainty, and doubt).

Here’s the email I sent:


This appears at the top of your article:

“Apple’s OS X is not safer or less susceptible to vulnerabilities and viruses than other OSes, and Apple’s secretive culture is bad for the security world.”

The rest of the article, however, seems to have a different take: yes it appears to be better, but I’m suspicious.

Really, though, your article appears to be, in large percentage, FUD. Lots of phrases like “I don’t know,” I guess,” “this implies,” and lots of leading questions.

If you are worth your salt as a security consultant, you realize that there are at least two major differences between Mac OS X and Windows out of the box:

  • many services are enabled on Windows and disabled on Mac OS X
  • most people (have to) run Windows as Administrator; most people do NOT run Mac OS X as root

Not to mention those two critical things in an article on security that compares Windows and Mac OS X is either a sign of complete incompetence on your part, or willful overlooking of facts that are not on your side.

The result is that the suits and the techs who are really just GUI-boys, who don’t know anything but read your article, will get an impression that is, simply, inaccurate. And you’ve crafted your article very carefully to create just that spin.

Unimpressive. Seriously unimpressive.

Very bad journalism, and even worse ‘expert analysis.’

There has been no answer for almost a week, so I decided to publish my email here.

I notice there’s a lot of feedback on the site itself, including this excellent response.