Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

Resolved Question

is Mac OS X(UNIX) truly more secure than Windows 10

Mar 11, 2016 8:23PM PST

I'm pretty well-rounded when it comes to computing (Software Development, Computer Networking to the CCNA level, Have taken a Linux/UNIX class at University, etc). So I won't have issues if your answer is very technical.

My question is if Mac OS X is truly more secure than Windows and why? Or is it just security through obscurity. I understand how Linux/UNIX-based systems work and understand that in order to run admin scripts and programs, you need to have Root access at the System level. However, I have done some Googling and was flabbergasted by the fact that people were able to Hack OS X far quicker than Windows.

I guess if you think of it from a reverse-engineering PoV, it makes sense. Windows has a much larger user base, so Security companies and Microsoft themselves are constantly looking for ways to patch vulnerabilities. I guess my question is as aforementioned, is Mac OS X truly more secure than Windows, and if so why?

Discussion is locked

FulaniMan has chosen the best answer to their question. View answer

Best Answer

- Collapse -
OK, now that we have SBO covered. Physical access?
Mar 12, 2016 3:46PM PST
https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payloads

Now I own a Rubber Ducky (this USB one) so if you let me have physical access to the target then I'm in. And if not by that method then I have other tricks such as yanking the HDD out to clone or if they left it open to booting from USB, ODD or other, then I have other ways.

The problem here is that securing a computer from such attacks would render the PC almost unbearable to use. Folks want ease of use over full blown security.
- Collapse -
Excellent explanation
Mar 12, 2016 4:20PM PST

Thanks for clarifying that. Very good information. Thank you!

- Collapse -
Answer
What is this thing about obscurity?
Mar 12, 2016 9:51AM PST

The last time I check, the DARWIN source code was still open to inspection.

As to hacks, if you let have physical access to such things, well, game over. I would be duplicating basic security classes if I wrote more about physical or visual access to the Apple or Windows PC or any PC.

Post was last edited on March 12, 2016 3:18 PM PST

- Collapse -
Obscurity
Mar 12, 2016 3:07PM PST

What I meant by Obscurity is that the user base of people on OS X is far less than people on Windows. Thus, most people when they are engineering malicious scripts or software, they typically go for Windows systems. That's where I am getting at.

- Collapse -
Here's why I questioned that.
Mar 12, 2016 3:21PM PST
https://www.google.com/#q=security+through+obscurity finds this:

"Security Through Obscurity (STO) is the belief that a system of any sort can be secure so long as nobody outside of its implementation group is allowed to find out anything about its internal mechanisms."

Since the source code to OS X is out there, easy enough to find ( https://www.google.com/#q=darwin+os+x ) then it's not security by obscurity.

Maybe you meant security by not a big target audience but that's something else.

Hope that clears it up why I questioned your statement.
- Collapse -
Excellent Thanks
Mar 12, 2016 4:18PM PST

Absolutely, I apologize for using the wrong terminology earlier.

- Collapse -
Thanks for this.
Mar 12, 2016 4:36PM PST

Sometimes folk dive in and get upset. There's no absolutely secure system today outside of an old terminal system we deployed. The terminals are dumb things, and the lines to the host are only talking to one app so it's secure by design. It can only do "this."