[ Techquickie ] Are Macs REALLY Safer?

[Andrew210]

Hi,

 

yes I am a Mac user and yes I am disappointed about the video and NO, it is not because a Windows-PC-related Youtube channel doesn't say that MacOS is safer. It is because this video contains almost no technical informations... and this is such a missed opportunity. There are really interesting differences in how Windows and MacOS approach system integrity and security and not a single one has made it into the video. 

https://www.csoonline.com/article/3267893/microsoft-windows-10-vs-apple-macos-18-security-features-compared.html

[SkyHound0202]

Techquickie is a short video format intended to introduce or discuss a certain topic in technology in only a few minutes. Its intended audience are the technology loving public rather than the tech-savvy few.

 

Consider this: if don't know much about computer and you are watching a video spewing terms like "privilege escalation", "cryptography", "secure enclave", etc., will you be interested?

[BrinkGG]

26 minutes ago, Andrew210 said:

Hi,

 

yes I am a Mac user and yes I am disappointed about the video and NO, it is not because a Windows-PC-related Youtube channel doesn't say that MacOS is safer. It is because this video contains almost no technical informations... and this is such a missed opportunity. There are really interesting differences in how Windows and MacOS approach system integrity and security and not a single one has made it into the video. 

https://www.csoonline.com/article/3267893/microsoft-windows-10-vs-apple-macos-18-security-features-compared.html

Not supposed to. 

Tech Quickie are 3-6 minute informational videos about the OVERVIEW of a topic. 

If you want more information about the topic, you can google it after you watch the video.

 

imo, video does it's intended job. 

[Guest]

MacOS is a lot safer though in MacOS Catalina. All integral system files are actually on a separate encrypted partition. Very cool. 

[Tamesh16]

i am just wondering why it was called 'Mass drop' still 

[tcmal]

This video only really shows half the picture.

 

For example, on windows services all run on the SYSTEM 'account' (the true administrator), whereas unix allows each service to run as a different user which only has the permissions it needs.

So while the two kernels may be about as easy to compromise (ie very hard), *nix systems allow for better seperation, meaning that it's less threatening if, for example, samba has a rce exploit, since that still doesn't give you full access.

EternalBlue was such an exploit, and it got full system access on windows, but were it a mac samba attack, it would likely need more privesc to be of any use.

 

Whilst these videos obviously aren't meant to be as in-depth, and my explanation isn't written well enough to fit in as-is, it is really disappointing to see them not mentioning this at all, as looking at kernel security only is very obviously misleading,

[Glorious]

I didn't like the video because he basically saying that Windows gets attacked more because it has a bigger market share. 

 

If this was true then wouldn't there be more "viruses" for iPhones?

 

iPhones have a 49% market share in North America. Not only that but iPhone users spend more and make more so they would be ideal to steal from. Let's not forget that more than 78% of all iPhone users upgrade to the latest OS so building an exploit would be easier and cause the most damage, unlike the segmented Android market. Yet malware and viruses are only seen on Android. 

 

And I can hear many of you now... "The hackers want to go after businesses because there is more money to be made."

 

79% of all business are using iOS. With iOS being on devices that people carry everywhere with them it would be a better target than the one Windows PC at your desk. Yet, we're seeing fewer attacks on iOS, an OS that got a lot of its tech and security from MacOS (Unix). 

 

"BuT ThE MaRkEt sHaRe" is not a good excuse anymore. 

[wasab]

1 minute ago, Glorious said:

 Yet, we're seeing fewer attacks on iOS, an OS that got a lot of its tech and security from MacOS (Unix). 

https://www.google.com/amp/s/amp.theguardian.com/technology/2017/nov/29/macos-high-sierra-bug-apple-mac-unlock-blank-password-security-flaw

 

That's some top notch security there. What a fiasco that was when MacOS high Sierra first came out. 

[Glorious]

3 minutes ago, wasab said:

https://www.google.com/amp/s/amp.theguardian.com/technology/2017/nov/29/macos-high-sierra-bug-apple-mac-unlock-blank-password-security-flaw

 

That's some top notch security there. What a fiasco that was when MacOS high Sierra first came out. 

We can play this game all day long https://www.theverge.com/2019/5/14/18623565/microsoft-windows-xp-remote-desktop-services-worm-security-patches

 

At least the Mac issue was not as severe as anyone can remote access into your computer and install ransomware that just came out for Windows. 

[wasab]

1 minute ago, Glorious said:

We can play this game all day long https://www.theverge.com/2019/5/14/18623565/microsoft-windows-xp-remote-desktop-services-worm-security-patches

 

At least the Mac issue was not as severe as anyone can remote access into your computer and install ransomware that just came out for Windows. 

Who uses windows XP nowadays? 

 

Also, if you look at my profile, you will know I haven't used windows in a long time. 

[Curious Pineapple]

4 hours ago, Glorious said:

I didn't like the video because he basically saying that Windows gets attacked more because it has a bigger market share. 

 

If this was true then wouldn't there be more "viruses" for iPhones?

 

iPhones have a 49% market share in North America. Not only that but iPhone users spend more and make more so they would be ideal to steal from. Let's not forget that more than 78% of all iPhone users upgrade to the latest OS so building an exploit would be easier and cause the most damage, unlike the segmented Android market. Yet malware and viruses are only seen on Android. 

 

And I can hear many of you now... "The hackers want to go after businesses because there is more money to be made."

 

79% of all business are using iOS. With iOS being on devices that people carry everywhere with them it would be a better target than the one Windows PC at your desk. Yet, we're seeing fewer attacks on iOS, an OS that got a lot of its tech and security from MacOS (Unix). 

 

"BuT ThE MaRkEt sHaRe" is not a good excuse anymore. 

Android has 70% share in Europe for mobile devices. Even just as an operating system it's at about 30% where as iOS is about 15%. The world doesn't revolve around North America you know.

[mr moose]

I didn't know LTT was a Windows based tech channel.

[dfsdfgfkjsefoiqzemnd]

Look, at the end of the day there's no denying that Macbooks are safer than other laptops.  It's really difficult to steal someones data when the keyboard and display are broken.

[TheKDub]

16 minutes ago, Captain Chaos said:

Look, at the end of the day there's no denying that Macbooks are safer than other laptops.  It's really difficult to steal someones data when the keyboard and display are broken.

Especially when there aren't enough ports to connect an external monitor and keyboard too.

[mr moose]

10 hours ago, Glorious said:

I didn't like the video because he basically saying that Windows gets attacked more because it has a bigger market share. 

 

If this was true then wouldn't there be more "viruses" for iPhones?

 

iPhones have a 49% market share in North America. Not only that but iPhone users spend more and make more so they would be ideal to steal from. Let's not forget that more than 78% of all iPhone users upgrade to the latest OS so building an exploit would be easier and cause the most damage, unlike the segmented Android market. Yet malware and viruses are only seen on Android. 

 

And I can hear many of you now... "The hackers want to go after businesses because there is more money to be made."

 

79% of all business are using iOS. With iOS being on devices that people carry everywhere with them it would be a better target than the one Windows PC at your desk. Yet, we're seeing fewer attacks on iOS, an OS that got a lot of its tech and security from MacOS (Unix). 

 

"BuT ThE MaRkEt sHaRe" is not a good excuse anymore. 

 

Everything is a numbers game in one direction or another.   Whilst I don't normally associate teckquicky with any real factual substance, in this case it was a pretty fair overview of the situation. Apart from there being many reports from various security and tech news outlets that reaffirm similar observations.   He said quite plainly and openly that ios does have less infections per user.

 

 

Having said that:

 

It's not a cut and dried condition, Probability and numbers are not guarantees, there is no point or benefit to trying to claim superiority in security anymore.  The reality is if you apply suitable security measures and take suitable precautions you are just as safe on either platform.  I believe Linus spent a fair bit of the video trying to explain that. 

[JustWantTech]

I think the point here is that:

1. Hackers would target the most used OS where people would usually store their juicy data, especially business that stores customer's data.

 

2. No OS is hackproof. Yes, MacOS might have better security and system integrity, but that doesn't mean hacker won't have the motive to hack MacOS.

 

3. What is more dangerous here is that user tend to download suspicious software or go to suspicious website, regardless of the OS s/he use, which eventually hack their data without the need to hack their computer.

 

 

[aaronfranke]

I'm really disappointed in Linus for making this video.

• He didn't mention that Macs disable installing software from unknown sources by default.
• He didn't mention other ways to stay safe like using anti-virus software and adblockers to block malvertizing.
• He didn't mention that Unix-like systems are designed with multi-user from the beginning and have a simpler security model that's harder to exploit.
• He didn't mention how the APIs used on Windows tend to be extremely insecure compared to Mac/Linux APIs (look at SMB and WannaCry for example).
• He didn't mention Linux as another option with even less malware.
• Etc...

I'm not saying he had to go in depth about everything, but he is promoting the idea that the ONLY reason that Macs are safer is less marketshare. That's not true, there are more reasons than that, though that is a very big reason. For example, Linux, another Unix-like system, is a huge target since most servers and all supercomputers run Linux, but it still has very little malware.

 

P.S. macOS isn't based on Unix, it's Unix-like.

[mr moose]

1 hour ago, aaronfranke said:

I'm really disappointed in Linus for making this video.

• He didn't mention that Macs disable installing software from unknown sources by default.

So does windows, you go to install anything not from the windows store and popup asks you if you really want to install this unverified product/unknown app.

 

1 hour ago, aaronfranke said:

• He didn't mention other ways to stay safe like using anti-virus software and adblockers to block malvertizing.

He may not specifically mention ad blockers (for a multitude of legitimate reasons) but he does mention not clicking on suspect links, being aware of phishing attacks etc.

link to specific time stamp:

 

1 hour ago, aaronfranke said:

• He didn't mention that Unix-like systems are designed with multi-user from the beginning and have a simpler security model that's harder to exploit.

That's not actually a thing that makes Unix specifically safer and he mentions that at the start. 

 

 

1 hour ago, aaronfranke said:

• He didn't mention how the APIs used on Windows tend to be extremely insecure compared to Mac/Linux APIs (look at SMB and WannaCry for example).

He doesn't need to mention that because it's a false equivalency,  it has been proven that macs can be targeted by such ransomware, but the reason they haven't is due to windows being a bigger pond to fish in.

 

https://www.macworld.co.uk/how-to/mac/ransomware-3659100/

 

1 hour ago, aaronfranke said:

• He didn't mention Linux as another option with even less malware.

Because Linux is not another option, it is another OS, but far from optional for many many users, you may as well claim kit houses are an option for those who want to save money on a builder.   (not everyone knows how to use a hammer)

1 hour ago, aaronfranke said:

• Etc...

I'm not saying he had to go in depth about everything, but he is promoting the idea that the ONLY reason that Macs are safer is less marketshare. That's not true, there are more reasons than that, though that is a very big reason. For example, Linux, another Unix-like system, is a huge target since most servers and all supercomputers run Linux, but it still has very little malware.

He shouldn't go into excessive depth, it's not supposed to be an in depth video, it was a touch on the surface of the key reason macs have lower rates of infection and how it is a bit misleading.   Market share is generally accepted by the wider security industry to the be the driving factor as the actual OS itself doesn't provide for an intrinsically more secure product. 

 

https://www.zdnet.com/article/eset-discovers-21-new-linux-malware-families/

 

In fact if you read this line here:

 

Quote

 

This smaller number of threats has resulted in cyber-security firms paying much less attention to the Linux malware ecosystem than they normally do to its Windows counterpart.

So it is to no surprise that some Linux malware families have only now been discovered after operating unseen for more than four years.

 

So  if you go telling people that mac doesn't get viruses, then people won't take precautions and end up being exploited for longer.

 

Quote

 

1 hour ago, aaronfranke said:

P.S. macOS isn't based on Unix, it's Unix-like.

Mac is actually Unix, in fact all but one version of macs are officially certified as Unix by the open group.

 

 

 

[Mira Yurizaki]

Computer security is probably 99% at the fault of the user and 1% from other means.

 

It doesn't matter what OS you use. If you practice zero security precautions, it's a moot point.