Apple policy document admits withholding security fixes for devices not on the latest supported OSes

[leadeater]

16 hours ago, wanderingfool2 said:

On the corporate world of things, which I think is where a lot of viruses are more targeted towards you have a lot more systems running Linux and Windows as the backend.  That makes them a lot more high valued targets than standard ones.  Overall there really isn't too much of a conclusion to be made, there is the tendency to target systems that have the highest payday for the least amount of work.  Until Macs hit the stage of being a valuable target to target, we can't really draw too many comparisons.

Personally I think the fact that professional/corporate security focuses on Windows is a large factor. Business sector majority lives on Windows and a lot of security contracts and security penetration testing & auditing happens so there is direct investment happening in both skills and tools for Windows and Linux. These skills and tools often get knowledge transferred or shared openly which everyone can benefit from.

 

I honestly don't think we've ever gotten a formal security assessment by an IT security company for anything Mac OS/iOS related at work. We get Windows and Linux done regularly but I can't think of a single time Mac OS was ever a focus. There is a bit of cross over between Linux and Mac OS though and I believe not to long ago both were susceptible to the sudo vulnerability but I'm not 100% on that.

 

So it's not just the value proposition is better it's also that actual investment in to this area for these operating systems happen which is a double edge sword.