Comments: Hacking the Apple, when where how... and whether we care why?

I don't think this is quite the whole story....

I agree that, all other things being equal, there would be a bigger risk when using a system with larger market share and higher profile, both from the point of view of potential prestige gained (hacker) of potential gains (criminal).

But I don't really agree that other things are anywhere near equal. Historically windows has long had a woeful lack of security in the kernel, and since the NT redesign has addressed this to some extent at the kernel level, the design priorities of the layers above fail completely to capitalise on it.

Unix and unix based plaforms (and I include reimplementations of the basic unix architecture such as Linux and MacOS/BSD in that category) have evolved with a security paragigm developed by the people that had to use it, not by people planning to sell it. It is possible to do day to day work without requiring administrator access, and certainly without ever executing foreign code that requires privileged access and with no knowledge of the details of what it is doing.

With windows this is not the case. To attempt to work as a non-administrator means being frequently inconvenienced and bombarded with popup demands to entry an administrator password without any clear explanation as to why it is needed, either to get a software package to install or some automatic update to complete.

The only choice is to enter the password and hope, or to decline and wonder what is now not going to work properly as a result. And even if you accept the need to forgo the applications you need in the name of security, there is still the problem of a system configured by default to go off and execute, automatically and sometimes with administrator privilege, programs that happen to be residing on removeable media, received from Internet or scripts embedded in spreadsheets or other objects the opening of which is not normally thought of as running an executable.

The bottom line is that security in windows is a bit like the Posix subsystem. It is there so that a box can be ticked, but if you actually try to use it you have to be willing to forgo most of the functionality of the system.

A very clear indicator of what is wrong with Windows security is the existence of the almost mandatory anti-virus products. It is like having so little confidence in the locks on your front door that you pay someone to call in at regular intervals to check for for signs of intruders. Serious Unix administrators know it isn't enough to just keep throwing them out. If an intruder does get in, the only safe thing to do is pull pull the house down and rebuild from scratch.

Sure, popularity and market share increases the profile and
attractiveness of a system to an intruder. And hence increases the security threat. But an attacker has to balance that against the robustness of the defenses, and hence likelihood of finding an exploit, and once found, the proportion of systems attacked that are likely to be vulnerable.

So I would list as examples of other factors that would be significant in determining the security threat to users of a particular operating system to include the soundness of the security architecture, the attractiveness of likely users (is it used in financial industries, defense, etc) and also the likely sophistication of the average user/administrator. I am sure there are more.

Posted by Regards, DigbyT at August 11, 2010 08:24 PM
Post a comment









Remember personal info?






Hit Preview to see your comment.
MT::App::Comments=HASH(0x5596e66dbd38) Subroutine MT::Blog::SUPER::site_url redefined at /home/iang/www/fc/cgi-bin/mt/lib/MT/Object.pm line 125.