How To Utterly Destroy The 'Security By Obscurity' Myth

---

• From: Derek Currie <derekcurrie@xxxxxxxxxxxxxxx>
• Date: Fri, 07 Dec 2007 03:26:39 -0500

---

One of the favorite baseless myths about Macintosh is that its
incredible security record is due to 'obscurity'. This week the
old scarecrow was foisted on the public once again:

The Financial Times tries spreading some Apple Mac security FUD
Thursday, December 06, 2007 - 12:10 PM EST
<http://macdailynews.com/index.php/weblog/comments/15715/>

So, in celebration I have updated my recurring post about:
---------------------------------------------------------

How To Utterly Destroy The 'Security By Obscurity' Myth:

Use math.

1) Take the current number of known malware in the wild for
Windows. The number is so huge that I never find any sources in
agreement. But let's use the very out-of-date, conservative
number of 114,000 Apple used in an ad a year ago.

2) Take the number of known malware in the wild for Mac. Just to
rub it in I like to inflate this number by including both the
number for Mac OS X of 1 (one) and add all the old Mac OS 1 - 9
malware, that being 55. Total = 56 malware for Mac in its entire
history.

3) Divide: 114,000 / 56 = 2036.

4) Slowly and kindly explain this to the myth mongers: Using
verifiable data there are 2036x more malware for Windows than Mac.

5) Now go in for the kill and calculate the number of malware on
a per computer basis for each OS. You can do this using market
share percentages. The current agreed percentages are 92% of the
US market are Windows boxes and 6% are Macs. (If myth mongers
complain that you should use world market numbers, go right
ahead. You'll still shock them). Using proportional math:

114,000 is to 56 malware as 92% is to 6% market share times Y,
where Y is the difference or disparity factor between the number
of malware per computer user for each platform.

Y = (114,000 / 56) / (0.92 / 0.06) = 132

Conclusion: There are 132 times more malware per Windows user
than there are per Mac user.

There are theories about why this massive disparity exists. Blame
Microsoft incompetence, blame user hatred of the Windows, blame
simplicity of hacking Windows. But does 'Security By Obscurity'
of the Mac explain this number? Obviously not.

Then stomp on the grave of this myth:

(A) Take out of the calculations the friendly 55 old non-Mac OS X
active malware and point out the figure of 114,000 times more
active malware for Windows than Mac. Doing the math, that gives a
disparity factor of 7434 times more malware per Windows user than
per Mac user. How's that sound?

(B) If there was equality in the security of the Windows platform
versus the Mac platform you would at least expect something
dramatically closer to a 1:1 ratio of malware per user between
the platforms. 132 times more malware per Windows user is utterly
insane. What does that make 7434 times more malware?

(C) Considering these figures, why does anyone use Windows? Why
are businesses, designed to make money, wasting billions every
year on Windows security upkeep and security damage when simply
switching to Mac would wipe out nearly all those costs?


Share and Enjoy,

:-Derek
<http://mac-security.blogspot.com>

--
Fortune Magazine 11-29-05: What's your computer setup today?
Frederick Brooks: I happily use a Macintosh. It's not been
equalled for ease of use, and I want my computer to be a tool,
not a challenge.
<http://money.cnn.com/magazines/fortune/fortune_archive/2005/12/12/8363107/>
[Frederick Brooks is the author of 'The Mythical Man Month'.
He spearheaded the movement to modernize computer software
engineering in 1975.]
.

---

• Follow-Ups:
  • Re: How To Utterly Destroy The 'Security By Obscurity' Myth
    • From: michelle ronn
  • Re: How To Utterly Destroy The 'Security By Obscurity' Myth
    • From: -hh
  • Re: How To Utterly Destroy The 'Security By Obscurity' Myth
    • From: Mayor of R'lyeh

• Prev by Date: Re: No More Apple Laptops?
• Next by Date: Re: Apple sub-notebook to retail for $1500, 3G iPhone by June
• Previous by thread: Apple iPhone vs LG Voyager
• Next by thread: Re: How To Utterly Destroy The 'Security By Obscurity' Myth
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: Giz Explains: Why OS X Shrugs Off Viruses Better Than Windows ... malware than the Mac, the Mac must have magic pixie dust (which Mac fans ... cannot explain) to protect it. ... They present "Unix" as a sort of totem, which is supposed to drive off malware like evil spirits. ... We can see that the product itself is a much softer target than Windows these days; we can see that Apple is not putting much effort into the technical side of security. ... (comp.sys.mac.advocacy) Re: My G5 & Leopard ... vast majority of all malware a user is likely to encounter... ... up to and including the 2.0GHz quad core Mac Pro. ... less than the 2 GHz quad core Mac Pro. ... "With a quad-core system and Windows low priority I/O there's no ... (comp.sys.mac.advocacy) Re: Damn Im Good! ... Windows advocates are being dishonest when they claim that they do not ... which could detect this piece of malware. ... All Mac users also DO and HAVE TO own Windows ... analyzing DNA sequences (for the purposes of designing PCR primers, ... (comp.sys.mac.advocacy) Re: Message from a guildy was a keylogger ... In another post I provided a link to the Mac insecurity myth. ... think there is a Windows insecurity myth, too -- but the real problem ... security updates from Apple themselves. ... actual malware that uses this security flaw. ... (alt.games.warcraft) Re: Damn Im Good! ... Windows advocates are being dishonest when they claim that they do not ... which could detect this piece of malware. ... All Mac users also DO and HAVE TO own Windows ... analyzing DNA sequences (for the purposes of designing PCR primers, ... (comp.sys.mac.advocacy)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint

newsgroups.derkeiler.com  > Archive  > Comp  > comp.sys.mac.advocacy  > 2007-12