One of the interesting features about markets is that they are rife with things that are only true if lots of people disbelieve them. For example, markets will only be efficient (and indexing therefore your best strategy) if lots of people believe that they are inefficient, and thereby help set the price by buying and selling individual stocks.
The same thing, it strikes me, is true of the much vaunted security of Macs. Macs don't get spyware and viruses, but that's not because their security is so much better; it's because so few people use them that it doesn't pay to build spyware and viruses for them. However, if everyone really believed that Macs were much safer, more people would use them, and then it would pay to develop malware that targets them.
Apparently it may be changing anyway, as Apple gains some market share, and Windows security gets better. Sigh. I can't say I miss my Norton antivirus.
That's not really accurate. Macs are better on security because OSX has a better security model. True, part of the reason for a lack of malware targeted at Macs is that fewer people use them, but it is mainly because malware is much harder to create for OSX and, if you can create it, it has a harder time surviving in the wild. Mac OSX is built on a kernel that has a strong UNIX heritage. While few desktop PCs run UNIX or Linux, most of the world's web servers are running on one of those two operating systems and they seem to be more secure than Windows servers.
Norton (unless you have the fully commercial version which is noticeably better) is like a squid with tentacles wrapped around everything. Its default protection mode is to assume the unlimited stupidity of the user, and aggressively monitor everything that comes or goes, to the detriment of overall system performance.
I haven't used Norton in years. Low-cost and freeware alternatives like Grisoft AVG are a lot less intrusive while still being reasonably effective.
I don't think people buy PCs because they think they are more secure. They buy them because they are more orthodox. I think the small percentage of people who would not answer "I dunno" to the question "Which is more secure?" would answer "Mac".
Macs have some better security defaults (logging in as a non-privileged user) and a better underlying architecture.
It's not "secure", but it is more secure.
I can't find the link at the moment, but I have seen an argument that another reason why Macs are secure is that users are trained to think more about security, even if the differences in the underlying security models are not huge. Security is a process and operating systems can help facilitate it.
For example, it is relatively easy and common to run a Mac without administrator access. When you need to install a program that requires special permissions and is potentially dangerous, you are asked for a password. This trains users to think about where their software comes from.
I haven't used Windows in a while, but my impression is that while working on a day to day basis with a non-privileged account is possible, it's usually a hassle.
Megan,
Do you really want to fight the EMH battle again? The original zealots eventually just killed themselves on Masada.
"Norton (unless you have the fully commercial version which is noticeably better) is like a squid with tentacles wrapped around everything."
It has been my experience that the home version of Norton (Symantec) anti-virus is the most damaging and tenacious virus I've ever encountered.
I uninstalled it - it re-installed itself.
I uninstalled it again, and searched for all of its residual files and deleted them. My PC downloaded a fresh copy and installed it.
I finally had to reformat my hard drive.
They are kind enough not to hide trojan horses in your data files, so you can back them up and recopy them safely. That's about it though.
When Macs first came out (in the antediluvian 80's) and were wildly popular, especially on college campuses, viruses were primarily written for Macs. Windows viruses didn't really become prevalent until the mid-90's, with the advent of the Web, Microsoft Outlook and Outlook Express.
Modern Macs really are safer, because of OSX being based on Linux. The reason more people don't use them is because they are uniformly more expensive than Windows-based PCs; Micro Center sells fully capable Windows systems for as little as $400. And that is how Steve Jobs likes it. He wants Apple to be the Mercedes of computing, not the Chevrolet.
@liberalrob
OSX isn't based on Linux, it's based on BSD Unix.
Sure, Linux and BSD are very similar, but they aren't quite the same thing.
Windows viruses didn't really become prevalent until the mid-90's, with the advent of the Web, Microsoft Outlook and Outlook Express.
Also the advent of Windows as an true OS rather than a program you run on top of DOS.
Just to continue the quibbling, Mac OS/X isn't based on BSD, it's based on Mach via XNU with a BSD personality.
Then, continuing security geek quibbling, "secure" doesn't have any strict meaning; a system is secure to the extent that it obeys its security policy. the security policy of Windows has a weaker model of access control and requires many more components to live in "ring 0"; that, along with the scripting components and ActiveX/.NET stuff makes a Windows system inherently more vulnerable; Mac OS/X is less vulnerable to many kinds of common attacks, especially with the newest version.
It's also a theorem that no system can be made completely invulnerable to virus/trojan/worm attacks.
This is a myth. There was a time, in the late 1980's and early 1990's when Macs got a variety of viruses. I know this because my company was paid by McAfee to port one of their antivirus packages to the Mac. I still have a disk full of test viruses that they had collected. If market share were the determining factor, then these viruses shouldn't have existed back then when Apple's market share was even less than today.
But Apple started taking security seriously and, when they moved to MacOS X, they made all of those viruses obsolete.
Macs can still, today, act as a carrier of many viruses - most of which exploit the holes in Word and Excel macro languages, for which Microsoft is responsible.
Also, remember the famous Morris Worm? It only attacked Vaxen running BSD 4 and Sun 3 systems. These were common, but I don't think they were predominate.
Is there anything a Libertarian can't explain using market forces? It's like magic.
A couple of years ago, Tom Yager at InfoWorld examined a malware attack on a Windows server he'd been running, and put together a detailed list of design and implementation features that make Windows more vulnerable to attacks than MacOS X. Obviously, that list was pre-Vista.
The myth you repeat -- that the Mac's lack of viruses is due to its small market share -- is just something that half-smart people pick up and pass along without ever actually examining to check if it's true. As other commenters have pointed out, the old Mac OS did get attacked by viruses, and its market share was even smaller than MacOS is now.
Which isn't to say that there haven't been successful exploits aimed at penetrating Mac security. But they generally involve the user taking some kind of enabling action at some point.
Is there anything a Libertarian can't explain using market forces? It's like magic.
If human beings would just stop acting in common and predictable ways when allocating scarce resources, it wouldn't be so counfounded easy to invoke that magic.
As other commenters have pointed out, the old Mac OS did get attacked by viruses, and its market share was even smaller than MacOS is now.
First, your statement that its markeshare was even smaller in that timeframe (late 1980s, early 1990s) strikes me as questionable, since home-user ownership had not yet become mainstream. Second, as other commenters also pointed out, MacOS was extremely popular in educational institutions, one of the few places at the time where large numbers of machines and a poorly regulated userbase could be found simultaneously.
I guess I'm missing the part where Macs are Mercedes of computing.
From where I'm sitting they're more like Cadillacs--- pretensions of luxury, some bling, and about $600 too much for not enough.
I've used macs on and off. I've never been remotely impressed. Its nice. But I just don't see the big deal. The OS is what you use to double click the programs you actually want to use. I don't really care if its flashy. And I get the vibe that the computer thinks I'm a moron and it protests very hard when I try to get it do anything outside of the norm.
Apple is the Williams Sonoma of computing--- nice stuff in pretty cases at ridiculous prices that people buy as a social signifier that they are cool.
Not to mention any computer that doesn't come with a scroll-wheel mouse in 2008 is automatically pure suck.
"If human beings would just stop acting in common and predictable ways when allocating scarce resources, it wouldn't be so counfounded easy to invoke that magic."
What is the scarce resource being allocated in this case? As near as I can make out, it is the time of the hacker involved. And speaking as one who was part of more than one piece of malicious code in my youth, that time is best spent mining where the weaknesses are. Not needing an administrative password to install and run executables is a giant weakness, making it possible to waltz right in the front door rather than putter around trying to create buffer overruns and such.
Even a marginal market share for a computer involves millions of desktops and the attendant glory in getting in.
Anti-virus programs (especially the home versions, the corporate ones aren't quite as bad) are really worse than the virii and malware they're supposed to protect you against. (There was a good article linked at slashdot the other day about anti-virus software and osx).
And no, Macs _aren't_ inherently more secure than Windows or *nix computers. More secure than XP, perhaps, though Vista's much better, but OSX has as many vulnerabilities as any other OS, and worse, Apple is _not_ good at patching them. (One of the real reasons Apple will never be big in the enterprise world).
But anyway, while Macs prolly are more secure for the average user, it's generally the user's fault if their computer becomes infested with malware, and the most effective malware prevention is education, not badly-coded software.
Though both products are sold under the company name Symantec, Norton AV and Symantec AV are two different products. Norton AV is the grossly overprivileged offspring of the increasingly inbred Norton Utilities, which used to be essential tools and utils for any PC, and now is a resource hog that gives the user far more information and maintenance than any user and system, respectively, require or can afford.
Symantec AV, on the other hand, is the likeable and unobtrusive (to to the user, at least) corporate product which, though it has some amazingly irritating shortcomings (need to switch which AV server to connect to? Uninstall and reinstall, please-- 18 minutes per computer all over the entire company, kthx), is unobtrusive, remotely administrated, and has all the power and competence that one should expect from the Norton name.
$600 too much for not enough
This is a myth. When you stack up a Mac against a comparably equipped PC, the premium is often under $100. But because Apple doesn't make true bargain basement machines, people often look at the lower-middle PC and compare it to a higher-powered Mac.
I switched to Mac about 18 months ago. I first seriously considered after I noticed uber programmers -- like some of senior people at Google -- had made the switch too. They didn't switch from the PC, they switched from various flavors of Linux. Since I'm a programmer, that indicated to me that the Mac was a true hard-core environment.
The first two weeks of the switch were painful, mainly because of different shortcut keys, but now I love it and will not go back.
As someone noted, OS X is based on BSD, which, in addition to having a better security model, is also much more stable. I only reboot my computer once every week or so, if that.
"Not to mention any computer that doesn't come with a scroll-wheel mouse in 2008 is automatically pure suck."
What computer would that be?
Yeah, the Mac has shipped for years with the Mighty Mouse, a four-button mouse (left, right, squeeze, click-wheel) with a 2-dimensional scroll wheel (vertical and horizontal).
As someone who uses a few different mice, the mighty mouse is by far the WORST. Yes the scroll ball is nice, but the left click and right click logic is terrible. I have to physically remove me index finger in order to right click, and then, if I am not sufficiently off center it thinks it was a left click anyway.
Apple makes a lot of good products, but their users use of essentially 1 button mice is insane and horribly inefficient. The introduction of context sensitive menus was a huge boon for productivity and intuitiveness.
I use a two-button mouse on my Mac. It works the same as a two-button mouse on a PC. Nobody says you have the use the mouse that comes with the computer.
I think Macs are definitely more secure than Windows. Just because they have less market share doesn't mean that no virus writers are going after them. Just think about it -- millions of people use Mac OS X, they've been using it for seven years now, and there still has not been one major virus for it.
I've been a Mac user since 1986 and have had only one virus, back in 1995. I haven't used antivirus software since the late 1990s.
An enterprising hacker could make a name for himself by writing the first effective Mac OS X virus. The fact that none has been successful clearly indicates that the Mac is safer.