Blogs

Which is more secure: Mac or PC?

By Ng Chong Seng - on 22 Dec 2017, 9:04pm

Every once in a while, I’d have people asking me the question “Is it true that Mac is more secure than PC?” And every time, I gave a one-word “yes” in order to quickly move on from the topic, but regretted shortly afterwards for sounding flippant and not offering a more thoughtful answer.

I’d like to redeem myself here.

When one asks whether the Mac or PC is more secure, he or she is actually asking which operating system is more secure: Mac OS or Windows. The answer isn’t all that clear-cut, unfortunately. Are we debating which piece of software is more secure by design? Are we only looking at traditional malware such as computer viruses, or do we include internet-based attacks? Do we take into account user behaviors, which are often shaped by past experiences on the platform?

For a long while, the Mac has been assumed to be more secure than the PC, not because it is vastly safer by design, but because with a 2 to 3% market share, it’s much less likely to be targeted. Security expects I’ve spoken to before all stressed to me that cybercriminals are either in for the money or the mayhem, or both, and they target Windows not because they don’t like Microsoft, but because its way larger install base effectively guarantees better returns. It’s just business, so to speak.

Also, consider this: if you were a hacker and want to infect tons and tons of computers to build a botnet to, say, send spam, would you target Macs or Windows machines? Often times, that’s not personal either.

But as the Mac gets more popular, both at home and the workplace, “security through minority” won’t last long. KeRanger, Xagent, OSX/Dok are some well-documented Mac malware that have surfaced in recent months, and while they didn't get as many headlines as the WannaCry ransomware that targeted Windows machines, let’s all stop telling our friends and family that the Mac is immune to viruses and malware. Because it isn’t.

Is there’s anything unique about MacOS (née Mac OS X) that makes it inherently more secure than Windows? Well, one can point that the former is based on Unix, and that its separation of data and executables makes for a more secure environment, versus (past) Windows that stored files all over the place.

Windows large code base and its legendary reputation of maintaining legacy compatibility often work against it, too. With so much hardware and software (Windows has tons of independent software vendors), including drivers, Windows has a larger “attack surface” than MacOS. Windows has gotten a lot better since Windows 7, and Microsoft continues to invest and innovate to fortify the OS, but in my opinion, it’s near impossible to do perfect software testing for something as complex as Windows.

Remember WannaCry?

Most people won’t know it, but both Apple and Microsoft go to great lengths to protect their users from malicious software. XProtect is a built-in malware-scanning tool for the Mac that most users don’t know about, because it works invisibly in the background and doesn't need any manual configuration.

Mac also has Gatekeeper, which blocks apps that aren't properly signed or approved by Apple unless you explicitly override the recommendations. Other security measures include a built-in firewall; anti-phishing tech in the Safari browser; app and plug-in sandboxing; and FileVault 2, which uses XTS-AES 128 encryption so that criminals can’t do anything with your data even if they get your machine.

The current version of Windows, Windows 10, also offers plenty of security features to mitigate threats. There’s Windows Defender SmartScreen that checks the reputation of a downloaded app against a list that Microsoft maintains; Credential Guard that uses virtualization-based techniques to prevent attackers from gaining privileged access; Device Guard that helps keep a device from running untrusted apps; Windows Defender Antivirus that now uses machine learning for anti-malware protection; and UEFI Secure Boot that protects the system from bootkits and rootkits - just to name a few.

If there’s only one advice that I can impart to both Mac and PC users, it’s that unless you’re in a managed desktop environment, you shouldn’t disable automatic OS updates. This is arguably your first line of defense. If you’re often interrupted by update prompts, you should look into scheduling updates to happen during hours when you aren't working on your computer. The same goes for your antivirus/internet security software.

Which brings me to my final point: users should own some of the responsibility, too. The fact is that today’s threats are moving away from traditional viruses to web-based attacks, like phishing. Unlike in the past, OSes aren't the only targets of consumer-targeted attacks; they now span email, apps, and social media. And last I heard, social engineering is platform agnostic.

In short, no OS is ever going to be secure enough for a user that downloads random drivers, clicks on every URL, or opens every attachment that comes his or her way. You may not know it, but you’ve always been the weakest link.

Additional read: The evolution of ransomware - past, present, and future.

 

This article was first published in the July 2017 issue of HWM.

Ng Chong Seng

Ng Chong Seng / Former Deputy Editor

I write. I also fix things.

Join HWZ's Telegram channel here and catch all the latest tech news!
Our articles may contain affiliate links. If you buy through these links, we may earn a small commission.