Skip to main content

Which is more secure?

Which computer is more secure? "Mac!" says the dedicated Macintosh user. Or is it computers with the new Windows OS? Or are they both equally likely to have security problems?

There is a lot of debate in the security industry regarding which platform is more secure.

Many people assume that the Mac is so secure - perhaps because they have heard of people that have experienced security failures under Windows. Others say that the the Mac is just as insecure as Windows, if not more so.

The LanceJ Security Test

I propose the following simple test that can be used to measure which platform is more secure from the vantage point of the public.
  1. Buy a quantity of new, stock Windows 7 and Macintosh computers from a retailer. For example, buy 5 new Mac Minis and 5 new Windows 7 HP desktops from BestBuy.
  2. Distribute each of the sealed, boxed computers to a regular, randomly selected family. Give each of those families identical, stock internet access via, say, Comcast. Tell the families to set up the computers and use them in their homes.
  3. Collect the computers after a set amount of time - perhaps 6 months.
  4. Count the number of machines that have been compromised.
The platform with the fewer detected compromises was generally less likely to be a security problem to its user during the course of the study.

Limitations

Clearly such a study wouldn't measure all aspects of security. For example:
  1. It doesn't count compromises that are not or cannot be detected.
  2. It doesn't count potential OS vulnerabilities, phishing attack vulnerabilities, etc.
  3. It doesn't measure security compromises of the future.
Perhaps a security researcher could devise a way to accurately count these other data.

Other Approaches

Another simple approach to measuring "platform security" could be pursued by the general purpose "computer repair shop". As new customers come in, measure the number of computers requiring repair due to security failures. However, it seems that a research project based on "repair shop" data would be complicated. Should the age of the computers be considered? And how does one consider the flawed machines with non-security related failures?

Next Steps?

I'd be surprise if there haven't been security researchers that have performed this exact kind of test. After all, researchers spend the bulk of their time doing research and publishing. If you are pursuing such a research study, or if know of a recent study that performed a similar test, please post a link in the comments section.
Labels:

Popular posts from this blog

Repairing an HP Pavillion DV6 Motherboard

Here's my procedure on how to remove and replace the logic board of an HP Pavilion DV6. My model is a DV6-3122US, and many DV6s of the 3000 series are similar. These machines often fail to start due to a motherboard failure.  With a motherboard failure, upon pressing power the fan will first spin and the power light comes on.  The capslock key will flash white once every 4 seconds, and the f12 key will stay a solid orange, and the screen - although powered up - displays black only. Although the caps lock "single blink" indicator at boot implies a CPU failure, in my experience it is not due to the CPU itself but the supporting components on the motherboard. The only solid solution is to repair or replace the motherboard.  Replacement boards are readily available.  I bought one and replaced it myself. Disassembly Procedure NOTE: The screws are different sizes, and its important to reinstall them correctly.  I color-coded the different screws in the photos...
Read more

Various ways of powering the MikroTik hAP

I have several MikroTik RB952Ui hAP AC Lite routers.  They're located in closets, basements, attics, and on desktops.  Each location results in different needs in terms of power.  Happily, the hAP AC Lite is quite flexible when it comes to power.  Here I document the three different ways I have powered my MikroTik AC Lite routers. Power Solutions: Active PoE+ Splitter, Passive PoE Injector, and Standard wall adapter Standard Power: MikroTik (or aftermarket) Wall Wart The default way to power the AC Lite is by using its standard "barrel-style" power port, which is far more flexible than your typical router.  The AC Lite accepts power between 10 and 24VDC.  When using the MikroTik in a desktop configuration, I use the stock 24 volt MikroTik power adapter .  The stock adapter output specifications are as follows: 24 VDC 1200 mA  2.1mm barrel Center Positive  Passive Power-over-Ethernet solution: TP-Link Power Injector Sometimes it is useful to ...
Read more

Hot (and Cold) Attic Tempertures and Electronic Equipment

An unfinished attic can be an extreme environment for electronic equipment, with conditions that are very unlike what is experienced inside normal living spaces. What's the deal with installing electronic equipment in an unfinished and uninsulated attic?   I wanted to install a standard WiFi router in my attic to function as a Wireless ISP (WISP) gateway. My attic is a fantastic location from a radio signal perspective, but it is an uncomfortable place for both people and electronic gear. Although the attic is well insulated, that insulation is on the floor, designed to keep the living space of my home at moderate temperatures. As a WISP gateway, my WiFi router is best mounted above the insulation and close to the roof, where the only protection from weather extremes is the wood of the roof and a layer of asphalt shingles. Equipment Specifications and Extremes Almost all electronic equipment has a set of specifications regarding operating environment. These specifications state the...
Read more

Fixing a SodaStream Jet, part 1: Disassembly Guide

I've had my SodaStream Jet for years, and once in a while something has gone wrong. Disassembly is the first step to repair.  Start with this article to see how to disassemble the SodaStream, and then once you have that down, scroll through my other articles to see how I repaired specfic SodaStream problems. SodaStream Jet Disassembly Guide Tools Required Flat head screwdriver Phillips head screwdriver 1. Remove the Carbonator.  Duh. 2. Remove the black panel lever The front big black tilt lever needs to be removed first. Removing this panel is tricky, but it isn't impossible. Looking up at the bottom of the black panel, there are two tabs, one on the left and one on the right. These tabs fully secure the panel in place. The trick is to use a flat-head screwdriver under the plastic to gently lever the tabs out of the way.  Note in the pictures how I approach these tabs with my screwdriver.  I usually release the left side first, and then I release ...
Read more

Sodastream Carbonator Leakage, Usage, and Weight

SodaStream 60L "Carbonator" CO2 cylinders have a specific weight when empty, plus about 410 or so grams for the CO2 they should have when they're "full".  A little while ago I went to buy a replacement Carbonator from my local hardware store. The dealer pulled a new Carbonator out of the box and sensed it was lighter than usual.  He put the "light" Carbonator in the "empty" pile and sold me a different one.  At that moment I concluded that it would be smart of me to weigh both new and empty SodaStream carbonators.  Here are the results. Weighing a SodaStream Carbonator - for both Science and Consumer Protection.       The dealer told me that sometimes the carbonators leak after they leave the SodaStream filling facility.  That means there could be an opportunity for customers like me to get ripped off! The SodaStream cylinders I buy claim to have a net product weight of 410 grams - and that means that a full Soda Stream Carbonator shou...
Read more

Installing the Eve Smart MotionBlind Upgrade with my Large Roller Shade

I have a large window in the front of my house and a roller shade was just the right window treatment for it.  But I also wanted to automate it. My MotionBlind Upgrade kit and my new roller shade I looked around to buy something that I was comfortable with, but simple non-automated roller blinds can be expensive, especially when they're larger than 6 ft x 6 ft.   This is disappointing, as a roller blind is just a tube with a small amount of synthetic cloth but can easily cost hundreds of dollars. Plus, since I wanted a smarthome blind, we're talking $500 or more from the "service oriented shops". I'm a tech guy.  I think can do better. After thinking about DIY and creative solutions, I decided to try out the Eve MotionBlinds Upgrade (MBU) kit.  This kit transforms an ordinary roller blind into a smart blind.  The MotionBlinds mechanism is basically consists of a small motor and battery in a long metal tube.  This motor tube slides into a roller blind ...
Read more

Other Posts

Show more