Skip to main content

Which is more secure?

Which computer is more secure? "Mac!" says the dedicated Macintosh user. Or is it computers with the new Windows OS? Or are they both equally likely to have security problems?

There is a lot of debate in the security industry regarding which platform is more secure.

Many people assume that the Mac is so secure - perhaps because they have heard of people that have experienced security failures under Windows. Others say that the the Mac is just as insecure as Windows, if not more so.

The LanceJ Security Test

I propose the following simple test that can be used to measure which platform is more secure from the vantage point of the public.
  1. Buy a quantity of new, stock Windows 7 and Macintosh computers from a retailer. For example, buy 5 new Mac Minis and 5 new Windows 7 HP desktops from BestBuy.
  2. Distribute each of the sealed, boxed computers to a regular, randomly selected family. Give each of those families identical, stock internet access via, say, Comcast. Tell the families to set up the computers and use them in their homes.
  3. Collect the computers after a set amount of time - perhaps 6 months.
  4. Count the number of machines that have been compromised.
The platform with the fewer detected compromises was generally less likely to be a security problem to its user during the course of the study.

Limitations

Clearly such a study wouldn't measure all aspects of security. For example:
  1. It doesn't count compromises that are not or cannot be detected.
  2. It doesn't count potential OS vulnerabilities, phishing attack vulnerabilities, etc.
  3. It doesn't measure security compromises of the future.
Perhaps a security researcher could devise a way to accurately count these other data.

Other Approaches

Another simple approach to measuring "platform security" could be pursued by the general purpose "computer repair shop". As new customers come in, measure the number of computers requiring repair due to security failures. However, it seems that a research project based on "repair shop" data would be complicated. Should the age of the computers be considered? And how does one consider the flawed machines with non-security related failures?

Next Steps?

I'd be surprise if there haven't been security researchers that have performed this exact kind of test. After all, researchers spend the bulk of their time doing research and publishing. If you are pursuing such a research study, or if know of a recent study that performed a similar test, please post a link in the comments section.
Labels:

Popular posts from this blog

Fixing a SodaStream Jet, part 1: Disassembly Guide

I've had my SodaStream Jet for years, and once in a while something has gone wrong. Disassembly is the first step to repair.  Start with this article to see how to disassemble the SodaStream, and then once you have that down, scroll through my other articles to see how I repaired specfic SodaStream problems. SodaStream Jet Disassembly Guide Tools Required Flat head screwdriver Phillips head screwdriver 1. Remove the Carbonator.  Duh. 2. Remove the black panel lever The front big black tilt lever needs to be removed first. Removing this panel is tricky, but it isn't impossible. Looking up at the bottom of the black panel, there are two tabs, one on the left and one on the right. These tabs fully secure the panel in place. The trick is to use a flat-head screwdriver under the plastic to gently lever the tabs out of the way.  Note in the pictures how I approach these tabs with my screwdriver.  I usually release the left side first, and then I release ...
Read more

Porsche Key Remote Battery Repair Video How-To

We now live in the age where part of your life is spending time and money maintaining and repairing things like your car keys . My Porsche's remote key was getting weaker and weaker, until one day it stopped operating altogether. Keyless remote without the remoteness. Not so good. I was a bit fearful spending a sizable chunk of my time and money at the dealership to have such a small problem addressed, and so I decided that I would try to replace the battery myself. Items required A clear work surface A small flat blade screw driver. A quality lithium CR-2032 Battery, available here. Procedure The following video shows how I successfully opened up the key without breaking it, and replaced the alarm remote battery. In short, from the vantage point of the key's steel part facing away and the buttons facing up: I take a small screwdriver and press on the little plastic tab on the left side.  At the same time I use my fingers to start to pull the two halves apart.  From th...
Read more

Macintosh: Upgrading an eMac

It's been a long time since I wrote this article, but the fact remains: The good old eMac can still be useful if you take the simple steps to keep it as good as it can be.  All can run Tiger, and most can run Leopard - great operating systems for their day with a bit of useful life.  This article describes the procedure I used to upgrade my old eMac, including: Replacing the internal hard disk with a large capacity drive. Increasing the memory for performance Upgrading the operating system Here I'm upgrading a 700 MHz eMac, but the procedure and tasks for upgrading other eMac models should be almost identical. Upgrading versus Replacing My sister's eMac is of the 700 mhz variety, with 256 MB of memory. The machine seemed to be getting "slower", and the original 40 GB disk was becoming jammed packed with photos and iTunes, and within a few months she'd be out of disk space. There were two options to address the problems: upgrade the eMac, or go o...
Read more

Robust Installation of an HDHomeRun Networked TV Tuner. 64 OTA channels!

I added an HDHomerun (HDHR) over-the-air (OTA) streaming box to my home network, bringing over-the-air broadcast TV to my computers, phones and tablets.  The HDHR is a big upgrade from my previous setup: using a simple "window mount" antenna directly connected to my TV. A TV-attached antenna is good for watching some TV for free, but the HDHR offers so much more flexibility. Figure 0: HDHomeRun on my basement wall   My original OTA TV setup was haphazard at best. It was finicky, ugly, and hard for other people at home to use. I would actually tape my antenna to a window whenever I wanted to watch OTA TV. Plus, it only worked on my TV and not with my other devices. I wanted a cleaner and more modern OTA setup. After looking at possibilities, I developed two goals: (1) bring my OTA TV into the modern Internet-connected era, and (2) set it up in a reliable and pretty way so that other family members wouldn't have to fool around with the antenna or anything else.  With that,...
Read more

Fixing a SodaStream Jet, Repair #2 - Broken Fill Button

My Soda Stream Jet's fill button broke, which means I can not longer carbonate water by pressing the pushbutton. This caused all sorts of grief in my household. Here is how I managed to repair my Jet to give it another 10 years of life (hopefully). First, a look at the button The fill button on the top of the SodaStream is actually a simple lever. Pressing down on the button moves a pin that does the actual work of pressing open the Carbonator's valve. Unfortunately, the axis point is fairly thin and can see a lot of stress. That's where my Soda Stream button cracked. [ I think the usage tip here is "don't over-press the button like a gorilla, it doesn't do anything but put high stress on the button."] Cracked levering point of the button The Pesky Lever Retaining Pin The Fix It was pretty easy for me to replace the button: Take off the back of the Soda Stream and remove the carbonator. Push out the the button lever's steel retaining pin. This takes qu...
Read more

Adding a Water Flood Sensor to my Vista-20p alarm system

My Honeywell Vista 20p alarm system is fairly comprehensive, but I want one more feature: an alarm that lets me know when my sump pump isn't working properly. Here is how I added one for about $8 in special parts.   I'm afraid of a flood in my finished basement. I'm fortunate - my basement sump pump system is already redundant, with two independent pumps and two outflow pipes. The primary pump kicks in when the water level reaches 6 inches, and if that doesn't work, then the backup pump kicks in when the water level reaches 7 inches.  The backup pump should never kick in unless the primary pump is having a problem pumping.   But there is a problem with this setup: I might never know if my primary pump has failed, leaving me with no redundancy.  I want to be informed when I have one (or god forbid, two) pump failures. My goal is to have my Vista 20p alert me when the sump's water level is ever beyond the point where my primary pump should have kicked in, alertin...
Read more

Other Posts

Show more