The Macalope: Weekend ruined

Macworld Insiders know the Macalope works hard all week. So, when the weekend comes, he likes to put his hooves up and enjoy some alfalfa and a grain-based beverage while watching Internet cat videos. Is that too much to ask? Apparently it is, according to PCWorld’s Katherine Noyes.

Why else would she have so thoughtlessly decided to write this insipid piece—”Post-MacDefender, Linux Looks Better Than Ever“—about Mac and Linux security?

Until recently, it was a commonly held belief in the mainstream computing world that Macs are more secure than Windows PCs are.

That’s probably because, until recently, it was true. OS X is definitely more secure than Windows XP. It is, however, less secure than Windows 7. On the other hand, it probably also gets attacked less. Yes, even after MacDefender.

The Macalope still likes his chances of getting a more secure user experience on OS X than any flavor of Windows (particularly now that he’s created a separate administrator account and disabled administrator privileges on his regular user account). He also likes his chances of getting just a better user experience on OS X than any flavor of any other operating system. (Yes, he’s used both Windows 7 and Ubuntu and they’re just not for him. Have you noticed the Macalope has a Classic Mac for a head?)

Rather than jumping to attention with assistance in a timely manner, the company dragged its feet, denied the problem and stonewalled in every manner possible before finally taking action.

Time between the outbreak of MacDefender and Apple delivering a defense against it: about a month. Is that a long time? Doesn’t seem terribly long to the Macalope, but reasonable people may disagree.

The fact of the matter is, though, you have no idea what Apple was doing internally while you say it was dragging its feet. The Macalope has already detailed his complaints about the company’s response to MacDefender, but you’ve taken the hyperbole about it to epic proportions.

The result is that Mac users can no longer rest easy in the “security,” real or perceived, of their walled garden—at least no more than Windows users can on their own platform.

Katherine, Mac users do not operate in a “walled garden”. You’re confusing closed code with a closed ecosystem. Mac users can install any applications they want. They can even run open source applications in X Windows. You’re thinking of iOS.

Pro tip: have some kind of idea about the things you intend to write about before you sit down in front of the computer and start willy-nilly clickity clacking away like an enraged Mavis Beacon on a Mountain Dew bender.

If anyone needed further proof that “security by obscurity” doesn’t work, this is it.

Hang on to that thought.

Two closed desktop operating platforms have now “fallen” to malware, in other words. That leaves the open one still standing: Linux.

Right. Because Linux has never had a Trojan Horse attack.

It is worth noting, however, that Linux still hasn’t fallen prey to anything near the level of insecurity that Windows and now Macs both have.

Say, what is the level of insecurity that Macs now have? Is that a quantifiable amount or just loose talk? Oh. It’s just loose talk because you have no idea what percentage of users were infected. Got it.

In fact, several distinct advantages make security one of Linux’s strongest selling points, as I’ve noted before, including the way privileges are assigned, the openness of the code, and the fact that desktop Linux users still make up a smaller audience.

Yes! Linux’s big advantage is that practically no one likes it as a desktop operating system except a core of nutty enthusiasts who misuse the conventional but stupid metaphors about competing operating systems.

Before anyone makes the argument that the audience-size advantage will disappear as Linux gets more popular…

No one is making that argument, Katherine. Because no one expects Linux to get that much more popular.

Audience size may still be one factor working in Linux’s favor, but I think the bigger one is the openness of its code.

Allow the Macalope to stop you, because he’s heard this one before. For the past year or more you’ve been saying exactly the same thing about Android. And here’s how that turned out:

Android smartphones are expected to reach about half the market by year’s end, surpassing iOS as the market leader in such devices. Android smartphones (and tablets) are also among the least secure ones available, thanks mainly to the Android Market being full of Trojan horses and other malware masquerading as legitimate apps.

Ouch. Guess what? While “security through obscurity” doesn't work against Trojans, neither does “security through openness.”

Say, how are things going in the “walled garden?”

Apple iOS: Why it’s the most secure OS, period (InfoWorld)

Answer: because Apple curates the applications and can provide faster updates. Effectiveness of Android’s relative openness and more controlled privileges in stopping users who blindly provide their passwords just to install stuff: exactly diddly squat. Go figure. No platform is protected against this. If you’re going to give users the ability to install applications, less sophisticated users will always fall prey to Trojans. The End.

Is Linux more secure than OS X? Actually, it probably is! But mostly only because it has fewer users and because Apple has stupidly defaulted Safari to automatically open so-called “safe” files (which may be nothing of the sort). Ironically, if Apple makes OS X into more of a “walled garden” by restricting allowable applications to those from the Mac App Store, we have real-world evidence in iOS that it’ll be more secure, not less.

Katherine’s sky, however, is still full of open source fairies.

Audience size may still be one factor working in Linux’s favor, but I think the bigger one is the openness of its code. Even if Apple did care about customer service, the fact remains that no one company can protect you as well as the worldwide community of users can.

Is Katherine completely unaware that key parts of OS X and Safari are open source, too?

Katherine, please explain how a “worldwide community of users” will keep people from installing Trojans, as they have so readily on Android.

You can’t. Any attempt to is already disproved by real-world evidence.

Look, you like open source. A lot. We get it. That’s great. But, please, just stop writing about Apple so the Macalope can ignore you. You’re really, really bad at it. And it’s ruining his weekends.

[Editors’ Note: In addition to being a mythical beast, the Macalope is not an employee of Macworld. As a result, the Macalope is always free to criticize any media organization. Even ours.]

Subscribe to the Help Desk Newsletter

Comments