Friday, December 7, 2007
How To Utterly Destroy The 'Security By Obscurity' Myth
One of the favorite baseless myths about Macintosh is that its incredible security record is due to 'obscurity'. This week the old scarecrow was foisted on the public once again:
The Financial Times tries spreading some Apple Mac security FUD
Thursday, December 06, 2007 - 12:10 PM EST
So, in celebration I have updated a post I regularly make at the comp.sys.mac.advocacy UseNet newsgroup:
How To Utterly Destroy The 'Security By Obscurity' Myth:
1) Take the current number of known malware in the wild for Windows. The number is so huge that I never find any sources in agreement. But let's use the very out-of-date, conservative number of 114,000 Apple used in an ad a year ago.
2) Take the number of known malware in the wild for Mac. Just to rub it in I like to inflate this number by including both the number for Mac OS X of 1 (one) and add all the old Mac OS 1 - 9 malware, that being 55. Total = 56 malware for Mac in its entire history.
3) Divide: 114,000 / 56 = 2036.
4) Slowly and kindly explain this to the myth mongers: Using verifiable data there are 2036x more malware for Windows than Mac.
5) Now go in for the kill and calculate the number of malware on a per computer basis for each OS. You can do this using market share percentages. The current agreed percentages are 92% of the US market are Windows boxes and 6% are Macs. (If myth mongers complain that you should use world market numbers, go right ahead. You'll still shock them). Using proportional math:
114,000 is to 56 malware as 92% is to 6% market share times Y, where Y is the difference or disparity factor between the number of malware per computer user for each platform.
Y = (114,000 / 56) / (0.92 / 0.06) = 132
Conclusion: There are 132 times more malware per Windows user than there are per Mac user.
There are theories about why this massive disparity exists. Blame Microsoft incompetence, blame user hatred of the Windows, blame simplicity of hacking Windows. But does 'security of obscurity' of the Mac explain this number? Obviously not.
Then stomp on the grave of this myth:
(A) Take out of the calculations the friendly 55 old non-Mac OS X active malware and point out the figure of 114,000 times more active malware for Windows than Mac. Doing the math, that gives a disparity factor of 7434 times more malware per Windows user than per Mac user. How's that sound?
(B) If there was equality in the security of the Windows platform versus the Mac platform you would at least expect something dramatically closer to a 1:1 ratio of malware per user between the platforms. 132 times more malware per Windows user is utterly insane. What does that make 7434 times more malware?
(C) Considering these figures, why does anyone use Windows? Why are businesses, designed to make money, wasting billions every year on Windows security upkeep and security damage when simply switching to Mac would wipe out nearly all those costs?
Share and Enjoy,