mattgadient.com

Why don’t macs get viruses? (and Windows computers do!)

The answer you’re most likely to get from most uneducated drones when asking this question goes something like this:

There are significantly fewer Macs than Windows machines, so hackers don’t bother making viruses for them. Macs are just as insecure as Windows, they just don’t get targetted.

This is of course, incorrect.

Here’s the real reason (don’t worry, I’ll elaborate):

Mac:Windows:
mac-software-updateYou will see something like this when updating a typical Mac program.firefox-uac-promptYou will see something like this when updating a typical Windows program.

Woah. Wait. Both are updating a program. What’s the difference?

In short, every time you install or update a Windows program, you’re forced to give it full access to your computer. Every. Single. Time. Firefox needs an update? Grant full access. Java needs an update? Grant full access. Some other random program needs to update? Grant full… you get the idea.

Now you might be thinking, “I have to grant every program full access to my computer for it to update itself? That seems silly”. And you’d be right. There’s no reason that every random program should be given full access to your machine. That would be like a bank giving keys to the vault to every customer that walked in.

If Microsoft ran a bank, the vault would be empty.

 

Things are different on the Mac. If a program needs to update, it just asks you, and then updates itself. All without needing full access. It makes sense.

To be fair, there are a few Mac exceptions. Generally, they’re programs that need to touch system files, interact directly with drivers, or embed themselves in the system for another reason.

Some actually need access to the whole system:
-Mac OS X software updates
-Virtual Machine software (Parallels, VMWare, etc)
-Anti-virus programs
-A few edge-case programs (things that add themselves to the System Preferences panel for example)

Others don’t need access to the whole system, but request it because they’re either poorly programmed or contain DRM:
-Microsoft Office for Mac (poorly programmed)
-Microsoft Messenger for Mac (poorly programmed)
-all other microsoft products for the mac (poorly programmed)
-Adobe Photoshop (DRM)
-few others

The way the Mac goes about dealing with these is that it asks for your username and password. If you supply that info, it’ll allow the program that’s installing/updating to have full access to the system.

So wait!? How is this different? Why does this matter?

Most Windows users are greeted with UAC prompts multiple times per week (multiple times per day in some cases). What’s worse is that many don’t know what they’re for. Something says it needs to update, so they click OK. If they don’t, it often keeps bugging them until they do.

On the Mac, it’s very seldom that the prompt comes up asking for the username + password. The few times they do pop up, there’s generally a good indication as to what it’s there for.

From a virus writer’s standpoint, who are you going to target? The lost Windows users who have already hit “Allow” a dozen times in the last week? Or the Mac user who’s going to have alarm bells going off in their head when they unexpectedly see a prompt asking for their password?

 

So, why do Windows machines get more viruses than Macs…?

It’s the design.

Windows was designed around the philosophy that everything can and should have full access to your system. This worked well in the past, but the deficiencies in the design have become all too apparent and are now being exploited at every opportunity. There’s a problem when your OS expects dad/grandma/junior to click “Allow” multiple times throughout the day to keep current with various program updates, when they’re not going to have any clue what is actually being “allowed” most of the time.

Mac OS X on the other hand is based on a solid foundation from a security standpoint (Unix). The philosophy around it is the user doesn’t get full access the the system, so programs won’t either. The OS is designed so that a typical program will never need full access, whether it’s installing or being updated. Dad/grandma/junior aren’t bombarded with prompts they know nothing about. The few times they’re actually asked to authorize a program to do something, they generally have a good notion as to why they’re being prompted, and in the event they don’t, they’re much more likely to hit Cancel, or at least ask someone for some guidance.

Granted, if Macs had higher market share, they’d be more of a target for virus writers than they are today. However, regardless of the market share, Windows will always be the prime target. After all, why would someone write a virus for the Mac when Windows so readily hands you the keys to the castle?

Disclaimer: I do not work for Apple or Microsoft. I do however use both Mac OS X, and the Windows 7 operating system on a regular basis.