this post was submitted on 17 Sep 2023
104 points (99.1% liked)

Apple

17525 readers
35 users here now

Welcome

to the largest Apple community on Lemmy. This is the place where we talk about everything Apple, from iOS to the exciting upcoming Apple Vision Pro. Feel free to join the discussion!

Rules:
  1. No NSFW Content
  2. No Hate Speech or Personal Attacks
  3. No Ads / Spamming
    Self promotion is only allowed in the pinned monthly thread

Lemmy Code of Conduct

Communities of Interest:

Apple Hardware
Apple TV
Apple Watch
iPad
iPhone
Mac
Vintage Apple

Apple Software
iOS
iPadOS
macOS
tvOS
watchOS
Shortcuts
Xcode

Community banner courtesy of u/Antsomnia.

founded 1 year ago
MODERATORS
top 9 comments
sorted by: hot top controversial new old
[–] minorninth 30 points 1 year ago (2 children)

Some people say there’s no malware for macOS and that’s obviously not true.

But others say macOS has malware so it’s no better than Windows in that regard, but I don’t think that’s true either.

Look at this example. It only works if it tricks users into downloading and running an unsigned executable, bypassing sometimes multiple warnings.

[–] ShunkW 19 points 1 year ago (2 children)

The thing is that Windows is still more used than osx. So naturally it's going to be targeted more. Especially since more businesses use Windows than osx too.

I've come across Linux malware in my time in cyber Sec. If it exists, it'll have malware.

[–] scurry 6 points 1 year ago (1 children)

That’s true, but macs also do have more security controls, configured more sensibly by default. BitLocker, the system’s full disc encryption feature for example, is still considered a premium product reserved for more expensive editions, whereas macs, android, and iOS have had it standard and default enabled (the latter two with no option to disabled it) in current versions for years. Windows still does not require (or last I checked even offer) things like application sandboxing or runtime hardening by default (this may well have changed in the past couple of years, but I’ve heard nothing of it). While the Universal Windows Platform does have a functional permissions system, that whole platform is (as I understand it) limited to the Microsoft store (which as I understand is ignored by vendors), and the last time I looked at it, it was a mess. There are other such things. Which isn’t to say macs can’t get malware, they can, and they’ll get more malware as time goes on. There are other measures set up on Windows but not macOS, but they don’t appear to be as effective to me, and they seem to be mainly focused on reacting to specific incidents. Security-wise, the two really are not the same.

[–] ShunkW 4 points 1 year ago (1 children)

Drive encryption doesn't really matter to malware, since the disk must be decrypted to function when turned on. Also the majority of malware still runs in userland, maybe arguably more since the rise of ransomware.

I'm not sure what you mean by permissions being limited to the Microsoft store exactly, but there's a very robust permissions system built into Windows by default. It's just not very user friendly, and your average user wouldn't know it exists probably.

There's arguments on both sides about default security policies anyway, as I've found navigating osx systems to install software can often be a nightmare - but that could be due to my lack of experience with it directly.

Both systems have pros and cons from a security standpoint. In the corporate spaces I've worked in, osx security is more annoying to manage from a central point than Windows.

[–] [email protected] -1 points 1 year ago* (last edited 1 year ago)

As a Windows user that dabbles in Mac but is definitely not an expert, I get seriously frustrated when I try to share my screen in ??? meeting product only to have to adjust permissions and be told I probably need to restart the app (in the middle of a meeting). I've found other minor nags with MacOS along the same lines. They are trivial at best, but can be seriously interrupting. I agree with the high security defaults, but the UX could be improved.

[–] [email protected] -1 points 1 year ago (2 children)

So the argument is security by obscurity works?

[–] [email protected] 5 points 1 year ago

In the phrase "security through obscurity", obscurity means obscuring how the system works, eg making the source code secret. Mac being less popular has nothing to do with security through obscurity. The argument is that a less deployed platform is a less valuable target, which is absolutely true.

[–] ShunkW 2 points 1 year ago

I'm not sure how you got that from my comment.

[–] [email protected] 2 points 1 year ago

The Mac’s biggest defense has long been that it plays second fiddle to Windows.

But with iOS, arguably, being top banana, and Mac now running iPhone software in a Mac costume, I expect a lot more in-the-crossfire vulnerabilities.