2011/3/16 Cédric Beust ♔ <[email protected]> > > > On Tue, Mar 15, 2011 at 9:59 PM, Reinier Zwitserloot > <[email protected]>wrote: > > 6% of a gigantic number is still a gigantic number. Why are there 0 worms? >> Also, where is your 6% number from? >> > > I stand corrected, it seems to be more around 10-11% thanks to the iPad > sales<http://www.winsupersite.com/blogs/tabid/3256/entryid/76068/Mac-Market-Share-4-42-in-Q4-2010-4-13-for-CY-2010.aspx>. > Still not enough to attract hackers' attention, IMO. > > > >> No I did not. Neither you nor I nor anyone else here has come up with any >>> reasonable argument or link to research to show that mac users are more or >>> less security conscious than anyone else. However, Steve Jobs is certainly >>> attempting to sell that idea that as a mac user you don't have to be >>> security conscious, which is an interesting but otherwise irrelevant >>> sidenote to this discussion. Why do you say that mac users are "usually more >>> security savvy"? >>> >> > Fine, let's ignore this, it doesn't change anything to my overall point. > 100% of 10% is still a tiny fraction of what you can get out of a Windows > virus. > > > >> One easy way to get your group's name in newspapers of note is to cause a >> minor storm in a teacup by releasing the first mac 'virus' (that's what the >> media is likely going to call it, anyways). >> > > Doubtful since the first Mac virus seems to have been identified in > 2006<http://www.msnbc.msn.com/id/12537279/ns/technology_and_science-security/> > . > > And it made such big headlines that you don't even seem to have noticed > back then (neither did I, I had to look it up). > > Someone coming up with another Mac OS virus will probably be hardly worth a > 140 character mention on Twitter. And by the way, the latest to date is from > yesterday<http://www.adobe.com/support/security/advisories/apsa11-01.html>(Adobe, > of course). > > > For proof, I could just point at the _ridiculous_ amount of brainspace >> dedicated by the blogosphere by anything apple has ever done in the past 2 >> years, including the java posse which continues to pad the podcast by at >> least 10 minutes of discussion if Steve Jobs's turtleneck is 5 millimeters >> out of balance. >> > > I certainly agree with that, I facepalmed in real life last time the 'Posse > spent a few minutes discussing the announcement of the announcement of the > iPad 2. > > -- > Cédric > >
The important question here isn't "what proportion of machines run OS-X", it's "If I manage to infect one machine, what others will it be connected to for purposes of spreading" Windows tends to be used heavily in big corps, so if you get one infection then you're sorted - surrounded by a big juicy monoculture of machines, all likely to be running with the same a/v software and patches. Outside of some small companies (most notably those in media/design), most Apple systems seem to be privately purchased, or bought for individuals higher up in the corporate hierarchy, so they'll be loosely scattered and much less likely to find a viable infection vector. These things spread exponentially, so if OS-X only represents 10% of the ecosystem then it'll suffer 10x fewer infections in the first generation, 100x in the second, and 1000x in the third. At the end of the day, OS-X exploits have been written, but the conditions just weren't right for them to take hold. That's why we don't see so many Apple infections. Maybe the system *is* inherently more secure, but that's not the important factor. Any study of epidemiology will focus on overall systems, not just individuals. Interestingly, it's also why attacks on routers seem to be effective - not because any given model has a dominant market penetration, but because they're all highly connected. > > > -- > You received this message because you are subscribed to the Google Groups > "The Java Posse" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]. > For more options, visit this group at > http://groups.google.com/group/javaposse?hl=en. > -- Kevin Wright gtalk / msn : [email protected] <[email protected]>mail: [email protected] vibe / skype: kev.lee.wright quora: http://www.quora.com/Kevin-Wright twitter: @thecoda "My point today is that, if we wish to count lines of code, we should not regard them as "lines produced" but as "lines spent": the current conventional wisdom is so foolish as to book that count on the wrong side of the ledger" ~ Dijkstra -- You received this message because you are subscribed to the Google Groups "The Java Posse" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/javaposse?hl=en.
