I have to admit, although Apple’s handling of security issues is often a train wreck, I’m still a big fan of Macs and other Apple products.
I covered a lot of the firewall issues on this blog and over at TidBITS, but I was still excited when MacWorld asked me to write an article on using the Leopard Firewall.
I really try to walk the middle ground when discussing Mac issues, which can tend to get a little emotional for some people. Some of my security friends accuse me of selling out when I write an article like this, while Mac zealots cry havoc at any criticism of their favorite platform. As with everything, the truth is somewhere in the middle. Apple has a long way to go with security, but we do see them taking some baby steps in the right direction. Trying to beat Apple over the head clearly doesn’t work, so I try and take a reasoned approach to criticism; giving them credit for the work they’ve done while offering specific suggestions for improvements where they fail. The truth is, even with all their faults and the critical vulnerabilities (including 0days) we’ve seen, the average Mac user is safer than the average Windows XP user as they go through their computing days.
But we also need to recognize that this won’t hold true as the popularity of the platform continues to grow. We’re seeing the early signs that the bad guys are gaining interest in Macs, and there are flaws in the platform they can eventually use to cause some damage. I suspect that once this starts occurring on a large enough scale, Apple will have to respond and start adopting some of the development processes and security features we see at Microsoft.
If only Microsoft would learn a little about usability from Apple… then we’d have a serious fight.
Anyway, you can check it out here.