Mac vs. Linux: Which is More Secure?: Page 2

(Page 2 of 2)

Patch practices Next we come to patch management. The two systems are nearly equal here in terms of capabilities, but I have to give a slight edge to Linux but with a big caveat. Each Linux vendor does its own thing with regards to patch and configuration management. I’m speaking here only for my experiences from running a Debian Linux desktop. Oh, and I should note that even inside of Debian, the patching varies between the three primary distributions: stable, testing, and unstable.

So how on earth can I defend my opinion that Linux edges out OS X here? Simple. In my experience observing the two communities, I’ve (quite subjectively again) viewed Debian as being more responsive to rapidly resolving security vulnerabilities.

Related Articles
Is the Mac Really More Secure than Windows?

Web 2.0 Security: Application Scanners

Spam Bust: The Lessons of Yesmail

Pirated Vista, Office 2007 Already on The 'Net

FREE IT Management Newsletters

That’s not to say that Apple hasn’t been responsive, and quite possibly someone with more quantitative data will come along and cast aside my “gut feel” here. That said, while running my Linux desktop, I was always impressed when I watched the latency from disclosure to patch time.

That said, I still hate the patch management practice, but it remains the worse possible solution except for all the others.

Qualitative score: OS X gets a B- while Linux gets an A-.

Desktop target I’m always cognizant of the lessons I learned in childhood watching educational shows like “Mutual of Omaha’s Wild Kingdom”. It’s the slow gazelle that always ends up as cheetah food. Computer attackers seem to be quite content (and fat) going after Windows users as the metaphorical slow gazelles. Indeed, to extend this bad metaphor even further, Internet Explorer and Outlook must look like slow, fat, pre-barbecued and sauced, gazelles in the eyes of the cheetahs.

I’m quite happy not attracting the attention of the cheetahs, on the other hand. As such, I’ve long favored less-than-mainstream desktop apps like Konqueror and Kmail or Safari and

As Apple gains market share, however, Safari and are without a doubt going to increase in their appeal to the cheetahs. For that reason, I give a slight edge here to Linux. Ironically, Apple’s own popularity can be seen as a liability of sorts, at least in this one security aspect.

Qualitative score: OS X gets an A- while Linux gets an A.

With so many of these factors seeming to favor Linux, you may reasonably be asking why I still prefer using a Mac. Well, the answer lies in the classic trade-off that security practitioners face every day: security vs. functionality.

OS X gives me the functionality that I need as a (frequent) traveling professional, all in one place. These things include a really easy to use Wi-Fi capability, MS-Office running natively on the system, a calendar, contacts database, and a slew of other desktop software applications that just run beautifully. Yes, I’m being highly subjective here, but it’s been my experience that the desktop apps on the Mac vastly exceed, in usability terms, anything I ever found on my (now semi-retired) Debian Linux desktop.

In short, the things I need just work.

So OS X won the functionality vs. security battle for me. It’s true that I have to work a little harder to secure myself to a level that I’m comfortable with. But, I’m willing to do that for the level of functionality I get in return.

I believe that’s a really important thing for security professionals to keep firmly in mind. Quite often, the best solution is not the most secure one. I wrote this column on my Mac; I’m sticking with my Mac; and I now think of PC users as those who have never tried Macs.

Let the inbox beatings begin…

Page 2 of 2

Previous Page
1 2

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.