Windows 7 vs. Snow Leopard: Which is More Secure?: Page 2

(Page 2 of 2)

• Privilege management. As I said above, I feel that both systems have been taking small steps backwards here, perhaps with the rationale of making things easier for the end user. A security-savvy owner is forced to create administrative and non-administrative profiles in both systems in order to completely separate these tasks. From my point of view, this is a mistake that is going to haunt us in the future.

Still, I’m going to give a slight nod here to Snow Leopard, because I can again get to the UNIX command line and run privileged operations easily via the “sudo” command, making it a bit easier for me to keep my administrative and production worlds separate.

Qualitative score: Snow Leopard gets a D+ while Windows 7 gets a D-.

• Program management. Not much has changed here from previous versions of OS X or Windows. I still feel this is an area where OS X truly shines. Putting all of an application’s files into a single “bundle” in the /Applications folder makes a world of sense to me. Removing unwanted apps; upgrading to new versions of apps; archiving apps; all of these basic functions become trivial in OS X and remain a nightmare for me in Windows.

I still don’t feel I can remove a major application from a Windows system without leaving behind significant residue, be it directly in the file system in the form of remnant DLLs or in a registry hive somewhere that the uninstaller didn’t clean up.

Qualitative score: Snow Leopard gets an A while Windows 7 gets a D.

• Access controls. Not much has changed here. As I said, both systems install a default user with administrative access. The good news, though, is that the default read-write access settings on most system files is disabled on both systems.

As in the past, I was able to tweak my Snow Leopard installation so that my desktop user is unprivileged and only my administrative user has read/write control over applications. I still find myself sweeping through the system periodically to clean up the default access controls left behind by various application installers that leave /Applications and /Library/Application Support open to world read/write.

As for network access controls via the firewall, I find a lot to not like in both systems. I have essentially 3 settings in Snow Leopard: allow all, disallow all, and allow per-application. Once you learn how to work with these, they’re relatively simple, but the user interface isn’t as smooth as it should be.

Windows similarly allows the user to adjust firewall settings. They have, however, two extremes to choose from. The basic settings are very simplistic for the end user. If you go into the advanced settings, on the other hand, the settings are hugely and overly complicated.

Qualitative score: OS X gets a C while Windows gets a C.

These certainly aren’t all the criteria that would be relevant to compare, but they’re important aspects of a system’s security to the end user. A reasonably tech-savvy consumer can certainly find a lot to like and dislike in both operating systems. Windows 7 seems to me to have made great strides in making security choices simpler for the end user, but perhaps they’ve taken that too far in some areas—such as firewall controls.

I’ve become convinced that, in order to get security right, software must first and foremost be intuitive to the users. As a veteran of Windows, Linux, and Mac desktops, I firmly believe Apple is vastly ahead of its competition in this regard. Windows 7 has shown remarkable improvements, but still has miles and miles to go.

In the end, I believe neither system is drastically more secure than the other. They both offer a solid set of security capabilities, for sure. Even still, I remain a firm believer that I’m safer on Snow Leopard than I would be on Windows 7.

Page 2 of 2

Previous Page
1 2

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.



IT Management Daily
Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that datamation.com may send you Datamation offers via email, phone and text message, as well as email offers about other products and services that Datamation believes may be of interest to you. Datamation will process your information in accordance with the Quinstreet Privacy Policy.