Hacker: Windows More Secure Than Mac OS X

Regardless of which side you're on (though as a true computing enthusiast, you shouldn't be taking sides), you've heard the arguments back and forth on the which operating system is truly safer – Mac OS X or Windows.

It is of the opinion of Charlie Miller, a well known Mac security guru, that even Snow Leopard, the latest version of Mac OS X, isn't as safe as Windows.

One key point is that Snow Leopard still doesn't have ASLR, or address space layout randomization, which randomly arranges the position of key data making it harder for hackers to target for exploits.

Miller said to TechWorld that Apple didn't change the ASLR from 10.5 to 10.6: "Apple didn't change anything. It's the exact same ASLR as in Leopard, which means it's not very good."

Apple didn’t completely missed the chance to tighten up security in Snow Leopard though, as the new QuickTime solves a lot of the issues that Mac OS X had before.

"Apple rewrote a bunch of QuickTime," said Miller, "which was really smart, since it's been the source of lots of bugs in the past."

One thing that Snow Leopard did adapt, which Windows has had since XP SP2, is DEP (data execution prevention). With DEP, buffer overflow attacks are much harder to execute.

Despite Miller's opinion that Windows is the more secure OS, the large install based of Microsoft-based systems make them a much more attractive target for hackers. Still, Miller would like to see security on all platforms.

"Snow Leopard's more secure than Leopard, but it's not as secure as Vista or Windows 7," he said. "When Apple has both [in place], that's when I'll stop complaining about Apple's security."

Marcus Yam
Marcus Yam served as Tom's Hardware News Director during 2008-2014. He entered tech media in the late 90s and fondly remembers the days when an overclocked Celeron 300A and Voodoo2 SLI comprised a gaming rig with the ultimate street cred.
  • nukemaster
    Ahhh, so true.
  • xaira
    score 1 for windows
  • superblahman123
    Keep in mind it was an apple developer saying this himself, sounds like this guy could be the anti-christ for those PC vs. Mac commercials.
  • doomtomb
    So I bet this isn't going to make it amongst the bias PC vs. Mac ads
  • Sicundercover
    Note: this is the same guy that won at Own2Pwn last year. So Im pretty sure he knows what hes talking about.

    But Mac users live in a little false reality bubble with twirling rainbows and lies about being impervious to maleware.
  • and this is new to the world how. i think this should already be common knowledge.
  • ASLR is just security through obscurity. I wouldn't trust my data with any security "guru" who suggests otherwise. I'd rather see Apple invest their time implementing actual security measures
  • eklipz330
    dont worry, when apple gets more shares, they will feel the wrath of the hackers
  • Sicundercover
    Plus by the time Apple is done spinning this the Fanboys will be claiming that this is all a scheme devised by MS.
  • ElectroGoofy
    sicundercoverBut Mac users live in a little false reality bubble with twirling rainbows and lies about being impervious to maleware.
    Amen! lol

    I'm always tired of Mac users saying "Oh, but there is less malware for Macs out there!" My response to that is "Hackers just feel sorry for Mac users and decide not to make their lives even more miserable than they already are with using a Mac." ;) Now I can say that Windows is more secure! :D

    (P.S. I am not one of those people that have never used a Mac and say that I don't like it, I have been using one extensively over the summer and have found out how much time I have saved by using a Windows computer all of my life ;))