Is Apple's Security 10 Years Behind Microsoft's?

Following comments made by Kaspersky Lab founder Eugene Kaspersky, MSNBC asks how far behind is Apple's security?

At Info Security 2012, Kaspersky noted that Apple will have to change how it approaches updates following recent malware attacks such as the Flashback trojan which infected over 650,000 Macs.

"I think they are ten years behind Microsoft in terms of security," Kaspersky told us. "For many years I've been saying that from a security point of view there is no big difference between Mac and Windows. It's always been possible to develop Mac malware, but this one was a bit different. For example it was asking questions about being installed on the system and, using vulnerabilities, it was able to get to the user mode without any alarms."


So is Kaspersky right?

"I'd say that Apple's got another 10 years to go before their security will become as much of a laughingstock as Microsoft's," said Jonathan Zdziarski, author of "Hacking and Securing iOS Applications" (O'Reilly, 2012) and a forensic scientist who hacks into iPhones for Chicago-based viaForensics.

"Comparing Apple and Microsoft is like comparing apples and oranges," said Mikko Hypponen, chief security officer of Finnish anti-virus firm F-Secure.

However, the two experts do believe that Apple's poor response time to security threats needs to be addressed.


"Apple might have some sort of an attitude problem, which shows in their slow patch cycles and so [on]," Hypponen said. "But otherwise, it's hard to critique them with all they've done with OS X: app sandboxing, memory randomization, NX [non-executable memory] support, [the] App Store model."

"Apple needs to learn the meaning of transparency," Zdziarski said. "They need to communicate with their user base and with the security community. They need to be quicker to respond to threats."

Read More [via p0sixninja]