Or maybe they're moving on from the windows audience and trying to sell Symantec Antivirus to the Mac folk? I always wondered why anyone would get that program on a mac, seems like selling fish repellent to a tiger trainer. Or something like that.

I'm getting a headache... nothing seems real anymore.

So I've been lied to my whole life... lies... all lies

Someone over at Slashdot pointed this out:

Windows - 39, 12 severe, average 21 day fix
Mac - 49, 1 severe, average 66 day fix
Red Hat - 208, 2 severe, average 13 day fix

I can put up with a whole lot of minor issues, with somewhat longer patch times, if they don't have SEVERE as the primary description.

In other words, someone at Symantec got bought or fooled.

Taking a closer look at the patch count from the article:

Windows: 39, of which 12 were severe
OS X: 43, of which 1 was severe
Red Hat: 208, of which 2 were severe

Frankly, the rate at which you *patch* bugs is not an indication of the security of the system. A higher patch rate does not mean the system is less secure - according to that metric I could simply patch fewer bugs and look better. Without providing useful details, Symantec can spin the 'results' any which way.

I could equally point out that assuming that there are still more bugs to find, this data shows that Windows is at least 6 times more likely to contain new severe bugs than the other two OSes.

Additionally, Red Hat bundles many more programs than Windows, which are still being actively developed, contributing to the non-severe patch count.

While it pains me to say this, using the criteria Symantec used, Windows is actually relatively secure. But consider the following:

1. Because Windows dominates the market share, the sheer volume of malware targeting windows by far dwarfs any other operating system. No matter how quickly Microsoft issue patches you are likely to be bombarded with far more malware on a Windows system.

2. For several reasons the software running on Windows can be less secure than software running on other systems. While the operating system itself may be secure the various software running on the system may not be as secure. Reasons for this are numerous including everything from the development community surrounding Windows to Windows approach to security to the general level of user expertise (and common sense).

While Microsoft may have made progress over the years, the battle is far from one.

Of course they want to Windows to be perceived as the most secure. They want people to use it.

ahh... this conflict is more entertaining than that classic battle between coke and the other drink

Actually I bet even with Internet Explorer 7 it would still rank up there at #1, simply because Microsoft has dumped a huge amount of effort and dosh into making sure IE7 is secure. I think they finally got tired of getting kicked in the nads on Internet security. They could use some more CSS standards work though.

I was suprised that Linux wasn't on top, though OS X wasn't. Seems I've been seeing a ton of patches coming down the pipe lately from Apple.

These results are very "interesting" in their presentation, and Symantec's conclusion is "strange" - these results are inconclusive at best. The "average" day fix includes the minor and severe ... the response time for severe patches is much more important, and should be appropriately weighted or singled out.

Symantec is trying to derail the switchers - Apple had a great quarter, and with Leopard coming out, expectations are high.

Since Symantec gets approximately zero sales from Macs and Linux users, of course they would promote Windows.

I look at it this way. I have NEVER been hacked on a pc. Ever. I have my anti virus, my firewall... I torrent, and do all sorts of nonsense on my computers and have never had a single problem.

You people bitch and bitch about what's best when honestly there are gives and takes from ANY operating system.

As a programmer I can honestly state that "bugs happen" and will happen at a predictable rate even with expert programmers and quality control. As others have hinted to above, less patches != less bugs. In fact, the opposite may be true. Lets imagine that the 3 systems had the same amount of bugs* starting 6 months ago, for example 1000 bugs:

Windows: 1000 - 39 = 961 bugs remaining
Mac: 1000 - 49 = 951 bugs remaining
Red Hat: 1000 - 208 = 792 bugs remaining

*Footnote:
Since bugs happen at a somewhat predictable rate (x bugs per y amount of code) the total starting amount would really depend on the size of the code base AND overall number of patched to date. Since Windows Vista uses a huge amount of new code and the fewest patches to date... Well you do the math.

I find it interesting to see they are using the speed bugs are patched to measure how secure an operating system is.

I would have thought effect on their user base / data lost might be better?

Mac OS is better. Plain and simple.

Windows has more bugs, more virus attacks, more pop up ads, more crashes, etc. I could care less about the frequency of system patches - I know from experience. Here's a quick test of which one is better - try hooking up a camera to your computer. Which OS is best?

I use a Windows environment at work and a Mac at home. Every time Windows comes out with a patch, everything goes KABLOOEY, the system crashes, peripherals go on strike, and the Geek Squad posts another fat quarterly earning. Thank g-d they don't have patches that often.

Stuff it Symantec hacks. You may know about computers, but you also know where your bread is buttered - the Windows OS. Talk about result oriented study.

Ever consider that Windows comes out with less patches because they are slow and non-responsive to the demand?

Never gotten a virus on Windows, after 17 years of pure Micorosft Operating Systems. Sure I run Ubunutu too, but 90% of the time I use windows.

Never has any malicious software deleted any of my files. Never have I lost anything important.

I doubt Windows is the most secure. But it certainly is pretty darn secure. Honestly I think you are less at risk on Linux or Mac. But I take my chances and I run Windows. And so far so good.

I like IE7 alot, in Vista I use IE7 only. In XP I mostly use Firefox, but IE7 is pretty darn good.

Symantec makes their money on Windows, especially the Pre-Vista versions. They're full of shit.

gabrielm:
Since bugs happen at a somewhat predictable rate (x bugs per y amount of code)...

gabrielm, do you have a reference that supports this claim? I completely believe it. I'm not being facetious, by the way, I really believe you, and it's a good answer to a flame war like this. It seems more logical that it depends on the amount of code rather than one huge company with hundreds of experienced programmers is significantly better than another similarly skilled company.

Also, it doesn't affect my claim, that the "security" of an OS is relative; Windows is less secure not because it has more bugs, but because more people are *exploiting* their bugs.

The only reason why Mac & Linux are on that category (second and third) is because so few people use them.

So the stupidity of saying that Mac OS is better because it has fewer virus attacks and pop ups outlines the kind of people using that thing.

Linux is secure, for sure, but at the expense of demanding a huge learning curve. The idea is not just an air-tight system but one that balances usability with performance.

Many of the patches released for Windows are to correct issues with the miriads of third-party technologies that must be integrated with the system, not the core itself.

I've used windows since ver. 3.1. I've never had any problems that I did not cause myself. I have also used earlier versions of MAC., great system for graphics. Have never used Linux. Will try it at some point . But I will always use Windows. Currently using Vista 64 bit. Love it

Windows is fine. OS X is probably okay too. I don't own a mac because they cost a lot of money for something I have to learn how to use, despite what people say about the learning curve. I like the MacMini though. That thing is kinda neat.

I run ubuntu sometimes. It's pretty secure.

I don't have a problem with windows unless i'm being delibritly stupid. My desktop is a mess. My laptop runs as well as the day I bought it. Why? Probably because I use firefox on my laptop.

I was just going to ignore this as more of the usual BS, but I feel I need to say

WHAT A LOAD OF CRAP!!!

Symantec is lying with statistics. First they use an aggregated number of threats, with no weight given to severity. Next they use an unweighted average days to fix. How long did it take Apple to fix the one severe threat? What was the longest it took MS fix any of their dozen? What's the median time for any fix? What is the average expected time to fix a severe and a minor threat? SInce most of the minor "threats" on OS X involved a prompt asking you to download an unknown file (or similar), we need to ask for a definition of "threat."

Then we have to ask why? I can only come to one conclusion. When Symantec didn't think it was worth their while to update their OS X utilities, MAc users figured out they can live quite well without Symantec (DIsk Warrior, ClamXav, et al do a fine job). I'm betting Symantec will come out with a new set of "Works" for 10.5 on Intel processors, which means they need to churn the waters of FUD to create sales.

Tough. I ain't buying it. You told me to Kiss Off when I upgraded to 10.3. SO I did, and I'm not coming back.

No matter how much you lie.

haha take the pepsi challenge symantec.. take 3 machines put an unprotected fresh install of windows xp with the equivalent osx and linux installs on the net and see how long before you are pwned

Marthirial said:

"So the stupidity of saying that Mac OS is better because it has fewer virus attacks and pop ups outlines the kind of people using that thing."

Yeah - design your OS for a limited audience of computer sophisticates. That's a great test of its overall utility, ease of use and stability. Putzamatic. Buy a clue - if it works for the so-called lowbrows, then there's a reason - it's stable and uncomplicated.

Long live Apple! Windows users get what they deserve. I say, let 'em crash.

LOL, this us funny. I have a windows XP machine and a Fedora Core 6 rig.

windows has been attacked many times, but my the firewall built into my router, or McAfee antivirus/personal firewall catch most of it.

On linux, i've never had ANY problem whatsoever, i download with limewire, and bittorrent, sure, lots of it is full of crapware, but i can test it on my linux rig to make sure it won't bugger up my windows PC.

Linux can be safer when well configured, witch is not the case mostly. Windows is also extremely safe but most of n00bs use it, increasing the possibility of safety faults. Linux users are way more h4x0r than the average (skip Ubuntu/Suse/Knopix users), so they're less likely to click in those "Get free smileys/Enlarge your penis" banners.

Oh my god, Mac has virus? Isn't Apple only make perfect products because Steve Job is perfect?

Actually the clues are free.
http://www.osweekly.com/index.php?option=com_content&task=...

Could it be possible? Apple defies the very laws of economy... Fewer people want it because it's better????

It's funny they say windoze has the fewest patches. I have to turn on my dos box once every couple of weeks for work. Every single time I do there are multiple security patches to be downloaded and installed. Yeah, as a person who uses computers all day long, having to install that crap and restart is a *real* luxury.

jpcsc: Virus on a Mac? Hardly. Those numbers are security breach reports, not virus reports.

Don't you guys get tired of rehashing the same Mac vs. PC arguments over and over and over and over and over and over and over?

I mean, no matter what the new article is about or what the new information says, the same argument is always made by each side. I would think, after a while, you all would just get tired of typing the same thing so often.

Nevermind. I suppose geeks of every stripe will never tire of getting into arguments with other geeks.

Yeah, right. This is about as credible as the Hillary 1984 You Tube ad.

I think you have to look at the overall dominance that Windows has over other OS's. It's most widely used by corporations and home user's alike. I would say that the main reason for attacks is Social Engineering and the fact that Windows machines are the main system of choice. Social engineering allows for a quicker attack on a system than the standard fingerprinting method. That method would entail looking at signatures of operating systems within in an organization using a packet sniffer. This leads to what kind of attack a hacker can implement on a system. This process takes a while and can not be implemented quickly. However with social engineering, an end user can leave a system vulnerable by giving away login credentials, therefore giving a hacker the edge. It takes all the guess work out of it. By doing that they can either mine the system that they've logged on for data or use it to host a zero day virus.

Having said that, I think the same would happen if the majority of corporate America used OS X. What does a hacker have to gain from implementing a virus on systems that are primarily used in graphic design or video editing departments.

I go to school at RIT ( for those who dont know its a tech. College in upstate NY..) ..
now I'm not that great at computers and programing I only have 3 years of Java behind me.. I do however have a good bunch of friends who love to do nothing more then sit in their rooms and.. well test our schools network and other computers on our campus.
---
Out of all the computers in the area I can guarantee you the ones they can *hack* into are the ones running windows.
--
so for those of you who say you've never gotten a virus or such, thats prob. because no one has tried to deliberately give you one. Had they done so, I can almost guarantee that 90% of the time if you're running windows your screwed

Sits back and watches fanboys having seizures facing the sad truth brought to us by a known enemy of MS

Oh the (wonderful) humanity

A quote from the report to all those who post before actually reading THE BLOODY INTRO!!!

Instead of exploiting high-severity vulnerabilities in direct attacks, attackers are now discovering and exploiting medium-severity vulnerabilities in third-party applications, such as Web applications and Web browsers. Those vulnerabilities are often used in "gateway" attacks, in which an initial exploitation takes place not to breach data immediately, but to establish a foothold from which subsequent, more malicious attacks can be launched.

I dumped Apple back in '88 and never looked back.
Except for their styling... They sure got good industrial designers.

Never EVER had a virus in:
TRS-80
Sinclair 1000
DOS 2.0
DOS 3.0
DOS 5.0
DOS 6.0
DrDOS
Win 1.1
Win 3.1
Win 95
Win 98
Win Me
Win NT 3.5
Win NT 4.0
Win 2000
Win XP Home
Win XP Pro
and now...
Win Vista Ultimate.

I've licensed them all as full versions or upgrades.

So far, all I can say it's that I've been suckered into buying Antivirus Programs ever since I got my first PC-XT.

Lucky Me?... I don't think so.

My company used to pay Symantec about $50,000 annually to secure all our Windows boxes, and now I guess we don't have to anymore. Thanks for your genius report, Symantec!

aec007, well somehow you did get suckered into buying WinME. And I'm glad to see you dodged a bullet by going right into Vista Ultimate. Damn, man, how much coin have you dropped over the years on Windoze anyway? You really need to figure out how to five finger your licenses off of work like the rest of us.

"Something tells me that if this report included Internet Explorer as part of the Windows OS it would be a lot different"

Yeah-huh. As soon as I started up a newly downloaded IE7, I got adware from China.

Darn China. Sending us their pollution and now sending us malware...

Read the report. Symantec make absolutety no claims about Windows being the most secure OS. The only thing they focused on was patch development time, they never even mentioned security.

As usual, some sensationalist dickhead is just taking things out context.

@comma_commedian:

My company used to pay Symantec about $50,000

I'm betting you're not the one making that decision somehow, or you'd see the value it actually provides.

It just seems really hard to get a virus or something like that if you just use some common sense and keep your stuff updated.

I havent read all of the posts, so i may be repeating, but dont forget bugs dont always mean a possibly security issue. It could be that a certain device goes nuts when a certain device or driver, program, service is loaded.

I wouldent worry about the actull patches too much unless they are flagged up as servier.

More patches the better, must mean that the bugs that are there are being found and patched quicker!

Strange that they seemed to have ignored the severity of the flaws. And every day experience speaks for itself: you just don't get malware on Macs. In summary: more nonsense from Symantec!

John Gruber reports:
"The gist of it is that Andy Patrizio wrote a widely-linked-to article for InternetNews.com claiming that Symantec's latest Internet Security Threat Report proclaiming Windows is the most secure OS. Symantec's report claims no such thing."

offcourse the r right windows is easy to patch ,its not like mac a "closed einvironment",is wat a mac is.

It does make sense of a sort, though.

I used to live in a city hailed in the country as "The cleanest" one. And it indeed seemed clean.

Thing is that this city had 12 (!) rounds of garbage trucks and cleaning/vacuum trucks (I don't know how those street zambonis should be called) every day.

So it's not that it was the cleanest, it just wast "the most cleaned up". This may seem the same but it's not, truth is that the city was one of the dirtiest in the country, but there were so many people continuosly cleaning it that it wasn't obvious (until you started counting the passes made).

So, Windows has the most of "cleaning" programs (Antivirus, AntiSpyware, Firewalling, you name it). Using this bizarre logic that would make it the safest when compared, say, to Mac OS X or Linux that don't have a dozen of all these combined.

It's like saying a prostitute has safer sex than a married couple because she uses more condoms per week.

My secrets aren't safe?

Isn't it obvious that someone at MS just sent Symantec a check? The "methodology" is so obviously bogus that it just smacks of payola.