Why does it seem like viruses/malware etc are so much less common on Apple products?
I used to write it up to market share. Decades ago, it seemed like every other day someone wrote an article about how Apple was doomed. I figured it just wasn’t efficient to mess with Apple stuff when you could mess with Windows.
That’s not as much of an issue anymore, but is it still the main reason? Is there a technical issue as well?
This is something I'd like to know as well, but I doubt we'll ever get a very satisfactory answer as nearly everyone has some kind of agenda they want to promote rather than actual facts about this. You will see in the tech press every few months a headline warning Mac users that NOW is the time to install antivirus software as the tsunami of malware is coming, but every time it's because of a new press release based on some very dodgy "research" done by Sophos or some other antivirus retailer that desperately wants to sell licences of their software (which in most cases nobody wants as it slows your machine down, forces you to disable built in security and just causes random crashes and unwanted behaviour).
I think it's some kind of amalgamation of reasons to do with market share, history, OS design, development culture, ease of finding weaknesses, user education, potential for profit and probably some other things.
The market share argument sounds like a good reason. It used to be the case that Windows just dominated the desktop market, so obviously that's what you'd target. That sort of falls down when you look at the mobile market and see how much share iOS/iPadOS has (and that most of the people owning those devices are surely a higher target than Android users). But there just isn't any iOS malware in the wild (apart from occasional reports of state level actors targeting specific foreign targets with zero day exploits).
History plays a part. Malware authors mostly wrote Windows viruses, and have Windows computers, so they carry on doing what they know and improving things that they know already work.
OS design is definitely part of it. In the old days System 6/7, MacOS 8/9 had plenty of viruses, because it was so easy to write them. The OS supported multitasking with no memory protection and the filesystem had no concept of protected files or user accounts. Once OS X came out that all stopped as it was based on BSD UNIX (via NeXT). Is MacOS/iOS more secure than Windows? I don't think there's any particular reason why it should be, but historically Windows security has been pretty bad. iOS has always been pretty firmly locked down, with apps sandboxed from each other and only apps from the App Store allowed - the attack surface is really small. Recent versions of macOS have inherited some of that hardening, with App Store apps being sandboxed and the OS itself being locked through System Integrity Protection etc.
And that's partly down to the development culture behind the OS. Microsoft's historical culture with stack ranking and competing groups that never communicate seems guaranteed to produce an end product littered with security holes big enough to drive a bus through. You just need to use Windows for a few minutes to realise that nobody cares about it at all. It's a massive blob of separately engineered little bits held together with tape. Maybe that's changing, but every time I'm forced to use it I'm struck again by how disjointed and illogical everything feels. Unfortunately macOS seems to be going the same way now with random bits of IOS being forcibly layered onto it - the horrorshow of Ventura's System Settings being a prime example.
Based on the security patches being released for the different OSs, it doesn't look like it's any harder really to find weaknesses, but for Apple users you're not also looking for security patches from hundreds of hardware vendors for their drivers. The hardware is much more restricted. But that also means you'll get updates for fairly old supported hardware.
User education. Are Apple users smarter and better informed, so just less likely to fall for the sorts of social engineering tricks malware relies on to get itself installed? I'm sure you have an option on that.
The potential for profit one is the most baffling. Apple users surely have more money, so they should make by far the most enticing target for malware. But there just isn't really much. More frequently you'll find various kinds of iTunes/AppStore scams or fraud schemes.
Someone should survey the malware authors and find out from them directly what their thoughts are.
the answer is pretty easy: macos is based on bsd is based on unix. from a security pov so far it won't get better. user accounts and system wide access is pretty limited, so if you for some reason install a virus on your user account, it wouldn't be able to get completly under the hood, unless it expolits an unpatched weakness. windows has a ton of legacy code from the 9x days and early nt still being baked into the system, preventing microsoft to do a proper redesign of windows because it would break legacy support. microsoft also has to allow much more "wild" software to run on system level, like esoteric drivers for obscure hardware, opening the doors wide for hostile software.
Add comment