What's prompting this post is a piece by Vanessa Ho, "Hackers targeting iPhones and Macintoshes," which was published on Connect IT News a few weeks ago. Her post raised some valid points, but also was short on specifics. It also raised some red herrings, such as claiming because some iPhone owners "jail break" their handsets means that iPhones are therefore more vulnerable to malicious attack. There's no evidence of that ï¿¼ at this point, I call that scaremongering.
Let's be very clear: All platforms are vulnerable. A platform's vulnerability is proportional to three main factors: The number of attackers targeting it, the number of users who could be targeted, and the technical strength of the platform. Let's take those three in turn.
ï¿¼ The number of attackers targeting Macs and iPhones. Ask yourself: As these platforms grow more popular, would the number of attackers targeting them go up, go down, or stay constant? If anything, it would go up. By how many, I don't know. I've not seen any statistics or hard data that said that there are xxx attackers targeting Macs with malware, or yyy attackers going after iPhones. But I'm sure they're out there.
ï¿¼ The number of users on the platform. The more users you have, the more likely that you'll find a user whose machine doesn't have the latest patches, or who doesn't have antivirus, or who agrees to install malicious code, and who might be in a position to unintentionally share malicious code with other users. As the number of Mac and iPhone users go up, the number of people who might visit a bad Web site, install a bad application, or forget to upgrade their code goes up too.
ï¿¼ The inherent strength of the platform. That's where Mac users have been the most smug, of course, trusting Mac OS X's Unix underpinnings to protect them from malware ï¿¼ often to the point of eschewing elementary precautions like data backups, network firewalls and antivirus software. That's just stupid. While Mac OS X is very well designed and coded, I'm not sure that the Mac OS X is more inherently more secure than Windows Vista SP1.
Mac users (and iPhone users) should be wary about being too smug. The Mac has proven itself to be vulnerable to attack, though fortunately incidents have been few and far between. The iPhone hasn't been out there long enough for potential vulnerabilities to become evident. So, my message is, don't worry ï¿¼ but don't be complacent either. All platforms are vulnerable.