Whether considering specific threats or the big existential picture, there is no better time to own a Mac or iOS device. Sounds nice, but is Apple security good enough for users to let down their guard? Here’s a quick look at the good and the bad inside the walled garden.

First and foremost, it bears mentioning that any computer can be hacked — it’s merely a question of time and opportunity.

That said, TidBITS’ Rich Mogull offers a very upbeat assessment of Apple security as we head into the New Year:

Apple’s security is, across the board, stronger now than at any time in the nearly eight years I’ve been researching and writing about the company’s products and services. Which is important, since Apple also faces more security challenges than at any time in its past.

The existential threat to Mac security in recent years was Java, which has been a big problem for Windows and Linux, as well. However, the issue on the Mac began to diminish after Apple handed off Java update responsibility to Oracle and, just as importantly, deprecated Java by making it optional, not part of the default OS X installation.

Further, OS X automatically deactivates Java — no interaction required — if it goes unused for a period of time, which is just plain smart.

Those things happened months ago, but the payoff is just becoming apparent.

Increasing popularity, smaller target

The baseline fundamentals executed by Apple that make both the Mac and iOS platforms much more secure — apps must be sandboxed and reviewed before listing on either the Mac App Store or iOS App Store — have been somewhat unpopular with developers. However, although app sideloading is common on both platforms, the great majority of users are getting software from official, curated channels, which greatly reduces the security exposure of Apple products.

The impressive bit here is that Apple has improved Mac and iOS security even as they’ve increased market share.

For what it’s worth, Microsoft is beginning its own effort to secure Windows inside a walled garden. However, given the hodgepodge, inconsistent approach, it’s hard to imagine Redmond will be successful at least in the short term.

Contrariwise, Google’s Android platform is “open,” which is just another way of saying it is woefully insecure.

So, is Apple security good enough? Perhaps.

However, the real question isn’t absolute security, but rather which platform does it best? Clearly, Apple is doing a much, much better job than either Microsoft or Google…

What’s your take?

  1. Apple is sandboxed, which increases security. Google takes a different approach, but means it’s more customisable. That’s the tradeoff you have – a closed, uncustomisable system, but secure; opposed to an open, insecure system that can be optimised and improved by developers. Android does have security options available, which increases the security of the platform – but is security something you really want to have to worry about, or rather the manufacturer worry about it for you? What if it wasn’t Apple we were talking about here, would we still trust their closed undocumented implementation of security mechanisms as much?

Please enter your comment!
Please enter your name here