Mac OS is more vulnerable to exploits than Windows

According to a recent interview with hacker, Charles Miller, he stated that the Safari is easier to exploit rather than Firefox or IE because it runs on Mac OS.

During the Pwn2Own 2009 hacking competition, Charlie was able to take control of a fully patched Macbook in mere seconds by exploiting a security vulnerability on the Safari browser. He claimed the $10,000 top prize for it as well as the Macbook.

Hacking into Macs is so much easier. You don’t have to jump through hoops and deal with all the anti-exploit mitigations you’d find in Windows.

He also talked about the value of OS and browser’s vulnerabilities and said that exploits for IE8 and Firefox on Windows yields more money if you sell those to their respective companies compared to what you can get from selling Safari on Mac vulnerabilities.

So what about Chrome? It is Chrome’s sandbox that’s making it hard for hackers to make their exploits to work and he said that other browsers should go into that direction for better security.

Check out the whole interview from ZDNet. It’s quite interesting.

For more technology news and gadget reviews, follow us on Facebook, Twitter and Instagram
  • Jerome G.

    If such is the case, it doesn’t give any immediate monetary value to hack into Macs because of their small market share. While the market share is increasing, its still profitable for hackers to attach Windows systems along with other popular vulnerabilities out there.

  • Jim

    There’s that security through obscurity argument again.

    I’d like to point out two important facts about the contest. First, users had to click on the link before the flaw in Safari could be exploited. It wasn’t like Miller just busted Safari wide open without intervention. Second, every other browser in the contest failed in the first day. Safari was just the first to be exploited. However, both Firefox and IE were also broken into.

    By the way, Miller won $5,000, not $10,000. The other hacker, Nil, won $15,000 for hacking into all three browsers.

    One more thing, according to Jeff Jones, the director of Microsoft’s security group:

    “I don’t really care for ‘hack the box’ contests. If a machine doesn’t get hacked, it does not mean it isn’t breakable. If it does get hacked, it just shows us what we already know – any machine can be broken under the right circumstances. So, don’t read too much into the PWN 2 OWN results. I don’t.”

    Computerworld Security article about the contest:
    http://tinyurl.com/pwn2ow

    By the way, I’m a Mac user. Been using a Mac for 4+ years without running any anti-virus or anti-malware program.

  • Albert

    Your title is deceptive. You should say Safari is more vulnerable not Mac OS. It also sends a the wrong message. It flouts the idea that Mac OS is unsafe when every tech guy knows that Windows is more virus & spyware ridden OS. Your title makes me think it is more about driving clicks/traffic than informing readers. Oh well… professional bloggers

  • I think it’s clear what the hacker had said… “Hacking into Mac is much easier…” So, it is right to say that Mac OS is more vulnerable….

  • Des

    Your title is misleading sir.

  • if you read the interview he says it’s Mac OS that is more vulnerable. Firefox on Windows XP is harder to crack than Firefox on Mac OS so it’s the OS and not necessarily the browser.

  • The title was done so you’d read the article and give page views. That’s obvious.

    Of course if you read this article you’re not really using Safari are you?

  • kenshinflyer

    Hee hee. Safari is Step One. Today, Safari; tomorrow, the Mac OS. Warning.

  • Crapple Smack-n-toss

    their DRM’d OS/software = defectivebydesign

  • Mac OS is not that user friendly unlike Windows but in that case it’s clear that hackers can easily hack MAC rather than windows so MAC is really vulnerable. Aside from that hackers are really great when it comes to hacking they will find ways how they can hack system no matter what OS is that.