An anonymous reader writes: Macworld has an article up about security in MacOS 10.4, in which they post an email interview with Dino Dai Zovi, the New York-based security researcher who took home $10,000 in the highly-publicized MacBook Pro hijack on April 20. From the interview:
From your research on both platforms, is there a winner between Mac OS X 10.4 and Vista on security?
I have found the code quality, at least in terms of security, to be much better overall in Vista than MacOS 10.4. It is obvious from observing affected components in security patches that Microsoft's Security Development Lifecycle (SDL) has resulted in fewer vulnerabilities in newly-written code. I hope that more software vendors follow their lead in developing proactive software security development methodologies.
I recommend that Mac users make their primary user a non-admin account, use a separate keychain for important passwords, and store sensitive documents in a separate encrypted disk image. I think these are fairly straightforward steps that many users can take to better protect their sensitive information on their computer.