Comment Re:Style over function? (Score 4, Insightful) 779
A system may become infected 'automatically' when an external attack exploits a hole in the box's current configuration.
I got hit with a script-kiddy's sendmail exploit in an underpatched Linux box back in '97. Yes, it was my fault for not patching the system correctly. However, a properly locked down system, one with all necessary patches installed, is going to be *fairly* impervious to this type of attack.
Mac OS X gets kudos for being secure out of the box (though Apple should enable firewall by default). Linux has generally been there for a while now. Windows is slowly getting there.
Part 2 of avoiding 'automatic' exploits is being able to keep a system up to date. This is important and requires some user intervention on *all* OS's. The user *must* allow the OS to keep itself up to date. If not, newly-found holes will be left unplugged and potentially exploited in the future.
<aside> How many of these holes will be found depends on the underlying design of the OS. The worse its initial design with respect to security the more holes will be found. In its current state, Linux and OS X are more *inherently* secure than Windows. This is akin to Java being more secure than Active X -- Java was designed with security in mind, and very few security vulnerabilities were ever found. Active X has a security model of a sieve, and its terrible security history speaks for itself. </aside>
The second way a system can become infected is via user intervention. This is commonly called 'Social Engineering' and goes something like this: "Hey user, install this cool piece of software for neat feature X, Y, Z". So user installs the package, which includes malware, adware, opens a port from inside the system and communicates with it's mothership, etc. I don't see whey the Mac is inherently more secure to this type of an attack. In my one week's using a new Mini, I think this kind of an attack can succeed -- the user would even type the admin password to install the bad piece of software. Now, the malware on OS X & Linux wouldn't be able to overwrite critical system files (wouldn't have filesystem permissions) as it would on XP, but it could still cause enough havoc.
What worries me more is that Mac users, thinking that they're impervious to any attacks, wouldn't think twice about installing some random software on their invulnerable mac. They're not paranoid enough, and some paranoia is not a bad thing.
All in all, I welcome additional users into the Mac camp, even if it brings more risk with it.
