Microsoft more secure than Apple, Adobe, claims former hacker
Apple fans are 'ignorant' of security issues
By Nick Spence | Macworld UK | Published: 14:05, 22 April 2010
Marc Maiffret, who once faced FBI agents waving a gun in his face over his hacking exploits aged 17, now works trying to find security flaws in Microsoft's software and well as tackling malware.
"Now when you look at Microsoft today they do more to secure their software than anyone. They're the model for how to do it. They're not perfect; there's room for improvement. But they are definitely doing more than anybody else in the industry, I would say," Maiffret told CNET News.
"From an internal process in how they go about auditing their code and securing software from a technical perspective, they do have one of the best models. The area they still have room for improvement is around time lines of how long it takes for them to fix things."
Maiffret, co-founder of eEye Digital Security, claims Apple and Adobe are now lagging behind Microsoft when it comes to security.
"They are starting to get black eyes with people saying Adobe is a bigger worry than Microsoft is at the moment, which I agree with. As those things are happening, Adobe and Apple and other companies are starting to pay attention and care more. But a year ago, it was still very much a marketing thing. People from both companies treated it as a marketing problem. They didn't have good technical structures behind the scenes."
Maiffret claims Apple has only taken security seriously in the last six months, with the Mac maker now playing catch-up.
"It's even a little scarier with them because they try to market themselves as more secure than the PC, that you don't have to worry about viruses, etc. Anytime there's been a hacking contest, within a few hours someone's found a new Apple vulnerability."
Maiffret claimed Apple and those who praise and buy Macs are failing to take security threats seriously. "If they were taking it seriously, they wouldn't claim to be more secure than Microsoft because they are very much not. And the Apple community is pretty ignorant to the risks that are out there as it relates to Apple. The reason we don't see more attacks out there compared to Microsoft is because their market share isn't near what Microsoft's is."
Maiffret added Apple also benefitted from running a Unix-based operating system.
"I think Microsoft does a better job with their code auditing than folks like Apple do. We've only seen a scratching of the surface as far as Apple vulnerabilities because nobody cares to find them. There's nothing inherent with Apple themselves and their development. The only reason Apple gets little increase in security is because they're running on top of a Unix-based operating system and they can take advantage of some of the things that have been done for them."