Security issues often a circus
Posted by Dennis Sellers 
Aug 19, 2008 at 7:16am
Linus Torvalds, creator of the Linux kernel, has expressed the feelings I suspect are akin to those of many Mac users. He says he’s fed up with what he sees as a “security circus” surrounding software vulnerabilities and how they’re hyped by security people, according to an InfoWorld report. Now he’s not talking about the Mac platform, per se, but I do agree with his opinion that, often times, the threat of bugs and viruses are blown way out of proportion.
Torvalds explained his position in an e-mail exchange with Network World this week. He also expanded on critical comments he made last month that caused a stir in the IT industry. Last month Torvalds stated in an online posting that “one reason I refuse to bother with the whole security circus is that I think it glorifies—and thus encourages—the wrong behavior. It makes ‘heroes’ out of security people, as if the people who don’t just fix normal bugs aren’t as important. In fact, all the boring normal bugs are way more important, just because there’s a lot more of them.”
When it comes to the Mac, security warnings seem to be much ado about little if nothing. In January, Infoworld said that the Mac OS X is safer today—but not necessarily more secure for the long term—than Windows. Malware researchers and industry analysts warn that as the sheer number of Apple end-point devices in use worldwide rise, so will the security concerns tied to the company’s products. Seven months later, even though Mac sales have continued to rise, there’s been no discernible increase on Mac security problems.
In August 2007, at the Black Hat Briefings conference, security researcher Charles Miller spelled out a wide variety of security problems in the Mac OS X operating system and Apple’s Safari browser. Despite this—all this—in a July Macsimum poll, we asked if you had noticed an increase in malware, viruses, etc., on your Mac? Ninety-percent percent of those who responded said “no,” and three percent said “yes.”
I’ve been a Mac user for almost 20 years. I’ve NEVER had any problems. That’s not to say that I won’t this afternoon or tomorrow or next week. And that’s not to say that any computer/Internet user should be flippant about security measures.
But many times security “experts” and those who make security products seem akin to Chicken Little warning us that the sky is falling when it’s not. I happen to agree with Torvalds that labeling bug fixes as “security” fixes is only (or at least often) useful for PR. The real metric is the level of productivity or down-time (thus lack of productivity) from bugs whether they be security of stability issues.
“Macsimum News” is a proud supporter of Planet Gumbo, which feeds the hungry. We urge you to help them in their efforts.
Dennis Sellers Says:
George,
Yes, that’s exactly what I meant to say. I’ve made the correction. Thanks for the heads-up.
Posted on August 19, 2008
Article Information
Comment on this Article Print this Article Email this Article Digg This
Contributor
Dennis Sellers
Dennis has been a newspaper editor/reporter (seven years) and teacher (seven years). He has over 4,000 magazine, newspaper and online articles to his credit. He has also covered the Mac and tech industries for over a decade for such online publications as MacCentral, MacMinute and now MacsimumNews.
George Says:
Torvalds is right about the unfortunate glorifying of bad behavior (even criminal behavior). The press does this in other fields as well, it gets more readers, appealing to the large mass, low IQ market.
Where you say, “Seven months later, even though Mac sales have continued to rise, there’s been discernible increase on Mac security problems.” Did you mean “no discernible increase?”
Posted on August 19, 2008