Want to start an endless debate with a room full of techies? Assert that a particular operating system — pick any — is more secure than all the rest then sit back and watch the factions form. Some will argue that Mac OS X wins because of the relatively small number of known malware exploits as contrasted with Windows. Others will point to Linux’s built-in security model as superior to the competition. Windows fans will point to a vastly improved track record in the security area over the past decade. Still others will say that the mainframe’s z/OS and it’s related predecessors have proven their strength over the long haul running many of the world’s most critical transactions since the 1960’s.
Who’s right? Answer: I’ve used them all and I would say it’s none of them and all of them. Macs aren’t immune to malware as Apple’s own employees found out — the hard way. Windows wears the largest bull eye by virtue of its pervasive presence in the market so it will always victimized by bad guys. Linux’s strong security features may be beyond the grasp of casual users. z/OS has benefitted from something of a “security by obscurity” position, which means latent vulnerabilities could be there for the taking.
Not a very satisfying answer is it? Maybe a better way to rephrase the question would be not “which is the most secure?” but rather “which is the most securable?” The latter takes into account a larger understanding of the role of the user/administrator in the security ecosystem. In other words, it’s not just about technology but also people and process as well.
Yet another way to look at it is to say that the most secure OS is the one that you configure and use properly. The fact is that any of these options can be good or bad depending on how they are deployed and executed. That’s my answer. Now I’ll sit back and watch the various OS fanboys fight it out …
P.S. Here’s a nice write up on “Four easy ways to protect your Mac from malware,” which is a question I get from time to time.