It Is Almost Zero Day for Apple
posted Saturday Mar 20, 2010 by Scott Ertz
Apple has been telling its customers for years how its operating systems have been safer than Windows. While technically true, the reasons may not be the same as what Apple's pompous advertising suggests. They would want you to believe that it is because Apple is gifted by God to be the best but Charlie Miller, an expert in computer security, says, "Mac OS X is like living in a farmhouse in the country with no locks, and Windows is living in a house with bars on the windows in the bad part of town."
The reason he can say this is because he has recently found and will soon announce the details of 20 zero day security flaws in Mac OSX. At the upcoming CanSecWest he plans to release the full details of these security flaws, but he did say that the issues are all found in the closed source Apple proprietary products. He says "the attack surface of OS X is so wide you can land a 747 on it, sideways."
Charlie has, in the past, found other Mac OS flaws in the open-source and closed source third-party components but has never announced this many issues all relating directly to code Apple wrote. As far as a solution, he doesn't see one coming any time soon. "It will not think it has a security problem until it affects {the company's} bottom line," he said.
So before they fix an issue it has to hurt them financially. Sounds like it doesn't "just work" unless it is working for Apple.