This Week's Sponsor:


Ensure that if a device isn’t secure it can’t access your apps.  It’s Device Trust for Okta.

Marc Maiffret: “Windows Is More Secure, Apple Community Is Ignorant”

Marc Maiffret, popular hacker and security expert, told CNET’s Elinor Mills during an interview that Microsoft cares more than Apple about security and that the Apple community is ignorant to the risks they’re exposed every day.

From the interview:

“Now when you look at Microsoft today they do more to secure their software than anyone. They’re the model for how to do it. They’re not perfect; there’s room for improvement. But they are definitely doing more than anybody else in the industry, I would say.

It’s even a little scarier with them because they try to market themselves as more secure than the PC, that you don’t have to worry about viruses, etc. Anytime there’s been a hacking contest, within a few hours someone’s found a new Apple vulnerability. If they were taking it seriously, they wouldn’t claim to be more secure than Microsoft because they are very much not. And the Apple community is pretty ignorant to the risks that are out there as it relates to Apple. The reason we don’t see more attacks out there compared to Microsoft is because their market share isn’t near what Microsoft’s is.”

This interview immediately reminded me of Gruber’s 2004 post “Security Cannot Be Spun”, which I suggest you to read even after 6 years. Gruber also talked about security problems at this year’s Macworld Expo in his “Apple Top 10 Issues” presentation. You can find the full video here.

Now this is a very difficult subject to discuss, because I can see some points where Maiffret is right, and many where is not.  I think that Maiffret is right when he says that Microsoft is doing a lot of stuff in terms of improving Windows’ security, but I think that the problem is they’re just patching vulnerabilities. They’re not facing the main problem, that of Windows having an internal security architecture worse than Mac OS X’ one. On the other hand, it’s also true that Apple took months to release a security patch for a SSL bug reported by the entire community, just like they weren’t caring about it.

All in all, I don’t think the Apple community is “ignorant” to the subject of security. They’re just not used to think about it all the time.

Unlock More with Club MacStories

Founded in 2015, Club MacStories has delivered exclusive content every week for over six years.

In that time, members have enjoyed nearly 400 weekly and monthly newsletters packed with more of your favorite MacStories writing as well as Club-only podcasts, eBooks, discounts on apps, icons, and services. Join today, and you’ll get everything new that we publish every week, plus access to our entire archive of back issues and downloadable perks.

The Club expanded in 2021 with Club MacStories+ and Club Premier. Club MacStories+ members enjoy even more exclusive stories, a vibrant Discord community, a rotating roster of app discounts, and more. And, with Club Premier, you get everything we offer at every Club level plus an extended, ad-free version of our podcast AppStories that is delivered early each week in high-bitrate audio.

Choose the Club plan that’s right for you:

  • Club MacStories: Weekly and monthly newsletters via email and the web that are brimming with app collections, tips, automation workflows, longform writing, a Club-only podcast, periodic giveaways, and more;
  • Club MacStories+: Everything that Club MacStories offers, plus exclusive content like Federico’s Automation Academy and John’s Macintosh Desktop Experience, a powerful web app for searching and exploring over 6 years of content and creating custom RSS feeds of Club content, an active Discord community, and a rotating collection of discounts, and more;
  • Club Premier: Everything in from our other plans and AppStories+, an extended version of our flagship podcast that’s delivered early, ad-free, and in high-bitrate audio.