The great web designer and Mac guru John Gruber has a great piece on the frustrations of Windows crapware and why Mac users don’t have to deal with it. The same general arguments hold true for Linux users as well. He makes an excellent argument:
My answer to question posed earlier – why are Windows users besieged with security exploits, while Mac users suffer none — is that Windows is like a bad neighborhood, strewn with litter, mysterious odors, panhandlers, and untold dozens of petty annoyances. Many Windows users are simply resigned to the fact that their computers contain software that is not under their control. And if they’ll tolerate an annoying application that badgers them with pop-up ads, well, why not a spyware virus that logs every key you type, then sends them back to the creator? (That’s a real virus, by the way, Korgo, which hit Windows at the end of May and is spreading quickly.)
He uses the theories of James Q. Wilson on crime – that allowing small things like petty vandalism and broken windows to proliferate creates the conditions for larger problems.
This is a particularly brilliant comparison because it highlights the self-victimization that Windows users go through. I will never understand the attitude of Windows users that putting up with hoards of spyware programs is acceptable. When you have programs that completely destroy your network stack, send your passwords to the Russian mafia, and turn your computer into a spam relay, it’s time to consider what the hell you’re doing.
To extend Gruber’s metaphor, it’s like living in the slums in which prostitutes hang on every streetcorner and people are constantly sticking bags of crack in your pockets and using you as a drug mule. Would you seriously argue that "Hey, Skid Row has everything I need? What’s the problem with having to step over a couple of murder victims on the way to work?"
Yet that’s exactly what I hear from Windows users all the time. "IE is good enough" they say. Good enough for what? Good enough for forcing you to put up with annoying ads? Good enough for completely ruining your computer? Good enough that even one of the biggest Windows gurus can have his machine rendered so unusable that even he can’t fix it? If that’s good enough, I shudder to think what bad is. God only knows how many people have been the victims of identity theft from viruses like Korgo.
But Linux is too hard to use! and I can’t play games on a Mac comes the cry. Even assuming you assiduously download each and every security patch and run a firewall, you’re still not safe. Besides, if you’re going to go through all that trouble, you might as well run an alternate OS like Mac and Linux anyway. Arguing that Linux is too hard to use when you have to spend hours applying potentially harmful patches and tweaking your router is not exactly the best argument to make. The XBox lets you play games without having your bank records end up in Boris Sopranoski’s hands, or you can play the many games that are available for alternate operatings systems, including some like Frozen Bubble that are far better than their non-free, adware-laden counterparts.
I think Gruber is right on one thing – the reason that Linux and Mac doesn’t have a major adware/spyware/crapware problem is that the users of these OS care enough to say I’m not going to put up with this crap. If we see a broken window, we fix it. Security vulnerabilities aren’t covered up, they are fixed ASAP and always have been. When you care about security, it shows in your product. When you don’t, you end up with Korgo, Sasser, Netsky, Welchia, Blaster, and who knows what else that’s waiting in the wings, ready to make another nightmare for technical support.
Windows users have succumbed to the "soft bigotry of low expectations" – if you want to live in the slum, then live in the slum. Just don’t get your filth on my yard.
“the reason that Linux and Mac doesn’t have a major adware/spyware/crapware problem is that the users of these OS care enough to say I’m not going to put up with this crap.”
No the reason you don’t have a major problem is that your market is so small that most people don’t waste the resources writing that stuff for your machines.
Gruber deals with that argument in the piece, and I agree with his analysis. Linux and Mac both have around 5% marketshare – one would think that 10% of the viruses around would be either Mac or Windows based.
But I could count the number of Mac/Linux viruses on the fingers of one hand. The reason is that because both Apple and the developers of Linux took security far more seriously than Microsoft long ago, and continue to be more open about security.
Besides, the very nature of UNIX is more secure than Windows for a variety of technical reasons. The other big reason that you don’t see these kinds of exploits is because of the differences in archecture. If Microsoft didn’t tie an insecure Internet browser into the underlying OS and create a registry system that is open for several kinds of abuse, these problems wouldn’t be nearly as prevalent.
The proliferation of virii, spyware, worms, and other such infotrash is starting to damage Microsoft, there’s no doubt about it. On top of that, since Apple builds all their own hardware, their software is optimized and streamlined to work perfectly with it- unlike Microsoft, which has to write code to support a variety of kludgy off-the-shelf hardware. To make matters worse, Apple’s processors are more powerful, and their computers can in general do more with less (by avoiding the redundant waste of much Microsoft software). The OS is more intuitive, stabler- if Apple’s market share doesn’t increase considerably in the next couple years, I’ll be suprised.
I never thought I’d say this, but the Mac is now the Lexus of computers, and my next machine will probably be one. Given that I don’t really care much for computer games these days, and my main focus is now on the internet, it just makes sense.
“Gruber deals with that argument in the piece, and I agree with his analysis. Linux and Mac both have around 5% marketshare – one would think that 10% of the viruses around would be either Mac or Windows based.”
That’s a superficially appealing argument, but illogical. In order for it to be true that Linux and Mac spyware and virii (let’s call it all malware) should exist in direct proportion to their market share, it would have to be the case that there’s nothing more attractive to malware writers about developing for the platform that has 90% market share. That argument is ridiculous on its face.
There are certain “barriers to entry” when it comes to this stuff. Creating malware involves certain “costs” in time, money, expertise, etc. Those costs do not decrease because you’re writing for a platform that only 10% of the public uses. It therefore makes more sense to write this junk for the platform where most of the action is. You get more “bang for your buck” that way.
I should say that I don’t doubt that there are ways in which Macs and especially Linux are more secure than Windows machines. However, I think that’s a relatively small part of the explanation. Even if Macs and Linux were exactly as vulnerable as Windows, you’d still expect to see a strongly disproportionate share of malware written for the dominant platform.