Apple is like the Disney of technology, always adding a dash of "magic" to its products. However, Apple still needs to come up with a spell that wards off evil spirits.
The debate over which operating system is more secure always evokes passionate responses from both sides, but the reality is that Mac OS X does not offer a target valuable enough for malware developers to invest time and effort attacking it. The Mac OS X platform is not widely used in business, Mac OS X only makes up about five percent of the total operating system market.
However, the success of the iPhone, and projected success of the iPad put those devices much higher on the market share food chain. The iPhone has captured the number two spot for smartphone market share with just over 25 percent, and analysts estimate that Apple could ship 10 million iPads by the end of 2010. Now, that is a target that attracts some attention.
"The general consensus is that Apple continues to do only the absolute minimum to address enterprise security and supportability requirements," noted Andrew Storms, Director of Security Operations for nCircle. "We haven't seen any new enterprise iPhone security features from Apple since the summer of 2009 when they introduced their new hardware level encryption, which was almost immediately subverted. This is not the kind of behavior security professionals want to see in vendors."
Recent events seem to illustrate that point. Security researches were able to compromise a fully updated iPhone 3GS at the recent CanSecWest Pwn2Own competition. Storms warned me that, "If the iPad has the same OS as the iPhone then enterprises are going to be even more concerned about the data on this device."
The interesting thing about the iPhone hack, though, is that it leveraged weaknesses in the Safari Mobile browser to subvert the OS. Another security researcher has also been able to hack a fully patched Mac OS X system in a matter of minutes the past two years by exploiting the Safari web browser. It seems that Apple's web browser is a bit of an Achilles heel for Apple devices.