I ask in seriousness. Please do not post answers like, "because Windows sucks!"
Why do Macs pretty much never get viruses/worms/trojans, in comparison to Windows? Is one reason the rwx permission implementation, where that I must explicitly grant a program execute permission to run?
What would be another reason?
Less market share means less attackers looking for vulnerable machines.
A stronger operating system means less vulnerabilities.
The way the operating system is laid out malicious programs have to find other ways around security protocals. Windows is very safe if you run it as a normal user. Run as an administrator and you will have issues.
Using sudo to elevate permissions on a case by case basis denies many malicious programs the opportunity to run in the first place, let along gain permission to cause damage.
The biggest reason is the size of the target. Virus authors want to infect as many people as possible and Windows has the majority of the market. I honestly believe if Apple had that much market share they would have very similar problems to what Microsoft experiences today.
I'm not sure I buy the 'more secure' arguments. They have annual contests to see which systems get broken into first, and Macs fair just as poorly as any other system. If a hacker wants in, they'll find a way.
Other posters have said this, but it's all about market share. Why target 10% of computer users, when you can target 90% and get most major corporations while you are at it.
(1) better security model (2) smaller market share (-> less motivation for malware authors)
It will have to be that Mac are "harder" to infect, because if it was as easy, there are still a lot of Macs out there. It's simply the "path of least resistance" rule at work.
Blaming the "infectibility" of windows on it's market share is one of those turning the negative into a positive that must have been generated at a conference table in a large room in Redmond.
One reason is that the security model on OS X is quite strong: even administrative users have to enter their password before they're allowed to modify system files.
Windows XP didn't have anything like this: Admins could do everything they wanted by default, but non-admins couldn't do much at all, pretty much requiring everyone to run as Admins all the time and leave the door wide open. Lately they've been moving towards a more Mac-like model, but in Vista this resulted in "Do you want to allow this behavior?" boxes popping up so often that people got into the habit of ignoring it, or worse, turning it off entirely.
Mac users usually only have to confirm behavior when installing software, so if they're asked to enter a password at any other time it immediately arouses suspicion.
Another reason viruses and worms are so rare on OS X might be because much of the core of OS X is open source, in particular based on FreeBSD, an old, mature code base known for its security.
Most of the malware I've heard about for the Mac has been classic trojans: just trick the user into thinking they're downloading and installing something they want. No OS in the world could ever protect against that.
Mac has more secure process communication, on windows it's easy to tell other proses to do something eg. send a message that a button was clicked, thats why you have the annoying User Account Control dialog for administrative tasks. On mac processes only respond to authorized messages.
PS. Not really know, just repeating that someone told me.
