I just found out that Mac OS is built with UNIX, which is what Linux is build with?

Since Macs can get viruses, does this mean that Ubuntu is just as vulnerable?

Any software is as vulnerable as its user.

I like the look of Lion's new sandboxing features. The Save As dialog passes up to a separate, shared process, for instance, essentially asking for authentication for access to user files. That's really quite clever.

Edit: But yes, every OS has vulnerabilities, often to relatively invisible network attacks, and any piece of software can theoretically do whatever it wants once you've installed it, meaning that the most important security choice you make is to simply install only from trusted sources, although features like the above can work to solve that problem.

they are very similar. it all depends on the user..

Thats like asking which is safer, a Mongoose or a Diamondback, both are great and both will break one's neck if not used correctly.

I just found out that Mac OS is built with UNIX, which is what Linux is build with?

MacOS is built upon Unix itself; while Linux is a clone of Unix.

Linux is a clone of Minix, but does not use any of the source code. [wiki (https://secure.wikimedia.org/wikipedia/en/wiki/Linux#MINIX)]

As already remarked, GNU/Linux is "Unix-like" (GNU's not Unix) in the sense that it should respond in the same way as genuine Unix when given the same inputs (see LSB and POSIX compliance). Darwin, the core of MacOSX, is based on FreeBSD, itself built on what is essentially one of the original Unices, BSD. And although FreeBSD has full API compatibility with Unix, apparently it is only "Unix-like" as well due to some legal reason.

http://en.wikipedia.org/wiki/File:Unix_history.svg

http://en.wikipedia.org/wiki/File:Unix_history-simple.svg

The way Unix and Unix-like systems are designed is inherently safer than the way Windows does it, and I'd go as far as to suggest that the "base" susceptibility of MacOSX and Linux would be similar. But as the popularity of an OS increases, it may become a higher priority target, as the number of installed systems with an exploitable vulnerability may make an attack worthwhile.

While I can't claim to be an expert in the subject. The sources I've read asserted this to be the case.

Though, I don't like Macs. They're way too pricey, and they all seem to be malfunctioning, (Haven't found a version yet which didn't have a flaw in something simple as the hardware, or software.) The problem in Mac lies in that it is focusing, not only on the software side of the OS, but on the hardware side as well. They should distribute their OS to third parties, this way, they won't have to make all the decisions about hardware and software.
As to the vulnerabilities, most of Mac's software vulnerabilities have been plugged. They're secure, but as the above info says, a lot of times, because they are forced to focus on both aspects, they seem to skip one small thing. This has been known to be a security issue in the past, but not very often.
The main problem is caused, when the user installs an application when they have no idea what it does. This isn't a security issue, and I wish Mac would stop treating it like one. It's simply the user telling the computer that it's OK to run the application, and then the application tricking the user. Unlike Windows though, the application can not install itself without the user's permission. This is how a virus works. This is where security fails. If you have a security alarm for your house and you give someone the code, the security did not fail. You did. Mac and Unix work like this. iOS has been trying to identify these programs from the start, but they've been telling their users that they are security risks. They are, but that doesn't mean the OS is insecure, just that the application is.
Ubuntu takes another spin on this. Where Windows now just deletes everything which it thinks is insecure (it doesn't even ask you) Ubuntu says, you can install what ever you want, just type in the password so, I know you're not a program trying to install itself. Where apple doesn't allow you to install these programs, Ubuntu says, here is a software center. All of the programs in here, you can install and they won't bother your computer. If you choose to install something else, we won't delete it, just warn you that we have no idea what it does, but the final decision is left up to the user.
Keeping this in mind, I would say that they have about the same security. It just depends on which security holes you want patched.

Though, I don't like Macs. They're way too pricey, and they all seem to be malfunctioning, (Haven't found a version yet which didn't have a flaw in something simple as the hardware, or software.) The problem in Mac lies in that it is focusing, not only on the software side of the OS, but on the hardware side as well. They should distribute their OS to third parties, this way, they won't have to make all the decisions about hardware and software.
As to the vulnerabilities, most of Mac's software vulnerabilities have been plugged. They're secure, but as the above info says, a lot of times, because they are forced to focus on both aspects, they seem to skip one small thing. This has been known to be a security issue in the past, but not very often.
The main problem is caused, when the user installs an application when they have no idea what it does. This isn't a security issue, and I wish Mac would stop treating it like one. It's simply the user telling the computer that it's OK to run the application, and then the application tricking the user. Unlike Windows though, the application can not install itself without the user's permission. This is how a virus works. This is where security fails. If you have a security alarm for your house and you give someone the code, the security did not fail. You did. Mac and Unix work like this. iOS has been trying to identify these programs from the start, but they've been telling their users that they are security risks. They are, but that doesn't mean the OS is insecure, just that the application is.
Ubuntu takes another spin on this. Where Windows now just deletes everything which it thinks is insecure (it doesn't even ask you) Ubuntu says, you can install what ever you want, just type in the password so, I know you're not a program trying to install itself. Where apple doesn't allow you to install these programs, Ubuntu says, here is a software center. All of the programs in here, you can install and they won't bother your computer. If you choose to install something else, we won't delete it, just warn you that we have no idea what it does, but the final decision is left up to the user.
Keeping this in mind, I would say that they have about the same security. It just depends on which security holes you want patched.

Remember how the Linux community got agitated about FUD being spread about Linux?

I am sure you do, well your post is a classic example of this community's FUD about anything non Linux.

MacOS is built upon Unix itself; while Linux is a clone of Unix.

OSX is build on Darwin which has an XNU, kernel, which has a Hybrid kernel based on Mach 3, BSD, and I/O kit. It is less like the original Unix than Linux is. They are both clones. Where Apple gets off advertising OSX as Unix is beyond me. They probably bought a licence to use the name from AT&T or something. "Real" Unix started in the 70's hasn't been developed since '83, when the government broke up Bell Systems.

As to the OP, Mac an Linux have similar vulnerabilities, but loopholes should theoretically be fixed more quickly in Linux because of the community development model. As far as viruses are concerned, the main threat to the normal desktop user are trojans, which the user installs themself, so no security measure can be taken against them other than using your brain.

However, few viruses exist that are targeted at Linux desktop systems because they only constitute 1% of the desktop market. If Linux becomes more popular, viruses will be more of a concern.

It is less like the original Unix than Linux is. [...] Where Apple gets off advertising OSX as Unix is beyond me.


Darwin is an open source POSIX-compliant computer operating system released by Apple Inc. in 2000. It is composed of code developed by Apple, as well as code derived from NeXTSTEP, BSD, and other free software projects.

Darwin forms the core set of components upon which Mac OS X, Apple TV, and iOS are based. It is compatible with the Single UNIX Specification version 3 (SUSv3) and POSIX UNIX applications and utilities.


From its sixth release, Mac OS X v10.5 "Leopard" and onward, every release of Mac OS X gained UNIX 03 certification while running on Intel processors.

Linux is not compatible with the Single UNIX Specification (UNIX 03), OSX is. So that makes OSX more Unix than Linux.

"Historically, BSD has been considered a branch of UNIX—"BSD UNIX", because it shared the initial codebase and design with the original AT&T UNIX operating system." Mac OSX/Darwin contain code derived from BSD, so that does technically make them based on Unix.

Linux is not compatible with the Single UNIX Specification (UNIX 03), OSX is. So that makes OSX more Unix than Linux.Well, I guess that showed me!


"Historically, BSD has been considered a branch of UNIX—"BSD UNIX", because it shared the initial codebase and design with the original AT&T UNIX operating system." Mac OSX/Darwin contain code derived from BSD, so that does technically make them based on Unix.

I am meh about this argument. It has BSD frankensteined in together with Mach and I/O kit, and it's a hybrid kernel, which neither Unix nor BSD ever was (though I think dragonfly BSD has a hybrid kernel, but that's relatively new).

But I buy the argument about standards compliance. So I guess Apple is 'more' Unix than Linux.

Well, I guess that showed me!



I am meh about this argument. It has BSD frankensteined in together with Mach and I/O kit, and it's a hybrid kernel, which neither Unix nor BSD ever was (though I think dragonfly BSD has a hybrid kernel, but that's relatively new).

But I buy the argument about standards compliance. So I guess Apple is 'more' Unix than Linux.

OSX is Unix certified

I never understood why Apple spent money and efforts to have OSX Unix-certified. It's not like the server arena is their prime market, and the average desktop customer couldn't care less what the foundation is. Seems like a lot of resources going into the occasional mentioning of "the power of Unix".

I never understood why Apple spent money and efforts to have OSX Unix-certified. It's not like the server arena is their prime market, and the average desktop customer couldn't care less what the foundation is. Seems like a lot of resources going into the occasional mentioning of "the power of Unix".

One could ask why do Linux Distros and the Linux Community boast the Unix like properties of Linux?

One could ask why do Linux Distros and the Linux Community boast the Unix like properties of Linux?

Whatever dude.

Whatever dude.

My point was valid. The Unix origins of OSX are genuine so it's a valid feature for promotion. The same as teh Unix like features of Linux are a valid promotional feature.:rolleyes:

I'm not doubting they origins are valid. But getting the Unix specification, as far as I know, isn't cheap, and I don't really see the promotional value of mentioning Unix here and there, since OSX is not marketed as a server OS.

I'm not doubting they origins are valid. But getting the Unix specification, as far as I know, isn't cheap, and I don't really see the promotional value of mentioning Unix here and there, since OSX is not marketed as a server OS.

Certificate validates the claim and OSX has a server edition

http://www.apple.com/nz/macosx/server/

Any software is as vulnerable as its user.

But given the same user, no two pieces of software can be considered perfectly equal.


One could ask why do Linux Distros and the Linux Community boast the Unix like properties of Linux?

Do Linux distros do that? The websites for Ubuntu, Debian, Suse, and Red Hat don't appear to mention Unix.<br/>
There may well be parts of the Linux community that do as you say (? I wouldn't know) but apparently so do parts of the Apple community, as evidenced by the following quote:

OSX is Unix certified

Certificate validates the claim and OSX has a server edition

http://www.apple.com/nz/macosx/server/

And I'm supposed to be selling these... for this week, though. But that's still a relief... 4 days more till my next off-day.

Before I install something from package manager, how do I know it's safe?

Before I install something from package manager, how do I know it's safe?

The package manager will tell you. It might or might not be safe, but for Debian-based distributions as far as they are concerned, they use package signing using signing keys (we're talking computer security terms here) which the OS will request to the keyserver and will register the software source into your package manager after a verification from the keyserver is confirmed.

I can't really put it down into very down-to-Earth layman terms, someone might do a better job at it than I can.

I never understood why Apple spent money and efforts to have OSX Unix-certified. It's not like the server arena is their prime market, and the average desktop customer couldn't care less what the foundation is. Seems like a lot of resources going into the occasional mentioning of "the power of Unix".

To get developers on board. I know a lot of programmers/admins who use OSX becaues they need a Unix system for work but want something that is easier to use than other Unix systems. Getting developers to your system is very important for long-term viability. This is how Linux remains so good despite so few people using it :).

the question should be, how safe are the users in XY os?

Because it's pretty much always up to the users nowadays.

Although there are less viruses developed for linux so I guess that makes it safer.

I believe that OS X is less secure than people think.

Here's one article: http://allthatiswrong.wordpress.com/2011/06/23/os-x-%E2%80%93-safe-yet-horribly-insecure/

To get developers on board. I know a lot of programmers/admins who use OSX becaues they need a Unix system for work but want something that is easier to use than other Unix systems. Getting developers to your system is very important for long-term viability. This is how Linux remains so good despite so few people using it :).

Yup, that makes sense. Didn't even consider it.

No OS is safe. There are degrees of safety but it largely comes down to user habits and knowledge, and market presence of the OS.

windows vista and windows 7 as more authentication the cancel and allow box and comes up all the time. OS X authentication is only system files .

So you can download ,install or remove or even change system setting as that is not part of the system files .

In windows any change to system file or even setting you get cancel and allow box even changing the date and time or wallpaper .

windows vista and windows 7 as more authentication the cancel and allow box and comes up all the time. OS X authentication is only system files .

So you can download ,install or remove or even change system setting as that is not part of the system files .

In windows any change to system file or even setting you get cancel and allow box even changing the date and time or wallpaper .

You show them!

This thread has nothing to do with Windows.

This thread has nothing to do with Windows.

I think posts are bleeding over from that other thread about Linux security "myths".

The package manager will tell you. It might or might not be safe, but for Debian-based distributions as far as they are concerned, they use package signing using signing keys (we're talking computer security terms here) which the OS will request to the keyserver and will register the software source into your package manager after a verification from the keyserver is confirmed.

I can't really put it down into very down-to-Earth layman terms, someone might do a better job at it than I can.

In that case, I notice the vast majority of packages are unsafe.

If there's a Ubuntu circle symbol besides it, does that mean it's safe?

The Ubuntu logo just indicates Canonical-supported packages and is unrelated. If any package installs without warning you, then it's safe, or believed to be.

Linux is definitely safer than MacOS! :lolflag:

OSX is Unix certified
"I could take a dump in a box and put a guarantee on it! I've got the spare time..."

Not saying OSX is a piece of **** or anything. I think it's the best desktop platform available for the average user, just sayin'... Standards compliance has some meaning. Certification is neither here nor there.


One could ask why do Linux Distros and the Linux Community boast the Unix like properties of Linux? I don't think they do, seeing as Linux and FreeBSD have completely replaced and surpassed Unix in every way.

If anything, Apple is using the name Unix because of it's association with Linux and BSD as hugely successful server and development platforms. You'll notice you never hear iOS being marked with "the power of Unix," even though it's got exactly the same Darwin kernel.

Linux is definitely safer than MacOS! :lolflag:
Well exley a OS running a terminal wih no GUI or programs is safer .



This thread has nothing to do with Windows.


I only talked about UAC as I find it is the most powerful thing invented to stop malware.Linux does not have UAC but what Linux have is you are a user with root privileges that need authentication.

Mac has user space level and system level .Any time you try to do some thing in system level you need a authentication.In Linux any thing out side your home directory needs authentication.

With Linux you use sudo and windows you use cancel and allow but that can be change for password prompt too.

Some Linux destro you can change it so you run has root all the time.

I only talked about UAC as I find it is the most powerful thing invented to stop malware.Linux does not have UAC but what Linux have is you are a user with root privileges that need authentication.


There is a tool like UAC, it's called Policykit. Policykit is not as comperhensive, and is not the only security tool, so UAC is "better" in this respect. Of course, that meens little when nobody is shooting at Linux, and everybody is at Windows :D

"I could take a dump in a box and put a guarantee on it! I've got the spare time..."

Not saying OSX is a piece of **** or anything. I think it's the best desktop platform available for the average user, just sayin'... Standards compliance has some meaning. Certification is neither here nor there.

I don't think they do, seeing as Linux and FreeBSD have completely replaced and surpassed Unix in every way.

If anything, Apple is using the name Unix because of it's association with Linux and BSD as hugely successful server and development platforms. You'll notice you never hear iOS being marked with "the power of Unix," even though it's got exactly the same Darwin kernel.

To get the "Unix Certification" the OS has to be assessed and approved by the Open Group that it complies with the Unix specifications and standards.

There is a tool like UAC, it's called Policykit. Policykit is not as comperhensive, and is not the only security tool, so UAC is "better" in this respect. Of course, that meens little when nobody is shooting at Linux, and everybody is at Windows :D


What Mac has Policykit? Or you can download Policykit for a Mac?

If more malware come out for Mac do you think they will get Policykit if they have it turn off?

What Mac has Policykit? Or you can download Policykit for a Mac?

If more malware come out for Mac do you think they will get Policykit if they have it turn off?

Linux does, not Mac. It's the difference in the dialog "you need root permission" and "system policy prevents"... Like UAC, Policykit doesn't run as root, but only elevates the privilege for a certain task or application. I'm not an expert on this, but I think that the UAC design is technically superior.

Dunno what the Mac equivalent is, or if there is one.

Standards compliance has some meaning. Certification is neither here nor there.
That's what I keep telling my wife when she calls me a "certifiable idiot". I tell her that's neither here nor there.I comply to standards.....mine. :P

From the title: Is Ubuntu safer than Mac OS?
Only if Apple hasn't sued you yet.:P

The first point i would like to make is i hate mac with a passion greedy little bastartds also considering the software MAC was built on was originally free greedy little grumble grumble .....

mac has been hacked the only really secure mac software is the I Phone even thought i hate that to

Besides that if we think outside the box lets talk about hackers ;/ most not all but most hackers have a point to there destruction like bill gates is a greedy little bastard milking school kids hundreds just to use Microsoft word or charging soooo much for a OS release and considering how it was developed compaired to Linux flavours it just a massive block of software slammed o the hard drive. people like to hack that because he is a greedy bastard.

and even more so its Mac they charge MORE MONEY FOR NORMAL HARD WARE JUST BECAUSE ITS IN A MAC BOX ............ just in case we all missed that THE SAME HARDWARE JUST COSTS MORE SAME!!! in my opinion that gives hackers the fuel and hatred to want to destroy mac's.

Of course they are just wankers but any one with a heart wouldn't want to heart Linux it was made by the community for the community in my opinion mac and Microsoft get what they deserve


From the title: Is Ubuntu safer than Mac OS?
Only if Apple hasn't sued you yet.:razz:HAHAHAHHAHAHAHAHAHAHAH

That's what I keep telling my wife when she calls me a "certifiable idiot". I tell her that's neither here nor there.I comply to standards.....mine. :P

HHAHAHAHAHA! epic... loving it! going to try that on the GF! lol!

Linux does, not Mac. It's the difference in the dialog "you need root permission" and "system policy prevents"... Like UAC, Policykit doesn't run as root, but only elevates the privilege for a certain task or application. I'm not an expert on this, but I think that the UAC design is technically superior.

Dunno what the Mac equivalent is, or if there is one.


This is what I think I'm getting confused about in these threads root permission vs policy prevents and what UAC have to do with it

This is what I think I'm getting confused about in these threads root permission vs policy prevents and what UAC have to do with it

Well, let me try an example, cuz I like you.

When you launch Synaptic in Ubuntu, you need to open it as root. Then you're utilizing the gksudo application, which graphically invokes the sudo program. Everything you do with Synaptic, you're doing it with root authority. Specifically, both apt, and its backend dpkg, are running as root. In Windows, you'd just download an .exe, run it, and UC would pop up, elevating the authority for the .exe to communicate with the install wizard.

When you try to do something like change the system time in Ubuntu, you're trying to do so as a normal user, but since you need administrative authority to do it, and since the system policy says a normal user doesn't have this authority, you're interfacing with Policykit, which gives you root authority for that one task. In Windows, it would be the same thing with UAC.

The difference is that not all the system applications in Linux are designed to ask Policykit for authentication, while every administrative task in Windows is designed to ask UAC.

For other questions, there's always Google.

Part of OS security is the response of the company that supports the OS. Do they react and patch quickly? Do they react slowly? Do they offer a work around while a patch is being worked on? Do they deny the flaw until 1 hour after a patch is released.

My history with Apple has been that they are often slow to react and do not admit flaws until after patch release.

The OS itself is roughly as secure as Linux from what I can tell. In fact, all current OSes fair very well. Applications on the other hand do not. I would have to rank modern OSes as such:
BSD, Linux, Windows 7, OS X

Though the differences are not as vast as when Windows XP was in the last spot.

Part of OS security is the response of the company that supports the OS. Do they react and patch quickly? Do they react slowly? Do they offer a work around while a patch is being worked on? Do they deny the flaw until 1 hour after a patch is released.

My history with Apple has been that they are often slow to react and do not admit flaws until after patch release.

The OS itself is roughly as secure as Linux from what I can tell. In fact, all current OSes fair very well. Applications on the other hand do not. I would have to rank modern OSes as such:
BSD, Linux, Windows 7, OS X

Though the differences are not as vast as when Windows XP was in the last spot.

Apple is pretty notorious for slow security responses on OSX (and sometimes iOS), I think it's part of their preference for having a complete answer to a situation before they say anything about it (see: iPhone 4 antennas, Lodsys, MacDefender, etc, etc). But for all their corporate ******** they do seem to continue to pay attention to security (10.5 no ASLR, 10.6 some, 10.7 full, etc) and I don't think they're really endangering their customers.

Your security ranking is probably accurate, but hides the fact that there is a gap between the server/hobbyist OSes, and the consumer ones; and that amongst each group the differences are minimal. What I'm trying to say is, while Windows 7 might be more secure, it's by a very small measure, and the same goes for BSD.

Your security ranking is probably accurate, but hides the fact that there is a gap between the server/hobbyist OSes, and the consumer ones; and that amongst each group the differences are minimal. What I'm trying to say is, while Windows 7 might be more secure, it's by a very small measure, and the same goes for BSD.

I agree... on the OS level itself the differences are insignificant... once I load applications though... all bets are off.

Here are some interesting statistics:

http://secunia.com/advisories/product/27467/?task=statistics_2010

http://secunia.com/advisories/product/96/?task=statistics_2010

http://secunia.com/advisories/product/32688/?task=statistics_2010

Security expert warns hackers can attack Android
Google spokesman Jay Nancarrow said Android security experts discussed the research with Hassell and did not believe he had uncovered problems with Android.
"The identified bugs are not present in Android," he said, declining to elaborate.
It was the first public explanation for the failure of Hassell and Macaulay to make a scheduled presentation at the annual Black Hat hacking conference in Las Vegas, the hacking community's largest annual gathering.

http://ca.reuters.com/article/technologyNews/idCATRE77B53F20110812?pageNumber=2&virtualBrandChannel=0

So if the Android has so much malware does that mean Linux is not that good than when comes to malware ?

I know the Android is base of Linux .


Why is the iPhone or iPad do not have lots of malware they both use same browser as OS X. So than there should be more malware for OS X ?

http://ca.reuters.com/article/technologyNews/idCATRE77B53F20110812?pageNumber=2&virtualBrandChannel=0

So if the Android has so much malware does that mean Linux is not that good than when comes to malware ?

I know the Android is base of Linux .


Why is the iPhone or iPad do not have lots of malware they both use same browser as OS X. So than there should be more malware for OS X ?

False. First of all, Linux is just a kernel, not an OS. All it does is deal with hardware and nothing else. GNU/Linux operating systems are secure for lots of reasons, some of which include: not having root privileges, lots of eye on the code and such.

Android doesn't have all that much malware. It's just "malicious apps" that people intentionally download not knowing it's malicious. Any trained eye can spot them easily. I've never even came close to any malicious apps. The reason Android has more malware than iOS is because Google has an open market. That is, anyone can put any app they want and they aren't reviewed by Google "so that no one company can block the innovations of others". Basically what they are saying is that they don't want to dictate what you can and can not make, just because it might not be in their best interest (i.e you make a better app than them for something they already provide). Unfortunately this opens the door to malicious applications but they are being removed as they are found. Apple on the other hand reviews every app before allowing it to be released, as a result it's much more difficult to get it past them.

iOS and Mac OSX, GNU/Linux and Android have nothing in common when it comes to security. They are just based on some of the same things but that in no way means they work the same. You can't run Android apps on Ubuntu, you can't run Ubuntu apps on Android. Android doesn't even use X.

I think you are confusing functional separations in the structure of the OS with the separation of privileges in relation to modifying the OS.

System level includes kernel, drivers, security sensitive APIs, and any folders that can only be written to with system level privileges.

The word on the net is that OSX, Lion, is the new king of the security jungle:

http://www.theregister.co.uk/2011/07/21/mac_os_x_lion_security/

[edit:] Though the other BSD's aren't mentioned...

The word on the net is that OSX, Lion, is the new king of the security jungle:

http://www.theregister.co.uk/2011/07/21/mac_os_x_lion_security/

[edit:] Though the other BSD's aren't mentioned...

Of the consumer security jungle, would be a more apt description. It's not surprising - Apple has implemented all the best ideas from BSD with their own spin.

Though, I don't like Macs. They're way too pricey, and they all seem to be malfunctioning, (Haven't found a version yet which didn't have a flaw in something simple as the hardware, or software.) The problem in Mac lies in that it is focusing, not only on the software side of the OS, but on the hardware side as well. They should distribute their OS to third parties, this way, they won't have to make all the decisions about hardware and software.
As to the vulnerabilities, most of Mac's software vulnerabilities have been plugged. They're secure, but as the above info says, a lot of times, because they are forced to focus on both aspects, they seem to skip one small thing. This has been known to be a security issue in the past, but not very often.
The main problem is caused, when the user installs an application when they have no idea what it does. This isn't a security issue, and I wish Mac would stop treating it like one. It's simply the user telling the computer that it's OK to run the application, and then the application tricking the user. Unlike Windows though, the application can not install itself without the user's permission. This is how a virus works. This is where security fails. If you have a security alarm for your house and you give someone the code, the security did not fail. You did. Mac and Unix work like this. iOS has been trying to identify these programs from the start, but they've been telling their users that they are security risks. They are, but that doesn't mean the OS is insecure, just that the application is.
Ubuntu takes another spin on this. Where Windows now just deletes everything which it thinks is insecure (it doesn't even ask you) Ubuntu says, you can install what ever you want, just type in the password so, I know you're not a program trying to install itself. Where apple doesn't allow you to install these programs, Ubuntu says, here is a software center. All of the programs in here, you can install and they won't bother your computer. If you choose to install something else, we won't delete it, just warn you that we have no idea what it does, but the final decision is left up to the user.
Keeping this in mind, I would say that they have about the same security. It just depends on which security holes you want patched.
Yeah, people using Macs that wanted to run Windows on a virtual machine would complain when Windows Vista wasn't legally able to run in a virtual environment. WTH?? You are using Mac OS X! The worst when it comes to that situation!