So I made an interesting observation at Cansec last week. By day 3 I realized that I was the sole presenter running Vista. Hell I may have been the sole *attendee* running Vista. In fact if I had to break out the presenter laptop OS's it would go something like this:
- 50% OSX
- 34% Windows XP
- 15% random Linux distros
- 1% Vista (me)
If you add attendees to the mix the Windows XP numbers go up a bit and the OSX numbers may go down (i.e. it may be 40% OSX / 40% XP).
I find this phenomenon curious given that OSX is never in the news with a positive security story as of late - it's all fail all the time lately with OSX and security. This point was made dramatically clear when OSX fell inside of 2 minutes on day 2 of pwn2own when you were allowed to log in locally and browse to an exploit web site. All you apparently need to pwn the Mac is in-box applications - for Vista - the researcher who owned it needed not only Flash but Java as well (it's unclear as to why Java was needed but the thinking is perhaps it was needed to get some executable pages for the shellcode due to NX / XD / DEP).
So I find it pretty strange that people who worry about security enough to attend and present at security conferences - are predominently running OSs that are less than optimal for the task of keeping them secure. I for example - was running Vista x64 SP1 with Bitlocker in TPM+PIN mode . . . and it's like I was from the future or something - even though this platform has been out for over a year now.
So what are the reasons behind this?
- Security geeks favor pretty hardware / UIs over security? (i.e. "Do as I say - not as I do"?)
- They like the OSX platform because they can run cooler Unix / Linux / open source tools easier?
- They're hoping for a little security through obscurity?
- All of the above?
Don't get me wrong - I've been to lots of security cons over the years and I know that there's always been a lot of OSX and Linux there - but it seems to be trending *up* not down . . . I find that strange. Maybe it's just me.