Eric Schmidt: Want Security? Get a Mac

Speaking at the All Things Digital D9 conference, Google Executive Chairman Eric Schmidt said in a wide-ranging Q&A session that the best workstation security is offered by a Mac, coupled with Google’s Chrome browser. Additionally, he suggests users of Google’s services should activate two-step authentication–introduced earlier this year–which requires users to enter a code that’s texted to their phone each time they log in on a new computer.

In recommending the Mac, Schmidt undoubtedly wandered off-script and perhaps left Google’s marketing people palpitating. Google’s official line is that its new Chrome OS offers the best security around, which offers several new technologies not found in either Windows or Mac. However, Chrome OS will only be available on two netbook models upon its launch later this month, although a Chrome OS desktop is on its way from Xi3 in July. Additionally, the open source nature of Chrome OS means users are free to compile the Chrome OS code and install it themselves on any computer, if they feel up to it.

Schmidt hinted he might be somewhat biased in his advice, mentioning he’s a “proud former board member of Apple.” Schmidt spent just under three years on Apple’s board of directors, resigning in 2009 only when Android and the Chrome browser meant Google and Apple would directly compete. However, eagle-eyed bloggers spotted Schmidt having coffee with Steve Jobs and apparently chatting about business just last year.

Schmidt’s timing in recommending Mac security couldn’t be worse. Today sees the release of Apple’s first-ever Mac OS X security update that specifically targets malware, and Apple has recently been mired in controversy with suggestions Apple Store employees were allegedly told to avoid talking of malware when chatting with worried customers. Employees were allegedly threatened with “write-ups and even termination.”

Whatever the case, the Mac vs PC security debate clearly isn’t what it used to be even just a few years ago.

Microsoft’s worked hard to improve security in Windows Vista and then Windows 7, and the days of almost weekly virus alerts have long passed. The combination of the Malicious Software Removal Tool (MSRT)–pushed to all Windows users as a free monthly update–and the free Microsoft Security Essentials antivirus add-on has made it significantly easier to stop virus infections where users find protecting their computer beyond their technical abilities. This is especially useful considering an increasingly popular attack vector is fake antivirus software that is actually malware, meaning those who try to help themselves are often left far worse off.

Security Essentials is free for up to 10 computers within a small business, while MSRT is free for all users.

However, despite these measures, Microsoft’s own figures shows that the malware infection rate for Windows 7 climbed by more than 30 percent during the latter half of 2010. Additionally, speak to any third-party antivirus vendor and you’ll hear that malware creation is as rampant on Windows as it ever was.

In other words, there might be less headline-grabbing malware about, but that’s not because malware creators have given up.

Meanwhile, over the on the Mac, the MacDefender malware, which inspired the security update from Apple, has apparently mutated into Mac Guard, which doesn’t require a password to install. This could fool even users who are technically savvy and who have been taught that programs without a password prompt are limited in the potential damage they can do. Installation of the malware starts automatically once users visit certain Web pages if Safari is set to ‘open safe files after downloading.’

It’s clear an individual or (more likely) team of malware authors is now targeting the Mac platform but it’s too early to say whether they’ve set a precedent, or whether the team will get enough out of the exercise to make it pay (that is, stealing user details). Although Mac market share is growing, it still trails massively behind the PC. Just like any other business, malware authors tend to aim for the biggest marketplaces.

If nothing else, the huge media coverage surrounding the MacDefender malware has acted as an unofficial form of antivirus, warning Mac users to be alert now and in the future.

Concerned Mac users can already download a variety of antivirus software, including the free-of-charge Sophos Anti-Virus for Mac Home Edition.