FBI Agent: "If You Want To Frustrate Law Enforcement, Use A Mac"
by , 12:00 PM EST, February 2nd, 2004
Security on the Mac has long been a hot-button topic. With the Windows world inundated by security problems that stem from years of neglect from Microsoft, Mac users have sat productively by not installing multiple patches a month, not dealing with our Macs being taken over by some script kiddie or another, and not being stressed out due to our Mac network being taken out by all the virus e-mails circulating about.
While many in the Windows world find solace in the mistaken idea that Macs aren't hit by all the problems they deal with simply because Apple's market share is so low, the folks at the FBI seem to know what other Mac users know: Macs are secure out of the box.
This comes to us from a January article in Security Focus by Scott Granneman. Mr. Granneman tells the tale of an FBI agent coming to speak to his class about computer security issues, and according to him, the FBI knows that Macs are secure out of the box, that price keeps the FBI from using Macs in the field, and that the FBI has more trouble getting data from Macs than it does with Wintel machines. From the article:
Dave had some surprises up his sleeve as well. You'll remember that I said he was using a ThinkPad (running Windows!). I asked him about that, and he told us that many of the computer security folks back at FBI HQ use Macs running OS X, since those machines can do just about anything: run software for Mac, Unix, or Windows, using either a GUI or the command line. And they're secure out of the box. In the field, however, they don't have as much money to spend, so they have to stretch their dollars by buying WinTel-based hardware. Are you listening, Apple? The FBI wants to buy your stuff. Talk to them!
Dave also had a great quotation for us: "If you're a bad guy and you want to frustrate law enforcement, use a Mac." Basically, police and government agencies know what to do with seized Windows machines. They can recover whatever information they want, with tools that they've used countless times. The same holds true, but to a lesser degree, for Unix-based machines. But Macs evidently stymie most law enforcement personnel. They just don't know how to recover data on them. So what do they do? By and large, law enforcement personnel in American end up sending impounded Macs needing data recovery to the acknowledged North American Mac experts: the Royal Canadian Mounted Police. Evidently the Mounties have built up a knowledge and technique for Mac forensics that is second to none.
(I hope I'm not helping increase the number of sales Apple has to drug trafficers.)
There's a lot more information in the full article, and we recommend it as a very interesting read.