I wouldn't trust Apple on security. They are currently producing computers with ports that have direct access to the RAM. Also, you can root a mac with physical access in about 10 seconds. (On startup CTRL-S , mount the hd, delete find and delete .Apple*, restart). There is also that issue with the Indian government. Also in the past they have had major problems with FileVault (search 'VileFault').
>They are currently producing computers with ports that have direct access to the RAM.
You mean, like every device with PCI slot or FireWire port? It's hardly just Apple that provides DMA.
Rooting Windows doesn't take too long either, and to get data (the real reason to root a device) it's not like it's necessary. Just pull the HD and plug it into another machine - you already have physical access. Physical access == game over, unless you have good encryption, and the kind of machine or OS makes no difference.
The FileVault issues are a good point, though I don't know what changes have occurred since full-disk encryption came out with 10.7. VileFault's attack vector readme lists DMA (true on any DMA device, though easier on some) and reading unencrypted data to look for passwords - only DMA seems viable with full disk encryption.
Enabling FileVault disables Firewire/Thunderbolt DMA access when the screen is locked, or always when a firmware password is enabled.
pmset -a destroyfvkeyonstandby 1 hibernatemode 25
That command will disable light suspend mode. When the lid is closed, the laptop will hibernate, writing its memory to disk (encrypted) and power off, clearing the encryption key from memory.
Unless this allows you to access a Mac that has FileVault disk encryption turned on, without the key, it's a red herring. Also, today's FileVault is a completely different technology than the previous home dir encryption (which AFAIK was never broken, but had some frustrating limitations, mainly regarding backup).
You can retrieve the key if the computer is turned on by dumping the memory from a Firewire or Thunderbolt port. If these ports are disabled you could use the Cold Boot Attack. This is the same with all computers, it's just that Apple continue to make them with Thunderbolt.
Apple has made some progress on protecting from DMA attacks -- when the screen locker is enabled, you can't do it. The kernel uses Intel VT-d for this; I'm not sure if Linux or Windows do the same yet.
I knocked Apple a bit for security issues 2006-2009, but they've made a serious effort to fix things starting sometime in 2010 or 2011. I mean, iOS and the iPhone platform is probably one of the most secure mobile OSes now (RIM edges it out, but RIM sucks). OS X has added other security features as well, starting with 10.6.
