Share what you know with millions of people
Focus is the best place to turn what you know into remarkable content
Are you worried about Mac security?
There has been a flurry of stories on new Mac attacks, mostly based on Ed Bott's posts that referenced a video on Youtube describing a Mac crimeware kit.
What to do? There are some simple hardening steps you should take. From this excellent article by Andrew Jaquith you can:
"Switch off the Java plugin and turn off the setting that causes Safari to open “safe” files after downloading, such as less-safe-than-they-used-to-be PDF files. Use a Flash blocker such as ClickToFlash to prevent another potential point of compromise. Turn on your Mac’s application firewall. If you are highly security-conscious, you may also want to encrypt your home directory using FileVault, protect access to your computer’s firmware with a password, use a password wallet such as 1Password, or consider using an outbound firewall such as Little Snitch"
There is also an excellent two page guide from the NSA here.
The question is: Are worried enough about Mac security to take these steps?
Events
- Dos and Don'ts of Small Business Marketing May 29 @ 11 am PT
- Lead Nurturing 202: The Next Generation May 31 @ 11 am PT
- The Tricks to Paid Media June 6 @ 11 am PT
- Display Advertising for Brand Awareness June 20 @ 11 am PT
Related Activity
5 Answers
I completely agree. Apple has done a great marketing job promoting the misguided impression that Macs are invulnerable. Regardless of how patched your OS is, with each new application you install, you add a potential vulnerability. We should preach application patching and religiously as we do OS patching.
The biggest issue with Mac security is complacency. Plenty of Mac owners are fanatics to make a difference. Trying to convince them that their Mac may not actually be as secure as they like to think could be quite hard to do, pending some major attack against a lot of Macs.
You only need to look at Linux. Its market share is much smaller yet it is compromised on a daily basis.
People should be worried about Mac security. For too long people have not been very worried about Mac security.
For the longest time there were very few significant pieces of Mac malware. Now as they are finally becoming more popular individuals have much more incentive to take the time to write decent malware for a Mac. Which is what we have been seeing with this whole MacDefender episode.
Moving forward every who does an OSX product needs to take security more seriously. Otherwise they will quickly become as easily victimized as some PC users are now.
I'm not personally worried about Mac security as I don't have any Macs that I am responsible for at this time, but I've always accepted it as a matter of time before every personal user realized that information security is more than an OS debate.
For one thing, the default configuration of modern operating systems tends to make them the less likely point of entry for an attack. For the past few years, it has been the applications that have provided a more reliable attack vector, with social engineering a close second.
The increase of attacks against the Mac platform, and the reluctant response from Apple, tend to give credence to the long-stated assertion that much of the vaunted "Mac security" was mostly due to a lack of bad-guy attention. Now, with sufficient market share to make attacks viable, and with enough buggy cross-platform apps to ensure the attack of the most victims as possible for the effort, MacIntosh users are becoming aware that the OS itself is only a small piece of the security puzzle.
The advise being given for protecting Macs are just as valid as for protecting any other platform.
There's been mixed reaction from friends and colleagues who are more primary Mac users. Those who are Mac-only tend to be in more denial than those who routinely use multiple platforms, including Linux.
The sophistication of today's threats means that we really do need to take personal computer security seriously, regardless of our favorite platform. Security is about products, people *and* process...
-ASB: http://about.me/Andrew.S.Baker
Recently, Apple's popular iTunes proprietary format was compromised. I expect more attacks on Apple technology.
I am actually looking forward to the day that security in Apple products is compromised. Not that I wish them ill in any way, but something is needed to shock their products' end-users out of complacency.
In my view, the largest exposure they have is non-technical issues arising from lack of end-user conformance to reasonable security precautions. This is the same vulnerability that exposes Microsoft products. The only differences are that Microsoft is much less well liked and have a huge majority market-share.
Answer This Question