After all, the Mac’s record for security is impressive, especially when compared to what Windows users have suffered through for years. The Mac’s built-in firewall isn’t turned on by default, though most services that could open access to an unprotected Mac are turned off, too.

The key to the Mac’s security features, those we can see and use, vs. those Apple builds in to the OS that we can’t see, but are perhaps more useful, is to know what we expect of a secure Mac.

The Mac that does not live on a network, whether home or office or internet, has fewer security issues than a Mac that lives on a network. All it takes to get into a Mac to cause damage is a user name and password, and not even that if the Mac is left unattended.

What do we expect of our Mac’s security features? At a basic level, we don’t want anyone else that is not authorized by us, the Mac user, to make changes to our Macs. Of course, we authorize Apple to do so with Software Updates. The same goes for other software which we download and install. We authorize those changes, whatever they may be, right?

Also at that basic level, we don’t want something to destroy, or damage, or delete our files, whether they be music, photos, documents, or the system files that make the Mac doe its work for us. In other words, we want our Macs to be left alone unless we think a change or access to files on the Mac is warranted.

Mac OS X’s inherent permissions design goes a long way toward maintaining the Mac’s stellar record of security. No viruses, no worms, few trojans, few exploits. What’s not to like?

I did some inpromptu research this morning and called an even dozen of my known-Mac user friends, those I was sure had upgraded to OS X Leopard, and asked them if their Mac was secure? They all answered in the affirmative. Then I asked if their Mac’s firewall was turned on. 10 of the 12 didn’t know anything about the firewall. The other two said yes, because they turned it on after they set up Leopard.

Allow me to be somewhat brazen about the results of my own less-than-scientific research, and deduce that most Mac users don’t know much about security issues or exploits or vulnerabilities, or firewalls or other security features, and don’t care. They assume their Macs are more secure than Windows because they, as Mac users, don’t have the same security problems and maintenance issues that Windows users experience.

Most Mac users probably don’t know how to turn on root access. Most Mac users probably don’t share their user name and password with others, except for those they trust. Which reminds me of the How Safe Is Buying Online? question of a few years ago. It’s safer than handing a credit card to a waiter at a restaurant, and no one hesitates to do that.

If most Mac users don’t know much about Leopard’s security features or inherently secure design, why do they feel secure about using the Mac? Is it Mac OS X’s past history of minimal security issues that gives the Mac a better-than-Windows reputation?

Or, is it because we don’t really keep much secure data on our Macs, so why worry? I’m convinced that it is more of the former than the latter. Security hasn’t been much of an issue for Mac users, so why worry now? What we have on our Macs has been safe, therefore it will continue to be safe, therefore my Mac is secure as it needs to be.

I received a call from a close friend who had just installed Leopard this weekend and was worried about the “new Mac virus” that’s going around. Funny, I hadn’t heard about the virus because, well, it wasn’t a virus. See? Most people don’t know the differences between a virus and a trojan horse.

Who could blame the average Mac user with so much hype and hoopla going around. So-called security research Gadi Evron, quoted in Wired, says, ”Apple’s day has finally come, and Apple users are going to get hit hard. OS X is the new Windows ‘98.” Uh oh. Unplug your Macs, folks.

Apparently, Gadi will need to continue his research on Mac OS X security issues before going from the 5th grade to the 6th grade, or stop reading Chicken Little stories in the dark. His Crying Wolf™ screeching was based on a trojan horse discovered just last week.

Visit the right porn site on the web while surfing with a Mac, respond to the pop up dialog box which says you need to install a new video codec to view porn properly, download it, give it your user name and password, install it, and, guess what? You have a trojan horse on your Mac which may cause some damage.

Somehow, that whole convoluted process was so attractive to Gadi that he told a friend, who gave him a wedgie in gym class and he took out his frustration by posing as a ‘security researcher’ and used his deepest adult sounding voice to impress Wired’s writers, who should know better, but know a good hit-generating headline when they see one.

You see, with a trojan horse like that, the security issue isn’t inherent in the Mac or Leopard, it’s inherent in the user who is foolish enough to walk through all the steps necessary to be exploited by said horse. The fact that the trojan horse must be installed by the user who must supply an administrator user name and password tells me that Mac OS X’s security is working better than the users.

And that’s the whole point. That’s how it should be. Apple can’t fix broken users. But they can make it difficult for someone to break into a Mac without help from the inside, so to speak. Do you value the security of your Mac, and the files on your Mac? Then learn about the many ways to lock down your Mac beyond what Apple provides. Otherwise, you end up as those poor porn traveling mules did-- the owners of a Mac that has been compromised.

What do you do to keep your Mac secure? Talk Back to Mac360 in the Comments section below.

Check out the daily list of our 9 Word mini-Reviews at NoodleMac, and Kate's daily in-depth Mac software reviews at PixoBebo.

Off Topic #6 - The MacHeist is back. In case you missed it a few months ago, MacHeist is a great way for Mac users to get 12 top Mac applications and utilities for $49. Many of these have been reviewed on Mac360, so we highly recommend that you take a look. The value, what you get for what you pay, is remarkable. Click Here to look, buy, download.

Off Topic #58 - Do politicians use personal computers? Of course. We’ve heard Barack Obama prefers a Mac, while Hillary Clinton uses a Dell, though, apparently neither of the candidates can bowl. Does Obama’s potential vice president use a Mac? Even Clinton acknowledges Apple’s brand power but says she can’t afford a Mac. Maybe she’d win if she used a Mac.

• Article by Kate MacKenzie • Published on Monday, November 5, 2007
• Category: News & Commentary • 6 Reader comment(s) • Email This • Digg This • Shop Now

Page 1 of 1 Page(s) for this article.

« Previously Leopard Suffers From Too Many Features.

Nextly » A Few Features Apple Did Not Put In OS X Leopard.

Talk Back to Kate, Ron & the Mac360 staff
Mac360 readers talk back. View their comments below or post your own comment to this article. Comments are moderated by the Mac360 staff. Or, post comments in the Mac360 Forums. It's mostly anonymous, there's no obligation, and no cost, so join in-- it's free, fun, low in calories, low in carbs, non-fat, and mildly addictive-- like chocolate and blondes.

Readers Talk Back:

1guysat-here says:

What exactly do you mean...?

— Posted on Thu Dec 06 at 2:49 am by 1guysat-here

iggy pence says:

<grin>

Remember, only the paranoid survive.

— Posted on Thu Dec 06 at 2:44 am by iggy pence

1guysat-here says:

Why, you going to try? Good luck…

— Posted on Thu Dec 06 at 2:29 am by 1guysat-here

iggy pence says:

Uh, just one question. If someone was able to compromise your network, then compromise one of your computers, what would they get?

— Posted on Wed Dec 05 at 10:03 pm by iggy pence

1guysat-here says:

I am behind an encrypted NAT router (WPA2) with a robust firewall, packet filtering, and stealth mode enabled. We have 3 computers on the home network of which all have their firewall enabled (2 Macs here, 1 PC). I have a 24” iMac in White running on Leopard and my parent has a G4 iBook running Tiger, and these two are also stealthed. On the Pc side of things, I maintain it by scanning daily, using Spybot S & D every 2 days, surfing safely; limited user accounts on ALL machines etc. On all of the machines, the browser security is set to maximum as you cannot afford to trust anyone these days, certainly not in a computer sense. I also have a ZoneAlarm browser app which scans each file before download. (F-fox 2 and IE7). I also like to use Safari on all platforms. 3rd party cookies are banned; our scanners never pick anything up.

Right, in Leopard I run as a standard user and rarely if ever, do I use the Admin account for general use. Only if I download something or configure anything. ClamXav is installed to scan for sketchy files in addition to this. Okay, I admit I’m a little OTT but better safe than sorry. Again, the maximum security settings still apply both in the browser(s) and the overall system. And I have to say it pays off because I feel VERY secure when I am using even the PC to surf. But never TOTALLY as there is no such thing as a totally secure environment.

I used to be completely the opposite, back in the day…

My parent also runs as a standard user and is relatively safe on her iBook, as it is constantly monitored.

Any more questions?

— Posted on Wed Dec 05 at 9:31 pm by 1guysat-here

satcomer says:

Well for one I use OpenDNS: http://www.opendns.com/ to block web sites. They also do a great job with automatically blocking known phishing sites plus you can also set your own block on certain web sites and most p0rn sites too.

My one criticism of OS X is upon installation the Firewall is not automatically turned on, it’s up to the user to turn the firewall on.

— Posted on Tue Nov 06 at 10:55 pm by satcomer

Page 1 of 1 Page(s) for Comments on this article.

∧ Back To Top

Talk Back to Mac360 and post your own comment

Your comment may be anonymous if you want (it's OK to use a cute name, or something everyone can remember). An email address is only required if you want to be notified of new comments by other posters, and is always shielded from email spam harvesters.

We moderate the comments, so keep it on topic, relevant, worthy, and funny. Or, pick any two. Yes, SPAM links will be deleted, so don't even think about it.

Talk back and enter your comment below:

Your Name:

Your Email:(optional: needed only for comment notification)

Your Location:(optional: your city, state, country)

Click Here for Smileys

Enter Your Comment Below:

Remember my personal information?
Notify me of follow-up comments by email?

Please enter the Mac360 "Magic Word" from the image below:

∧ Back To Top

What's in the FORUMS?

Newest Daily Topics

WWDC is Sold out... by BunsenHoneydew, 49 views

So, You Bought A Mac? What Tipped The Scales? by Ron McElfresh, 397 views

Office 2008 SP1 released by BunsenHoneydew, 64 views

We Are This Close To Having A Mac In The Pocket. by Ron McElfresh, 297 views

Also in Mac360


	Copyright © 2004 - 2008 PanGeo Media, Honolulu, Hawaii USA. All Rights Reserved. Mac360 is published and edited by Ron McElfresh, Honolulu, HI USA. Mac360 is served on an Apple Xserve using Mac OS X Tiger Server. Powered by ExpressionEngine at ServerLogistics.