• Explore the magic and the mystery!
  • The Tech Night Owl's Home Page
  • Namecheap.com





  • Is Mac Security Going Down the Tubes?

    May 29th, 2007

    If you’re a fear merchant and get a charge out of spreading suspicion about Mac security, you have to be delighted. If you’re a Windows user wondering what the fuss is all about and whether a switch to the Mac is a good idea, you might want feel a little concerned. And certainly my fellow Mac users are wondering if Apple’s world-class operating system isn’t quite as bullet proof as it’s supposed to be.

    You see, every few weeks so far this year, Apple has released a security update to address potential vulnerabilities of one sort or another. Some of them sound awfully frightening, using such pithy phrases as “remote execution” and “denial of service” or laced with other dark prose that delivers images of impending doom and gloom.

    Is there something wrong here? Isn’t Mac OS X built upon a solid Unix foundation, tried and tested across the planet for several decades? Where did all these terrible-sounding security leaks come from and why isn’t Apple doing more to be proactive about allowing them to appear in the first place?

    How do you protect yourself against such dangers? Is Windows all that bad after all?

    Well, it’s time to settle down. You see, what you’re reading about in all these descriptions of security fixes relates to potential vulnerabilities. Security experts have shown that there are leaks in the dam that need to be sealed. But that is definitely not the same thing as having an Internet criminal take over your Mac and do nasty things.

    Indeed, these vulnerabilities have, so far at least, not been exploited outside of the test laboratory. They need to be patched, of course, but that’s not the same thing as seeing lots of Macs being exploited because of such problems.

    It does, however, remind you of a clicking time bomb.

    I am not, however, as fearful as some of the tech pundits want you to be. You have to realize that all operating systems have security leaks that need to be patched, and it’s very likely nobody will ever figure out a way to seal all the openings. Well, at least not in our lifetimes.

    Unfortunately, this state of affairs creates the climate for some folks to write purple prose claiming that the Mac really isn’t all that secure after all. They might even look at the numbers of security holes that Apple has been patching of late and compare them to the number of Windows vulnerabilities Microsoft has to handle. That’s an easy way to obscure the facts. It’s much harder to sit down and do research and explain whether or not the regular Mac user needs to live in fear that the sky is falling.

    I realize it’s hard to look at the regular release of security updates as a good thing, but it really is. You see, Apple is, of late, taking the hard work of security investigators very seriously. When they find something with the potential for trouble, they put a fix into place extremely quickly. Some say Apple is slow about reacting to such things, but a recent QuickTime issue was resolved within days of its discovery. In case you’ve forgotten, that was revealed during a security contest, in which someone got a $10,000 payday for breaking into a MacBook.

    In fact, the timely release of security patches demonstrates that folks who claim that Apple is ignoring such problems do not know what they are talking about. And even if it takes more than a few weeks to close a specific security hole, you have to realize that knowing there’s a problem and fixing it promptly are two different things. It’s always possible, you see, that a simple code change may impact other functions and creat unexpected problems. So even if the fix is found in a few hours or a few days, it make require several weeks of intense testing to make sure that it works as advertised and doesn’t crash your Mac or create other anomalies.

    This doesn’t mean, of course, that the security updates are necessarily perfect. Every single time Apple releases an updater of one sort or another, some folks will have problems. And it’s not just the very few in our audience who have ripped their Mac’s guts apart with operating system hacks. Sometimes regular people encounter these woes as well, which only goes to show that Apple has to tread slowly and carefully before releasing any software that modifies the operating system in some fashion.

    My suggestion after looking over this ongoing effort to show Mac security in an unfavorable light is simply not to get out of shape about it. Accept the imperfect reality, and just be alert to the release of the ongoing updates. Frankly, I’m not as worried as some about installing them just about as soon as they appear, because no Mac OS X update has ever cost me a moment of trouble.

    At the same time, you probably want to be careful about the third party toys you add to your system. As far as security is concerned, you also want to follow the usual cautions: Have a strong system password, with a mixture of numbers and varying upper and lower case letters. If a password is too easy to remember, someone out there can figure it out. You also want to be careful about downloading unexpected file attachments, even if they come from people you know. It’s always a good idea to confirm first that it’s authentic.

    While you probably don’t need to fret over an impending malware epidemic on the Mac platform, don’t throw caution to the wind either. Stay alert, and don’t let the fear mongers get you down.



    Share
    | Print This Article Print This Article

    Tech Night Owl Comments

    Your email address will not be published. Required fields are marked *