• Explore the magic and the mystery!
  • The Tech Night Owl's Home Page
  • Namecheap.com





  • A Warning About Mac Security Fear Merchants

    September 22nd, 2008

    You’ve heard the same sad tale over and over again: Now that Macs are finally becoming really popular, it’s inevitable that malware will soon infect this platform in a significant way. Just you wait, and all this crying wolf will soon become up close and personal. No tilting at windmills, but real, honest to goodness virus threats and other dangers are imminent.

    Certainly the fact that Apple releases security updates that address a slew of potential sources for exploits every few months must surely demonstrate that these fears have a basis in fact. After all, why would Apple fix something that doesn’t need fixing?

    Before you batten down the hatches and hide your head in the sand, consider the word “potential” in the previous paragraph, because that’s pretty much the story right now.

    Now I remember that silly Consumer Reports survey some time ago, saying that over 20% of Mac users had been infected by computer viruses. You take those figures and then look at the known fact that few Mac OS X viruses have spread into the wild, and only small numbers have been impacted, and you have to wonder just what’s going on.

    Well, I didn’t read that Consumer Reports survey question, so I don’t know what they were getting at. It may well be, as I’ve seen from time to time, that people who encounter crashes or other untoward behavior on their Macs might blame them on a virus. In fact, a local photographer and long-time client will often write me and express her fears about a potential virus whenever something goes wrong with her computer.

    So why won’t the fear merchants just give up and go away?

    Well, if you just take a gander at the list of exploits in any recent Apple security fixer-upper, you have a right to feel concerned. Every nook and cranny of the Mac OS, including the Finder and QuickTime, has been impacted at one time or another. It seems as soon as one security leak is closed, another one seems to appear in its place. It’s almost as frustrating as stomping out a colony of insects. Rest assured, many more will replace them soon enough.

    The biggest issue here is that fact that no computer operating system is 100% secure, however hard you try. Apple also builds its operating system with lots of open source components that, themselves, may suffer from potential security lapses. Even though some of those components, such as the Apache Web server, have been tested and proven for years, something new will almost always appear. So developers around the world are busy writing patches to address those problems.

    Apple will take these fixes, bundle them into the operating system and release the updates. Sometimes they come in a matter of weeks, and sometimes Apple assembles a bunch over a longer period before committing to a release.

    At the same time, whenever a serious serious hole is found that may be exploited in a test lab, or anywhere on the planet, security software companies will produce their own fixes. Those fixes will be accompanied by press releases that are no doubt meant to inform, but they may seem lurid enough to induce you to buy their products.

    This is not to say that the Mac OS X landscape is perfectly safe. Beyond malware, there are those phishing scams, where people send you letters asking you to update your personal information at your bank or other financial institution. If you click on the link, you’ll be taken to a bogus site made up to look like the genuine article. You enter your login information, social security number or other personal data, and your bank accounts may be quickly depleted before you discover what’s really going on.

    You can easily avoid phishing scams simply by not clicking on links of this sort in your email. Go to the company’s site directly and if you have further doubts, call their customer service people for verification. That will help combat schemes that depend on social engineering. And, no, no fallen Nigerian dictator’s heirs are ready to deposit ten million dollars in your bank account because your name was picked at random. I wonder how people fall for that silliness, but they do.

    Even before the scourge arrives, though, you may still want to install security software on your Mac, if only to keep from sending infected email to your friends who are still saddled with Windows. Maybe it does serve them right for choosing an inferior platform, but why give them more misery than they already have?

    In addition, some companies might just have proactive protection policies in place where both the Mac and PC users on their corporate networks must have security software installed and kept up to date.

    Even if the effect is placebo so far, the latest group of Mac security products don’t seem to seriously impact speed or reliability. That’s quite different from the old days, where certain virus protection apps would exact a stiff penalty on startup and application launch speeds, and cause lots and lots of crashes. As near as I can tell from doing a little random research, the products you buy today from such companies as Intego and Symantec seem to be pretty robust. So the only downside in protecting yourself in advance of any real threat is perhaps the loss of a small amount of money, including the original purchase price and the annual update contracts.

    More to the point, when and if a true virus threat appears that might impact lots of Mac users, having software already installed may not be a bad idea. That way, you don’t have to download a copy, or get a copy from a local dealer after it’s already too late!

    Then again, I still haven’t seen any compelling reason to install security software on any of my Macs, although I do keep the system’s built-in firewall active.



    Share
    | Print This Article Print This Article

    Tech Night Owl Comments

    Your email address will not be published. Required fields are marked *