Finding accurate information on Mac security can be daunting. Making Internet searches leads to lots of articles, but how many are accurate? How many are written by the companies who want to sell you their products?
One of the places I trust to provide accurate, well-reasoned answers is the folks at TidBITS.com. Adam and Tonya Engst have been covering the more technical side of the Macintosh for over 20 years. They have hired some of the most respected writers in the Apple eco system. I aways find good information about computer security in the Safe Computing section of their web site: http://tidbits.com/section/security.
Bob adds, "Pat's spot on. I've trusted TidBITS for as long as I can remember and known Adam and Tonya even longer. TidBITS offers superb reporting on most Apple-related topics, but they're particularly strong when it comes to security. Whenever there's a new outbreak (which thankfully, is not that often), TidBITS is the first place I look for reliable news and information."
I also enjoy and trust the information provided by Riva Richmond on the New York Times web site. Particularly good recent articles include Lion’s Upgraded, Robust Security Features, http://gadgetwise.blogs.nytimes.com/2011/07/29/lions-upgraded-robust-security-features/ and Apple’s New Security Features for the Mac, http://gadgetwise.blogs.nytimes.com/2012/02/17/apples-new-security-features-for-the-mac/.
Apple has many excellent articles and guides on Macintosh security. While this information is not highlighted in new computer documentation, it is readily available on the Support area of their web site. Go to http://www.apple.com/support/ and type “security” into the search bar. You will find many links to articles about operating system security and device security. The article at http://www.apple.com/macosx/what-is/security.html is a very good place to start.
While this article is directed to the Mac OS 10.8 Mountain Lion user, Apple also provides excellent downloadable guides for earlier versions of the operating system. Check out these links if you are using an earlier version of the Mac OS:
- Mac OS X 10.6 Snow Leopard - http://images.apple.com/support/security/guides/docs/SnowLeopard_Security_Config_v10.6.pdf
- Mac OS S 10.5 Leopard - http://images.apple.com/support/security/guides/docs/Leopard_Security_Config_2nd_Ed.pdf
- Mac OS X 10.4 Tiger - https://ssl.apple.com/server/macosx/docs/Tiger_Security_Config_021507.pdf
- Mac OS X 10.3 Panther - https://ssl.apple.com/support/security/guides/docs/Panther_Security_Config.pdf
I was unable to locate a Mac OS X Lion Security Configuration guide. It seems as though Apple did not produce one for Lion. However, go to https://ssl.apple.com/support/ and type in Mac OS X 10.7 Security. You will find many documents that cover separate parts of the topic.
Apple provides many security updates on an as needed basis to protect your computer and its software. Information on these updates can be found at http://support.apple.com/kb/HT1222. The information provided in these links can seem a bit cryptic. While providing basic information, Apple is making sure not to give hackers information they might be able to use to attack your computer.
I find it amusing that we learn about supposed Macintosh security problems from companies like Kapersky, Norton, Sophos and Intego. These are the companies (along with a few others) who sell antivirus software for the Mac.
In several cases, these same software companies have released proof-of-concept malware on the Internet to demonstrate how we “need” their products.
The dirty little secret about their software is that it cannot automatically protect you from the newest malware. These companies have to find the virus or exploit and then they have to write the code to block the problem. So, while their software can protect you from older malware, it does not protect you from today or tomorrow’s problem.
They must also rely on you to keep their software up-to-date and they have to depend on you not to exit a virus scan. If you’ve used antivirus software, you know that the software will always need to be updated when you are in a hurry and cannot wait around for it to download the newest update, install it, restart your computer, then run the virus scan. All too often users will circumvent this lengthy process because they are in a hurry.
Ask me how I know, since I don’t run Mac antivirus software. I have several applications that I must run in Windows, so I use Parallels to run them. I seem to encounter these issues every time I boot into Windows--and I routinely find myself disabling the antivirus software. I know I am un-protected when I do it, but then I never access the web, read email, or download files when I am using Windows on my Mac. Can I guarantee I won’t do the same things if I am relying on Mac antivirus software? I know I would occasionally slip!
Apple has built security software into Mac OS X 10.8 MountainLion. Because I keep my computer up-to-date, Apple has a mechanism to download and install new antivirus definitions in the background, at the deepest level, to keep my Mac protected. They don’t have to rely on the Internet to warn then of exploits. The best method of protection is obscurity. Apple protects my computer without any publicity. They do not rely on me to learn about a problem and then hunt for a solution. Their silent service is the kind of protection I like!
Bob adds: I haven't used anti-virus software since OS X was introduced more than ten years ago and have not been infected with malware or viruses. I don't like running anti-virus software. It always seems to intrude at just the wrong time, and it often intrudes for no good reason. And even the best ones (don't ask; I don't use any of 'em) use some of my precious RAM and processor power. So far I've had no regrets (and no viruses or malwares), but I reserve the right to change my tune someday. But unless or until something really bad gets loose in the wild, I'm perfectly happy with the protections afforded by OS X.
If you have installed anti-virus software that is hopelessly out-of-date, we can help you remove it. If you still want to run anti-virus, we can help guide you to the best product for your needs and get it installed properly. If you encounter something unexpected or strange and you need some help we are available. We offer trouble-shooting, technical support and training over at Bob LeVitus Consulting. Tutoring costs only $60.00 per hour. We have special software that allows us to see your computer and we can work on the things you want to learn. Give us a call at 408 627-7577. Or send an email to firstname.lastname@example.org.
This post will be the first of a series about Macintosh security. It is not meant to be exhaustive. My audience for this series is the beginning to intermediate Mac user.
Macintosh computer security has been a big news topic this spring. Look at sites such as Google News, Yahoo News or even your local newspaper. You will find several articles each week detailing supposed Mac failings.
How secure is your Mac? It’s generally well-protected if you follow a few rules.
FIRST, keep your Mac up-to-date. If your computer is capable of running the latest version of the operating system, install it! The current operating system is Mac OS 10.8, Mountain Lion. It has been out for almost a year. While there were a few (very few) problems the day it was released, those issues have long been fixed.
If your computer cannot run Mountain Lion, make sure it is running the latest OS it can. Apple is still providing updates for Mac OS X 10.7, Lion , but they are not putting as much effort into Lion as they are for Mountain Lion. All bets are off for support in Snow Leopard and Leopard.
I hear all sorts of reasons (excuses?) why Mac users have not upgraded. Some still want to use Appleworks or a graphic application such as older versions of PrintShop (note that The Print Shop 2 from The Software MacKiev Company works fine under Mountain Lion). Some have an older printer or scanner that may not work with newer operating systems. Others think there is too much to learn when they upgrade to a new OS. Those are poor excuses, and they leave your computer vulnerable.
SECOND, be choosy about where you visit and who you accept files from. I have seen a few instances of Mac malware on client computers. In every case, the Mac owner admitted they had frequented some “sketchy” places on the Internet. You are more likely to run into malware downloads on porn sites, on gambling sites and on file sharing sites. If you see an advertisement for software to check your computer for viruses and malware, DON’T CLICK THE LINK. If there is a link for a new version of Flash or Adobe Reader, DON’T CLICK THE LINK! If you get a message about a funny picture, DON’T CLICK THE LINK. Instead, go to Adobe, Facebook or Twitter by going directly to that site. Type adobe.com, facebook.com or twitter.com directly into the address bar. Don’t be fooled by links to Adob3, FacebOOk. or Tw1tter. While carefully checking the address might spot the irregularity, the URL difference may be even more subtle!
THIRD, be password-wise. In the earlier days of the Internet, a six letter password was thought to be secure. Times have changed! Today, in addition to password length, it is suggested that we include both upper and lower case letters, a number or two and, in a few cases, a special character such as a ! or # or & is required. Today you need to have several passwords--and they should not be the same everywhere.
Look into a program such as 1Password to help you remember and enter your passwords. It can work everywhere--on your Mac or Windows computer, on your iPhone or Android device, even on your iPad!
If you prefer not to use a password application, plan your password strategy. Think about having different passwords for different levels of security. Think about a series of related passwords. But, whatever you do, don’t put them in a file called Passwords on your desktop or as an entry in your address book!
FOURTH, Keep your Internet connection secure. Just like your computer, your Internet equipment has software updates and it should have passwords. My modem is from Cox. It doesn’t do anything but deliver an IP address to my router. Your setup may be quite different from mine. If there is an antenna on your modem, then it is both a modem and a router and it can give you a wireless network. That network should require a password for access to the Internet. There are several different methods of keeping that password safe. The oldest software to keep that password from being easily hacked is the WEP protocol. It is easily cracked and provides almost no security. is WAP. It is much more difficult to hack.
Your router will occasionally require a software update. These updates are critical since the are patches to make your network more secure. A really good router is Apples line of AirPort devices. Since Apple is in charge of those updates, they are very easy to install. They are a part of your system software and Apple will tell you when a new one is released and the update is easy to install.
If your router is from another manufacturer, it is up to you to seek out the updates. You won’t get any notice that they are needed and available. Even worse, they rely on your Internet browser to configure them. It seems as though each router model must be configured in a different way.
While Apple’s AirPort routers may be a bit more expensive to buy, you won’t need a consultant or technician to help you with installation. It generally takes an hour or more to configure and update a router. So, any money you save is quickly eaten up.
The last piece to the puzzle is your firewall. With a Mac, the firewall is a part of the computer’s operating system. So when you travel, your firewall travels with you. You configure your firewall through the System Preferences.
In closing let’s review that list. Keep your computer up-to-date, watch where you browse, and plan your passwords. These simple rules will help keep your Mac secure.
If you need some help with checking on your Mac’s security, we are available. We offer trouble-shooting, technical support and training over at Bob LeVitus Consulting. Tutoring costs only $60.00 per hour. We have special software that allows us to see your computer and we can work on the things you want to learn. Give us a call at 408 627-7577. Or send an email to email@example.com.