Are Macs imperviable to malicious software ? No . Have Macs been the subject of catastrophic attacks ? No again . Should Mac users be wakeful anyway ? Of course .
It ’s clock time for me to fess up : I ’ve been as complacent as most Mac users when it comes to take on precautions to safeguard my data and the unity of my system . Although my Windows PC is swaddled in antivirus , anti - spyware , and firewall computer software , my Mac has been fair undefended , up to now . I just have n’t felt much importunity to put up barrier against threats that do n’t seem to exist .
But at Macworld Expo last calendar month , I block by the booths of several security software vendors and began to marvel if they are labor products hoi polloi do n’t need , or if they know something I do n’t . After all , Mac users are just as vulnerable as anyone to the social applied science used by many computing machine feat to install themselves . ( While Mac fanatics will assert that they ’re more sophisticated than the Wintel ragtag and bobtail , there are plenty of innocents in Apple - ground as well . )
Justifiable assurance ?
The self-complacency about Mac security has some basis in fact : OS X descend with many of the ports that could allow snooping close ; you have to modify a System Preference to activate data file communion , personal Web hosting , or even printing machine sharing . If you do n’t use these features , you ’re protected by nonpayment . If you need to give other substance abuser approach to some areas of your arrangement , you should change state on the firewall that ’s built into OS X.
The firewall is in the same System Preference window as the communion services , and it lets you close all port except those for divine service you want to countenance . The firewall has some advance features , including activity log and a stealth mode . If enabled , the stealth modal value makes your Mac invisible to incoming data point enquiry , which is fundamentally the same affair that hardware firewalls do . If your home internet includes a router with a built - in firewall , it in all probability gives you the same variety of security .
Turning on OS X ’s firewall is a no - brainer , but finding it is n’t . I looked for this restraint under the Security gallery — but or else you necessitate to cluck the System Preferences icon in the Dock , then come home the Sharing icon in the Internet & connection section .
The Security predilection in the Personal section deals with manage passwords for account admittance and FileVault , OS X ’s built - in encryption capability . I think FileVault is a great musical theme , but it ’s something of a blunt instrument . I would like the ability to cipher just some folders , not all of my grueling driving force . And as someone who regularly forgets watchword , I ’m frightened of the theory that I could irretrievably lock up the subject of my unvoiced ride .
Another reason that Mac users tend not to worry about feat is that Apple tends to piece discovered exposure quickly . In 2005 Apple issued nine security updates as well as merchandise updates incorporating security plot of ground . These spell address exploits that were theoretical ; as with most Windows vulnerability , no one had used the security department holes to create a insect or virus and release it into the wild .
For deterrent example , last May an main developer revealed a proof - of - conception exploit in a Dashboard widget , but no malicious activities were reported as a result of the security hole . Within daylight , Apple had released a surety update that fix the job : You are now warned with a dialogue box when you download and open a widget , and you’re able to remove them , unlike in the first iteration of Dashboard .
Like using the built - in firewall , taking advantage of OS X ’s Software Update is also a no - brainer . To set up automatic update , exposed System Preferences , select Software Update in the System part , and take an musical interval at which to break for updates .
Safety software
All the precautions I ’ve just discussed are nonintrusive and no - cost , since they are included in the operating organization . But are they enough ? Just because almost no Mac vulnerabilities have wrench into full - blown exploits in recent year , does that mean it wo n’t take place ? It would be gooselike to think so , and OS ex ’s defenses are n’t foolproof . I tried download the malicious widget mentioned above , and rule that the system of rules ’s warning said only “ do you require to instal the program ‘ zaptastic ’ ” ? That does n’t tell me anything about the program or warn me that it ’s potentially harmful . Only by compare the name of the applet to a database of known viruses or spyware would I learn that I should n’t install it .
I checked out a spyware scanner from Securemac.com predict MacScan 2.0 , after speaking with the vendor at Macworld Expo and secretly conceive “ Yeah , right . mackintosh spyware . Show me , dude . ”
What the seller present me was a lean of program that its system had been purposely infected with . So back at dwelling , I downloaded a visitation translation of the US$ 25 program and scanned my organisation . Predictably , MacScan found no malicious apps . I check out the company ’s list of make love spyware , and it consists mostly of keyloggers — programs that can be sneakily installed on a computer to memorialise a user ’s activities — although MacScan does identify some Trojan horses and remote dialers as well .
Since I do n’t partake my Mac with anybody , and there ’s no one in my home office who ’d desire to snoop on me , I do n’t involve to worry much about keyloggers . And I was n’t completely satisfied with the amount of entropy provide by MacScan : There are generic descriptions of the various general categories of malicious software package , but no information about the specific programs , such as how predominant they are or how much damage they are capable of . Spyware scanners for Windows often give you this kind of information .
Antivirus image scanner
I also tried a loose , open - source antivirus scanner for OS X , calledClamXav . I found it to be reasonably full - featured , allow me to schedule scan and specify brochure to watch . It was loose to set up and pass , and scan everything on my system , include my einsteinium - ring armour files . When I ran it , ClamXav found a potentially harmful attachment .
Scanning e - postal service is important because Mac users could unknowingly forward an infected message attachment received from a Windows drug user . In fact , get and containing skank receive from Windows users is presently the estimable reason to use a computer virus digital scanner on the Mac . I have n’t used ClamXav for long , but I ’m keeping it on my Mac . I ’d recommend giving it a try .
A firewall that say too much
And then there’sLittle Snitch , a complement to the OS X firewall that admonisher which plan on your organisation are calling out to the Internet , and through which ports . This $ 25 shareware has a tryout that lasts for only 3 hours , but that ’s probably long enough to alert you to any fishy programs — or drive you crazy , whichever come first .
When I tried Little Snitch , it repeatedly pop up warnings for innocent connections ( such as my e - mail service program sending a substance ) even if I mark off the “ allow forever ” option . And Little Snitch require a rather gamey degree of computer know - how : It does n’t give you any trace as to which programs are legitimate and whether they should or should n’t be using a particular port . I acquire legion warnings related to my organization connecting to my iDisk remote storage — but they were n’t easy recognizable and could have been very worrying .
ZoneAlarm for Windows does a much good task of rendering connections and allowing you to turn off special qui vive . Little Snitch is getting give up off my arrangement .
Other choice
There are a smattering of commercial-grade antivirus platform and certificate suite for the Mac as well , including McAfee ’s Virex , Symantec ’s Norton Antivirus and Personal Firewall , and Intego ’s collection of security products for the Mac , including ChatBarrier ( an iChat encryption product ) , NetBarrier , and Virus Barrier .
Last winter , Macworldcompared Mac security products , and the reader liked Intego ’s $ 70 VirusBarrier best among the antivirus mathematical product reviewed . And in aMacworldroundup of third - political party software firewalls , the referee observe that these products did n’t add meaning improvement over the build - in type O disco biscuit firewall .
After mulling all of this over , I think I ’ve reformed a bit . I now have a few more defence in spot and a respectable forethought about downloading and instal unidentified data file — but I ’m not paranoid . I ’ll furcate over a contribution to the developer of ClamXav , to make certain he keeps updating the product , and I ’ll keep an eye on data sources like Mac Security News and MacInTouch .
Mostly , I figure that I ’ll take the same fairish , sensible protection precautions that I take with my Windows PC to keep out most of the crud — and I wo n’t be surprised when the Mac skank ineluctably rise .
