Apple has long touted security as a selling point for Mac OS X. While it’s the case that there are far more viruses for Windows than Mac, the notion that Mac users don’t need to have any concerns about security is a myth that deserves to be well and truly busted.
It’s widely acknowledged that the number of active, in-the-wild viruses, trojans and other nasties aimed specifically at Mac platforms is much lower than for Windows. In part, that’s because the Unix roots of Mac OS X make it harder to devise that code. In greater part, it’s because Mac simply isn’t as popular a platform. Apple’s large market share in smart phones and dominance in tablets hasn’t yet made a serious dent in the popularity of Windows.
Windows security is much better than it once was — options like User Access Control cut off many obvious problems — but it still remains more vulnerable by virtue of sheer scale and a large pool of often ignorant users. But one platform being more targeted does not equate to its rival being completely safe.
Apple itself has acknowledged that security is an issue that needs addressing more. Its plans to incorporate Gatekeeper, an enhanced security platform, into the forthcoming Mountain Lion release underscore that point for anyone who didn’t believe it when Apple added malware scanning technology to Snow Leopard. Gatekeeper’s new contribution is allowing you to restrict app installation to apps from the approved Mac App Store. But as I commented at the time Gatekeeper was announced:
A common argument for buying a Mac is the idea that it’s “more secure” and “can’t get viruses”. The first is a vague and contestable statement; the second simply isn’t true. The two important points to recognise are that security is about much more than whether you get a classic computer “virus” — it encompasses anything that might compromise your personal data — and that a vital factor in keeping your system secure is human behaviour.
No matter what the merits of the underlying infrastructure, all that security protection can be eliminated by a user who is determined to install a given piece of software. Often that will be because of greed. One of the more active Mac vulnerabilities — one which actually led Apple to build the rudimentary XProtect scanner technology into the OS — got distribution by pretending to be a free installer for Apple’s iWorks suite.
Gatekeeper’s default option also isn’t a perfect solution. Even assuming you’re willing to restrict yourself in that way, it means you’re relying solely on Apple to protect you, and that’s unlikely to be a perfect solution. Obvious criminal code might get picked up, but security is also about protecting your personal data. Having allowed iOS apps to readily access personal contact data, Apple can hardly be said to have a perfect record.
And Gatekeeper doesn’t do anything to address vulnerabilities that can be exploited using documents or web sites, or data downloaded via torrents or on USB sticks. Many of these vulnerabilities are fixed by Apple’s regular system updates, but some users don’t install these as regularly as they should, and some deliberately stick with older releases because they don’t have suitable hardware or they don’t like the changes in newer versions. Regardless, there’s no guarantee that one day such a vulnerability won’t be exploited before a patch becomes available.
To stay secure, Mac users need to follow the same fundamental steps as Windows users: ensure that their systems are regularly patched to eliminate newly-discovered vulnerabilities, exercise common sense when visiting unknown web sites and installing unfamiliar software, and adopting appropriate security technology such as firewalls, scanners and security suites. The risk of a malware infection might still be lower than on Windows, but it isn’t non-existent, and a blasé attitude enhances that risk. Why wouldn’t you take any reasonable steps to ensure your systems and personal data are secure?
Lifehacker 101 is a weekly feature covering fundamental techniques that Lifehacker constantly refers to, explaining them step-by-step. Hey, we were all newbies once, right?