Until 2008, I was a Window’s user. One of the things you get used to very fast when using Microsoft’s operating systems is that you need to keep them secure, and do so quickly. I once read that a Window’s machine, without anti-virus, firewall, etc. connected to the Internet had, on the average, about 20 minutes before it was getting some type of attack. How accurate that statement is, I don’t know, but I do know there are certainly a lot of evil software floating around the Internet waiting for the chance to infiltrate a vulnerable Window’s machine. Once installed, the malware can give a hacker control of your machine, access to your information (including passwords, credit card numbers, etc.), send emails to everyone in your address book (and those emails too can be infected), and so on.
Why is Microsoft’s operating systems so vulnerable? Why have Apple’s operating systems been so safe? The answer to those two questions is simply: In terms of vulnerability, it’s a toss up as to which one has more holes in it. The main reason you hear about Microsoft’s problems with malware is because there is a much larger base of their operating systems installed on computers. Consider this, if you were a hacker, would it not make more sense to write your software to attack as many targets as possible? Through January 2012, Windows accounted for 84.11% of the total market share of installed operating systems here in the US. On the other hand, Apple accounted for 14.86%. Clearly, if one is going to distribute some sort of nefarious software, Microsoft with its large install base of operating systems is a BIG target. For many years, this assumption was dead accurate………….until recently. Within the last couple of months a variant of the Flashback trojan has infected over 600,000 Macs. There have been some trojans, viruses, etc. floating around for awhile, but this “bad boy” is deadly, mostly because to get infected you don’t have to do anything, except visit an infected website. It enters your system by exploiting a vulnerability in Java. I believe more attacks will be coming because for the most part, Macs are left unprotected. They are easy to attack.
To me, the biggest road block to safely securing a Mac is complacency on the part of many of its owners. For example: Lion was touted to have a number of security improvements over its predecessor Snow Leopard. Yet, 6 months after Lion’s introduction, it is on only 31.63% of Apple computers, and Snow Leopard is still on 48.5% of the computers. The update to Lion was not a $150 upgrade; it cost $29.99. In any event, the “that will never happen to me” philosophy will sooner-or-later put your Mac at risk.
Ok, enough of the doom and gloom. Here are some ways to keep you safe, at no cost!!!:
Keep your system up to date. Apple does not send out a lot of patches, but when they do, install them.
Java at one time was thought to be a major programming tool integrated in browsers and other software (or standing alone). Sadly for Java, times have changed and it is not that important anymore, especially in browsing. Apple’s last update dealt with some of this. Just to make sure all is well for your browser, in Safari, go the Preferences>Security. Then uncheck “Enable Java” and “Enable Java Script”. In Firefox, go to Tools>Add Ons, then disable the Java plug-in. If you are using Opera, Chrome, or some other browser, look through either Preferences, or Tools, and disable Java.
Edit Flash Player settings. The default settings, at the least, seem a little presumptuous. Go to “System Preferences”. Go all the way to the bottom of the panel, and under “Other” click the Flash Player icon. Under the “Storage” tab, click on, “Block all sites from storing information on this computer”. Next, under the “Camera and Mic” tab, click on “Block all sites from using camera and microphone on this computer”. Finally, under “Playback”, click on “block all sites from using peer-assisted networking”.
Install an anti-virus program. I recommend either of these two:
Sophos. This company is known for its Business/Enterprise virus protection. It has a free home version. I currently have this installed on my iMac and my Mac Pro. Check it out at: http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx
ClamXav. This is an open source virus protector, and will work on OS X 10.5, 10.6, and Lion 10.7. You can find it at: http://www.clamxav.com/
Firewall. Some feel that using a software firewall on a computer setting behind a router is over-kill, as the router has a hardware firewall built in. A laptop, especially when traveling, or going wireless someplace other than behind your own router is another issue, and using a firewall is a good idea. Me, I am paranoid, so I enable the firewall on my networked Macs, even though they are nestled behind a hardware router.
Apple includes a pretty decent firewall in its OS, but truly optimizing it is a command line process. If you are like me, and not a firewall guru, you might want some help in the way of a GUI (graphic user interface). I have used NoobProof for several years and find it does everything I want; if you are a “pro”, you might want to try WaterRoof. Both are free and good on OS X’s through 10.6. For 10.7 and later, try IceFloor. For more information, check them out at: http://www.hanynet.com/comparison.html
Password protection. Nothing replaces some common sense. If your computer is used in a business environment, a laptop, and/or used at school, password protect it. Use at least 8 digits with a combination of upper and lower case letters, numbers, and symbols/punctuation ($,#. etc) Also, you might want to password protect your screen saver. Finally, routinely change your passwords.
Summary: Working together, the solutions mentioned here will help “keep the wolf away from the door”, and maybe even tell you if he got in. Next week, we’ll discuss some safe ways to surf the net.
Addendum, 08/15/2012: The final article on “Keep Your Mac Safe – Part 3 (Preparing for Disaster)” has been completed. This article discusses backup processes.