Despite the lack of Mac malware, we’ve heard the same song for many years from security consultants and techno pundits, “It’s only a matter of time before malware hits the Mac.” Or, in place of that silly nonsense is the equally idiotic, “Windows market share is large, the Mac is small, so virus writers don’t target the Mac as much.” What is the truth? Is your Mac safe and secure or not?
Clues for Clueless
Known malware numbers into the tens of thousands for Windows PCs. The Mac? You can count it all on one hand, and most of those of anemic proof of concept exploits, not in the wild, attacking Macs.
There are two big clues that malware is not a problem on the Mac, and not likely to be one for many years.
First, Apple ships Macs with the built in firewall turned off by default. It’s turned off. Actually, the Mac has multiple security safeguards, but the application firewall, and the IP firewall are—here it is again—turned off.
Why? Why bother? The Mac has layer after layer of inherent security not found in Windows XP. It’s difficult to mess with a Mac’s system without a password. Without a way to mess with your Mac’s system, malware doesn’t get very far.
If Apple isn’t worried about malware on the Mac, should you?
Second, the numbers of malware applications on the Mac will leave your hand with fingers left over. It isn’t market share which prevents malware writers from targeting the Mac. It’s Unix.
The Mac’s permissions layers and application communication protocols just make it more difficult for a malware writer to exploit a vulnerability. All modern desktop operating systems are complex, and all have vulnerabilities.
A vulnerability does not an exploit make.
Windows users live with the constant threat of malware wreaking damage to their PCs, hence the spyware scans, virus scans, and oh so much software to make it happen.
Software? Sure. There’s a huge industry of security consultants, security software, anti-this and anti-that who prey on Windows PC users, fomenting fear, and selling their wares.
There’s also a huge industry of techno pundits with a Windows heritage who love to point at the Mac user and say, “Your day will come, bucko!” Maybe. Those people have been saying the same things for years with nary a public malware for Mac users in sight.
Can you say Chicken Little?
Why all the noise about Mac malware (loosely defined as viruses, trojans, spyware, etc., but not including phishing attempts, which are a different animal)?
Money. Security software vendors want Mac users to buy their wares. Techno media pundits want Mac users to be afraid, read their silly articles and reasons for the impending doom threatening the Mac.
What negatives truly affect Mac users? Social engineering tricks that con unsuspecting Mac users to download software than can harm a user or their Mac.
In other words, phishing, which preys on the uninformed, less paranoid Mac user.
In other words, don’t download and install what you don’t know—absolutely, positively—to be from a safe source. How difficult is that?
Is your Mac safe and secure? In the end, it’s very simple. When Apple begins to lock down the Mac’s firewalls, when I read of in the wild public exploits of Mac vulnerabilities, when I read of infected Macs which need disinfecting, then I’ll worry.
Until then, I pay close attention to what I install on my Mac, and which web sites I visit, and I keep my Mac password protected (for what that’s worth in a busy office).
Those steps and that knowledge will keep the paranoia and fear at a minimum. You bought a Mac. Enjoy it.