If you own a Mac, chances are you’ve always had a good deal of comfort as it relates to the security and vulnerabilities of your Mac. If it was grounded in good security practices, that may not need to change at all, but we thought it only appropriate to point out some facts. Security cannot be predicted. It can only be analyzed after-the-face when some time has transpired. Here are some details to consider:
- For three years in a row, security researcher Charlie Miller has hacked into a MacBook by exploiting a critical Safari browser vulnerability at CanSecWest Pwn2Own conference. For this reason, any browser but Safari has been considered more secure on a Mac. Most security-conscious Mac users prefer Google Chrome.
- In 2012, Apple has released a record number of security updates. As long as Mac users practice good security habits such as regular updates, avoiding Adobe Flash, avoiding Adobe Acrobat Viewer, avoiding Java and generally only install what you really need, you’re still extremely safe.
- What started out as FlashBack alone has expanded to three serious trojans found in the wild, that all take advantage of the Java vulnerabilities that Apple has patched for 10.6 and 10.7. However, if you have an operating system before 10.6 (Snow Leopard), you will not receive this update automatically. If that’s you, your best solution is to manually disable Java in Safari completely. If your MacOS 10.6 or 10.7 is completely up-to-date, you will now receive “Inactive Plugin” messages when you attempt to run a java applet. If you click on the little arrow to its right, you will see that it is disabled (but can be re-enabled). Unless you need to run Java and you trust the site that attempts to run it, our recommendation is to leave it off.
Wherever people use computers, the bad guys will attempt their thievery. There are more Macs now than ever, so they have become targets. It doesn’t make them less secure than before; we are simply now more aware of the weaknesses all along that are starting to be exploited.
In conclusion, the Mac is actually still on the leading edge of staying secure, just like it always has. In fact, it’s arguably even more secure than it has ever been. However, our awareness has been heightened that nobody is ever perfectly secure, so stay alert!