15 easy fixes for Mac security risks
One of the commonly touted advantages to using a Mac is that it's more secure and less prone to malware than a PC running Windows. It's easy to see where this attitude comes from: The prevalence of viruses and network attacks against Windows machines is greater by several orders of magnitude.
In fact, a recent Trojan horse virus hidden in a pirated copy of iWork '09 that circulated on peer-to-peer file-sharing sites was big news because it was the first Macintosh virus to be widely circulated on the Internet (though there have been a handful of proof-of-concept malware iterations over the past few years). But the much lower rate of malware and network attacks isn't proof that the Mac is immune to such things.
Indeed, there has been an ongoing debate over the years as to whether Mac users truly have more-secure machines or simply enjoy "security through obscurity" because they represent a relatively modest fraction of all computer users. While this debate will continue -- and there are valid arguments on both sides -- this article isn't about that debate; it's about a pair of simple questions: "How safe is your Mac?" and "How can you make it safer?"
The truth is that Apple Inc. does provide a pretty safe platform. The company leverages a number of advanced technologies to keep users and their data safe from harm. For a detailed list, see this Apple white paper (download PDF). But no system is perfect, and there are a number of security holes -- many of them easily closed -- that are common on Mac OS X systems. Here are 15 ways to fix the most frequently exploited security risks and protect your Mac.
Note: Unless we specifically say a tip applies only to Leopard, it should work with most recent versions of OS X, though the actual steps involved might vary somewhat.
Disable automatic opening of "safe" downloads in Safari
Probably one of the biggest Mac holes is in Apple's Safari Web browser, which downloads files that you click on or that are embedded in a Web page. That presents a problem because, by default, Safari is designed to open "safe" files as soon as they've been downloaded. Unfortunately, the definition of "safe" includes package-installer and disk image files, which can contain malware. If the malware files are embedded in a Web site, they could be downloaded and opened automatically.
Apple has done a good job of combating the potential damage in Mac OS X Leopard, which automatically detects disk images and applications that have been downloaded from the Internet via Apple's applications (Safari, Mail and iChat). However, to be truly safe, one of the best and easiest things you can do is disable the automatic opening of such files in the Safari preferences.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
os x
Powered by Twitter
Esther Schindler
If the comments are ugly, the code is ugly
claird
SVG a graphics format for 21st century
pasmith
Take Chrome OS for a test spin
Sandra Henry-Stocker
Solaris Tip: Have Your Files Changed Since Installation?
jfruh
Android fragments vs. the iPhone monolith
mikelgan
What Gizmodo missed about the Pro WX Wireless USB disk drive
Where Google Chrome security fails: the password
I heard mention that the Chrome OS will have some sort of encryption available a la bitlocker. If it's possible to encrypt personal data using another password or key, then it may have potential for very secure data.... And Ubuntu has an 'encrypt home directory' option, perhaps google should follow suit.
- Dann
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
cool!
Could be more concise and better organized, but all you need to secure your Mac is here