Top 8 OS X Safety Tips

by Aaron Wright May 10, 2006

There was a little speculation recently that McAfee had unnecessarily worried people into buying its products with the news that, from 2003 to 2005, the amount of vulnerabilities discovered on the OS X platform had increased by 228%, whereas Windows vulnerabilities discovered in the same time period had increased by only 73%. To the blind-sighted or Mac newcomers out there, this is a worrying fact, but rest assured the truth is being bent—quite a bit.

It is probably true that the number of vulnerabilities in OS X have increased that much, but it’s also clear that those vulnerabilities are quite minor when compared to the Windows threats. It’s nothing that should really worry people, as the truth is being blown completely out of proportion just to increase sales of McAfee software. To make it a little more understandable when comparing the OS X and Windows threats, I’ll quote ZDnet with, “In the last decade, deaths caused by chocking on ice cream went up by 200 percent whilst deaths from smoking went up by 10.”  I bet you’ve not heard of many people dying from chocolate chip ice cream, have you? 

I don’t like to ramble on about security threats too much, especially as I don’t want to worry the new kids on the block. However, I do think it is important that we aren’t arrogant about the whole affair of OS X being “virus” free, because we will be hit by a large virus. It’s just a matter of time.

So what steps should people be taking in order to protect themselves further?

1. Get some Anti-Virus software

There’s no real need for this at the minute, but if you want to be extra safe, some anti-virus software isn’t going to be a miss. McAfee has just recently announced its Virex anti-virus software turning Universal and, although I’ve not used it, I’m told it’s a clever tool to own.

Norton also has an anti-virus program for the Mac platform that is currently in its tenth edition and has also recently turned Universal.

Once again, while the amounts of threats to OS X are few-to-none, you should bare in mind a few things. There are a large number of Word and Excel viruses on the Office platform that affect both Windows and Mac users, thus, threatening Mac users. There’s also the unknowing threat of a virus outbreak occurring right out of the blue. Who’s to say that a virus won’t be unleashed overnight and affect millions of unsuspecting Macintosh systems that are all without anti-virus software? Okay, that’s not likely to happen, but it’s not impossible.

Now which do you want to be? The guy that says he won’t need antivirus software and then ends up needing it, or the one who can sit back and relax because he has antivirus software, and say later down the line when a virus does hit, “I told you so”? I know which I’d rather be.

2.Turn that Firewall on

Although the thought of some Spyware creeping into your system, and some important information of yours being transmitted outbound, or the idea that you might be getting spied upon by someone close to you are all horrid (and unlikely at the moment). They are possible.

The Firewall, which is both off by default and difficult to find for new Mac owners, should be turned on before you connect to the Internet.

The easiest way to turn it on from your desktop is to direct yourself to Spotlight, type in ‘Firewall’, and then click on the search result “Sharing”  that will open the Sharing pane in the System Preferences—you’ll find the Firewall located there. Turn it on and lock the keypad at the bottom to stop it accidentally being turned off. You may want to check which services you wish to allow your Firewall to use without causing a disturbance. Most of the time, you won’t need to turn any on, especially if you’re simply a home user.

3.Services

You’ll notice in the Sharing pane that there are three tabs: Services, Firewall and Internet.

We’ve just dealt with the Firewall, it’s also an idea to check out which services are active. I’ve been over these before in a previous article, but to quickly go over it again; Services are the ports (or ‘Doors’) to your computer as seen from the Internet or local area network. When a service is turned on, you’re opening one of those doors to allow someone (or something) to access it. Although it might sound risky, they are useful, especially if you’re part of a network, but if you don’t know what they are or how they are used, you’re putting yourself at risk. To be safe, you should keep them all off.

4. FileVault

If you’ve ever browsed through your system, you may have come across something called FileVault. FileVault is exactly as it sounds, a vault for storing all of your files. The FileVault (open as you did with the Firewall) uses the latest government security standard called AES-128 encryption and helps safeguard your files. It encrypts and decrypts on the fly (as you’re working) and all without you knowing. FileVault can protect prying eyes from files such as your banking details, private letters or even family photographs using a password—set up by you. An excellent way to give you peace of mind when using your Macintosh system.

5.Keychain pop ups

Ever been asked something when using Safari regarding a keychain? Well, all the username and passwords you use throughout your system are stored there and are only accessed when the system asks you to enter the administrator password. In short, it keeps all your passwords in one safe place, away from prying eyes and harmful Spyware.

6. What else you can do

There are a few other ways of protecting yourself when you’re on a network or the Internet, some of which are a little too ‘over-kill’, especially if you’re a new Mac user. However, there are a couple of last steps you can take, on top of everything I’ve mentioned above, to keep yourself extra safe.

In Safari, turn off the option to automatically open downloads when completed. To do this, open up Safari, click on “Safari > Preferences” and then under the “General” tab, untick “Open “safe” files after downloading.” Although Safari will never open an unsafe file, it’s only so smart and can never know for sure if a file is definitely safe. By turning this off, your also turning off the likelyhood of a virus trying to open itself after being downloaded.

7. Keep cookies restricted .

Think of cookies as a token-pass. Every time you visit a website, you’re issued with a token so that your computer knows you’ve been there before. They’re quite useful because they store some basic information that helps to speed things up when browsing the Internet. However, some websites like to give you tokens with tracking-beacons in them, and whenever you go about your business on the internet, your tracking-beacon is sending information back to the website it originally came from. It’s never nice to be spied upon, so keep your cookies restricted. To do this in Safari, go to “Safari > Preferences”, click on the “Security” tab and then select one of three options under “Accept Cookies:.” I usually keep mine set at “Only from sites you navigate to”, because I know the ones I navigate to are safe.

Your Mac auto-updates itself by default, but it’s always best from time-to-time to double check there are no more updates available using the ‘Software Update’, which can be found underneath the Apple (top left in menu bar). Any security patches that need to be installed on your system will be done so via here, and Apple is always working around the clock to find more holes in the system.

8. Being smart is the easiest, cheapest and most reliable way to keep yourself safe from Internet-baddies. Use a bit of common sense when surfing the web or reading e-mails. Never click on a link that claims to offer you free junk, especially if it asks for your details such as e-mail address or name. If you ever receive an e-mail that claims to be from your bank, read it with an open mind and be careful. If they should ask you to enter any details, it’s likely to be an act of Phishing—which is where someone poses as your bank and aims to get your details in order to, you guessed it, steal your money. Don’t fall for it, and immediately contact your bank.

The last thing to be careful with is your passwords. Whether you’re buying something from the Internet, logging into your e-mail, checking Internet banking, or even installing something on your computer, you’ll always be asked for a username and password. Be smart with this. Always include uppercase and lowercase letters, numbers and possibly an underscore or two in your username and passwords to make life a lot harder for a thieving hacker. Also be sure to set a username that doesn’t easily identify who you are and a password that has absolutely no relevance to your username.

None of these ideas will ever fully guarantee that you are safe from evil on the Internet—nothing is fool proof—but with all of these precautions combined, you will be safe enough to use your computer with peace of mind.

So tell us your view. Do you believe Mac systems require an anti-virus, or do you think large enough viruses will never hit us? What other steps do you take to protect your computer, personal data and last years Christmas photos?

Comments

  • good article as a new-er mac user its very helpful. My friends who are life long mac users say not to worry about anything but I like to be careful, having had to format PCs on a number of occasions; i dont want to do it to my mac.

    Graham had this to say on May 10, 2006 Posts: 24
  • There has been more data loss because of having anti-virus software installed on OS X than there has from OS X Viruses.  Until OS X AV software has a better track record I am more afraid of the AV software than I am of Viruses.  I know how much AV software sludges up a windows machine, and I don’t want to inflict that on my Mac until there is a credible threat from Viruses to the Mac, and I can find AV software I can trust.  I’m not holding my breath waiting for either of those things to happen.

    cbales had this to say on May 10, 2006 Posts: 2
  • I know you say in the article that the truth has been bent a little, but it’s useful to emphasise the fact that unless you know the exact figures, 238% increase vs 73% increase is meaningless.

    For instance, an increase from 5 to 12 is about +238% and from 5,000 to 8,650 is about +73%.

    I’m not saying that 5 and 5,000 are the real figures, just using them as an example (I know most people realise that, but some would be quick to jump on that last paragraph as FUD).

    nilp had this to say on May 10, 2006 Posts: 16
  • Actually, the numbers would be less than 5 and more than 20 * 5,000

    Benji had this to say on May 10, 2006 Posts: 927
  • (if you were talking about actual viruses that is)

    Benji had this to say on May 10, 2006 Posts: 927
  • The section on AV software makes it sound like the Author doesn’t actually have any experience running AV software.  Has the author decided he would rather be “The guy that says he won’t need antivirus software and then ends up needing it.”

    cbales had this to say on May 10, 2006 Posts: 2
  • To Ben Hall “Actually, the numbers would be less than 5 and more than 20 * 5,000”

    No, the issue is the increase in OS vulnerabilities in the period 2003-2005, as mentioned in the first paragraph of the article. For the Mac, that’s larger than 7 (ie. difference between 12 and 7) but I don’t really know what it is for Windows and can’t be bothered right now researching it.

    But rest assured the absolute figures are much, much larger than for Mac OS X.

    And that’s just vulnerabilities ... actual exploits is even more weighted towards Windows. If you look at http://www.wildlist.org/WildList/200603.htm there were 733 confirmed virus outbreaks on Windows in March (following their strict definition of an outbreak) and 4376 unconfirmed outbreaks. For any other OS, the number is zero.

    nilp had this to say on May 10, 2006 Posts: 16
  • As soon as there is one virus for the Mac I’ll buy the best anti-virus available for my entire company! I’ll pay the exorbitant fees for monthly updates as well, even if it is like money with menaces! But while the only danger to my Mac is a program that deletes files that I have to double click to run and type in a user password, I’ll pass on any third party security.

    And if my users get caught, I’ll blame them for double clicking, typing in their password and clicking OK. That’s a lesson you gotta learn the hard way if you’re that stupid!

    Mac Wizard had this to say on May 10, 2006 Posts: 2
  • Ya nilp I realise and hence el followuppost (if you were talking about actual viruses that is)

    My favourite answer to this latest BS cometh from ZDNet:
    ...shining light on McAfee’s claims makes them melt away — when we asked the company how big the risks actually were, it admitted that there was “no significant risk” at the moment.
    via daringfireball.net

    Benji had this to say on May 10, 2006 Posts: 927
  • “Get some Anti-Virus software?”

    Why? If you get hit with the First Great OS X Virus and you kernel panic, or crash, or can’t connect to the internet, how do you download the new virus definitions that obviously don’t yet exist?

    And no mention of backing up your data? You want security? Spend “some Anti-Virus software” money on an external hard drive to back up your data. Ideally, clone your system so you can reboot into a known good system, like maybe a weekly/monthly clone. Secondly, do a daily/weekly backup of your changed data to .Mac, or another external hard drive/partition, or to a DVD.

    Then when the First Great OS X Virus hits, or your hard drive quits, or you get a lighting power hit, or some update screws up your system; you still have all your data. Buying “some Anti-Virus software” isn’t going to do that for you.

    Meanwhile avoid Nigerian princes and never reply to an email asking you to provide a password (go to the site in question using your browser’s bookmarks).

    ziggybopper had this to say on May 10, 2006 Posts: 5
  • Oh, and to avoid virus, spyware, trojan, phishing laden email, use email aliases or expendable email addresses when registering to make comments on sites that don’t mask your email address.

    ziggybopper had this to say on May 10, 2006 Posts: 5
  • An out-of-the-blue virus won’t be caught by your AV software anyway, so what’s the point. AV software can only scan for known virii, and therefore can only protect you against known virii, and since there aren’t any, there’s no real need for AV software. If you’re worried about Office macro virii, then just switch off macros, and if you’re really paranoid, just use ClamAV… at least it’s free.

    frankbeans had this to say on May 10, 2006 Posts: 1
  • Good one ziggybopper. For everyone out there Apple Matters encrypts all emails addresses (built into Expression Engine)

    Hadley Stern had this to say on May 10, 2006 Posts: 114
  • Thanks Hadley. Guess I missed that feature when registering. When I mouse-over my name, I can see my email address in the status bar, but also know email addresses can be encrypted so they appear in the status bar but can’t be picked up by by the automated harvesting programs spammers use to collect addresses from comments.

    I’ve also seen sites where, when I mouse-over a user ID, I see “email siteuser1234” so I know email addresses are protected. I appreciate Apple Matters encrypting my email address. But since spam emails are one of the biggest threats to all computer users, shouldn’t there be a push to protect all user emails from comment harvesters and highlight this protection?

    ziggybopper had this to say on May 10, 2006 Posts: 5
  • Agree with ziggy: backing up is far more important than buying AV software.  A good backup plan may well be the number one safety tip, but it’s not even on this list!  If you are backed up, whatever happens to your system, you can still recover.

    mattf had this to say on May 11, 2006 Posts: 1
  • Page 1 of 2 pages  1 2 >
You need log in, or register, in order to comment