And considering all the Mac App Store restrictions, we’ll likely never see a day where we want Apple as the final arbiter for all software we run on our Macs. But while the Mac App Store is far safer source than the big bad Internet, there’s nothing to stop us from installing software from other locations, as there is on iOS. Starting 1 March 2012, all new apps must be sandboxed to reduce the damage they can do to your Mac if they are malicious or introduce a new security vulnerability. Software is reviewed and is easy to revoke should something slip through. The Mac App Store provides an iOS-like experience for Mac users in terms of safety, albeit with fewer application restrictions. Some Android and Symbian users now install antivirus software on their phones. Thanks to its more-open model, Android suffers far more security attacks (researchers recently discovered an Android-based botnet comprising more than 100,000 devices). The system isn’t perfect (notably due to the impact the approval process has on the overwhelming majority of developers who are legitimate), but has so far prevented any widespread malicious software. Those apps are locked into their own private sandboxes and given at least a cursory review by Apple. Users can download apps only from the App Store (without jailbreaking, of course, which itself requires exploitation of security vulnerabilities). This is why iOS has so many fewer security problems than Android or any general-purpose operating system. Even when we try to download only from trusted locations, the bad guys have become masterful at deceiving us into running software that we sometimes don’t even know is a program. We download it from trusted sources like the Mac App Store and our favorite vendors, but many of us still sometimes grab tools from unfamiliar locations. That can work in a business environment, but it’s totally unrealistic for home users.Īfter all, the rest of us install software all the time, from all sorts of places. In fact, there are so many new bad pieces of software appearing daily that most enterprise-level antivirus vendors are taking the opposite approach and offering whitelist tools that allow only approved software to run, thus locking down desktops tighter than a supermax prison. Third-party antivirus tools extend the blacklist approach as far as is reasonable, with vast libraries of bad things to block, but that race is one that the good guys can never win, given that there are now tens of thousands (really!) of new malicious software variants appearing every day. Both Mac OS X and Windows maintain blacklists of known malware and throw up warnings in our browsers in an attempt to prevent us from downloading dangerous things, or at least to alert us when we do. We haven’t had a lot of good ways to protect ourselves from nasty downloads. Attackers know that even the most paranoid of us can’t identify every possible threat, and they use sophisticated techniques to trick us into running malicious software on our computers. We Are the Weakest Link - I used to tell people they were safe as long as they stayed out of the shadowy neighborhoods of the Internet, but danger is everywhere these days. It could be the key to preventing a future malware epidemic. It’s a major new advance in operating system security designed to reduce dramatically the ability of an attacker to trick users into installing malicious software. OS X 10.8 Mountain Lion includes a transformative security technology called Gatekeeper. It’s a problem we haven’t had very good solutions for… until now. So for physical and network attacks, we Mac users are in pretty good shape.īut the third kind of attack? Well that’s a bit of a problem, since we humans, even the most paranoid of us, can fall prey to trickery. Up-to-date Macs are reasonably secure against direct network attacks, and when vulnerabilities do crop up, a combination of anti-exploitation features makes it a lot harder for the bad guys (at least on Mac OS X 10.7 Lion). If you use a strong password and encrypt your hard disk using FileVault, only a sophisticated attacker can get in. Macs are reasonably well protected against two of the three. There are three ways to attack a computer - gain physical access, hit it over the network, or trick the user into running something they shouldn’t. #1657: A deep dive into the innovative Arc Web browser. #1658: Rapid Security Responses, NYPD and industry standard AirTag news, Apple's Q2 2023 financials.#1659: Exposure notifications shut down, cookbook subscription service, alarm notification type proposal, Explain XKCD.#1660: OS updates for sports and security, Drobo in bankruptcy, why TidBITS doesn't cover rumors.#1661: Mimestream app for Gmail, auto-post WordPress headlines to Twitter and Mastodon, My Photo Stream shutting down.
0 Comments
Leave a Reply. |