Mac OS security

Sorry if this is the wrong place, I couldn't find another place to ask this.
Can anyone give me as much information as possible about the security of the linux kernel and why it doesn't get viruses. A lot of PC users say that it isn't secure, it just doesn't get viruses and stuff because people don't write them for Macs. Is this true? Also what about how hard it is to hack macs vs. PCs?
This is an issue I want to understand. Be as technical as possible. I will follow it. I really want to know the nitty-gritty details between Windows and Mac when it comes to security and the debate about macs getting less viruses than Windows.
Please provide as much information as possible. Any links to webpages with information regarding this information is appreciated also. Hopefully you all understand about what issue I am trying to gain information about here. It seems to be a common one.

> Can anyone give me as much information as possible about the security of the linux kernel and why it doesn't get viruses
I don't know anything about the Linux kernel, but I can answer some of the questions related to Windows vs. everything else.
First, bear in mind that your question is very broad and that not everything is going to apply to all cases - Macs, Linux and UNIX systems can be configured to be insecure, just like Windows can be secured if you're prepared to go out of your way to make it so, and that's the crux of it.
At its simplest level, by default, out of the box the entire Mac OS X system is setup so that users can do what the need to do and have to go the extra mile (usually including some form of authentication) before they do anything that might impact the OS or other users.
For example, on Mac OS X you can't install any code that runs at the system-level (e.g. drivers, keystroke loggers, trojans, etc.) without authenticating. Sure, these pieces of code can exist (writing a key logger isn't hard) but getting them deployed is a major headache.
By comparison, on Windows a trojan can install itself when the user does nothing more than view an email or visit a web page. There's no warning, notice or visual clue that it's happening.
Now, Windows Vista does change that somewhat - at least it now tells you that a trojan app wants to install itself, but it doesn't do it in any way that authenticates the current user and, by all accounts, pops up its warning messages so frequently that users are already tuned to just acknowledging the alert without reading or considering the consequences (you may have seen the Apple ad hinting at this one).
So the first level of security is a big one - you need to authenticate in order to make changes to system-level configurations.
Note also that this can change in a Windows network where the network admins control everything at the server-level. These setups are common in enterprise setups and the accounts are managed centrally, often to the point where users cannot run applications other than those on an 'approved' list. This enforces the concept of authentication before doing anything that might be malicious, but is only available in a network, not standalone environment. Of course, Microsoft would love for everyone to deploy a Windows Server and buy client licenses (tax) for every device they want to connect to the server, but that's just not going to happen in a home environment.
There is some weight behind the argument that the Mac and Linux markets are smaller and therefore smaller targets, but that's only part of the picture.
If the Mac OS was as insecure as Windows, and the malicious code author had the same chance of infecting a Mac as he has infecting a Windows machine then the Mac would be more of a target.
I don't know the exact numbers, but lets say there are 100 million Windows PCs and 10 million Macs. 10 million is still a big target and any hacker would love to infect 10 million boxes. However, the chance of infecting the PC may be 80% (the default is to install the malware) whereas the chance of infecting the Mac may be 5% (remember, the Mac requires authentication before any malicious code could be installed, so it's still possible to do if the user isn't cautious).
That means that the actual 'market' for the hacker is 80 million PCs vs. 500,000 Macs. Now you see why the raw market share value isn't so relevant. Even if Macs had 50% of the market, there would still be a lower chance of infecting the machine (40 million infected PCs vs. 2.5 million infected Macs).
Now, that's not to say that any OS is truly secure. Bad programming can lead to problems on any system. There's a lot of press attention at the moment regarding 'buffer overflow' attacks where malicious users can force an application to do something it wouldn't normally do by passing it invalid data. A well-written program would examine the data before processing it, discarding anything that isn't valid, but often applications try to process the data and crash.
These kind of problems can exist anywhere. Even OpenBSD, considered one of the more secure OSes, was recently identified as having an exploitable buffer overflow problem.
This leads into the whole 'open source' argument of whether open source code is more secure or not.
Windows Vista is reported to be about 50 million lines of code.
Those 50 million lines of code are proprietary to Microsoft and few people outside of Microsoft have seen them or been able to verify them for buffer overflow problems.
By comparison, Mac OS X contains approximately 86 million lines of code, which is significantly more, but a good chunk of that is available as open source, either through the Darwin project, or via the numerous open source products that are bundled in with the system.
All that open source code is viewable by anyone. A number of people would argue that this means anyone can find and target any bug in the code, but it also means that anyone can find and fix any bug. If you prefer to believe that there are more good people in the world than then are bad, this model seems to work in the Mac's favor. Despite Apple's smaller market and smaller engineering/development teams, there are more people able to look at the code and report problems that Apple can fix in future updates.
There are many more facets to the argument, but my fingers are waning. I'll let others post their thoughts, too and come back later.

Similar Messages

I rented a movie. I want to see it using different user on same mac for security reason. How can I do this? Home Sharing fails to do this, so far.

I rented a movie. I want to see it using different user on same mac for security reason. How can I do this? Home Sharing fails to do this, so far.

Copy the movie from the current library to the correct library.
iDevices can only sync to one library at a time.

I received a phishing email from what I thought was my bank. Do I need to do anything to my MAC for security?

I received a phishing email from what I thought was my bank. Do I need to do anything to my MAC for security? I have no anti-virus software.

Evelyn, there is nothing that can prevent you or anyone from falling victim to those attempts to defraud you – other than you.
"Phishing" scams are the most common way of getting people to voluntarily supply information that should be kept as secure as any other personal possession. "Anti-virus" solutions can't possibly prevent that sort of fraud, and if anything can only lull you into falsely believing you're being protected from threats, be they real or perceived.
Do you have any further advice so that I don't fear my Mac?
There is no reason to fear your Mac; it's a tool to be used for your sole benefit. Like any tool though, it can be misused. If there is any explanation for fear, it's a lack of education. Knowledge conquers fear and renders it inert. Learn what real threats actually exist, how to defend yourself from them, and how to distinguish them from those propagated by fear mongering psychopaths that justify their existence by keeping others misinformed. There are an abundance of the latter.
There will always be threats to your information security associated with using any Internet - connected communications tool:
You can mitigate those threats by following commonsense practices
Delegating that responsibility to software is an ineffective defense
Assuming that any product will protect you from those threats is a hazardous attitude that is likely to result in neglecting point #1 above.
OS X already includes everything it needs to protect itself from viruses and malware. Keep it that way with software updates from Apple.
A much better question is "how should I protect my Mac":
Never install any product that claims to "clean up", "speed up", "optimize", "boost" or "accelerate" your Mac; to "wash" it, "tune" it, or to make it "shiny". Those claims are absurd.Such products are very aggressively marketed. They are all scams.
Never install pirated or "cracked" software, software obtained from dubious websites, or other questionable sources.
Illegally obtained software is almost certain to contain malware.
"Questionable sources" include but are not limited to spontaneously appearing web pages or popups, download hosting sites such as C net dot com, Softonic dot com, Soft pedia dot com, Download dot com, Mac Update dot com, or any other site whose revenue is primarily derived from junk product advertisements
If you need to install software that isn't available from the Mac App Store, obtain it only from legitimate sources authorized by the software's developer.
Don’t supply your password in response to a popup window requesting it, unless you know what it is and the reason your credentials are required.
Don’t open email attachments from email addresses that you do not recognize, or click links contained in an email:
Most of these are scams that direct you to fraudulent sites that attempt to convince you to disclose personal information.
Such "phishing" attempts are the 21st century equivalent of a social exploit that has existed since the dawn of civilization. Don’t fall for it.
Apple will never ask you to reveal personal information in an email. If you receive an unexpected email from Apple saying your account will be closed unless you take immediate action, just ignore it. If your iCloud, iTunes, or App Store account becomes disabled for valid reasons, you will know when you try to buy something or log in to this support site, and are unable to.
Don’t install browser extensions unless you understand their purpose. Go to the Safari menu > Preferences > Extensions. If you see any extensions that you do not recognize or understand, simply click the Uninstall button and they will be gone.
Don’t install Java unless you are certain that you need it:
Java, a non-Apple product, is a potential vector for malware. If you are required to use Java, be mindful of that possibility.
Java can be disabled in System Preferences.
Despite its name JavaScript is unrelated to Java. No malware can infect your Mac through JavaScript. It’s OK to leave it enabled.
Beware spontaneous popups: Safari menu > Preferences > Security > check "Block popup windows".
Popup windows are useful and required for some websites, but unsolicited popups are commonly used to deceive people into installing unwanted software they would never intentionally install.
Popups themselves cannot infect your Mac, but many contain resource-hungry code that will slow down Internet browsing.
If you ever receive a popup window indicating that your Mac is infected with some ick or that you won some prize, it is 100% fraudulent. Ignore it. The more insistent it is that you upgrade or install something, the more likely it is to be a scam. Close the window or tab and forget it.
Ignore hyperventilating popular media outlets that thrive by promoting fear and discord with entertainment products arrogantly presented as "news". Learn what real threats actually exist and how to arm yourself against them:
The most serious threat to your data security is phishing. Most of these attempts are pathetic and are easily recognized, but that hasn't stopped prominent public figures from recently succumbing to this age-old scam.
OS X viruses do not exist, but intentionally malicious or poorly written code, created by either nefarious or inept individuals, is nothing new.
Never install something without first knowing what it is, what it does, how it works, and how to get rid of it when you don’t want it any more.
If you elect to use "anti-virus" software, familiarize yourself with its limitations and potential to cause adverse effects, and apply the principle immediately preceding this one.
Most such utilities will only slow down and destabilize your Mac while they look for viruses that do not exist, conveying no benefit whatsoever - other than to make you "feel good" about security, when you should actually be exercising sound judgment, derived from accurate knowledge, based on verifiable facts.
Do install updates from Apple as they become available. No one knows more about Macs and how to protect them than the company that builds them.
Summary: Use common sense and caution when you use your Mac, just like you would in any social context. There is no product, utility, or magic talisman that can protect you from all the evils of mankind.

Anyone know if you can buy Tryten's mac mini security mount at stores?

Anyone know if you can buy Tryten's mac mini security mount at stores or just at www.tryten.com?

I've not seen it at stores, but each store has its own space restrictions, which may affect whether or not it is stocked. Call your store and ask. The number for Apple's own retail store is on http://www.apple.com/retail/ and the extension is usually 5 to speak to a real person. If you get AppleCare, you have been redirected off the store's phone system.

Mac defender security update, macbook pro no longer boots up

I applied the security update and then tried to reboot my macbook pro. Black screen, doesn't reboot. I tried to start up in single user mode, reset the PRAM ... and nothing. My macbook pro is now a brick. Wow. Good thing I applied a security update for something I would never be stupid enough to click on in the first place.
Any help would be appreciated...

Greetings,
The security update is software only. It has no impact on the hardware of the computer.
Do you get a boot chime at startup?
Do you hear / feel fan movement or any other evidence of activity from within the case of the computer?
Reset the SMC and then test: http://support.apple.com/kb/HT3964
Try plugging the AC Adapter (3-prong not the 2-prong) into a different power outlet.
Try running the computer with the battery out if your model allows removal of the battery.
If the issue persists after you follow the above steps, you may wish to make an appointment with a Mac Genius at an Apple store, contact AppleCare via phone, or contact an Apple Authorized Service Provider for assistance.

Possible Mac Mail Security Issue

A couple of times each week, I'm receiving returned e-mail messages that describe mail that I did not actually send. The "undeliverable" addresses in the Mailer-Daemon notifications are unfamiliar and involve a different overseas address for each notification.
Every aspect of the computer runs fine. in four years of being a devout Mac convert, I have not seen this type of problem until the past few weeks. So from my standpoint, the false notifications are just a minor annoyance. I've been deleting them. But, I wonder if there could there be a security issue or some other problem?
Thanks very much,
Charley

I am experiencing the same thing and it has just started in the last few weeks also. I get the mailer-daemon messages telling me I have had my emails rejected to people that I don't even know nor do I have anything to do with the message being rejected.
I am concerned that my computer has somehow been compromised but do not know whether or not this is the case.
The issue is how do we try to stop this - I read elsewhere that the email password needs to be changed but I am not sure if this is actually going to do anything at all.
Anyone have a suggestion to stop this?
Thanks

Mac based security managed centrally (Acs or whatever)

I have a project My customer
want to use Mac Address based Security on their whole network.They want only specific mac addressed pc/notebooks can be connected to their network.But they dont want configuration per switch basis.They wan centralized management.
We first looked for ACS.But we realized that ACS supports only Wireless access point for this kind of purpose.I also found that there is a ACS feature called NAR(Network Access Restriction) Can i use this feature?
They dont want additional integratio n(Active directory or etc.) and dont install any software to their pc/notebooks.Because of this i cant use EAP solution.
They have app 300 pcs and they will enter whole mac address list to ACS and only this PCs will be connect to network.Is it possible ?
Best Regards

I wouldnt recommend this as a strong security solution, but it could be done - in theory.
Customers devices need to be configured to initiate a PAP authentication using pre-configured credentials (a'la NAC auth bypass).
ACS will have this username+password configured plus a network access restriction that lists the allowed set of macaddrs.
While this may work for 300 users, NARs are not that easily scalable.

Mac firewall security flaw in Adobe CS3

Security experts are warning of an issue within Adobe CS3's Version Cue application which can disable a Mac's built-in firewall.
An alert from the experts at Secunia warns that Adobe Version Cue disables a Mac's firewall when it is installed. It does so in order to set certain ports up for "controlled access through the firewall", the experts said.
The probelm is that the installer doesn't re-enable the firewall once installation is complete, leaving certain system services vulnerable to attacks.
The security issue is reported in Adobe Version Cue CS3 Server, installed as part of Adobe Creative Suite 3 Design Premium, Design Standard, Web Premium, or Web Standard editions, Secunia explains.
There is a simple fix to the flaw, which is rated as "less critical" – users simply need to re-enable their Mac OS X firewall in System Preferences once installation is complete.
http://www.macworld.co.uk/procreative/news/index.cfm?newsid=18066&pagtype=allcha ndate
I'm rather surprised that an application can simply turn off the firewall without any red flags to the user.
Any comments?

..."From a user perspective, I did give authorization to install the software - I did not give authorization to turn the firewall off and keep it off."...
That's the thing though - you may not think you gave it authorization to modify the firewall, but by providing an "admin" password, you actually did. It is a matter of education, but users must be made to recognize that inputing an "admin" password is giving the process that asked for it carte blanche powers. Such an arrangement seems to be fairly typical in personal computing. Installers that use Apple's installer do sometimes break things down a little and providing a bit of detail to what right is being requested, but from what I recall, Adobe uses something else.
..."Apple should probably have provided some safety net. After all, we are talking "firewall" here, not just some preference setting. "...
I guess it's beside the point but in this case, this installer legitimately needed to modify firewall settings - you told it to install a type of server. It just happened that, there was a bug so it didn't restore the firewall after it was done. How does the system know that you didn't really want to turn off the firewall? Considering the diverse functions software can perform, it would probably be overly intrusive for the OS to try to second guess a programme every time it tried to do something. Changing any sort of user preference setting would not have required a password at all. If a programme asks for your "admin" password, that is the tip off that it intends to make changes to the system. The requirement for a password is actually a huge "safety net".
With anything related to security, there's always a compromise between security and convenience. The presumption is that as the "admin", you are a person with authority over the computer and have some level of trust in the software you are about to install. If you think about it, compared to the alternative, the current arrangement saves you from having to click "Cancel" or "Allow" for every single file that the installer is going to create, or approve every individual port it wanted to open in the firewall (keeping in mind you are installing some sort of server), and in particular, from learning the ins and outs of every detail of the guts of OS X so you fully understand what it is that you are agreeing to. Now if it turns out that your trust in Adobe's intent or competence were misplaced, the result will unfortunately be the occasional problem like this one.
..."I wonder what happens if changes to the firewall are locked? Can a software install just override this without any authorization?"...
With your "admin" password, yes. Files can be locked in certain ways where an installer or other process wouldn't be able to modify them, but as far as simply turning off the firewall, I don't think you could prevent something with authorization from your "admin" password from doing so.

Mac Mail Security

I use Mac Mail with Gmail. I have a bunch of mailboxes set up within Mac Mail to organize my email. They appear under the "On My Mac" section on the left side of the Mac Mail screen. I assume this means that all of my email content is stored on my Mac. Once in a while I access Gmail via the web, but it's only to send a short note. I have no folders (i.e., labels) with email content in the Gmail web environment.
From a security and privacy perspective, is it better to store all my mailboxes and email content on my Mac? Or is it better to store everything in the Gmail web environment?
If it is better to store everything locally on my Mac, what are the best security practices for Mac Mail. Other than having a strong password, what else should I do for good security?
Thanks

I am experiencing the same thing and it has just started in the last few weeks also. I get the mailer-daemon messages telling me I have had my emails rejected to people that I don't even know nor do I have anything to do with the message being rejected.
I am concerned that my computer has somehow been compromised but do not know whether or not this is the case.
The issue is how do we try to stop this - I read elsewhere that the email password needs to be changed but I am not sure if this is actually going to do anything at all.
Anyone have a suggestion to stop this?
Thanks

How to keep Mac files secure during repair at Apple Store

I will be taking my MacBook Pro into an Apple Store to have a Genius diagnose a persistent hardware problem. I am very concerned about my files and info being stolen or tampered with if a I have to leave it there for repairs. I am especially concerned about Keychain. What is the recommended way to keep the contents of my Mac secure in this situation, since I assume I will have to give them my Administrator info? Thanks

I'd recommend against FileVault if you have a lot of data, especially media files that are one singular file in excess of several hundred MBs (or more). Someone got a client of mine to configure FileVault (first time) on her MacBook Pro that had about 180GB of movies, music, pictures, etc. While it enabled FileVault in about 25-30 minutes on the initial sparsebundle image creation it took over 37 hours to remove the sparsebundle image when she turned FileVault. It wasn't even corrupted... I couldn't imagine how long it would have taken if it was.
I vote the temporary relocation of files, it's quicker and easier.
Also, while I can't speak for all Mac Genii that do repairs, having served as one for a while I honestly say that I never "snooped" around a user's machine. Unless they explicitly asked me to verify something, I never clicked anywhere that wasn't System Profiler, Activity Monitor or System Preferences. Honestly, there was just never any "free time" during a repair to be digging through your documents or pictures and the risk of termination or something worse was not worth the "thrill."

Which tools for the Mac support Secure Erase (SE)

Note: I'm not talking about what Disk Utility allows you do to go by overriting data. I'm talking about a full wipe of areas not usually accessible by the user. For instance the X-25M like any other ATA device supports SECURE_ERASE which will erase more than just the data area of the drive.
So far HDDERASE for the PC is the only tool I know of that issues this command.
Is there any C code that exists that issues this command that allows this command to be issued on Macs and machines that don't support what's called "legacy IDE mode?"

The most secure is zeroing an entire hard drive:
http://support.apple.com/kb/HT1820
Note it won't work on hard drives that have been partitioned. Therefore it really does the ENTIRE hard drive.

Help...Has my mac's security been compromised?

Our internet went down so I reset modem and router. Router then renamed itself and old pw did not work. I contacted the company of the 3-yr-old router and was told that our Mac had the following: location is exposed, blocked process, lmpsu.exe,error, malware and suspicious files detected, corrupt and unwanted registry entries, bad sectors, corrupt files, etc. The company then said it could fix for $389. When I said no and that I wanted to contact Apple Support, the rep became slightly rude. I tried to contact Apple Support, but my Mac is no longer covered. I will pay a one-time fee if necessary, but thought I would start with the Apple Community. My software,etc.,is up to date, I checked in applications for any malware, and I purchased a new router. A final note...when I look at the System Profiler, is there any reason why it would show a Samson Android under network locations? If my son has a Samson Rugby (everyone else has I-Phones), would it show up here even though he is away at school. Thanks to anyone who can help!!!

If you know or suspect that a hostile intruder has either had physical access to the computer, or has been able to log in remotely, then there are some steps you should take to make sure that the computer is safe to use.
First, depending on the circumstances, computer tampering may be a crime, a civil wrong, or both. If there's any chance that the matter will be the subject of legal action, then you should do nothing at all without consulting a lawyer or the police. The computer would be the principal evidence in such a case, and you don't want to contaminate that evidence.
Running any kind of "anti-virus" software is pointless. If I broke into a system and wanted to leave a back door, I could do it in a way that would be undetectable by those means—and I don't pretend to any special skill as a hacker. You have to assume that any intruder can do the same. Commercial keylogging software—which has legitimate as well as illegitimate uses—won't be recognized as malware, because it's not malware.
The only way you can be sure that the computer is not compromised is to erase at least the startup volume and restore it to something like the status quo ante. The easiest approach is to recover the entire system from a backup that predates the attack. Obviously, that's only practical if you know when the attack took place, and it was recent, and you have such a backup. You will lose all changes to data, such as email, that were made after the time of the snapshot. Some of those changes can be restored from a later backup.
If you don't know when the attack happened, or if it was too long ago for a complete rollback to be feasible, then you should erase and install OS X. If you don't already have at least two complete, independent backups of all data, then you must make them first. One backup is not enough to be safe.
When you restart after the installation, you'll be prompted to go through the initial setup process for a new computer. That’s when you transfer the data from a backup in Setup Assistant.
Select only users in the Setup Assistant dialog—not Applications, Other files and folders, or Computer & Network Settings. Don't transfer the Guest account, if it was enabled.
Reinstall third-party software from original media or fresh downloads—not from a backup, which may be contaminated.
Unless you were the target of an improbably sophisticated attack, this procedure will leave you with a clean system. If you have reason to think that you were the target of a sophisticated attack, then you need expert help.
That being done, change all Internet passwords and check all financial accounts for unauthorized transactions. Do this after the system has been secured, not before.

Need advice on Mac file security

1. I use Office For Mac, Excel version 14.3.0 I can save an Excel file with a password, but I do not know what type of encrption Excel uses to encrypt the file. Maybe AES 128?
2. I know I can use Disk Utility to create an encrypted disk image, and then store the Excel file in the encrypted disk image.
3. I also know that I can use FileVault to encrypt the entire drive.
When it comes to encrypting and protecting an individual Excel file, does one of the three options provide a higher level of security protection? If so, which one and why? Should I use a combination of the above options to "double encrypt" sensitive Excel files?
Advice welcome!

first of all please review this article and related posts....also do an assessment of how time machine will play into the equation in the advent of a restore
http://support.apple.com/kb/ht4790
as for excel proper
http://office.microsoft.com/en-us/excel-help/password-protect-worksheet-or-workb ook-elements-HP010078580.aspx
http://office.microsoft.com/en-us/excel-help/overview-of-security-and-protection -in-excel-HP005238854.aspx
http://office.microsoft.com/en-us/excel-help/help-secure-and-protect-data-in-exc el-RZ001123531.aspx?section=5

Mac Java security vulnerability upgrade - issue.

The recent (I did it today) upgrade of Mac OS 10.8.2 to fix Java security vulnerability is now causing flickering on my Macbook Pro. Kindly help.

Restart.
Reset PRAM. http://support.apple.com/kb/PH4405
Best.

MAC Address security for login into CRM

Hi,
Can somebody tell me that how can i provide any hardware security to our CRM users. For example - MAC Security.
If a CRM user is having the login ID and password of another user, he can easily access the records of that user. Can we provide any type of hardware security ?
Regards
Khushboo Mittal

I haven't come across any hardware security feature so far. The best you can do is the IP address restrictions.

Mac OS security

Similar Messages

Maybe you are looking for