How to protect your Mac against viruses
2nd Sep 2012 | 09:00
Are we wrong not to worry too much about cyber-attacks targeting Macs?
How to protect your Mac against malware
Malware is short for malicious software and generally refers to any program that was installed on your Mac without your knowledge or approval.
The discovery of the Flashback malware sparked headlines around the globe that our little corner of the digital world was no longer safe; that we couldn't hide behind "security through obscurity"; that soon, we'll have a platform that will be just as vulnerable as Microsoft's, and purchasing anti-virus software will be the norm.
We don't know about you, but we've heard it all before. Ever since the birth of OS X we've been told that any day now, viruses will appear and wipe that smug look off our faces for having thought our system was more secure than the competition's. Well, it hasn't happened yet and considering the direction Apple is taking, chances are, these predictions of doom won't be realised anytime soon.
But that doesn't mean to say we should be complacent: far from it. Mac OS X isn't perfect - how could it be? It was designed by humans after all, and that Flashback malware did infect an estimated 1% of the Mac install base; that's roughly 600,000 Macs.
It's a huge number, but let's not forget that Apple did issue a fix for the problem reasonably quickly, including a means of removing the malware should it be in your system. So how filled with holes is that Swiss cheese operating system of ours? Let's take a look at what security is available out of the box on a standard Mac.
Before you even think about malware, there's the potential threat of someone hacking into your computer. The chances of this happening are actually quite remote, but your Mac does come prepared for that eventuality.
Mac OS X has a firewall built-in. Its objective is to monitor the flow of data through your computer and determine whether to allow that data to pass based on a series of predetermined rules. These rules can be manually configured and with OS X Lion, you can also control which programs are allowed access to certain parts of the network - if you need to be that specific.
Enter the vault
Should you get hacked, you can make the process much harder by encrypting your data with FileVault. This System Preferences option has been available since Mac OS X 10.3, but was vastly improved with Lion. It no longer slows down your computer to any noticeable degree, and it's now possible to back up your Mac with Time Machine without encountering any conflicts.
With the upcoming release of Mountain Lion later this year, Apple is bringing further security measures to your system. Improvements include Address Space Layout Randomisation (ASLR), which offers protection for your older programs (those that haven't yet been upgraded to support 64-bit computing) as well as the newer ones (that do). This means that all your applications will be more resistant to attack.
Another welcome addition is Application Sandboxing, which limits what a program can do, like being able to open a file or access the network. Therefore, should one of your applications have a vulnerability, anyone accessing your Mac through it shouldn't be able to gain control of other parts of your system.
The one that's got many people talking is Gatekeeper. This new system preference is designed to turn your Mac into an iOS device in terms of security - and by that we mean you can set it up to only allow apps purchased from the Mac App Store to run on your computer.
You can also open the gate a little more and allow apps from "identified developers" who aren't on the Mac App Store (Apple are currently creating a list of such individuals and companies), or if you'd prefer the current free-for-all, devil-may-care, let's-install-whatever-we-want attitude, you can switch to the third and lowest mode of security, which is essentially what we've been used to since the early days of computing.
But for now, how can we manage with the system we're currently using? Well, Apple has already covered many of the bases.
For instance, the first time you launch an app you've downloaded from the web, your Mac will bring up a warning window and ask you if you're sure you want to open the program in question. Most of the time you'll say yes, and once approved, you won't see that message again for that particular program, so what's the point of this annoying little window?
It's to protect you against software that masquerades as something else, like a JPEG image for instance. If you were to double-click on a malicious file to open it, you'd be greeted with that very same warning window, which would hopefully give you pause for thought and enable you to cancel the operation, thereby thwarting that piece of malware.
None of this happens with software from the Mac App Store of course, because Apple's already checked those apps and deemed them to be safe. In fact, if you already only purchase apps exclusively from there, you've got a large part of what Gatekeeper is aimed to do.
The advantage of Gatekeeper, of course, is that apps that creeped onto your system without your knowledge should have an even harder time launching.
One of the best lines of defence against malware is to keep your Mac's software as up-to-date as possible. Adobe's Flash, for instance, has been judged to be a major cause of security vulnerabilities, so you should grab every patch Adobe throws at you (or just follow the lead of your iOS devices and remove it completely from your Mac!).
But you also need to do this for your Mac's operating system, which is where the Software Update feature comes into play. Apple releases regular security updates and they will show up on your Mac ready to be downloaded. For instance, Mac OS X 10.7.4 released in early May also included a patch for a password security hole that was present with FileVault, a glitch that only just cropped up the week before.
Your Mac can automatically check for updates on a daily, weekly or monthly basis, and you can instruct it to download patches automatically, so that by the time the alert window comes up, all you need to do is click on install and the process will start immediately.
Working with Lion also makes such updates much more painfree. With previous versions, you'd have to close your web browser, email program, and any other apps you had running since most security patches require a restart. With Lion however, once you restart, your Mac will come back exactly as you left it, with all your apps and your open documents right where you left them ready for you to get back to work.
Beating viruses and scams
I've got the remedy
Despite the fact that Macs obviously aren't invulnerable, there isn't a real and pressing need to install anti-virus and anti-malware protection as a matter of course. However, such programs are available if you feel the need for additional security. Just remember that those programs' databases need to be updated regularly otherwise you won't be protected from the latest malware, just the ones the developers knew about when they released the version you purchased.
You can get Norton AntiVirus 12 for Mac, Intego VirusBarrier X6 or Bitdefender Antivirus for Mac, to name but three. If you're on a budget and are looking for free alternatives, Bitdefender Virus Scanner and ClamXav, among others, are available directly from the Mac App Store.
But malware isn't your only source of concern: you need to be wary of scams cleverly designed to part you from your money or personal information. This is called phishing. I'm sure we're all wise to those emails from rich deposed Nigerians who need to hide their funds in your bank account for just a few days, but most modern scams are cleverer than that.
You may find an email appear in your inbox from your bank, asking you to log into your account because someone may have gained access to your funds. If you were to follow the instructions and click on the link provided, you'd be sent to a page that looks so much like your bank's that you could be fooled into handing them your username and password, and after that… well, let's not think about the consequences.
What's the password?
So how can you avoid falling prey to such scams? Your bank or other institution would never contact you in this way for such information, but simply ignoring those emails isn't enough.
Most of us only use a handful of passwords for our internet activity (some only use one), so if 'YouTube' contacts you and asks for your password and you give it to them, those scam artists have your email address and password, and can try them on other sites, such as eBay or Amazon, and go on a shopping spree.
Many of these scam websites are known, and modern browsers will warn you if you're heading into dangerous territory, but this is a game of cat and mouse with websites often moving around faster than anyone can keep track of, which is why you need to apply a little diligence.
Your Mac is there to help you with that. For instance, if you see a link in a potentially dodgy email, move the cursor over it but do not click on it. After a few seconds, a yellow pop-up appear showing the address this link will send you to. If the address matches, you're good to go, if not, send that email into the trash and don't look back.
Official institutions such as banks also have security certificates and browsers, such as Safari, can show you that the site you're visiting is genuine by displaying the institution's name in green to the right of the address bar.
There's another growing threat and it has nothing to do with the internet, but with your phone. In the UK and Ireland, unsuspecting people are being rung by someone claiming to be from Microsoft, informing them that their computer is infected and they can help, for a fee. They'll gain control of the PC and lord knows what kind of malware they'll put in while claiming to help.
Now of course, since you're running a Mac, you'll be able to laugh at them as you hang up, but with the increased popularity of our platform, we need to be aware that it may not be too long before someone calls claiming to be from Apple and telling us they've got an easy way to remove a fictitious infection. The safest thing to do, will be to hang up immediately.
But despite the fact that no system is perfect and that our Macs are indeed vulnerable to attack, most viruses and other malware go after Windows. As the most dominant platform in the world, it's the lowest hanging fruit. What we need most, as Mac users, is vigilance.
There's no need to unplug from the internet; just be wary of unsolicited emails, check which websites you visit, be careful what you download and make sure your Mac's software is as up to date as possible. With those precautions in place, you should be able to continue your regular daily online activities and not encounter any problems.
How to make your Mac more secure, quickly and easily
1. Keep your Mac updated
Check for updates regularly and make sure you do install them. It's sometimes advisable to wait a day or two to make sure the patch didn't create more vulnerabilities than it was supposed to solve - it's rare, but it has happened in the past.
2. Get the latest Flash
Flash is still an important facet of desktop computing, but it's becoming an ever bigger target for hackers because it's such a ubiquitous piece of software. You should therefore make sure that it's as up-to-date as possible, by visiting www.adobe.com/uk.
3. Stay abreast of the news
Malware often happens before anyone can devise a fix for it, so it's crucial to keep as well informed as possible, by regularly checking Mac news sites such as www.macformat.co.uk, and even subscribing to RSS feeds, so that you know when new information crops up.
4. Disable Java
5. Install Little Snitch
Firewalls may stop information coming in, but how do you know if anything's trying to get out? That's where a great little app called Little Snitch could become your best virtual friend. Download it from www.obdev.at (£24 + VAT).
6. Set up Little Snitch
You can tell Little Snitch to 'trust' specific apps so that it won't bother you each time you connect to the iTunes Store, for example. Any action from an unknown or untrusted app will show up, highlighting potential offenders.