Common sense security tips to keep your Mac safer online
There was a time when Macs were completely safe from viruses and hackers. But, as Apple's market share increased, it became worth it to criminals to find ways to target Apple users too. The majority of (and the most serious) problems to date have come not from some weakness in OSX, or any other Mac operating system, but from Java (even Java 7). But that is no cause for complacency, so here's list of things that you really should do.
Enable Mac Firewall
A firewall keeps tabs on (and, if necessary, stops) traffic both in and out of a computer network; in this case your Mac and the internet, stopping unauthorised attempts to connect to your machine. Go to System Preferences > Security & Privacy > Firewall and check that it is on.
Do note that this will only work for incoming traffic; if you want to be notified whenever there's outgoing traffic you'll need to get a bit more involved or install software to do this. Outgoing traffic could be something innocent like an app you have installed sending data back to the app provider, but could also be something more sinister like a hackbot sending a sensitive file to a criminal.
Rely on Apple Gatekeeper
If you've ever seen the error message "[name] can’t be opened because it is from an unidentified developer" then you've seen Gatekeeper at work. More recent versions of OSX will look for a digital signature from a whitelist of Apple-approved developers when asked to run software, and if one is not present then the software will be stopped from running. To configure this go to System Preferences > Security & Privacy > General > Allow Applications Downloaded From... and you have options. To mark an app as safe, hold down CTRL before clicking and selecting OPEN; it will be trusted henceforth.
Allow browser plugins to run only with permission
As we said above, Java applets run in browsers are the main attack route for trojans such as Flashback. Here's how to disable them, except on demand, in
- Safari: Preferences > Security > uncheck 'Allow Java'
- Chrome: type 'about:plugins' into the address bar, then click 'disable' next to 'Java'
- Firefox: Tools > Addons > Plugins, then click 'disable' next to 'Java'
The other major threat is Adobe's Flash. Many popular sites still use this to play video, but there are plugins (FlashBlock for Chrome or Firefox, and ClickToFlash for Safari) that will only let Flash run when you ask it to.
There are still many that think that Macs don't need antivirus software. The saving offered by not having this sort of protection installed is at most £50 a year, and there are cheap and even free apps out there. What price do you put on your sensitive and private information?
back to Security