# Mac Security is a Myth



## Drucifer (Feb 12, 2009)

Mac OS X Security Flaw Publicized after Apple Fails to Patch



> Apple has a history of being tardy with security patches.


----------



## Grentz (Jan 10, 2007)

They are the masters of security through obscurity. Who are the hackers going to go after? Plus, a lot of the hackers are in other countries (Apple's PC marketshare is even more minor internationally).

As OSX gains in popularity, so will the target on its back.


----------



## SayWhat? (Jun 7, 2009)

^^^ Yup. It doesn't have a big enough share of the pie to be a worthwhile target. Same with the lesser known and used browsers like SeaMonkey and Opera. Why go after 10% of the sucker base when you get so many fish by going after IE and the general but less tech-savvy population using it?

While OSX has only had a small number of Advisories issued in 2010, nearly 3/4 of them have been "Highly Critical":

http://secunia.com/advisories/product/96/?task=statistics_2010


----------



## Stewart Vernon (Jan 7, 2005)

Security in general is a myth...

Most of the security problems really arise from people choosing poor passwords, sharing those passwords with others, and being generally careless.

Like people who advertise they are going out of town for a week and are surprised to find they were robbed when they got back... vs people who don't make a big deal about being away having less issues.

I remember seeing a documentary once about a group of guys that were ex-hackers who now had a business where companies hired them to try and hack them to prove their security measures.

In most cases these guys found that only minimal security precautions were necessary to secure a system from most attacks... and they actually hacked more than one company by calling up a receptionist and saying something like "the boss told me to call you and get the password" and having someone give them access! Then they find the same password unlocked all kinds of stuff.

Bottom line... Mac or PC, most security breaches end up being user error that could easily have been prevented by some basic habits. Kind of like how washing your hands can keep you from catching most colds.


----------



## redfiver (Nov 18, 2006)

Stewart Vernon said:


> Security in general is a myth...
> 
> Most of the security problems really arise from people choosing poor passwords, sharing those passwords with others, and being generally careless.
> 
> ...


wait... you're providing sound, reasonable advice on a message board? Where has the internet taken us? This should be a huge flame war between Macs and PCs. We should also argue about the many anti-virus programs out there. But eventually, someone will just call someone else Hitler (which is probably someone's password anyway...).

I've little sympathy for folks who get viruses. Most are self-inflicted. And wash your hands often. And never forget to wash them after you've gone to the bathroom, because that's just gross.


----------



## billsharpe (Jan 25, 2007)

redfiver said:


> wait... you're providing sound, reasonable advice on a message board? Where has the internet taken us? This should be a huge flame war between Macs and PCs. We should also argue about the many anti-virus programs out there. But eventually, someone will just call someone else *Hitler (which is probably someone's password anyway...)*.
> 
> I've little sympathy for folks who get viruses. Most are self-inflicted. And wash your hands often. And never forget to wash them after you've gone to the bathroom, because that's just gross.


Nah! I use Mussolini -- it's longer, not quite as well known, and thus more secure.


----------



## BattleZone (Nov 13, 2007)

Stewart Vernon said:


> Security in general is a myth...


... because most people simply can't be bothered.


----------



## njblackberry (Dec 29, 2007)

And others have bought into the infallibility of Apple's products.
But Stewart's comments are spot on. People don't care.


----------



## Stewart Vernon (Jan 7, 2005)

Probably the best security scenario is to have isolated PCs (or Macs) that aren't connected to anything else most of the time... and you are very careful about what you expose them to...

Then you have other PCs (again or Macs) that you connect to the Internet, and you try to protect them but you also use them as your buffer to find out what is infected and what isn't before putting on your truly protected systems.

The average home user might not be able to do that... have multiple computers for that purpose... so they just have to try harder and not run every attachment that someone says is "cool" to run. Also, don't use your dog's name as your password AND then walk around the neighborhood with your dog and his nametag with name clearly spelled out for all to see 

IF you are Hitler, you should probably use something that is against your personality-profile as a password... like don't use "superior" or "masterrace" or something obvious as your password... Use something like "fluffybunny23" that no one would suspect, and of course don't write it down or tell anyone!


----------



## LarryFlowers (Sep 22, 2006)

Best Password Security is still as follows:

Never use passwords less than 8 characters
Passwords must contain 3 of the following 4 criteria:
1. Capital letters
2. Lower case letters
3. Numbers
4. Symbols

Never use a word.

and perhaps most importantly, never ever give your password out for any reason. No exceptions.


----------



## dpeters11 (May 30, 2007)

LarryFlowers said:


> Best Password Security is still as follows:
> 
> Never use passwords less than 8 characters
> Passwords must contain 3 of the following 4 criteria:
> ...


And don't replace Os with 0s etc. One of my pet peeves, I've had accounts for credit cards etc that don't allow symbols. I've had others where 8 characters was all they allowed.

My primary system is Ubuntu, and it's certainly not impervious.


----------



## kc1ih (May 22, 2004)

Ad how many of these security warnings are put out by companies selling security software? Now that the Mac platform is becoming more popular, they are targeting Mac users too.


----------

