We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

The six biggest Mac security flaws

Why IT should be worried about Mac security

Generally Macs have been considered more secure than PCs using the Windows OS. However, it's not the case anymore. We've rounded up the six biggest security threats to Macs and looked at how they can be overcome

Security flaw No. 6: Apple's security is half-baked

The strongest concerns over Mac OS X security have to do with improvements introduced in Mac OS X 10.5 (Leopard) that fall short of what's fully needed. "Nothing in Leopard is completely implemented," says Mogull. "They finished enough to get their marketing bullet point, but not a real strong level of defense," concurs Dai Zovi.

Leopard has a strong foundation on which more enterprise-oriented features should be built, as well as a greater extension of integrity and attack resistance for individual users on their own or in companies. For example, Apple added library randomisation to Mac OS X 10.5, which prevents virus writers from finding code at specific places in memory each time. However, unlike with Vista, only a subset of what can be protected is actually protected.

Some suspect that Apple will finish building enterprise-class security in Snow Leopard, the next major Mac OS X, slated for summer 2009. While Apple is scant on details related to Snow Leopard, it's clear that with the ‘pause button’ pressed, as Apple CEO Steve Jobs put it, security and enterprise support will be two of the big improvements expected. (Better use of multiple cores and processors and a push toward optimised software such as JavaScript and QuickTime will be two of the other pillars.)

Solution

With Snow Leopard a year away, security-conscious enterprise may choose to delay serious Mac deployments until they know precisely what security improvements Apple commits to for that release.

Don't be complacent about Mac security

It's vital that security planning takes place before holes appear, and that the IT staff is ready to handle the differences between the Windows, Unix, and Linux systems they may be accustomed to and what Mac OS X brings with it.

Dai Zovi said, "The biggest danger is a sense of complacency: 'Oh, it's a Mac, we don't need to worry about this.' "

  1. Why IT should be worried about Mac security
  2. Serious third-party security flaws are slow to be fixed
  3. The solution to slow to be fixed third party security flaws
  4. Why naïve use of Back to My Mac is a problem
  5. The solution to complacency over malware
  6. Why naïve use of Back to My Mac is a problem


IDG UK Sites

Best Black Friday 2014 tech deals UK: Latest bargains on phones, tablets, laptops and more this...

IDG UK Sites

Tech trends 2015: 3D printing grows up

IDG UK Sites

10 mind-blowing Oculus Rift experiments that reveal VR's practical potential

IDG UK Sites

Black Friday 2014 UK: Apple deals, Amazon deals & other Black Friday tech offers