We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
 
74,953 News Articles

The six biggest Mac security flaws

Why IT should be worried about Mac security

Generally Macs have been considered more secure than PCs using the Windows OS. However, it's not the case anymore. We've rounded up the six biggest security threats to Macs and looked at how they can be overcome

Security flaw No. 6: Apple's security is half-baked

The strongest concerns over Mac OS X security have to do with improvements introduced in Mac OS X 10.5 (Leopard) that fall short of what's fully needed. "Nothing in Leopard is completely implemented," says Mogull. "They finished enough to get their marketing bullet point, but not a real strong level of defense," concurs Dai Zovi.

Leopard has a strong foundation on which more enterprise-oriented features should be built, as well as a greater extension of integrity and attack resistance for individual users on their own or in companies. For example, Apple added library randomisation to Mac OS X 10.5, which prevents virus writers from finding code at specific places in memory each time. However, unlike with Vista, only a subset of what can be protected is actually protected.

Some suspect that Apple will finish building enterprise-class security in Snow Leopard, the next major Mac OS X, slated for summer 2009. While Apple is scant on details related to Snow Leopard, it's clear that with the ‘pause button’ pressed, as Apple CEO Steve Jobs put it, security and enterprise support will be two of the big improvements expected. (Better use of multiple cores and processors and a push toward optimised software such as JavaScript and QuickTime will be two of the other pillars.)

Solution

With Snow Leopard a year away, security-conscious enterprise may choose to delay serious Mac deployments until they know precisely what security improvements Apple commits to for that release.

Don't be complacent about Mac security

It's vital that security planning takes place before holes appear, and that the IT staff is ready to handle the differences between the Windows, Unix, and Linux systems they may be accustomed to and what Mac OS X brings with it.

Dai Zovi said, "The biggest danger is a sense of complacency: 'Oh, it's a Mac, we don't need to worry about this.' "

  1. Why IT should be worried about Mac security
  2. Serious third-party security flaws are slow to be fixed
  3. The solution to slow to be fixed third party security flaws
  4. Why naïve use of Back to My Mac is a problem
  5. The solution to complacency over malware
  6. Why naïve use of Back to My Mac is a problem


IDG UK Sites

Amazon 3D smartphone release date, price and spec: The hologram phone?

IDG UK Sites

iPhone 5s review: why the iPhone 5s is still the best phone you can buy in 2014

IDG UK Sites

Passwords don't work: here's four ways to fix them

IDG UK Sites

The art of rebranding: Creative agency The Neighbourhood explains how & why it rebranded