Macs, malware and common sense

With the release into the wild of MacDefender, one of the first widespread threats to OS X, it’s useful to restate the principles of computer desktop security. These are the kinds of things that should be baked into every computer users brain. Rote learning is sometimes a good thing.

	1. Never enter your administrator password unless you know exactly why you are being asked, especially if you are asked in the middle of doing something else like browsing the web.
	1. Never run a piece of software you don’t trust.
	1. If an installer appears on your screen you did not request, always cancel it.
	1. Never enter credit card details into a piece of software. Always go via their website or, preferably, somewhere trustworthy like PayPal or Amazon—or an app store.
	1. Never connect to open wifi networks.
	1. Particularly on Windows, but perhaps on Mac too, don’t run as a user with administrator rights. Many, many Windows attacks can be prevented with this measure.

Bearing this in mind, however, the problem is mostly not with the software any more. It’s mostly with the user. Both OS X and Windows 7 are very secure when compared to the virus heyday Windows XP and Windows 98. Going forward the problem is going to be with us and our propensity to be tricked into scams. If it seems too good to be true, it is. This seems is obvious. But increasingly, even if it seems to be true, it might not be.

One of the examples given in the above article is that of a mailing list management company being hacked. Millions of names and email addresses, along with associated mailing lists, were stolen. As a TiVo customer, mistakenly clicking a link in a personalised email seemingly from TiVo is much easier than one from “v1agra pharmacy”. Even so, a secure operating system and the above rules should help you avoid getting further into trouble if this should happen.

As operating systems become more secure, malware starts to target users. In this way, Apple’s adverts decrying Windows’ vulnerability to malware, while true, encourage a false sense of security for Mac users. MacDefender is a warning that we, as Mac users, still need to be careful.