HOME
TOPICS
ABOUT ME
MAIL

 
  technofile
Al Fasoldt's reviews and commentaries, continuously available online since 1983

T h e   R o a d   L e s s   T r a v e l e d
Security 101 for Mac OS X


March 26, 2003


By Al Fasoldt
Copyright © 2003, Al Fasoldt
Copyright © 2003, The Post-Standard

   What kind of security measures should Mac OS X users take? It's a legitimate question, made even more urgent by reports of vast security holes in Windows. Are OS X Macs just as vulnerable?
   I'll try to answer the basic questions in this week's Q&A on security for Mac OS X computers.
   
   Q: Can't OS X Macintoshes get computer viruses? You've said OS X is immune to viruses, but surely that's an exaggeration.
   A: Yes, OS X Macs could get computer viruses, if those viruses were designed to do something specific to a Mac OS X computer and were aimed at Unix computers or at OS X in particular. (Mac OS X is a Unix operating system.) I've said many times that OS X Macs are immune to Windows viruses. Nearly every virus is a Windows virus, so that's not an exaggeration; it's just honest reporting. So far there are no Mac OS X viruses, but there are an estimated 70,000 Windows viruses. That's an infinite ratio.
   
   Q: Do Mac OS X computers need firewalls the way Windows computers do?
   A: Yes. Mac OS X comes with a basic firewall, but activating it and setting up its parameters is a geeky task. Interface software designed to make the OS X firewall easy to use is available from download sites. (Search for "Brickhouse" at www.versiontracker.com for one of the best.)
   But if your OS X Mac uses a high-speed cable or DSL connection or if it's connected to the Internet by a direct T1 or T3 line, you should install a hardware firewall, regardless of whether you use a software firewall. My choice is the Linksys Cable/DSL Router (there are a couple of models), which sits between your computer and your Internet connection and isolates your Mac from snoopers. It's also able to serve an entire local network, allowing everyone in your home or office to get on the Internet from one connection.
   
   Q: You've pointed out that Windows PCs have no security even if they have require a password when the computer boots up. Is that true of Mac OS X? Can a clever 14-year-old get past the password at the keyboard of an OS X Mac?
   A: It's true that older Windows PCs (running Windows 95, 98 or Me) have that security problem; pressing a single key (no, I won't tell you) will let anyone get past the password. But that's a problem only with those older versions of Windows. Windows XP, 2000 and NT computers do not work that way, nor does. Mac OS X.
   However, although Mac OS X has a "hardened" password system, interlopers can break into any Mac OS X computer by inserting an OS X boot CD into the CD drive and holding down a certain key. (No, I won't tell you that, either.) Keep your Macintosh locked up if it's located where this sort of thing could happen.
   
   Q: What about spam? After I switched from Windows to an iMac I got a lot less spam. I realize this is not a security thing, but is there some advantage OS X has in reducing spam?
   A: "Advantage" is too mild a term for OS X users. Apple's Mail program, which comes standard with OS X, has an outstanding spam filter. But blocking spam is very much a part of security and privacy, because most spammers use techniques to track who has opened their messages. When you open a spam message that contains a Web bug (an invisible object designed to track Web ad usage), the spammer steals information about you. OS X Mail blocks such messages from being opened, ensuring your privacy and safety.
   
   Q: I read somewhere that pop-up windows compromise security because of Web bugs, also. I use a pop-up stopper program under Windows, and would never want to switch to OS X unless I could get the same program. But the company that makes it says it won't have an OS X version no matter what.
   A. Relax. Apple's own OS X Web browser, Safari, blocks all pop-up windows. Open the File menu in Safari and make sure pop-up blocking is checked (turned on). Safari also lets you refuse cookies (Web browser tracking files) unless they meet certain requirements.