A Perspective on Mac OS X Security from an Expert

SAN FRANCISCO -- Macworld is a great place to sit down with a representative from a well-known company and acquire new insights that don't always come through in either their press releases or Website. When the subject is Mac OS X security, the occasion is even more profitable,

This reporter spoke with Jack Nahon, V.P. of Business Development with Intego. We had a frank, wide-ranging discussion about all things related to security on the Mac.

The first topic was the overall state of Mac system security and how if evolved over the years. "Back in 2003 to 2005," Mr. Nahon recalled, "the threats to the Mac were mostly proofs of concept from the white hats. There weren't any real threats except the Word-macro viruses. Our goal then was to stop the spread the viruses, mainly with the Mac as an infected carrier."

"However, in the 2006-2007 time frame," he continued, "we saw the first malware emerging. These Trojan Horses were derivatives of their counterparts on the Windows side. We believe their source was, generally, eastern Europe, and they live mainly on pornographic Websites -- the best kind of site to lure unsuspecting users."

"Nowadays, as we've learned how to close and harden ports and detect Trojan Horses and viruses, the emphasis has shifted to phishing. This is much harder to protect against because it uses trickery to deceive the user at a high level rather than technical means to infect the machine at a low level."

That led to a discussion of how one can protect against phishing and whether Safari or Firefox is better.

"We think that with the new anti-phishing protection, Safari is in better shape. But a critical problem remains, namely, thousands of new Website spring up each day, and there's always a lag between the time it springs up and when the site can be blacklisted. During that time, the Mac user is vulnerable."

This reporter wondered if Symantec's work on the Windows side gives them an advantage. Mr. Nahon didn't think so, and pointed out that that work closely with some partners to monitor what goes on in the Windows world.

"You should know that we published an annual report recently. It catalogs al the major threats from 2008 and describes how they operated," Mr. Nahon added. "There were perhaps ten or so significant threats. We expect that number to rise to about 40 or 50 in 2009."

At this point, Mr. Nahon brought up a very interesting point that all Mac users should be aware of. "Sometimes, for technical reasons, it takes Apple some time to provide an OS update that deals with significant threats. Our job is to analyze the threat and update Virus Barrier right away, This is the first, immediate line of defense. Then, when Apple can certify an update that doesn't have any ripple effects and is a sound change to the OS, that fixes the vulnerability for good. So that two part sequence produces a layered defense strategy."

That's a smart approach for any Mac user, many of whom can be a little too complacent about the state of their Mac -- or who grumble that Apple takes so long to publish a notable update. Mr. Nahon pointed out that Microsoft has found that 50 percent of their customers have no malware protection at all installed. It's amazing, but complacency remains a continuing, wide-spread problem for both Windows and Macintosh users. Independent of market share and relative system security, just like the fictional Jack Bauer of "24," he might stop 9 threats out of 10, but that one breach not stopped can be a real problem.

All in all, it was a sobering conversation with an expert in Mac OS X system security. The lesson is that there are people out there who are out to compromise your computer, fool you, and steal your money. They get paid and make a living doing it. Mac users should take their safe presence on the Internet at least as seriously.