Just about every week we see articles rolled out about how a security researcher has found a scary security flaw in OS X. It makes for great headlines, but how are the every day Mac users actually affected by these headlines, and how should they react?
An interesting, almost inflammatory article this week got me thinking again about OS X security. For your inspection, I present "Apple Leaves Two Obvious Security Weaknesses In Mac OS X El Capitan." What's happening here is that there are eyeballs to be captured and money to be made by pointing out various security flaws that researchers have found in OS X. This article is typical of Forbes, a publication often long on anti-Apple perspectives and correspondingly short on technical depth.
The reality is that there is a technology race between Apple software engineers and potential exploiters. Often, these security flaws are very theoretical, hard to implement, depend on user cooperation to do something stupid, and/or require physical access to the local network or the Mac. At the very least, it's a race between a fix rolled out by Apple and widely available kits for the black hats to add to their libraries.
Apple has a reputation for being focused on user security, and so these flaws are taken seriously by the company. One reason they take so long to fix is that a sound response often requires attention to the overall architecture of OS X. Put another way, Microsoft learned the hard way, about a decade ago, that hurried patches often just result in more problems down the road and yet more frantic offshoot patches that don't address the fundamentals.
When Apple works on security flaws in OS X, the engineers have to not only take into account how OS X is structured but also have to take into account future plans for how the next generation(s) of OS X will be architected.
The best way to analyze the real world progress is to not only monitor the potential flaws but to be alert to actual users who've been victimized by such flaws. More often than not, we don't hear about that because Apple manages to get the fixes out before the exploit is widely implemented.
Plus, Apple has other tools at its disposal, such as the XProtect mechanism. Finally, if the user has antivirus software installed that can scan the browser's incoming HTTP steam for the characteristic code signatures of exploits, there's an extra layer of protection. I always recommend that.
The end result is that in a few cases, inexperienced users report getting burned but, in the vast scheme of things, OS X remains a very safe environment, provided the user is also savvy and careful. The same can be said for Microsoft Windows ever since Microsoft got really serious about security starting with Windows 7.
In summary, OS X security is multi-layered. It's about smart Apple engineers, user awareness, smart practices, attention to updates, avoidance of known offenders like Adobe Flash and the use of antivirus software. This is why I always advise customers to move along with the technology timeline and, as quickly as reasonably possible, update to the latest version of OS X, now at version 10.11 El Capitan.
Articles like the one I linked to at Forbes should be taken as part of one's modern technology education as opposed to a quantitative assessment of Apple's presumed incompetence.
There's more on the next page about OS security.
Next page: the tech news debris for the week of September 28. An Apple Watch for Christmas?