Are Mac users right to be smug about security? - TechRadar UK

Trojans, botnets and rootkits, backdoors, dialers and worms - none of these things mean a thing to your average Mac user. Of course they have heard of them - they’re things that happen to Windows users. And not in a good way. Over here in Mac Land, we do exactly what we want, when we want, where we want. We throw caution to the wind, we don’t use protection. We don’t need no protection. Malware is for other people.

And for many Mac users that’s the very reason why they own the computer they do. The Mac OS X operating system has been around since 2001 and there’s barely been a blip on the malware radar in all of that time. Sure there have been some proof of concept viruses, some high profile hacks and even the odd QuickTime bug or two. The fact that they're even newsworthy suggests they're the exception and not the rule.

The contrast between a Mac user's experience and the day-to-day malware misery Windows users are alleged to suffer from couldn’t be greater. Many Mac users are so convinced of their own security they don’t even bother with anti-virus software (‘waste of money’), or to turn on Mac OS X’s built-in firewall (it's switched off by default, alarmingly). There’s another reason: a sometimes justified suspicion of anything that sounds like Microsoft FUD.

Security through obscurity

FUD or Fear, Uncertainty and Doubt has been spread by Microsoft and its acolytes for years. The aim is to undermine confidence in those who even think about switching to platforms other than Windows. Only last year former Microsoft chairman Bill Gates said the only reason why there wasn’t any real malware on the Mac was because it wasn’t popular enough - the ‘security through obscurity’ theory. It’s FUD, of course, because the Mac is:

• Anything but obscure. Apple and its products have never had such a high profile - the iPod and iPhone, even the Mac itself have all made sure of that. Surely if hackers were going to target the Mac, they would have done so by now.
• The Mac’s market share may be small but it still accounts for millions of users - professional and consumer - worldwide.
• Hackers must surely relish the challenge of developing the first major piece of malware for the Mac - seven years on and still no real threats? Come on!
• Mac users will have you know that Mac OS X is built-on a Unix core and that Unix is inherently more secure than Windows. It’s why there are no viruses for Linux either. [Some Windows users will induce a feedback loop at this point, referring again to the ‘security through obscurity’ theory regarding Linux too.]

OK, so given that there are no viruses and the Mac is too ‘obscure’ to develop for, why do companies like Intego and Symantec continue to develop anti-virus and anti-malware products for the Mac. Could it be that:

• The FUD-spreaders are right? Hackers target the most popular platform because it enables them to spread their 'investment' more widely and so get the greater returns. Viruses - biological and technical - are easier to spread in a crowded space than one that’s more sparsely populated. As the Mac becomes more popular its users will become easier to target in this way. This is what Intego CEO Laurent Marteau had to say on this subject in February: "Given the types of attacks we have seen against Macs in recent times (such as the RSPlug Trojan Horse, which Intego discovered), it is clear that a new class of hackers are targeting the Mac."
• Smugness + ignorance = danger. Just because you think you're safe from malware it doesn’t follow that you are. The threat is changing all the time, and anyone who connects to the internet to browse the web, shop and send or receive emails from friends, family and colleagues is at risk. Remember malware isn't just limited to viruses and trojans. Phishing attacks and spam put everyone in danger.
• You're a malware carrier already, and don't even know it. You could be spreading viruses and other malware to others because you haven’t invested in any protection yourself. That could prove embarrassing, ruinous or both in a business relationship with your suppliers and clients. Your PC owning friends won’t thank you either.

The ‘What If’ scenario

Of course just because there is some malware for the Mac, it doesn’t figure that you will fall prey to it. Most malware seems to stem from BitTorrent sites or worse - and getting infected is unlikely unless you fall into some bad habits - the chief of which is complacency. But even if you do follow good practice, there is - in theory - still a threat.

It’s this ‘what if’ that Intego is leveraging here with Internet Security Barrier X5 Anti-Spam Edition (£74). It's a software bundle that brings together four separate applications - NetBarrier, VirusBarrier, Personal Antispam and Washing Machine - and claims to keep you and others safe. We’ll deal with each of its parts in turn:

NetBarrier - As its name suggests, this program helps beef up your Mac’s internet security, helping you configure your firewall, protect against trojans, and protect your privacy online. It also includes a suite of anti-vandal measures, including anti-spyware, plus Stop and Trusted Group lists that either allow or deny connections to your Mac from third parties.

Most Mac users will want to plump for one of the presets - Default (factory settings), Normal (fine for most users) and Strong (for the paranoid). You can configure any of these settings to suit your Mac set-up and how protected you want to feel. The Normal setting, for example, doesn’t automatically switch Trojan protection on, but you can opt to do so in the somewhat garish settings panel [pictured].

You’ll also notice a number of buttons running along the bottom of the settings panel - these are mini monitoring apps that enable you examine NetBarrier’s logs, plus information about your net traffic, wireless connections and services. You can also perform a who-is on domains, or ping an IP address. Some of it, frankly, is scary-looking stuff, with columns of mysterious numbers rolling down the screen (completely comprehensible to system admins, no doubt), while other stuff is fascinating: check out the VU meters on the Traffic pane.

VirusBarrier - The X5 version has made some most noticeable versions to its predecessor, not least a new, even more garish look - with more VU meters - that enables you to see how hard the program is working to protect you. You can set it up so it automatically scans new and existing files to viruses (the default Real-Time Scanner) or to only make it run at certain times of day. You can also choose what happens should it detect any infected files - warn you, place the file in quarantine, etc.

Getting VirusBarrier to search particular drives or folders is easy too - you simply press the Select button, a menu slickly glides into view with your options presented as icons - Hard Drives, Documents, Applications, Browse - and then you just fire away. Of course we couldn’t actually find any viruses on the Mac, but Intego also includes BitDefender 2008 for Windows - handy if using an Intel Mac to dual-boot between Mac OS X and Windows XP or Windows Vista. You can bet your life that’ll get some use.

Personal Antispam - Spam is the thing Mac and Windows users can agree on - we all get it, and some kind of spam filter is sensible. Both Mac OS X’s Mail and Microsoft’s Entourage for Mac have built-in Junk Mail filters - but they’re not as sophisticated as dedicated apps either from Intego, or rivals like C-Command, particularly when it comes to phishing attacks or recognising virus attachments.

Intego’s version has the usual features like a Whitelist and Blacklist for trusted or untrusted email sources, plus a lexical filter that automatically searches your email for the keywords or phrases that mark something out as spam. The program also enables you to automatically filter out emails with things like Cyrillic encodings or ADV subjects.

Like the other programs here, Personal Antispam comes with a one year subscription to Intego’s database. In this case this enables you to get not only updated software, but also to keep ahead of the latest spam trends - handy. We’ve been using the program for a few weeks now and it’s catching spam emails well. However it seems a lot more prone to error than C-Command’s excellent SpamSieve ($30 / £15), and so requires more time to train it.

Washing Machine - A separate, but subordinate part of NetBarrier, Washing Machine is a simple app that will wipe your web history, clean out your caches and cookies. You either do this manually or to a schedule that you can set. Obviously both Safari and Firefox have built-in methods for obfuscating your web habits - but Washing Machine has other uses: by flushing out some of the more populous caches, it should help keep your Mac running sweetly too.

Installation of the whole package was a breeze on our non FileVault encrypted Mac desktop, with Intego giving you the option to install just NetSecurity, just Personal Antispam or just VirusBarrier, or any combination of the three. You're prompted to install the package as it is or to connect to Intego’s servers for updated versions of each app, along with the necessary updates. We did hit a few problems running the program on a FileVault-encrypted MacBook Pro notebook however. Everything installed just fine and we were able to log-in to the encrypted account, but then everything froze with the ‘spinning beach ball of death’.

This forced us to reboot the Mac into Safe Mode (hold down the Shift key after you hear the startup chime) and uninstall the program. We narrowed it down to a problem with VirusBarrier - it obviously can’t detect viruses with encryption enabled - so it solves potential one security threat, only to cause another. Since there’s no mention of this in the user manual we were forced to remove the program entirely. At this stage in the Mac OS X’s life we consider the security risks posed by a stolen unencrypted laptop to be more serious than those posed by non-existent viruses.

Verdict

A great weapon to have in your armoury, especially given the growing threat of malware on the Mac. Properly configured NetBarrier and VirusBarrier are very useful, but we prefer C-Command’s SpamSieve to Personal Antispam when it comes to taking care of erroneous emails.

TechRadar score: 3.5 out of 5

Do you take Mac security seriously, or do you think we have nothing to worry about? Write in and let us know!