Practical Paranoia

A reader, who shall remain nameless, and I have been around and around on this one. “Why,” I paraphrase his demands, “don’t you test each and every program you recommend for malware and spyware!?”

Um, for the same reason I don’t check for traces of chocolate pudding — because such things (in the form associated with adware and spyware on Windows) doesn’t currently exist on the Mac?

It’s not just this reader. With all the reports of adware and spyware flying around the Internet, Mac users wonder if they’re at risk. As I write this, the answer is a provisional no. Does this mean that someone can’t monitor your activities without you knowing about it? Again, no. But there’s a difference between what’s happening in the Windows world and what’s possible on the Mac.

Windows users are routinely plagued by programs and exploits that perform such unsavory stunts as hijacking a web browser to an undesired site, stealing passwords, capturing keystrokes and screen shots, and blasting ads across the PCs screen, instant messaging client, and web browser. These cooties are often contained within innocent-looking programs that are downloaded from the Web.

Currently Mac users aren’t subject to these exploits as they’re Windows-only applications. That doesn’t mean such vileware won’t eventually appear on the Mac, only that it’s currently not a problem.

Exploits such as OPENER do exist that can log your keystrokes, decrypt and steal your passwords, and generally be a nuisance. However, these exploits can currently be installed only by someone who has control over your computer, either locally or via an open remote port.

Is this something to lose sleep over? That depends entirely on who has access to your Mac. If it’s a one-person machine and you’re surrounded by nothing but upstanding individuals, you’re in good shape.

If your Mac is open to anyone who happens to waltz by, it makes sense to take precautions, many of which can be found in Panther’s Security system preference. For example, enable the Require Password to Wake This Computer From Sleep or Screen Saver option. Configuring this same system preference to log out after a period of inactivity is another good idea as is enabling the Disable Automatic Login option. Also, before leaving your computer, use fast user switching to switch to an account that doesn’t have Administrator privileges. Finally, disable any ports that may allow someone to control your Mac remotely.

While there’s no future in complacency, having a reasonable notion of your computer’s vulnerabilities will provide you time to ponder life’s real worries.

Shop Tech Products at Amazon