There has been a lot of talk in the press recently about how secure Mac OS X really is and how much Mac users have to be concerned about security. While Apple said they are very serious about security concerns, Mac users, for the most part, have been unaffected.
“Proof of concepts are out there but end users have not been affected by exploits in the wild the way they typically are with some other platforms,” Bud Tribble, Apple’s vice president of Software Technology, told Macworld. “It’s never good to say don’t be concerned about security, however, the actual effects on users of our platform are minimal.”
Tribble — who worked for Apple as manager of the original Macintosh Software team where he helped to design the Mac OS — said often times there is more to the story than what is originally reported by the press.
One such incident happened earlier this month when a Swedish man set up his Mac mini as a server and invited people to try to break into the system and gain root control. Within hours of the challenge going live, it was over, as a hacker gained root control of the Mac mini.
What was not initially reported, however, was that anyone that wanted to hack the machine was given access to the computer through a local account (which could be accessed via SSH), so the Mac mini wasn’t hacked from outside — root access was actually gained from a local user account.
“There is certainly a tendency to make news out of every potential exploit on the Mac simply because it is more unusual than on some other platforms,” said Tribble. “A lot of times when you look behind the news, it is a little bit of a stretch.”
That said Apple does fix security issues in Mac OS X whenever they arise, but most times, these are before the issues are even known publicly.
“These updates tend to be more preventative,” said Tribble. “They aren’t exploits in the wild that you are actively trying to prevent. Users should never be complacent about security – we aren’t here. We are extremely proactive in paying attention to these things and eliminating them when we find them.”
Many Mac users openly boast about the lack of antivirus and security software they use on their computers because the Mac is a safe platform. Apple points out that a lot of security measures are looked after for the users, so even the most inexperienced computer user can feel safe when using a Mac.
“We actually build a lot of security functionality into Mac OS X including things like download validation, flagging junk mail, making sure the ports are turned off, and we have a firewall there if you need it. There are a lot of things we do,” said Tribble.