BETA
This is a BETA experience. You may opt-out by clicking here

More From Forbes

Edit Story

MacOS Is Not As Secure As Many People Believe

This article is more than 7 years old.

Credit: Apple/YouTube

Many people think the Mac operating system, MacOS, is more secure than it actually is. This wouldn’t be an issue if those people were all Windows users but many of them own Macs. Thomas Reed, the Director of Mac Offerings at Malwarebytes Labs, has written a useful and informative blog post that provides a balanced view of the strengths and weaknesses of security on the Mac.

Reed examines Mac security in terms of myths and realities. The most well-known myth is that Macs don’t get viruses. Reed points out that it’s true that Macs have no viruses if you go by the strict definition of a virus as a form of malware that spreads from one file to another. He also points out that by this strict definition other operating systems are largely virus-free as well because malware of this kind is virtually obsolete.

If someone understands “virus” in this limited way, there’s no harm and no foul if they believe their Mac has no viruses. The problem is that many people understand “virus” to mean any kind of malicious software. In other words, a lot of people equate “virus” with “malware” and if they do, they’re fooling themselves about malware on the Mac.

Credit: Apple/YouTube

Reed notes that “the average Mac user has never seen any malware" but this doesn't mean MacOS is malware-free.  MacOS has malware but there isn’t anywhere near as much of it as there is for Windows. The reason for this isn’t that Macs are more secure than Windows machines, it’s that MacOS has a tiny market share compared to Windows.

NetMarketShare estimates that all versions of MacOS taken together account for about 6.19% of the world market share for desktop operating systems. In contrast, the different versions of Windows hold 91.76% market share. If you’re going to write or deploy malware designed to wreak havoc or make money, are you going to target an operating system that’s installed on over 90% of the world’s desktops or one that’s on a bit more than 6%? It’s a no-brainer.

Some users might be tempted to rely on the Mac’s built-in anti-malware software, XProtect, for protection. This would be a mistake. XProtect works by detecting malware signatures on malicious apps. When an app is called, XProtect compares its signature with a list of signatures that Apple knows are malicious and the app doesn't launch if a match is found. One of the problems with this method is that XProtect is helpless against malicious apps that Apple doesn’t know about or hasn't added to XProtect's checklist.

Reed notes that a more serious limitation with XProtect is that it only protects against malware while most of the current security problems for Macs aren’t, strictly speaking, malware. They’re adware and PUPS (Potentially Unwanted Programs) which are usually nuisances rather than malicious security threats. Usually, but not always. In 2015 a vulnerability in a common Mac PUP called MacKeeper was used to deploy malware on Macs.

MacOS is not inherently safer than Windows although the dearth of malware written for Macs has reinforced the false perception that it is. Reed notes that malware, adware and PUP infections on Macs have exponentially increased since 2010 which is prima facie evidence that XProtect alone is an insufficient security solution.

If you use a Mac, adding an additional layer of security software is a good idea that's easy to implement. For example, Malwarebytes offers free protection with their Anti-Malware for Mac. Better safe today than sorry tomorrow.

Follow me on Twitter or LinkedInCheck out my website