Security
Hi,
I'm brand new to these forums and while browsing I came across this thread and while most points would be very helpful to a new Mac user, I felt a need to post because something caught my eye I felt needed to be addressed.
I'm referring to point number 4 in chas' post - "I know it's hard to believe, but security is handled, and its a non-issue to you.". Hardly sage advice, from my point of view.
As a computer scientist who has specializes in Information Security I can tell you, without a doubt, that security is NEVER a non-issue, for anyone. Regardless of age, experience, or operating system, as long as you are connected to the internet you are at risk.
The attitude of security being a "non-issue" is a very common one among Mac users and it is one that is come by honestly. Chas is correct, your computer does ship in stealth mode, which basically acts as a virtual firewall - anything that tries to communicate from the internet without you being the initiator receives no response from your machine. Apple also has a fairly wide range of built-in security features, including a limited malware detector, which are turned on by default. As such, many users know nothing about these security measures and so think that they are simply bullet-proof when it is simply not the case.
Chas is also correct in that malware of the Mac-targeting the variety is in relatively short supply. The chief reason for this is that Apple's operating system has been a relatively small part of the market share up until the last few years, rising to about 10% sometime last year. The people who write malware are generally after your computer, usually to use it as a part of a botnet to send out Viagra (or something) spam to other people in order to make money. So an OS that takes up that little of the market is not worthwhile. But, think of this: OSX rose to 10% of that share last year and will undoubtedly continue to rise. How long until it becomes an attractive target? What then? The stuff that is out there which targets Mac's right now is not all "non-critical" either, take this recently discovered trojan:
New Mac Trojan horse masquerades as virus scanner | Antivirus & Security | MacUser | Macworld
It's also untrue that you'll only get these type of things from downloading "porn codecs" and pirated material and that a virus will have a "snowball's chance" of reaching you (for a virus to known about, someone is usually infected with it first, and equal odds that person is you). While chas is right that many of these malicious programs rely on tricking the user (such is the case for Windows malware too), it does not mean that it relies on you being stupid, merely unedcated. Maybe you opened an email sent by someone you know with strange subject line, or maybe you accidentally clicked inside a pop-up while attempting to close it. That's all it would take. Don't believe me? Check out the Pwn2Own competition held every year for the past few:
Pwn2Own - Wikipedia, the free encyclopedia
If you don't believe Wikipedia (I don't blame you) there are many other reputable sources who print the results. As you can see, OSX/Safari isn't spared from intrusion by any means.
Now don't get me wrong, I'm not calling chas down, he gives some good advice. I only think that the attitude of security being a non-issue is a dangerous one. And I'm also not saying you should be terrified while on your computer. What I'm trying to do is make sure people have the right attitude and are at least somewhat educated, because as any security professional will tell you, the uneducated user is always the weakest link.
Cheers,
infosec