Busting the Mac Myth

Almost every topic today seems to polarize the punters, but when it comes to Apple devices, the wider community seems united; Apple devices are impenetrable. While there’s no doubt that iPhones, iPads or Macbooks are generally more secure than alternatives, they are by no means bulletproof. 

Why is a Mac more secure than a PC?

At its core, Macs are more secure because they run on a Unix-based operating system which comes with its own built-in security features, on top of Apple’s own software which includes Gatekeeper (blocks unapproved software from running), Xprotect (always-on malware scanning tool), and App Sandbox. 

App Sandbox restricts software to only do what its supposed to, protecting data and other apps so that nothing can be damaged if trojanized software attempts actions other than its original purpose. 

All these protections are pre-installed and run in the background, so most users are unaware they even exist. This out-of-the box security is why Macs are generally more secure than PCs – Macs have security built into the system while most PCs require an individual download of each equivalent program.

That being said, Macs can still be hacked. 

Mac Hacks

Despite all the security features baked into Macs, hackers have still found ways past them. One recent example involved the trojanization of Elmedia Player, a MacOS video player, with Proton malware.

Default Mac security measures were unable to detect Proton malware, so it bypassed all the trigger and warning alerts. This strain was particularly concerning due to its ability to present a custom native window requesting personal information, including credit cards details, and its capacity to access iCloud accounts, even with 2FA enabled

Proton was so insidious that the only way for victims to rid themselves of the malware was a complete OS reinstallation.

But this wasn’t the only example of Mac-malware this year. Earlier in the year, ransomware dubbed ‘XAgent’ gave attackers powerful remote access features (keylogging, screenshot grabs, remote shell access, and file theft) over infected Mac machines. While the threat of this particular strain of malware looks to have passed (its command and control servers are offline and Xprotect was updated to block the malware), these two examples show hackers are always probing new ways to penetrate previously solid defences.

We all love our Macs but we have to remember they are not completely invincible. Apple does a good job staying aware of newly-discovered vulnerabilities and releasing software updates accordingly. The best thing Mac users can do (users of any device really) is to keep software up-to-date, applying patches as soon as possible after they’re released – a habit that shouldn’t polarize anybody. 

 


On 2017-11-15

Privacy Statement | Terms of Use