ZDNet’s Microsoft report has a hyped report today on malware hitting the Mac. This issue in this report is not a virus or a worm, but a trojan. A trojan does not exploit any security hole in Mac OS X, it relies on social engineering. This means that it tricks people into installing software that then does something to the computer. This trojan tricks you into thinking it is an “official update” when it is not. In this case the malware calls itself “Mac Defender” or “Mac Protector” when it is exactly the opposite to further confuse people.
One solution for Apple is that they may end up going to a completely App Store approach for installing software eventually for OS X. I suspect that Apple will start by making the App Store the default for software installation. Apple will likely leave an option for users to turn that off, perhaps in the Accounts section of System Preferences. This gives a compromise where people who need to do so can use whatever method they want to install Mac OS X software and naive users will be much more protected. Remember that 99% of computer users out there know very little about computers. They think a Computer Science degree or Computer Engineering degree means you “know how to fix computers” when it means nothing of the sort. Kind of like an “electrical engineer” can come and wire your house or a “mechanical engineer” knows how to fix your car. It is a question of lack of knowledge.
The question here is: how much do you protect users from their own naivety/credulity/stupidity (depending upon how you want to phrase it)? I believe that in the long term, like it or not, the trend will be that Mac OS X (and most operating systems) will migrate to the walled garden approach for just this reason.
In the mean time, some steps you should take to help keep your Mac safe from viruses, trojans, worms, and other malware:
1. You should never run as an “admin” account. This means that in the Accounts section of System Preferences your user should not have “Allow user to administer this computer” checked. You should have one account, perhaps named “admin”, that can administer your computer. Your regular account should not do so.
2. You should not type that “admin” account name and password in unless you are absolutely sure that you know why you are being asked to do so. For any trojan to be installed and infect your computer, you have to have typed in the admin name and admin password. And then the first time you launch it you have to click okay to launch something downloaded from the Internet.
3. Run software update automatically and frequently. Daily, automatic is best.
4. Do NOT click on unknown links in emails.
5. Do NOT open unknown email attachments.
6. Only download software from the Apple Mac OS X App store or from known, trusted websites.
7. Do NOT ignore warnings from Safari, Firefox or other browsers about sites that contain malware.
8. In Safari, turn OFF “open ‘safe’ files after downloading”.
9. Use HTTPS – secure encryption when possible.
10. Some anti-virus software to consider:
ClamXav is free anti-virus software (real anti-virus)
(* I use the word ‘virus’ in the title merely because most people do not know the difference between a virus, worm, trojan or other malware.)