In the last two articles, The Practical
Mac has explored both the legal and the technical aspects of
Internet and network security for businesses. Today, we take a look at
the issue of security for the home user.
For home users, there are two primary threats to security: hackers
and viruses. The only way to make a computer 100% secure against
outside threats such as viruses and hackers is to unplug it from the
network and telephone line and never load any programs on it from
sources such as floppy disks, Zip drives, or CDs.
Although these actions would achieve 100% security, they would also
pretty much defeat the purpose of having a computer. Fortunately, there
are a few simple, almost painless, steps the home user can take to make
their computer as safe from intrusion as it can possibly be.
Overview
The vast majority of viruses are written for the Windows platform.
There are a couple of reasons for this. The explanation most cited is
that "Windows users make up 90% of computer users, so virus programmers
direct their efforts to the platform where they can have the most
impact." While this is true to some extent, it ignores the second and
arguably more important reason: Windows has more security flaws and is
therefore an easier platform to hack.
Much the same argument can be made for thwarting would-be hackers.
Windows has more security holes and is easier to compromise. Even if a
Classic Mac OS system were compromised, few hackers would know what to
do in order to wreak havoc. However, if an OS X system is
compromised, the hacker would have access to BSD Unix, and many of them
would know exactly what to do to hit the system where it hurt.
So what is my initial threshold recommendation? Don't run Windows if
you don't have to. While this may seem simplistic, it can go a long way
toward maintaining a secure and healthy computing environment. It may
not be as difficult to achieve as you might believe.
For many years in the late 80s and early 90s, my primary computer
was a Mac. Over the next several years my computing habits devolved to
the point that I retired my last Mac to the closet in 1998 in favor of
a Windows-only platform. After less than two years I came to realize
exactly why I had never favored Windows before and bought another
Mac.
I initially had the same fears about software compatibility that I
often hear argued in opposition to the Mac. However, those fears were
soon found to be groundless. Most major, mainstream applications have
Mac versions. Those that don't generally have Mac equivalents. Today,
my primary computer is an iBook 466.
I am currently in a state of transition between jmy current
residence in Atlanta, GA, and my future residence in London, KY, about
a 4-hour drive away. I have a small apartment in Kentucky and go home
to Atlanta most weekends. When I am home on the weekends, I rarely even
fire up my trusty (and significantly upgraded) Power Mac 7500.
I honestly can't remember the last time I even booted my Athlon 750,
which runs Windows 2000. I built the Athlon system about 18 months ago
with the anticipation that it would replace my Cyrix 233 system (the
one which had replaced my last Mac). However, it was about this time
that I re-entered the Mac world, and the Athlon never had a chance. I
run Connectix' Virtual PC on my iBook in order to run a single Windows
program for which there is no Mac equivalent. This is actually a
Windows 3.1 program at that, and one that I can assure you is not in
widespread use.
My Mac "homecoming" has been the most pleasant experience since I
first discovered computers over 20 years ago!
Personal Firewall
I am often asked my friends and colleagues whether I think they
should run a personal firewall program at home. My answer is always,
"It depends."
If you are a home users who connects via dialup modem connection
for routine email and Web surfing, the answer is, "Probably not." This
sort of connection does not carry a high vulnerability risk. If you
have a second phone line (or don't mind tieing up your primary phone
line) and tend to stay connected for hours at a time, then the answer
becomes, "Maybe."
The longer you are connected, regardless of the method of
connection, the more your risk
When you are online, a hacker has to first find you and then explore
your vulnerabilities before they can even begin to try to gain access
to your computer. If you are connected only sporadically, for less than
an hour at a time, this process is almost impossible. The longer you
are connected, regardless of the method of connection, the more your
risk of becoming a hacker target increases.
If you are connected via cable modem, DSL, or some other
semi-permanent connection, then you probably do need a personal
firewall. However, just because you have a full-time Internet
connection does not mean that you automatically need a firewall. You
can only be hacked when your computer is turned on, even if your
connection is always on. If your computer is only on for an hour or so
at a time while you are checking email and surfing the Web, for
instance, then your risk is still low.
However, my advice is that it is always better to have something and
not need it than to need it and not have it. This is especially true
for firewalls. If you ever need one, the consequences of not having one
can be tremendous. Without digressing from the focus of this article
too much, let's just say that if you ever find yourself in this
situation, you should have your Mac system restore CD handy, as it may
very well be your only road to recovery.
There are a couple of good personal firewall products for Mac users:
Symantec's Norton Personal Firewall for Macintosh and Intego's Net
barrier. Symantec's product is currently fully Mac OS X
compatible; Intego's product promises an OS X version in fourth
quarter 2001, which is to say any day now. Both products give you basic
firewall protection, and each has its additional strengths. Norton's
features include:
- Protects TCP/IP and UDP connections
- Warns when AppleTalk is active and the computer is accessible over
a cable modem or local area network
- Notifies you when access is attempted
- Logs all denied and allowed accesses
- Lets you allow or deny access by service, by port, or by
address
- Includes built-in self-testing routines
- Can be updated automatically over the Internet with Symantec's
LiveUpdate technology
- Features a "Learn More" button for easy access to security
information on the Symantec web site
- Can be turned on and off from the Control Strip (except in OS X
version).
The Net barrier product's features include:
- Protects and monitors all incoming and outgoing data
- A customized mode allows you to create your own defense rules,
offering the most secure level of protection.
- Blocks all attempts to break into your Mac, detects wrong passwords
and logs vandal attacks for complete protection
- An alarm to inform you of every intrusion attempt
- Analyzes data as it leaves your computer and prevents unauthorized
exporting of private information such as credit card numbers,
passwords, sensitive data and more
- Gives you control over cookies, blocking ad banners and blocking
spam before you even download it
- Also helps cover your tracks, by refusing to give out certain
personal information
Both products are easily updated over the Internet. Either product
should provide more than adequate protection for the home user. One
nice feature of the Norton Web site is the
ability to run the "Symantec Security Check." This provides an online,
real-time security check of your computer against known vulnerabilites.
It takes only a couple of minutes to run and gives you a report of any
problems it finds. I ran it on my iBook using my dialup connection and
was happy to find that the program found no vulnerabilities. I highly
recommend you check out this feature. This knowledge could help you
decide whether you need to invest in a personal firewall product.
Anti-Virus Software
Unlike the personal firewall, there is no discussion necessary as to
whether you need anti-virus protection. The answer, regardless of your
situation, is, "Yes." Viruses are the single most common avenue of
compromise in computers. They can be acquired by downloading files from
the Internet, as attachments to email, or by loading an infected
program from CD, floppy, or other removable storage medium. Viruses can
range from simply bothersome to extremely destructive. Protection
against them is a necessity.
My personal favorite on the Macintosh platrom is Symantec's Norton
AntiVirus for Macintosh. It is easy to install and very easy to keep up
to date through Internet downloads. However, this is merely my personal
preference. Several other companies, such as Intego, Dr. Solomon, and
Sophos also have excellent virus protection products for the Mac. All
of the products do a great job of protecting your Mac from infection
and all can be updated through the Internet.
Remember: Your antivirus product is only as good as the last time it
was updated. You should check the website of your product manufacturer
at least once a week for updates and immediately install any you
find.
If you do not currently own antivirus software, you should purchase
it without delay and always keep it up to date! Your Mac will thank
you. 
