How do I keep my Mac secure?

Keep your hands off my Mac!
For over 15 years we Mac-users could feel ourselves safe and secure. But these times have ended
The Mac has come into the view of nasty people and criminals who make malware.
This means your Mac can get infected with a program that is designed to tease and annoy you or bring harm to your Mac or your bank account. So it's important to know a thing or two about this.

Nasty software, what is that?
There are a few kinds of 'dirty' software (randomly named):
Malware: software that confuses your Mac system. Is installed without knowledge of the user (Trojan Horse), or invades your Mac through existing leaks in some software. For example: leaks in Flash or Java.
Malware is the collective term for all existing nasty software.
Adware: software that shows you advertisement. Example: Genieo.
Ransomware: installs itself without your knowledge and encrypts all your files. You have to pay a certain amount to get the key to release them agan. For example: Wannacry-worm (Windows only).
Virus: a virus is a contagious piece of software that installs itself without the user ever doing a thing. Fortunately, we haven't found this on MacOS.
Worm: a form of malware that uses a network to spread itself. For example: the world wide WanaCry-ransomware infection of May 2017. It makes use of port 245 (used by the SMB network protocol) to infect Windows systems who weren't updated.
Note: Mac and Linux users aren't vulnerable.
Scareware or Rogueware:only tries to scare you, but is still nasty and dangerous. Mostly you see an advertisement that appears like MacOS is telling you your Mac is infected and should be cleaned. For example: MacKeeper and CleanMyMac. You could place this in the Malware category too.

Finally: no 'dirty software' but a very important one, maybe even the most important safety issue:
Phishing: use email or phone (SMS, WhatsApp) to fake a bank, webstore, Apple itself and try to lure the user to log in onto a fake website.
For example: "the Fappening".






Some basic rules for working with the Mac in a secure way:

Rule number 1: keep yourself informed.
A virus build for Mac OS will be world news. You can expect that random news sources will easily adapt wrong or exaggerated stories about the Mac. Apple is click bait!

Read your information in the right place
Instead of 'usual' news sites you better keep an eye on Mac specific news sites as Macintouch.com, Macworld.com or even IT news sites as Slashdot.org. For the relevant news about the Mac!

Rule 1a:
Keep your system updated to the latest Mac OS version

2. Advertisements who pronounce your Mac has to be cleaned or relieved from malware: all bullshit. Don't buy it!

These advertisements get more and more advanced. They even use spoken words to inform you that your Mac is filled with virusses and needs to be cleaned... duh.
Or the present you with a very real looking website that looks exactly like your MacOS. In the upper right of the screen messages appear just like the real thing.
These messsages tell you there's malware on your Mac and you should do something about it. And they will help you.
Don't be fooled! It is all fake!


Don't click the 'scanning' button!!

- Never use an email to visit a link to a financial website (bank, PayPal, eBay, iCloud etcetera) or a website where you are supposed to log on to do a financial transaction or find other private stuff.

- Don't let yourself be lured by advertisement who say your Mac needs to be cleaned. Here's a good website with facts about the 'dirty Mac' :http://www.thesafemac.com/the-myth-of-the-dirty-mac/

-
Use legal software. The best ways to download your software securely are the App Store and directly from the manufacturer's website.

- Keep your system updated to the latest Mac OS version and your software too. MacOS and most programs have an automatic update function. Use it and don't be fooled by fake update messages in your browser. Use the developers website and Apple's own update program the App Store.

- Don't use Flash. Filled with leaks so a huge security risk.

- Be careful using Java. Keep it updated in case you are obliged to use it.

- Use different passwords for all the accounts you have like email, Facebook, Mac OS, etcetera. You better write them down somewhere too. You should also change them on a regular basis.
NOTE: a well chosen password has also numbers and special characters on board.
NOTE: in case you use the automatic password generator in Safari, that's fine. But MacMiep does advise you to write them down somewere safe.


- In Safari 's Preferences, at Security, keep the "Warn by visiting fraude websites" on.

- In Safari, at the Preferences, keep at Security the "Warn when visiting a fraudulent website" checked on!



- Never open unknown files you get through email. First check if their source is to be trusted.

- Only install Java when you explicitly need it (more about Java later).
- Don't install Flash, it's obsolete and quite leaky
SWITCH-TIP
Don’t panic
- This tip is for the Switchers: DO NOT PANIC! Don't think of a virus or Trojan when your Mac is in trouble. Also realize that even a computer as safe as a Mac is not totally on-vulnerable. Every program contains programing errors. That's because programers are only human.



- And finally: never enter your Administrator password without thinking first.

Do I really need this?


What does Apple do to keep my Mac secure?
Your Mac has S.I.P. on board: "System Integrety Protection" (from MacOS 10.13 El Capitain).
this means that the 'root' account is being limited and the most importand system files are read-only.
Normally, the root user is the most important and powerful user on a UNIX system.
Apple has decided to limit this root account. This protects the standard software and the folders: /System, /usr, /bin, /sbin and /var. Those folders are closed of.

In normal language?
You can't install any unnown software. Only certified software is allowed to be installed. This means sofware from the App Store or from developers that are known to Apple.
You can avoid this, see the Software tips chapter for this.
You can also turn of S.I.P.

- Secure your Mac against attacks from the outside - the Firewall.

What is a Firewall?
A computer in a network communicates with other computers through so-called 'Ports'.
Every port has a number. Some port numbers are reserved to certain protocols and programs. Traffic on the Internet, for example, goes through port 80, Email port 25 and FTP port 21.
Ports who are not used (thousands) can be miss used by hackers and Worms. So it is obvious that you should close those ports. This is what a Firewall does.
A Firewall is a piece of software (or sometimes hardware) that lets the computer use only those ports its user approves of.

The build-in Firewall in Mac OS
There's a Firewall in Mac OS. Go to System Preferences => Security & Privacy. Turn on the Firewall at 'Firewall':




Editing the Firewall at 'Advanced'
Experienced users can edit the Firewall by clicking the + button. This can be useful to specific P2P programs or other server programs.

Get an insight in what's open
You also can see here what software needs what ports to be open. Most software 'calls home' to check on legality and updates.

Stealth mode

At' Advanced' you can also choose to go Stealth:



NOTE: Most internet modems and routers do have a firewall a board. Often it can be configured through a webpage. Please read the user manual or your modem / router.

Malware: Trojans

Since Mac OS was introduced in 2001, a few so-called 'Trojans' have been created.
A Trojan is software that secretly installs itself during a normal software installation by the User.
Most Trojans hide themselves in illegally aqquired software. You do need to give an administrator password at installation, and this way the Trojan gets into your Macs system. This way the name 'Trojan' suits. The Trojans opened the door and let the Greeks in themselves, remember!

App Store is allways OK
Use the App Store for getting your software and in case the app isn't in the App Store: visit the manufacturer's website. Use Apple certified software. Don't use other websites with software collections. They're not safe!

Websites who serve malware
The website itself can be completely kosher, but can be infected with malware without the webmaster's knowledge.
For example advertisements on the website can be infected.
Fortunately for us, those advertisements that serve malware are mostly intended for Windows users only. But the increasing popularity of the MacOS platform makes that we are vulnerable too.

As soon as you download software that isn't certified, you'll get this pop-up:



Removing Malware or Adware
In case you are unlucky, a nasty website can serve you with dirty software. Use the Malwarebytes program to remove this from your Mac and use it to check your Mac for infections.

Anti-virus software
Manufacturers of anti-virus software for Windows see a new market. They jump on the growing popularity of the Mac and make use of the many switchers from Windows to Mac.
Often, this software is made poorly due to lack of experience with the MacOS platform. It makes your Mac slow. It's better not to let these programs in the background, but regularly use them to check your Mac by hand. It is possible you'll find a Windows virus too!

Phishing
Almost dayly I get emails telling me my credit card has been revoked, a new security update has taken place at my bank, a new card is ready for me... and they ask me to log on to my bank's website to take care of it.
These emails look very real...
This is called Phishing.

Downloaded software popup
As soon as you start up a downloaded program, Mac OS will give you notice that it's a downloaded program. So you can check whether you really want this program. Are you in doubt? Don't open the software and check your sources!



App Store is always ok
You should download as much software as you can through the App Store. This is not only easy, but also secure.
The same goes for certified developers, although a certificate is not very expensive and can be mis-used. But in that case, as soon as Apple finds out, the developer's certificate is kicked out. It's a pretty good system.

Other good download sources
Always use the manufacturer's website to get your software.

Malware notification

It might be possible you get a popup like this:



Mac OS found Malware on your Mac. Throw it away immediately and empty your Trash also immediately !



Malicious websites
Safari keeps an eye on what websites are malicious. This information is automatically updated to your Mac, als long as you keep the default settings of Software Update on..

NOTE: Please realize that there always is some time between they find out about a bad website and the update.

Also Google warns you for malicious websites:




Scareware (= just to make you scared)
It might be possible that some day you enter a website and get popups like this:








They assure you that something's wrong with your Mac and keep insisting when you want to leave the webpage... oh oh...
Off course the website offers you nice software you can use to clean and repair your Mac. Well, that sounds really sweet... but are they really that nice and is my Mac really infected or damaged??

NOPE.

Don't buy this kind of crap. It's all fake and their only goal is to make you scared and run their program and then get your credit card data and so on.
People who do this should be spanked!

Malicious websites, part two
It doesn't need to be the website itself that is malicious. Sometimes a banner can contain malicious software, or the website was hacked without the owner knowing this.

NOTE: Most of the time this kind of malware is aimed at our Windows friends. But beware, the increasing popularity of the Mac also makes us vulnerable.

Pay attention!

Scareware or ransomware
You could also get a message like this. It's fake! Do not pay attention to it and leave the page or quit Safari.




Phishing

Regularly, I get emails that ask me to check my bank account, take part in a security update, log in into iTunes or PayPal... blah-blah-blah. Sometimes the Dutch is very bad, sometimes the email looks as real as if it came from my bank.
These kind of emails are called ‘Phishing mails’. The link(s) in these emails lead to a fake website that looks like it's the real one. DON'T GET FOOLED BY THIS.
Apple explains how to recognize their legitimate emails: https://support.apple.com/en-gb/HT201679




WARNING
Never use a link in an email to visit the website of your bank, PayPal, iTunes, or any website that has to do with logging in and paying money.


Tips against fake internet addresses in Safari
-
Never use a link in an email to go to a website
- Pay attention to the address at the top of your browser. .
- Check if the site's name is in green characters in the address bar with a key chain included.



NOTE: This key chain means that there's a secure connection between your Mac and the bank. It's called a HTTPS connection. This way, your communication can't be read by someone else. NSA excluded...

- When you are sure that you are at the right website, make a Bookmark. From now on, always use this bookmark to visit the site. Now you are sure that you'll end at the right website (at least when you did it right the first time).

Extra security software
ING distributes a program called Trusteer Rapport against Trojans and other Malware. It's a browser plug-in that monitors your website connections and warns you if anything's not right.

Anti-virus software
MacMiep never has used a anti-virus program since Mac OS was introduced (2001). As there still are no viruses (spontaneous spreading malware with no need of user aprovement) for Mac OS, she wouldn't advise one too.
MacMiep does use Malwarebytes as a precaution. She tests her Mac weekly for malware. Never found any btw.


TIP
Other kinds of security software
Since the launch of the first Mac Trojan software, MacMiep uses Little Snitch.

What does Little Snitch?

Little Snitch keeps an eye on all your in- and outgoing network traffic. There's no program or other thing that Little Snitch doesn't see. It will immediately tell you about the attempt. Then it's to the user to refuse the connection or allow it. And this you have to do often, at least in the beginning!



And this is also the reason MacMiep wouldn't recommend this program to beginners. Because Little Snitch sees it ALL. And because most pop ups are not clear what or why this connection is being asked, it's not for newbies. Automatically clicking 'Allow' isn't a good idea.

TIP
Java

This is a language in which certain operating system neutral programs are being written.
Problem with Java is, that it contains a lot of security issues. So only install Java in case you can't use another program. Download Java from Java.com

TIP
Turn off Java in Safari

During surfing the internet, most of the time you don't need Java (Java is NOT the same as JavaScript!!). It's wise to turn it off. Go to Safari menu=> Preferences => Security.



TIP
Turn off Java

Go to Applications => Utilities => Java-preferences.

Removing Java
java.com

TIP
Heavy duty security for your Mac
There is a way to completely close your Mac for others. This goes deeper than the login system of Mac OS. It's the Firmware password. With this, you make your Mac unusable for anybody who doesn't know the password. You have to login even before Mac OS is booting up. This is because the password is stored into a chip on the motherboard. In the hardware of your Mac.
Lost your password? No help available.


TIP
Installing Firmware password on a Mac

Boot from the Recovery partition*.
Choose in the Utilities menu => Firmware Password Utility.
*This is explained in the HELP! chapter.



Without a firmware password, your Mac won't work at all.




What if my Mac get stolen?
Let's be honest, a Mac is a favorite for thieves. A program that might help you in case your Mac gets stolen, is Undercover from the Belgium company Orbicule. They can trace your stolen Mac, but also let the build in webcam make pictures of the thief. Eventually, the Mac is made in-usable and the thief has to take it to a dealer to get it repaired.
Undercover is also available for iPhones and iPads.



Lock your Mac

All Mac's have a special hole in them where you can attach a computer security cable. This won't prevent your Mac being stolen, with blunt force a cable like this won't stand, but at least the Mac will be damaged at the outside. It will be clear that the Mac has been stolen.


Take a cat!
Cat's are very protective regarding their owner's Macs. And they are armed!

Tippy is proudly watching over his Grandpa's MacBook...

Disclaimer: MacMiep is independent. This means she writes what she wants, based on 25+ years of Mac-experience. She doesn't get paid for stories (positive or negative) on this website.