In the late 1980s when the scourge of computer viruses hitting popular home and small-business computing platforms was real, this issue was exposed across all of the platforms that were in use during that year. This encompassed Apple’s two desktop platforms i.e. the Apple II and the Macintosh; along with the Commodore Amiga, the Atari ST and, of course the MS-DOS-driven “IBM” platform. Of course, the computer magazines ran articles about this threat and how to protect against it and disinfect your computing environment from these software pests.
But through the 1990s, the Windows / DOS systems were the main malware target, especially the Windows 98 and XP systems that ran Internet Explorer due to their popularity. The other platforms weren’t targeted that much due to their lesser popularity in the field and the computer press didn’t touch on that issue much. It was also because some of these platforms like the Amiga and Atari ST weren’t being supported any more by their manufacturers.
But lately there has become a trend for people to hop from the Windows platform to the Macintosh platform due to reduced targeting by malware authors and the perceived hardening that Apple has done to this platform. This has been recently augmented by the popularity of the iOS mobile-computing devices i.e. the iPhone, iPod Touch and iPad as well as elegant computing devices available to this platform. All of these factors has led to an increased popularity of Apple Macintosh computers in the feild and they have become a target for malware authors.
But most Macintosh users run their computers with the Apple-authored Safari Web browser and are likely to implement Apple iWork or Microsoft Office productivity software. They also run these computers without any desktop-security or system-maintenance tools because they perceive that Apple has made the task of keeping these computers in ideal condition easier than with the Windows platform.
What can Macintosh users do
Macintosh users can harden their computers against malware by installing and keeping up-to-date a desktop security suite. A free example of this is the Avast program that has been recently ported to the Macintosh platform and another paid-for premium example is the Kaspersky desktop-security suite. These programs are, along with a system-maintenance suite like Norton Utilities, a must-have so you can keep these computers working in an ideal condition.
Another practice that I always encourage is to keep all the software on your Macintosh computer lock-step with the latest updates. This can also help with dealing with any bugs or stability issues that may affect how the software runs on your computer. Here, you may want to enable a fully-automatic update routine for security and other important updates or a semi-automatic routine where the Macintosh checks for these updates and draws your attention to any newly-available updates, that you then deploy.
It is also worth disabling Adobe Flash Player, Java and similar “all-platform runtime” environments if you don’t need to run them. There are many articles on the Web about this in response to the Flashback Trojan Horse. Otherwise make sure that the runtime environments are kept updated. Similarly, you may want to change your default Web browser to a purely-open-source browsers like Firefox or Chrome, which is more likely to be kept up-to-date against known bugs and weaknesses. This was also made easier with new-build installations of MacOS X Lion i.e. when you had a new Macintosh with this operating system “out of the box”. Prior operating systems had the Java runtime installed by default and this survived any operating-system upgrade.
What Apple needs to do
Apple needs to come down from its silver cloud and see the realities of what is involved with keeping a computer in good order. For example, they need to provide desktop-security and system-tuning tools so that users can keep their Macintosh computers in tip-top condition and free from malware. They also need to transparently and immediately implement all updates and upgrades that Oracle releases for the Java environment in to their distribution or allow Oracle to distribute the Java environment for the Macintosh platform.
As well, they need to take a leaf out of Microsoft’s book by implenenting a “default-standard-user” setup that has the user operating as a “desktop-user” privilege level by default. Then the user is asked if they want to go to an “administrator” privilege-level when they perform a task that requires this level and only for the duration of that task. This is important with home and small-business computer setups where there is typically only one fully-privileged user created for that system.
What the recent “Flashback” Trojan Horse has done is to bring the Apple Macintosh platform to a real level where issues concerning desktop security and system maintenance are as important for it as they are for other platforms.