Long time Mac-baiter Lance Ulanoff says it’s not Macs that need security software (drumroll please)…it’s Mac users. That’s right folks, Artie MacStrawman is just a poor country bumpkin who knows nothing about dangers of the Internet.
Here’s the thing about strawmen, though: they burn up real nice.
Mac users need security software, too.Who are these people? Where does one find them? Maybe it’s those same people who go to oxygen bars and drink fancy bottled waters and have weekend quail-shooting parties before jetting off to some balmy Caribbean island where they play shuffleboard and laugh about how they don’t need security software.Oh, I know: Mac lovers will respond to this statement by puffing up their chests, raising their chins and sniffing, “Ha, my Mac always has been and always will be virus free. I don’t need no stinking security software.”
Ah, but you do, folks. You really do.
Oh wait, I just made those people up.
I believe I’ve made my point.
Unless someone can prove otherwise, I contend that the average Mac user is no smarter than the average Windows PC user, which means that Apple PC owners — Mac lovers — are just as susceptible to phishing scams as anyone running Windows XP, 2000 or Vista.Sure, phishing is a big risk to all computer users out there. I really don’t see a reason why we need to point the finger at Mac users, though. I mean, you’re kind of crowing about it like you’ve been looking for the chink in Mac users’ armor for years. Tell me: did they laugh at you at the academy? Call you mad? Mad, I tell you?The whooshing sound you hear is that of a million Mac-o-philes’ chests deflating.
And no, I can’t prove that Mac users are smarter than PC users, but I will say that I own a machine—several machines, in fact—which have never had a virus, Trojan, or been hacked in any way. And, no, I don’t run anti-virus software. Or anti-phishing software. Does that make me smarter than you? Does writing a column based on logical fallacies make you smarter than a fifth grader? Alas, I suppose we can’t prove any of these things.
We’ve all seen these fake messages — Windows and Mac users alike. No one is immune.Wait, let me make sure I’ve gotten this straight. I’m supposed to put all of my vital information into one program, which will then decide—based on ultra-reliable information like IP addresses, URLs, and “some heuristic identification”—whether or not to give that information out?Actually, that’s not true. People smart enough to run security software suites will find they’re pretty well protected, thanks to the suite’s built-in antiphishing features.
These utilities can automatically detect phish mail based on the IP address or the actual URL, and even through some heuristic identification.
They often have tools that will prevent you from giving out personal information, such as your Social Security number, credit card info, PIN numbers, user names and passwords and even your home address.
You simply enter this information into the application, along with the actual URLs that should have access to this info, and then the suite does all of the blocking and tackling.
I love this idea. And let me tell you why: it seems like a huge fricking security risk to me. What if that software—dramatic music—gets hacked? It’s like putting all of my important papers in a manila folder on my desk, instead of, say, a safe-deposit box, and then hoping really hard that my house doesn’t burn down.
It will even extend these capabilities to casual use scenarios, including instant messaging.Okay, if an instant message window pops up on your computer, with a screenname you’ve never seen, asks for your Social Security Number and you give it to them, then frankly you didn’t deserve that identity in the first place.Instant-message bots can easily appear and ask for personal info, as can less-than-trustworthy characters who want to know exactly where your children live. Security suites can get in the middle of this, too.
Mac users are human, aren’t they? So how could their computers not be at risk? And what protects them?Uh, yes. That actually is kind of a good idea. It’s kind of like teaching children the fundamentals of math instead of just handing them a calculator and putting them to work at an accounting firm.If they listen to most tech magazines, pundits, and other Macophiles — nothing.
These guys tell Mac users that one good reason to buy a Mac — instead of a PC — is that you don’t need to waste money on security software.
In other words, Mac users have no security software installed and protect themselves by using nothing but good, old-fashioned common sense.
What a brilliant idea.
The point is not always to fight technology with more technology, because the people who are trying to game the system will always win. Why? For one reason, because they’re arguably more clever than the people making the protective technology, but more to the point, they’re more driven. They make metric tons more money than the security software companies, and they do it without much effort.
Think about this: Over the past several years, we’ve seen more and more anti-spam software. Anybody noticed the spammers giving up? No. What do they do? They come up with ways around the filters. Phishers will do the exact same thing, which is why the only thing you can really do is educate people about the kind of threats they face and how to avoid being taken advantage of.
But saying that security software will solve the problem of phishing? That’s exactly the sort of smug complacency you’re accusing Mac users of having.
Finally, I have to note that despite the fact that Mr. Ulanoff spends much time lauding anti-phishing software, he doesn’t recommend even one piece of such software for the Mac. Instead, he just jumps up and down, shouting “Nah nah nah nah, you’re stupid because you don’t use any security software, and I’m not going to tell you where to get any!”
Most constructive. Anyway, if you think you might want security software, it is available for the Mac. Honestly, I think you’ll get more mileage out of using that not-to-be-trifled-with common sense and being careful about providing your sensitive information if you’re not sure about a website or email. Regardless of whether we use a Mac or PC, that’s one thing we should all be smart about.
[hat tip: reader Skip]
Security software will not protect users from their own stupidity. The first line of defense is your common sense. Security software is going to be at least 24 hours behind any new forms of exploits. So if you have no common sense, you'll find yourself in trouble some day.
As mac users we have to remember to use our common sense to enjoy our yet mostly "unhacked" community.
Very well written reply. Kudos to the Macuser team.
Hey!! Super-very-well-written reply to Mr. Ulanoff!!
Dan you're the man! Uh? a rime! jajaja
Mexican 21 year old Mac user who totally agrees with you!
uhmm.. My english is not very good I think... But I read MacUser every day as it is my homepage =D
Cheers to mac users around the globe!
What exactly IS an "Apple PC owner"?
If you go back through MacUser posts about Mac virii and security exploits then I can understand why Lance Ulanoff gets that perception.
On the flip-side, it's this comment that shows me that there's some promise in the Mac community:
"Honestly, I think you'll get more mileage out of using that not-to-be-trifled-with common sense and being careful about providing your sensitive information if you're not sure about a website or email. Regardless of whether we use a Mac or PC, that's one thing we should all be smart about."
@tayker, I can see from your comments that you consider yourself apart from the Mac community, which might explain why you aren't aware that MacUser (and its parent site) have repeatedly reminded readers that a little common sense is the best protection.
Doesn't explain why you think virii is a word though.
Every Mac user, or, at least, everyone who chose the Mac, has to be considered smarter than the average wind.. user just because of her/his choice!
That said, no external measure can compensate for human stupidity and in many cases the attempt to make something extra-safe causes more actual damage than the danger it should fight.
From a pragmatic point of view, one cannot hope that Mac OS X will stay almost malware-free forever, but, for the time being, the sheer fact that many Mac users can do without antivirus sw, etc. is unmistakable evidence of a clear difference in security among computer platforms.
It would seem that Mac users are indeed smarter than windows users.
It would seem that Mac users are indeed smarter than windows users.
Here's a simple fact: In the last decade, a Mac user using anti-virus software has had more issues with his computer than a Mac user not running anti-virus software.
Anti-virus software is by definition a resource hog; in addition, most anti-virus apps are buggy and tend to create issues with your system. Exactly the kinds of issues viruses would cause if you got them; replacing a potential issue with a certain issue seems like a bad trade-off to me.
There are a bunch of simple things anyone can do to make sure he gets no viruses. Running anti-virus software is not one of them.
There is no way to protect users from their own stupidity.
Suppose someone creates a hard drive eraser. It is named "hard drive eraser", has a UI with a great big warning saying "if you click this button, your hard drive will be erased", and even asks for two or three "are you sure" confirmations before erasing the user's hard drive.
What do you think would happen if such a program would be posted to a newsgroup or other public place? I can guarantee you that there would be people dumb enough to run it, click the button, click through all of the confirmations, and then get all indignant when they find that their hard drive is erased (with no backup, of course.)
And so-called security experts would classify it as malware and claim that Mac users need a massively expensive and intrusive software package to detect and block its execution.
This kind of protection I don't need.
"You simply enter this information into the application, along with the actual URLs that should have access to this info, and then the suite does all of the blocking and tackling."
So, you could pay for a piece of software that needs you to tell it which sites can have your SSN, PIN, address, etc.? Here's an idea; if you already know which sites can have it, then only give it to those sites. Please tell me the vendors of these programs aren't making money off them.
@Dave-O:
1. I consider myself a computer enthusiast and align myself with no one. As I've said in comments on other posts, I think each platform has its strengths and weaknesses and I don't see one better than the other.
2. There have been posts on here that have downplayed security, as well as little digs at Windows. I could've posted links about how Vista and XP combined only had 23 security vulnerabilities and Mac OS X had over a hundred (234?), but instead I posted my thoughts on things and applauded the new change. It sucks to have one mentality, be smug, and then have all that smugness wiped away and leaving one feeling like an idiot, I should know. After that fanbois get on some Bush-like trip to save face by degrading the other person, like a 12yo playing Halo online, when owning up is the most mature thing a person can do, again, I should know.
3. http://www.reference.com/search?r=13&q=Virii
"In the English language, the standard plural of virus is viruses. This is the most frequently occurring form of the plural, and refers to both a biological virus and a computer virus.
The less frequent variations viri and virii are virtually unknown in edited prose, and no major dictionary recognizes them as alternative forms. Their occurrence can be variously attributed to hypercorrection formed by analogy to Latin plurals such as alumni or false analogy to Latin plurals such as radii; idiosyncratic use as jargon among a group, such as computer hackers; and deliberate word play, such as on BBSs (see, e.g.: leet)."
@tayker
"I could've posted links about how Vista and XP combined only had 23 security vulnerabilities and Mac OS X had over a hundred (234?), but instead I posted my thoughts on things and applauded the new change."
Had? I thought it was that Vista "addressed" or "fixed" only 23 vulnerabilities and OS X "addressed or fixed" 234.
Which one is safer? The one that fixed less or the one that fixed more in updates?
Seems to me I remember a couple prominent Mac bloggers showing that the old "OMG XP AND VISTA WERE SOOPAR SECURE IN 2007" nonsense was, well, just that: nonsense. A bunch of mis-represented figures grabbed haphazardly and with little research. Which seems to be the usual modus operandi when it comes to Mac-haters trying to deflate the Mac security argument.
I believe common sense is a good thing, and there is little defense against phishing besides increased computer and Internet literacy, but honestly folks... the barn is not on fire. It's not even smoking a little bit.