Tech shorts: Boosting security for Mac users


Posted at May 18 2012 01:42 PM | Updated as of May 18 2012 09:43 PM

MANILA, Philippines – Security software firm Kaspersky Lab gave 10 tips for securing laptops and desktop computers running on Apple’s Mac operating system, following recent malware attacks on the said devices.

Kaspersky Lab security expert Costin Raiu said such attacks are likely to happen in the following months as cybercriminals take advantage of outdated software and the user’s lack of awareness.

“If you follow these steps, keep everything updated and be aware of these attacks, your chances of becoming yet another random victim will be greatly diminished,” Raiu said in a statement.

Here are Kaspersky Lab’s ten tips for boosting security for Mac users. These are not endorsed by

1. Create a non-admin account for everyday activities

Create a non-admin user where you can only log as an administrator when you need to perform administrative tasks. This greatly helps limit the damage from zero-day threats and drive-by malware attacks.

2. Use a web browser that contains a sandbox and has a solid track record of fixing security issues in a prompt manner

Google Chrome is updated more often than Apple’s built-in Safari browser. Google Chrome also comes with a sandboxed version of Flash Player that puts up a significant roadblock for malicious exploits. It also has a silent, automatic update mechanism that removes the burden of patching security vulnerabilities.

3. Uninstall the standalone Flash Player

Adobe’s Flash Player has been a common target for hackers as it allows them to take complete control over target computers. Removing it will significantly lessen security risks.

4. Solve the Java problem

Java is also a preferred target for exploit writers looking to plant malware on your machine. It is recommended to have it completely uninstalled.

5. Run “Software Update” and patch the machine promptly when updates are available

Many of the recent attacks against Mac OS X took advantage of old or outdated software. Commonly exploited suites include Microsoft Office, Adobe Reader/Acrobat, and Oracle’s Java. It is recommended to update to 2011 as soon as possible. Be sure to apply the fixes and reboot the machine when necessary.

6. Use a password manager to help cope with phishing attacks

Mac comes with a built-in password manager, the “Keychain,” which generates unique and strong passphrases for a device’s resources. Whenever the cybercriminals manage to compromise one account, they will immediately try the same password everywhere – Gmail, Facebook, eBay, PayPal and so on. Hence, having a unique strong password on each resource is a huge boost to your online security.

7. Disable IPv6, AirPort and Bluetooth when not needed

Turn off connectivity services when not in use, or when not required. These include IPv6, AirPort and Bluetooth – three services that can be used as entry points for hacker attacks.

8. Enable full disk encryption (Mac OS X 10.7+) or FileVault

In Mac OS X Lion, Apple updated their encryption solution (FileVault) and added full disk encryption. Now known as “FileVault 2,” this has the advantage of securing the entire disk instead of just your home folder and can be very useful if your laptop gets stolen.

9. Upgrade Adobe Reader to version ‘10’ or later

Adobe Reader is also a preferred target of cybercriminals. Version 10 includes numerous security enhancements which make it a lot safer than any previous versions.

10. Install a good security solution

It is no longer true that “Macs do not get viruses.” After six years, the situation has changed considerably. The Flashback Trojan which appeared in September 2011 caused a huge outbreak in March 2012, which amounted for over half a million infected users worldwide. Thus, a security solution is absolutely required for any Mac user. One can easily download and install a trial of Kaspersky Anti-Virus for Mac.