Mac-Techs.com

Just got my HP laptop running with Linux. It’s a momentous occasion. Not, you might think because I actually got Linux running. It’s momentous because it’s running and doing all the things you normally associate with a computer without lots of hair pulling, terminal sessions and perusing of small print on forums and websites trying to get Linux to do what an Apple or Windows computer will do out of the box (mostly).

We’re talking about networking (wireless and ethernet), Internet connectivity, sound, and displays in the main. I’ve installed Linux perhaps 50 times on different systems to learn, to experiment, and to try another Linux variant.

Invariably I would run up against some aspect of Linux where no matter what I tried, getting some part of the hardware to function properly was beyond the investment of time and mental energy I was willing to make. It’s great having a speedy laptop with ethernet, sound and correct monitor resolution, even wireless, but what if the wireless security functions do not work? Aggravating but typical.

I’m not by any means casting aspersions on the Linux developer community. Linux is, after all, a free OS. It’s an amazing experiment and one that has dramatically changed the OS environment for the better. Right on Linux developers! You rock!

Linux is utilized in servers and workstations all over the world due to its Open Source code base, and the basic fact that it’s free. No dominating commercial entrprise can reach into your OS and tell you what you will and will not do with the code running your hardware.

Plus Linux puts competitive pressure on both Microsoft and Apple to upgrade their software, and to keep improving their offerings to keep up.

A lot of the marketing around operating systems, and by marketing I mean those Apple and Windows commercials, is based on identity. I’m a Mac, I’m a PC, Macs are better, Windows is better. It’s childish, yet it’s effective. We identify with computers and defend them as essential to our identity regardless of the technical aspects of the machines.

So, for me, having a Linux installation actually work with the on-board drivers from the installation is like crossing the Rubicon. Finally a mass market PC laptop that can run from the Linux install and work relatively quickly. My experience is unique of course. I’m in no particular way special in that regard. Just making some observations from this tiny speck of matter’s experience.

What my Linux installations means to me is that Linux is becoming the desktop replacement that Microsoft and probably Apple fear. I don’t think it will cut into Apple’s market share for the next few years if ever. There will always be a market for fast, powerful hardware that simply works. The Open Source model cannot compete with the same time-to-market that a direct OS vendor like Apple or Microsoft can do.

On the other hand, for the first time in my experience, I can have a working PC laptop with both Ubuntu/Linux and Windows installed in a dual-boot configuration, be up on the Internet, using Firefox, surfing in the wireless cafe, listening to streaming music, accessing gmail and getting work done, and get this up and running within a few days of starting with minimal forum surfing, problems and learning curve. That’s very cool.

And, another upside is that my HP laptop, a 1.9Ghz dual core machine which is an absolute dog-slow clunker in Vista, in Linux has become reasonably speedy. It’s totally changed my experience of this machine for the positive.

There’s a lot of great information out on the Intertubes about Mac security and computer security in general. This is my take on the state of Mac security for the typical home or business user.

Back in the good old days of OS 9, computers viruses and worms were actually out and about in Macland. Passing around a floppy disk was a typical way to get a virus that infected the Microsoft Office suite or installed a viral extension into the system folder.

It was an annoying and problematical situation that users avoided by running a security package. Graphic artists in particular would be susceptible to virus problems because of their rapid file sharing habits in their work flow. It wouldn’t be uncommon to get a macro-virus lurking in a Word document that was passed from a PC user via email.

Since the advent of OS X, there has yet to be a virus or worm in the wild that has become successful in propagating itself. Unlike in the Windows world, there has yet to be a known exploit that can be transmitted via a network without a user’s action behind the infection. Translation: Windows PC’s have been known to catch exploits simply by being on a network with other infected PC’s. That includes the Internet as well as local networks in offices or homes.

Does that make you feel safer? It should, then again maybe not. Just because OS X has a stellar record among users does not mean that OS X is secure. There are many subtle insights about security in computing, one of which is this: the failure to observe an exploit or intrusion does not mean that an intrusion has not occurred. In other words, we only know about the unsuccessful attacks that have been discovered, not the ones that are not found out.

It’s also been shown repeatedly that OS X has holes that can be exploited via web pages crafted to exploit Safari vulnerabilities. There are also other ongoing security issues with Apple software as well as third party applications. Is this a problem for you personally? So far, it doesn’t seem to be a problem insofar as the security community can figure out, or at least no one has admitted to being hacked by a criminal endeavor via a Safari insecurity.

The known exploits to date on OS X have depended on user interaction. For example, the iWork suite was injected with a Trojan exploit (a means of remotely controlling a computer) and put on bit-torrent sites for people seeking to gain commercial software for free. There have also been cases of Trojans masquerading as music files on these same sites. The Safari vulnerabilities depend on a user surfing to a particular site crafted to exploit security holes within the program that grant access to the OS.

It may be that Safari and OS X is less secure than Windows Vista at this point due to some advanced security elements in Vista. Despite all this, Apple computers running OS X have no known exploits occurring at the moment as far as is known. It would be safe to say that the vast majority of OS X users do not use anti-virus, firewall or security techniques beyond those provided by the default settings of an OS X installation. Compare that to a Windows world where any rational user would always insist on having anti-virus/anti-exploit software loaded on their systems before surfing.

With a 15% market share you would think that attacks on the platform would be substantially greater regardless of arguments about total user base. So far, that doesn’t seem to be happening. Users continue to use OS X without having their data stolen.

A prudent person would take some precautions regardless of perceived safety of any computing platform. Just like in your home or office, security preparations should be like an onion, in layers, so that ultimately any attacker simply has to foil too many schemes and so is repelled.

Here are some suggestions. Number one on the list: don’t keep your Very Important Passwords on a list taped to your monitor. In fact, a good way to keep your passwords is in an encrypted file of some type. I use ‘KeyPassX’ a cross-platform freeware application that uses security encryption based on quantum foam or some other ungodly unhackable mathematics. You can also create an encrypted disk image using Disk Utility and keep a text file in it with your passwords.

There are also websites where you can keep your sites and passwords in a protected format. Google on ‘password storage website’ for some ideas.

You might also use a locally encrypted storage area on your PC or Mac to keep your Quickbooks or Quicken data. After all, what criminals are after are your Social Security #’s, your credit card numbers, and banking information. It’s all about the money. Your pictures of Aunt Jane, or your download of Wuthering Heights simply aren’t going to gain the same types of interest as something that has $ signs attached. If you protect those types of data from real world exploits, then you’ll find that the online world will also be excluded.

Should you use anti-virus, firewall, and anti-exploit software on a Mac? Personally, I vote with the vast majority and don’t think it is particularly useful at the moment. I caveat that statement with the observation that if one’s personal workstation is stolen, if the data on it is unencrypted, then your entire personal story is probably laid out for whoever gets the machine.

So, think encryption. Don’t go to nasty third party sites where they offer to give you the latest copy of iWorks or other disreputable software. Consider creating an administration user, and another login user that you use to do day to day work. Use Firefox instead of Safari. It’s probably not hugely safer but it will check an online database of known exploit websites and tell you in big bright letters ‘Do You Want to Get Out of Here Now???’. That’s a good thing.

And if some windows pops up unexpectedly asking for your password to proceed, say firmly ‘No’, and figure out where that window came from before proceeding.

The Great Oz has spoken.