In his latest Technologizer column for Time, Harry McKracken takes a reasoned, thoughtful look at the current state of Mac security and comes to much the same conclusion I did: while Mac malware is still more reliant on social engineering than technological exploits, there’s no such thing as risk-free computing.
(The) fact that the recent spate of Mac attacks could be worse doesn’t mean that Apple types don’t need to think about their computing safety. It’s not just the possibility of more OS X malware. Instead of putting a particular operating system in the crosshairs, nogoodniks are turning their attention to social networks such as Facebook and Twitter, where they spam users, steal identities, and generally do their best to wreak havoc. They don’t care whether you use Windows or a Mac, as long as your guard is down.
Like me, Harry does not run any anti-virus software on his Mac, noting “security software isn’t without its own downsides. Even the best packages require a certain amount of babysitting; the worst ones get in your face, bog down your system, and teeter on the brink of being more of a hassle than the dangers they’re meant to protect you against.”
Until and unless Mac malware gets a lot more sophisticated, I’ll continue focusing my defenses on the social engineering side of the issue. Don’t open attachments unless you know what they are, be careful about where you surf and never—never—install a program you’re not absolutely confident came from a safe source.