“I bought a Mac, because it’s safer than a PC.”
“I always surf the web with my iPhone, because I know it can’t get infected.”
“I got a virus on my first PC, so now I only use Apple products.”
Too often, the rhetoric around the Mac vs. PC debate focuses on Apple’s presumed invulnerability to cybercrime. Many consumers believe (a belief that is bolstered by Apple’s marketing of “security by design”) that unlike Windows devices, Apple products are immune to cyber threats.
Unfortunately, as we witnessed this week, this logic is deeply flawed. Apple products can and do get hacked, and consumers who believe their devices are invulnerable are most susceptible to data loss after a compromise.
New iPhone Security Flaw Discovered in iOS 6.1
The most recent version of Apple’s mobile operating system (iOS 6.1) contains a security flaw that allows hackers to bypass your password, make calls, listen to recent messages, tinker with your contact list, and even access private photos. The hack was posted on YouTube on January 31st, and it uses another phone placed nearby to bypass an iPhone password and access these limited functions. And while the original poster urged users to “play nice” with the flaw and only use it for harmless pranks, the hack presents a serious security risk until it is patched by Apple.
This flaw is just one in a long line of security risks in previous versions of Apple’s mobile operating system. Like most vendors, Apple is quick to a fix these problems once they are discovered, but the fact remains that these devices are becoming more and more vulnerable to attack.
So, if Apple devices really are just as vulnerable, why does everyone still believe Macs are safer?
This question can be answered best if broken down into two parts:
- The security built into the Apple operating system
- The number of security threats (viruses) made to target the Apple operating system
The reason why we say Macs are just as vulnerable as PCs to security threats is due to #1, the security built into the Apple operating system. While Apple likes to tout that they have “security built in” (which they do), their systems are no more secure than Windows devices, which ALSO have security features built in by design. This is exemplified by this most recent iOS 6.1 vulnerability; It’s a simple loophole that slipped through the cracks of Apple’s security team.
The second part of this answer examines the actual number of threats out there – the fact that right now, there are fewer viruses designed to attack Macs. This is of course a valid observation (the volume of Android threats found by McAfee Labs in 2012 far surpassed the number of iOS threats), but users must be prepared as these threats grow.
For some context, consider the differences between computer criminals and ordinary criminals. Both groups are made up of rational individuals, but their motivations are very different. The bulk of ordinary crime – burglaries, car break-ins – is done by disadvantaged young people, often from underfunded school districts and historically segregated neighborhoods. This type of crime is most often predicted and prevented by examining socioeconomic forces – figuring out why these groups are disadvantaged and how to best improve their opportunities.
In contrast, the bulk of online crime is committed by technically savvy people living in poor countries like Russia, India, or Brazil. Preventing and predicting online crime is usually a question of economics – figuring out where these criminals will get the most payout for the work they put in. Since right now, Windows PCs are still much more numerous than Apple devices (and they’re used by the finance industry), you are much less likely to encounter a virus that infects Apple machines.
The key thing to remember, however, is that as Apple grows in popularity and is used by more and more businesses, so does the number of viruses made specifically for Apple devices. Users must be prepared as this trend continues, and they must let go of the long-held myth that Apple products are invulnerable to attack.
Here are a few actionable tips on how to keep your Apple devices safe:
1. Enable Auto-Lock and Passcode Protection
Auto-Lock is a built-in iPhone security feature that locks your device’s touch screen after a short period of inactivity. This feature is turned on by default, and it’s best used in tandem with the iPhone’s Passcode Lock feature. This allows you to require a four-digit passcode to open the iPhone again. As a best practice, avoid using commonly used (1111 or 1234) or easy-to-guess passcodes such as your birthday.
2. Disable Features That Could be Accessed Without Entering the Passcode
By default, the Voice Dial feature of an iPhone can be accessed without unlocking it first. This feature can be used to call anyone from the contact list, play songs, and use other functions. To disable, navigate to Settings > Passcode Lock > Voice Control, and turn Voice Dial to OFF.
3. Think Twice Before Jailbreaking a Device
Jailbreaking is hacking of an iOS device to bypass limitations imposed by Apple, which can allow users to run applications that are not authorized by the Apple App Store. This makes your device much more susceptible to viruses and malicious applications.
4. Update Software Right Away
iOS security bugs (like this most recent password vulnerability) can only be fixed when you update your operating system. Not running the latest version of iOS may make your iPhone, iPad, or Mac vulnerable to defects and bugs identified in older versions.
5. Download Security Protection
Security software like McAfee All Access can protect every device you own (PCs, Macs, smartphones, and tablets) with the maximum level of protection that can be delivered to each device.
To learn more about the most common mobile security myths, be sure to check out our new Mobile Mythbusters Facebook quiz and follow our team on Facebook and Twitter. Those who take the quiz can also enter to win a Galaxy Tablet or Kindle Fire HD with McAfee Security, and we’ll announce prizewinners during Mobile World Congress on February 25th-28th.