Updated July 28, 2021-
For years in terms of security, Windows has been considered inferior to Macs. But no longer as a result of malware security epidemics.
If you’ve got an iPhone, get busy. Apple has had bugs and security issues.
Again this week, a major alert was issued with the latest patches from Apple. Worse, Apple warned that cybercriminals were exploiting a vulnerability.
This wasn’t the first major alert about Apple products. On Aug. 19, 2019, published reports indicated the new version of the iPhone software, iOS 12.4, was not secure (e.g, iPhone users alerted to major security problem with latest iOS).
You might recall Apple issued security patches for all of its operating systems on Jan. 23, 2017. The vulnerabilities were in in iOS, macOS, watchOS, tvOS, the Safari browser, and iCloud for Windows.
Apple was forced to release an update just a few days after the rollout of its iOS 8 in late Sept. 2014.
But just after going live – within 90 minutes – Apple canceled the update that was suppose to fix the software glitches because it had numerous problems.
There were hundreds of tweets by Twitter users complaining they could get any cell signals right after the update.
Apple was forced on Feb. 21, 2014 to fix a vulnerability with iOS 7.0.6.
Apple was under increasing pressure starting in 2012 to take preventative security measures by cyber experts in the wake of 600,000 malware-infected Macs.
“Myths die hard,” writes nationally known security guru Stan Stahl, Ph.D. “Users can no longer naively claim that they don’t need to be concerned with security because they use a Macintosh.”
Cybercriminals don’t discriminate
He believes cybercriminals see no difference between Mac OS X and Windows.
“It’s cold comfort that this particular vulnerability surfaced in Java-so well known as a source of attack exploits that we recommend users disable it,” he writes.
“The lesson we need to take away from the Mac OS X story is humility in the face of software complexity,” he adds.
As one of the nation’s leading authorities, Dr. Stahl is a principal at Citadel Information Group, www.citadel-information.com, in Los Angeles.
“In the 1980s I was a staff security engineer at TRW when my manager gave me a piece of wisdom that applies to the myth of Mac security,” he writes:
“There are three kinds of knowledge,” he said. “There’s what you know that you know you know. There’s what you don’t know that you know you don’t know. And there’s what you don’t know that you don’t know that you don’t know.”
Dr. Stahl warns about the dangers of the third category of what we don’t know.
“It’s this third category that is most dangerous — what we don’t know that we don’t know we don’t know,” he writes. “This-our hidden ignorance — is what gets us into trouble. Believing the myth of Mac security-jumping to the conclusion that Macs are secure because we don’t know about their insecurities-is dangerous because the myth keeps us from taking the actions necessary to protect sensitive information on our Macs.”
More about myths
“There is the myth that IT can effectively manage cyber security; that senior management doesn’t need to get involved,” believes Dr. Stahl. “There is the myth that antivirus and anti-malware solutions provide sufficient security.
“There is the myth that ‘we have nothing of interest to a cyber criminal.’ And the most dangerous myth of all-that we can be secure if we simply do A, B and C, whatever A, B and C happen to be,” he warns. “It is these and other myths that keep us from being open to what we don’t know that we don’t know we don’t know.”
His parting shot:
“When it comes to cyber security management, myths are particularly dangerous,” he writes. “Our greatest security weakness-our greatest vulnerability-lies in the security myths we believe. That’s why the stories of more than 600,000 Macs infected by the Flashback malware is so important, for it serves as a warning about the dangers of all cyber security myths.”
From the Coach’s Corner, here are more security insights:
“If you spend more on coffee than on IT security, you will be hacked. What’s more, you deserve to be hacked.”