MacOS Security
Macs are generally safer than PCs. The viruses are rare but they do still occur & the increasing popularity of the platform adds to the growing number of threats. I do not recommend any free commercial products such as Avast, Kaspersky, or others. They tend to be privacy invasive & often end up doing more harm in the long run.
XProtect
Macs have a built-in malware scanning system which works under the hood without requiring user interferance, to keep the system safe from any threats. It is called XProtect. Apple has a list of malicious applications that it checks against when we open downloaded applications.
The list is updated constantly in the background by Apple so that users are always protected. It works similar to any third party Anti-virus (AV) software with the benefit of being written directly in OS, thus not hampering the system performance.
If you download and try to open files contaminated with malware, you may see an explicit warning that the files will “damage your computer,” along with a reference to the type of malware. In that case you should delete the file immediately.
Well, it might not be upto date with the malware index but XProtect still provides baseline security to the Macs.
GateKeeper
Another security measure in place for Mac is GateKeeper. It blocks any downloaded application that hasn’t been digitally signed by an authorized developer.
If you have tried installing unsigned application outside the App Store, you might be familiar with error message “[This app] can’t be opened because it is from an unidentified developer.” That is the GateKeeper doing its job. Gatekeeper checks for malware and other issues every time it runs, rather than just the first time we install it.
The error message can be bypassed but that can be risky, so be careful with what you selectively pass through. You can adjust these settings via the Security & Privacy section of System Preference for persistence anytime.
Task Explorer
This is a free Mac-only application that identifies all running processes and queries them through a service called Virus Total. If it finds a suspicious file, it alerts the user with a red flag in the lower-right corner.
You can execute this program on scheduled days. If you have picked up a virus on your host, this program should identify it quickly, however, it does not remove any infections. For that, you will need to research any suspicious files.
To install run this command in your Terminal:
brew install --cask taskexplorer
Or download .dmg from official source.
KnockKnock
Similar to previous option, which is maintained by the same company, this application conducts a scan of entire Mac device. However, it is looking for persistent programs which are set to launch upon boot.
Since most viruses inject themselves to launch the moment the computer starts, this program may identify threats which were missed by the previous program if they were not running at the time.
After opening the application, click on the scan button and alow the process to complete. You will receive a notificaiton about any suspicious files. Note that it also only notifies you of issues, and does not remove them.
To install run this command in your Terminal:
brew install --cask knockknock
Or install .dmg from the official source.
Summary
Mac’s in-built security tools are good enough however they can’t be completely relied upon. They are always at a risk of zero-days. So it is better to have additional measures setup to stay safe.
Again I won’t recommend any commercial AV software. The aforementioned tools shall further enhance your overall system security by identifying any potential infections which you can remove after proper examination.
If you can also consider employing a Firewall like Lulu (free) or a paid program Little Snitch.
That is all about this post & I hope you found it useful. What programs or mesaures you have in place for macOS security please let me know, you can
Reply via mail
