> Though this does not mean that Apple’s software is the most insecure—the report takes no consideration of the severity of the flaws—it points at a growing trend in the world of security flaws: the role of third-party software. Many of Apple’s flaws are not in its operating system, Mac OS X, but rather in software like Safari, QuickTime, and iTunes. Vendors like Adobe (with Flash and Adobe Reader) and Oracle (with Java) are similarly responsible for many of the flaws being reported. The headline for this article is: “Apple the new world leader in software insecurity.”

And yet the second paragraph begins: “Though this does not mean that Apple’s software is the most insecure…”

Which one is it, guys?

This is one of those cases where you just have to use common sense. The research says that Apple’s software is more insecure than Windows. But EVERYTHING YOU’VE EVER HEARD about viruses, attacks, worms, Trojan Horses, spyware, etc. has exclusively referred to Windows computers.

As I’ve said before, always be cautious, but the bottom line is that your Mac is not in grave danger of being hacked, unless you do something stupid, like give your password away to a strange program.

And journalists, please quit with the misleading, link-baiting article headlines. Seriously. If you can’t get people interested in your content any other way, you’re not trying hard enough.

> Last week, McAfee [broke](http://arstechnica.com/business/news/2010/04/broken-mcafee-dat-update-cripples-windows-workstations.ars) a lot of its customers’ computers. A virus definition update caused a false positive identification of a virus within a key Windows file. > > McAfee initially [tried to downplay the issue](http://siblog.mcafee.com/support/mcafee-response-on-current-false-positive-issue/), claiming only “moderate to significant” issues on affected machines, and that the default configuration of its software was harmless. “Not booting properly and being useless for real work” strikes us as somewhat worse than “moderate to significant,” and there are many reports from people saying that McAfee is wrong about the default configuration (the situation seems unclear, but it looks like upgrades and certain patches can result in a different “default”—one that isn’t safe). As if that was any consolation—none of the settings should result in machines getting broken. Ultimately, such quibbling is irrelevant: tens or hundreds of thousands of machines were disabled by the virus update. Another article that makes me glad I’m a Mac user. I suppose you can consider anti-virus software a necessary evil on the PC, but I don’t consider using a PC necessary, so maybe not.

Meanwhile, I continue to believe that having anti-virus software on a Mac actually does more harm than good. You slow down your machine and risk running into one of these false-positive disasters, all in the hopes of blocking viruses that don’t effect your computer, anyway.

I’m not saying that Mac viruses aren’t possible, or that Mac users aren’t dumb enough to fall prey to malware, particularly Trojan Horses. What I’m saying is that when that fateful day comes when a Mac virus makes the rounds through millions of computers all over the globe, McAfee software won’t be ready for it, anyway. And only common sense is going to protect you from a Trojan Horse.

> The current threat from this malware is actually quite low at the moment, as the backdoor would need to be installed by someone with physical access to your machine. Intego notes that it could be deployed as a trojan, using social engineering to convince an unsuspecting user that the installer is actually something else. I continue to believe that common sense will do you a lot better as a Mac user than any anti-virus software. The only people who are concerned about viruses on the Mac are the people who write anti-virus programs.

To date, there has never been an actual outbreak of an actual OS X virus in the wild. (Virus meaning a program that can be installed automatically without the user’s knowledge and spread to other machines in a similar automated fashion.) Mac Malware has for many years lived in the realms of labs and hacker contests only.

Trojan Horses are bad, to be sure, but no anti-virus program can protect you if you’re dumb enough to give your admin password to an untrusted installer.

Think twice before typing that password, people. And, please, make your password something other than your cat’s name.