mac 安全偏好

For the student, the cubicle-bound desk worker, and the grocery store clerk alike, computers have become an integral part of everyday life. We live in an age where being connected to the internet is no longer a luxury, but a necessity for most people; and an age in which the danger of the internet has never loomed so large. It is all too easy to click on an enticing link and find yourself the victim of a ransomware attack. At least for Windows users. Mac users are safe, right?

對于學生，隔間的上班族以及雜貨店的店員而言，計算機已成為日常生活不可或缺的一部分。 我們生活在一個時代，上網不再是奢侈品，而是大多數人的必需品。 在一個互聯網的危險從未隱約可見的時代。 單擊誘人的鏈接并發現自己是勒索軟件攻擊的受害者，這太容易了。 至少對于Windows用戶。 Mac用戶很安全，對嗎？

“ Mac無法感染病毒” (“Macs can’t get viruses”)

Almost every known cyber-exploit gets an entry in the MITRE CVE Database. CVE stands for “Common Vulnerabilities and Exposures,” and the details on these common vulnerabilities are kept in public registers like the MITRE database to help security professionals across the world know how to protect themselves against exploits out in the wild. On July 7, 2019, CVE-2019–13449 was added to the MITRE database1. Hundreds of exploits are added to this database every week, but this one was particularly egregious. It was an easily exploitable way to cause a “denial of service” attack on macOS computers through manipulating the cloud-conferencing software “Zoom.”

幾乎每個已知的網絡漏洞都會在MITER CVE數據庫中獲得一個條目。 CVE代表“常見漏洞和披露”，而這些常見漏洞的詳細信息被保存在MITER數據庫等公共注冊表中，以幫助全球的安全專業人員了解如何保護自己免受野蠻攻擊。 在2019年7月7日， CVE-2019–13449已添加到MITER數據庫1中 。 每周都會有數百個漏洞利用被添加到該數據庫中，但是這一漏洞特別嚴重。 通過操縱云會議軟件“ Zoom”，這是一種容易利用的方法，可在macOS計算機上造成“拒絕服務”攻擊。

A denial of service attack causes the machine that is being attacked to become unusable, and in the case of this vulnerability, attackers could continually cause a remote computer to focus on a particular browser window, preventing the user from doing anything else with their computer. This vulnerability was first discovered by security researcher Jonathan Leitschuh on March 8, 2019. He immediately tweeted Zoom asking to talk to their security team and received no response. He emailed Zoom. No response. A full month later a security engineer finally responded. Then in June, they contacted the researcher again to discuss a patch for the vulnerability. Finally, on July 8 (a day after the CVE was released), the fix was rolled out2.

拒絕服務攻擊會導致被攻擊的計算機無法使用，在這種漏洞的情況下，攻擊者可能會繼續使遠程計算機專注于特定的瀏覽器窗口，從而阻止用戶對計算機進行其他操作。 此漏洞最早由安全研究員Jonathan Leitschuh于2019年3月8日發現。他立即在Twitter中發布了Zoom，要求與他們的安全團隊進行交談，但未得到任何回應。 他通過電子郵件發送給Zoom。 沒有React。 一個月后，安全工程師終于做出了回應。 然后在六月，他們再次聯系研究人員，討論該漏洞的補丁程序。 最終，在7月8日(發布CVE的第二天)，修復程序推出了2 。

The frightening part about this attack vector was not that it existed, but that Zoom handled the situation so poorly and dragged their feet for months before even responding to the researcher who discovered the vulnerability. Often, as was the case with this Zoom vulnerability, there isn’t a patch available at the time that the CVE is released; and this is just one of the thousands of CVEs that apply to macOS users.

關于這種攻擊媒介的最可怕的部分不是它的存在，而是Zoom如此糟糕地處理了這種情況，并拖延了幾個月的腳步，甚至還沒有回應發現漏洞的研究人員。 通常，與此Zoom漏洞一樣，發布CVE時沒有可用的補丁程序。 這只是適用于macOS用戶的數千種CVE之一。

The MacBook is ubiquitous on college campuses across the United States. It’s desktop cousin, the iMac is in the offices of professionals and creators everywhere. Apple has, by default, been taking over the personal computing market for the past 10 years3. This is no surprise, given that the younger generation gravitates toward Apple products. According to a study done by Jamf, an Apple product management company, students see the Mac platform “as more intuitive, longer-lasting, more secure and more encouraging of productivity” as opposed to a Windows alternative. The “more secure” statistic is particularly interesting: 43% of Mac users agree that Apple’s platform is more secure than Windows?. This raises the obvious question: if there are thousands of known exploits on the macOS platform, why do almost half of the MacBook wielding students who took part in this survey think it is a more secure platform?

MacBook在美國的大學校園中無處不在。 iMac是臺式機的堂兄，在世界各地的專業人員和創作者辦公室中。 蘋果，默認情況下，被接管的個人電腦市場在過去10年3 。 鑒于年輕一代傾向于使用Apple產品，這不足為奇。 根據蘋果產品管理公司Jamf所做的一項研究，與Windows替代品相比，學生們認為Mac平臺“更直觀，更持久，更安全，更鼓勵生產力”。 “更安全”的統計數據尤其令人感興趣：43％的Mac用戶同意Apple的平臺比Windows?更安全。 這就提出了一個明顯的問題：如果macOS平臺上存在成千上萬的已知漏洞，為什么參與調查的MacBook學員中幾乎有一半認為這是一個更安全的平臺？

“ Windows更具針對性，對嗎？” (“Windows is more targeted, right?”)

The reasons for this myth are largely historical. In January of 2009, 93% of the desktop and laptop computers in the United States ran on Windows3. From a hacker’s perspective in the year 2009, it would have only made sense to target a platform that the vast majority of the world ran on rather than a niche platform designed for content creators. The medical industry ran on Windows, the banks ran on Windows, the government ran on Windows. Most importantly, regular people ran Windows on their personal computers. It would have been foolish from a return-on-investment perspective to target a platform other than Windows?.

這個神話的原因在很大程度上是歷史性的。 2009年1月，在美國的臺式機和筆記本電腦的93％，在Windows上運行3 。 從2009年的黑客的角度來看，將目標鎖定在全世界絕大多數運行的平臺上，而不是為內容創作者設計的小眾平臺上，這才是有意義的。 醫療行業在Windows上運行，銀行在Windows上運行，政府在Windows上運行。 最重要的是，普通人在其個人計算機上運行Windows。 從投資回報率的角度出發，以Windows?以外的平臺為目標是愚蠢的。

Windows was so large a target for malware and viruses a decade ago that security was one of the main focuses of Apple’s famous “Get a Mac” ad campaign?. There were ads about how Macs didn’t get viruses and Windows did, ads about how Windows had annoying security policies because of the prevalence of viruses and malware, and ads about how Windows Vista was just generally insecure.

窗戶是如此之大的目標的惡意軟件和病毒十年前的安全是蘋果著名的“擁有一臺Mac”廣告活動的重點之一? 。 有關于Mac如何沒有病毒而Windows沒有Windows的廣告，關于Windows由于病毒和惡意軟件的普遍使用而具有令人討厭的安全策略的廣告，以及關于Windows Vista一般不安全的廣告。

Between 2006 and 2009 when Apple ran this campaign, macOS was not a target and Windows was, and there are remnants of the horrible security policies Microsoft implemented to prevent certain severe attacks to this day. But a lot has changed since the year 2009. Today in the US, 25% of desktop and laptop computers now run on macOS, and only 65% run on Windows3. Not only is there a difference in market share, the types of people who are running macOS are very different than they were back in 2009. A large part of the “Get a Mac” campaign was focused on getting the attention of creators, but Apple has shifted away from that platform. Mac is no longer a “creative” tool that only musicians and artists gravitate toward. The Apple logo is a status symbol.

在2006年至2009年蘋果公司開展這項活動期間，macOS并不是目標，Windows是Windows的目標，并且微軟保留了可怕的安全策略來阻止至今的某些嚴重攻擊。 但很多已經在美國，因為今年改變了2009年今天的臺式機和筆記本電腦的25％，現在在MacOS上運行，只有65％的Windows運行3 。 不僅市場份額存在差異，而且運行macOS的人的類型與2009年大不相同。“獲取Mac”活動的很大一部分著眼于吸引創作者的注意，而蘋果已經從該平臺轉移了。 Mac不再是只有音樂家和藝術家喜歡的“創意”工具。 Apple徽標是狀態符號。

In 2018, researchers Marianne Bertrand and Emir Kamenica set out to discover if they could determine economic and cultural differences between people based on their consumer habits. They found that in the year 2016, the defining purchase that separated someone on the top of the economic ladder from someone on the bottom was an Apple iPhone and/or iPad?. Owning Apple products has become a sign of (relative) wealth, and consequently, a reason to be targeted by cybercriminals. Everything in the insane everyday war that happens over wires between hackers and cybersecurity experts boils down to either national security or money. By becoming a product owned by well-off people, the MacBook has declared itself a target of this war.

2018年，研究人員Marianne Bertrand和Emir Kamenica著手發現是否可以根據消費習慣確定人與人之間的經濟和文化差異。 他們發現，在2016年，將經濟階梯頂端的人與經濟階梯頂端的人區分開的定義性購買是Apple iPhone和/或iPad? 。 擁有蘋果產品已經成為(相對)財富的標志，因此成為網絡犯罪分子針對的原因。 瘋狂的日常戰爭中，發生在黑客與網絡安全專家之間的一切事情都歸結為國家安全或金錢。 通過成為富裕人士擁有的產品，MacBook已經宣布自己是這場戰爭的目標。

“不用擔心。 我的防病毒軟件可以保護我。” (“Don’t worry. My antivirus will protect me.”)

Anyone who has ever used a Windows PC has probably installed (or been told to install) some sort of antivirus or antimalware software. Although Windows Defender has existed on Windows since 2006, it wasn’t a truly complete security suite until Windows 8, and even now its main purpose is to be antivirus software, not antimalware software. A virus is intended to replicate itself and be chaotically malicious (like adware that jumps from machine to machine), while malware is often more of a targeted attack (like ransomware). Even now that Windows Defender is a relatively good security package, security experts still recommend using Windows Defender in conjunction with a third-party antimalware package to fill in gaps?.

曾經使用Windows PC的任何人都可能已經安裝(或被告知要安裝)某種防病毒或反惡意軟件。 盡管Windows Defender自2006年以來就已在Windows上存在，但直到Windows 8才真正成為一個完整的安全套件，甚至現在它的主要目的是成為防病毒軟件，而不是反惡意軟件。 病毒旨在自我復制并具有混亂的惡意能力(例如從機器跳到另一機器的廣告軟件)，而惡意軟件通常更像是有針對性的攻擊(例如勒索軟件)。 即使現在Windows Defender是一個相對不錯的安全軟件包，安全專家仍建議將Windows Defender與第三方反惡意軟件軟件包結合使用以填補空白? 。

On the other side of the aisle, macOS has long had a leg up on Windows in this realm. macOS has had a more fully featured anti-malware for a much longer time, and Apple has been purposeful about making security one of its main selling points. Moreover, macOS is built out of the Unix operating system. Unix has an inherently secure design because it was designed for multiple people to work on the same system at the same time. Everything in Unix is a file or a directory (a folder), and every file and directory has a set of permissions attached to it to tell the operating system who is and is not allowed to interact with it in certain ways. Windows was not designed like this, and thus it is (in theory) a lot easier for malicious programs to interact with the computer in ways that the user might not intend.

在過道的另一端，macOS在這一領域早已在Windows上站穩了腳跟。 macOS擁有功能更齊全的反惡意軟件已有很長時間了，Apple一直致力于將安全性作為其主要賣點之一。 而且，macOS是在Unix操作系統之外構建的。 Unix具有固有的安全性設計，因為它是為多個人同時在同一系統上工作而設計的。 Unix中的所有內容都是文件或目錄(文件夾)，并且每個文件和目錄都具有一組權限附加到該權限，以告訴操作系統誰以某種方式與之交互。 Windows并不是這樣設計的，因此(理論上)，惡意程序以用戶可能不希望的方式與計算機進行交互要容易得多。

This is not to say that Unix systems are completely secure. In fact, searching any common CVE database will reveal that there are only a few hundred less known exploits for the Unix operating system than there are for Windows 10. This is because most security vulnerabilities aren’t often found in the operating system itself (and when they are, it’s a huge deal). More often, vulnerabilities are found in software that runs above the operating system, like the Zoom vulnerability discussed earlier. The Zoom exploit was only possible on macOS, but only because the software was implemented differently on macOS than on other operating systems, not because of macOS itself.

這并不是說Unix系統是完全安全的。 實際上，搜索任何通用的CVE數據庫都將發現，與Windows 10相比，Unix操作系統的漏洞利用幾百種。這是因為大多數安全漏洞并不經常在操作系統本身中發現(并且當它們存在時，這是一筆不小的數目)。 在操作系統之上運行的軟件中經常發現漏洞，例如前面討論的Zoom漏洞。 僅在macOS上才可以使用Zoom漏洞，但這僅是因為該軟件在macOS上實現的方式與在其他操作系統上不同，而不是因為macOS本身。

“有什么安全的嗎？” (“Is anything safe?”)

Windows may have a bad track record when it comes to security, but as we’ve seen, macOS is vulnerable to attacks too. So, which is safer? According to a study released by a popular antimalware company Malwarebytes, in 2019, the average MacBook was attacked by viruses or malware 11 times. In stark contrast, the average Windows machine was attacked 5.8 times?. This is an unprecedented number given that in every preceding year these statistics have been flipped on their heads. Attacks on macOS saw a massive 400% increase from 2018, and as more and more of the market is given to Apple, it is only to be expected that the number of attacks per endpoint will rise even higher.

Windows在安全性方面的記錄可能不佳，但是正如我們所見，macOS也容易受到攻擊。 那么，哪個更安全？ 根據流行的反惡意軟件公司Malw??arebytes發布的一項研究，在2019年，普通MacBook受到病毒或惡意軟件攻擊的平均次數為11次。 與之形成鮮明對比，一般的Windows機器被攻擊的5.8倍? 。 鑒于這些統計數字在過去的一年中被拋在腦后，所以這是一個空前的數字。 自2018年以來，針對macOS的攻擊大幅增加了400％，并且隨著越來越多的市場被蘋果所占有，人們只能預料每個端點的攻擊次數將進一步增加。

From a purely numbers-oriented perspective, Windows surprisingly seems to be the safer option in the present day. That is, until the types of attacks (the kinds of malicious software) are examined. The report from Malwarebytes states that “Macs differ drastically from Windows in terms of the types of threats seen.” The top ten types of malware consist largely of PUPs (Potentially Unwanted Programs) and Adware. These, while annoying, are largely harmless to the user. On the Windows end of things, the threat landscape is alarmingly full of trojans, spyware, and backdoor exploits allowing hackers to gain control of consumer’s computers.

從純粹面向數字的角度來看，Windows似乎是當今更為安全的選擇。 也就是說，直到檢查了攻擊類型(惡意軟件的類型)。 Malwarebytes的報告指出：“ Mac所面臨的威脅類型與Windows截然不同。” 十大惡意軟件類型主要由PUP(潛在有害程序)和廣告軟件組成。 這些雖然煩人，但對使用者基本上無害。 從Windows的角度來看，威脅形勢令人震驚地充滿了木馬，間諜軟件和后門漏洞，使黑客能夠控制消費者的計算機。

This means that in the present day, while MacBooks are more likely to be attacked, Windows computers still bear the brunt of the most dangerous attacks. Perhaps the reason for the rise in attacks on Macs is in connection with what BBC tech writer Bill Thompson warned us about all the way back in 2006: “Mac users demonstrate an indefensible smugness when it comes to the dangers of having their systems compromised by malicious software and opened up to exploitation by others.”1? So many Mac users refuse to believe that they could be they could be the target of an attack that they don’t do anything to protect themselves. This is incredibly dangerous.

這意味著，在今天，雖然更容易遭受MacBook的攻擊，但Windows計算機仍然是最危險的攻擊首當其沖。 BBC技術作家比爾·湯普森(Bill Thompson)在2006年就一直警告我們有關Mac的攻擊增加的原因：軟件，并開放給他人使用。” 1?許多Mac用戶拒絕相信他們可能成為攻擊的目標，因此他們沒有采取任何措施來保護自己。 這是非常危險的。

While many of the attacks on Mac devices are merely annoying and not damaging, there are plenty of dangerous attacks that exist outside of the top-ten list on Malwarebytes’ study. The further we progress into this strange quarantined spring, the more exploits surrounding the Zoom platform are discovered. Because it has recently become such an important piece of software, security analysts have been scrutinizing it and have found no end of issues on all platforms the software serves11.

盡管對Mac設備的許多攻擊只是令人討厭且沒有破壞性，但在Malwarebytes研究的前十名中，還有許多危險的攻擊。 我們越深入這個奇怪的隔離春天，就會發現圍繞Zoom平臺的更多攻擊。 由于它最近已成為如此重要的軟件，因此安全分析人員一直在對其進行詳細審查，并且發現該軟件所服務的所有平臺上的問題無窮無盡 。

The short answer is: nothing is 100% secure. As long as humans are programming computers and trying to break into them, there will always be backdoors. This is not to say that we cannot prevent bad things from happening. Software updates are often security patches, and therefore keeping everything updated is a relatively simple way to stay protected. Having a general understanding of the cybersecurity landscape never hurt anybody either. And most importantly, common sense is a consumer’s greatest weapon. Use it.

簡短的答案是：沒有什么是100％安全的。 只要人們對計算機編程并試圖闖入計算機，就會總有后門。 這并不是說我們不能阻止壞事的發生。 軟件更新通常是安全補丁，因此保持所有更新都是保持保護的相對簡單的方法。 全面了解網絡安全領域也不會傷害任何人。 最重要的是，常識是消費者的最大武器。 用它。

資料來源 (Sources)

“CVE-2019–13449.” MITRE, Jul. 7, 2019, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13449.

“ CVE-2019–13449。” MITRE ，2019年7月7日， https: //cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13449 。

Leitschuh, Jonathan. “Zoom Zero Day: 4+ Million Webcams & maybe an RCE? Just get them to visit your website!” Infosec Write-Ups, Medium, Jul. 8, 2019, https://medium.com/bugbountywriteup/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit-your-website-ac75c83f4ef5.

喬納森·萊特舒。 “零日變焦：400萬以上的網絡攝像頭，也許還有RCE？ 只要讓他們訪問您的網站！” Infosec Write-Ups， Medium ，2019年7月8日， https://medium.com/bugbountywriteup/zoom-zero-day-4-million-webcams-maybe-an-rce-just-get-them-to-visit -您的網站ac75c83f4ef5 。

“Desktop Operating System Market Share United States Of America.” Statcounter, https://gs.statcounter.com/os-market-share/desktop/united-states-of-america/#monthly-200901-202002.

“臺式機操作系統市場份額，美利堅合眾國。” Statcounter ， https: //gs.statcounter.com/os-market-share/desktop/united-states-of-america/#monthly-200901-202002 。

“The influence of student device choice on the modern workplace.” Jamf, May 23, 2019, https://resources.jamf.com/documents/books/the-influence-of-student-device-choice-on-the-modern-workplace-ebook.pdf.

“學生設備選擇對現代工作場所的影響。” Jamf ，2019年5月23日， https： //resources.jamf.com/documents/books/the-influence-of-student-device-choice-on-the-modern-workplace-ebook.pdf 。

Hoffman, Chris. “Why Windows Has More Viruses than Mac and Linux.” How-To-Geek, Sep. 21, 2016, https://www.howtogeek.com/141944/htg-explains-why-windows-has-the-most-viruses/.

霍夫曼，克里斯。 “為什么Windows具有比Mac和Linux更多的病毒。” How-To-Geek ，2016年9月21日， https：//www.howtogeek.com/141944/htg-explains-why-windows-has-the-most-viruses/ 。

“Get a Mac — Viruses.” Apple, Youtube, May 12, 2006, https://www.youtube.com/watch?v=sdF5IsyOxU4.

“獲取Mac-病毒。” Apple， Youtube ，2006年5月12日， https：//www.youtube.com/watch？v = sdF5IsyOxU4 。

Bertrand, Marianne, and Emir Kamenica. “Coming Apart? Cultural Distances in the United States Over Time.” National Bureau of Economic Research, Jun. 2018, https://www.nber.org/papers/w24771.pdf.

Bertrand，Marianne和Emir Kamenica。 “分開嗎？ 隨時間推移在美國的文化距離。” 國家經濟研究局， 2018年6月， https：//www.nber.org/papers/w24771.pdf 。

Shultz, Greg. “Windows Defender: Past, present, and future.” Tech Republic, Nov. 17, 2016, https://www.techrepublic.com/article/windows-defender-past-present-and-future/.

格雷格·舒爾茨。 “ Windows Defender：過去，現在和將來。” Tech Republic ，2016年11月17日， https：//www.techrepublic.com/article/windows-defender-past-present-and-future/ 。

“2020 State of Malware Report.” Malwarebytes Labs, Feb. 2020, https://resources.malwarebytes.com/files/2020/02/2020_State-of-Malware-Report.pdf.

《 2020年惡意軟件狀況報告》。 Malwarebytes Labs ，2020年2月， https： //resources.malwarebytes.com/files/2020/02/2020_State-of-Malware-Report.pdf 。

Thompson, Bill. “Mac users ‘too smug’ over security.” BBC News, Jan. 16, 2006, http://news.bbc.co.uk/2/hi/technology/4609968.stm.

湯普森，比爾。 “ Mac用戶對安全性太自鳴得意了。” BBC新聞 ，2006年1月16日， http：//news.bbc.co.uk/2/hi/technology/4609968.stm 。

Lovejoy, Ben. “Another day, another couple of Zoom vulnerabilities discovered …” 9to5Mac, Apr. 3, 2020, https://9to5mac.com/2020/04/03/zoom-vulnerabilities/.

本·洛夫喬伊。 “有一天，發現了另外兩個Zoom漏洞……” 9to5Mac ，2020年4月3日， https： //9to5mac.com/2020/04/03/zoom-vulnerabilities/ 。

翻譯自: https://medium.com/@mpope316/macs-are-more-secure-and-other-jokes-you-can-tell-yourself-b112ab21256c

mac 安全偏好

總結

以上是生活随笔為你收集整理的mac 安全偏好_Mac更安全，还可以讲其他笑话的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。