So installing a real antitmalware program like Norton AntiVirus for the Mac would eliminate the risk, right?
Unfortunately not. Antimalware scanning programs can't stop a large percentage of malware, simply because they can't keep up with the volume of new exploits. There are thousands of new scare programs created every day, and before they are released, most get scanned by dozens of popular antivirus scanner engines to prove they don't generate an alert. By the time an antivirus vendor includes a new scareware program in its antimalware definitions, it's often too late.
That said, it's probably time to consider antimalware for the Mac. Keep your antimalware definition files up to date, make sure your operating system has the latest patches, and don't download or install any program unless you know where it came from. Common sense measures cut your risk by a magnitude.
Is Apple's sudo approach better or worse than Microsoft's UAC (User Account Control)?
Mac and Windows fans have long argued over whether Apple's sudo approach is better than Windows UAC. Most malware requires elevated privileges and permissions to infect and exploit a system. With both sudo and UAC, the operating system vendors disable the super user account by default and force users to do something extra to gain elevated access to the operating system.
I like sudo because it's been around for decades; it's very simple and hasn't changed much over time. With sudo, there is very little configuration, and when you need it, you're pretty sure how it's going to work and what it's going to do.
UAC actually has a lot more functionality and is far more predictive (in most cases) about when it will be needed. My problem with UAC is its complexity. Because it is more intelligent than sudo, there's more for end-users to learn. For example, UAC doesn't just apply to members of the Administrators group, but also to members of 17 other elevated groups: Power Users, Enterprise Admins, Scheme Admins, Network Configuration Operators, Print Operators, and so on. Microsoft provides literally dozens of ways to customize UAC, when it appears, and when it applies. As a result, few users truly understand UAC.
Both sudo and UAC do their jobs well. But in the long-term security scheme of things, neither will significantly decrease malicious hacking when end-users can simply be tricked into running whatever Trojan executable they are presented.
Is Apple going to leave its users twisting in the wind?
Apple will change its support policies in the future and respond better. It has to. When Apple had only a few points of global marketshare, it didn't need to worry about malware or strategize about malware response. Now that the company has grown up, it will need new ways of handling customer issues in order to succeed.
This story, "7 questions about the Mac malware scare," was originally published at InfoWorld.com. Follow the latest developments in software development at InfoWorld.com. For the latest developments in business technology news, follow InfoWorld.com on Twitter.