The misinformation and rhetoric surrounding the recent discovery of the Flashback trojan for Macs is vehement, and says more about the historically stable state of Mac security, and the irrational way many think about it than it reveals about its weaknesses. Even long-time industry observers, who should know better, are jumping into the fray to say: See! I told you so! The Mac is vulnerable! Well…duh…that's not exactly news, folks.
Of course the Mac is vulnerable. EVERY internet connected device is vulnerable. What matters is probability, frequency and potential impact. So the correct question then, is whether or not your prevention, detection and recovery mechanisms are effective. For example, I'm not convinced that traditional anti-virus approaches are right for the Mac. The track record of these tools in the Windows world is abysmal in my view. They're among the most intrusive technologies to the user - hogging system resources and making even basic tasks impossible as they inspect every file, every day, often several times a day. And…they're reactive. Think: death by a thousand papercuts over a period of years, only to be interrupted by a rare strain of encephalitis, followed by a partial lobotomy and organ transplant to get the patient breathing again, and you're in the ballpark. Application whitelisting will hopefully come to be seen as a better approach.
There are more than 100 new features in Apple’s next version of its Mac operating system, dubbed “Mountain Lion” or Mac OSX. The ones that interest me most are those that advance the notion of post-PC productivity: experiences that help people be productive using multiple modes and devices. In particular, product strategists should pay attention to Apple’s:
iCloud integration of Docs and Notes. Mountain Lion users will be able to sync notes created in Apple’s Notes app, and documents created in its iWork apps, across Mac, iPad, and iPhone. Think of it as Amazon’s Whispersync for productivity. The catch is, though, that the synching is only within the same “app”—so if you create a document in Pages on your Mac, for example, you can sync it through iCloud to a Pages app on your iPad, but iCloud synching wouldn’t be compatible from Pages to another document editing app like Quickoffice. Third-party developers could use the Documents in the Cloud feature, but it would be sandboxed only within their app. This is an interesting twist for the many product strategists developing cloud-synched productivity apps. Evernote, for example, would have less value to users of ONLY Apple devices, since iCloud Notes synching is built into the OS. Evernote’s value proposition, and Quickoffice’s, will now revolve more around the multi-platform use case — users that need access to their stuff across iOS/Mac, Windows, and/or Android. Luckily, this is still a big market: Forrester’s data as of Q4 2011 show that 58% of Mac owners also own at least one PC, and 60% of iPad owners own another type of phone besides iPhone.