The operating system of Apple PCs, macOS, is considered very secure and completely protected against all types of viruses and malware. So much so that MacBook users are commonly recommended to avoid installing a third-party antivirus on their computer, as they do not need it, and it could even cause a reduction in the speed of the computer.
But how does macOS ensure that viruses don’t enter your computer? And, specifically, how do you protect the personal data of your users? Even more so considering that, currently, Macs even encourage us to store our banking information inside, since with it we can pay for other Apple services, such as subscriptions to Fitness or Apple TV+, for example.
On this occasion, we are going to review some of the most important components regarding security in your operating system, as listed by Apple expert Chip Loder. We are not going to detail on a technical level absolutely all the programs or pieces of code that contribute to shielding the computer against intruders, but we are going to, at least, put on the table what are the services that Apple has designed and integrated into its PCs. so that no one can compromise your system.
Before discussing them briefly, let’s mention the names of all these processes that work together on Mac to protect data and prevent access to sensitive information or essential system code:
- Gatekeeper.
- Developer ID.
- Code Signing Services and software notarization.
- System Integrity Protection or SIP.
- Firevault.
- Escalation of privileges.
- Helper Tool.
- Security daemons.
- Other services: Authorization Services framework, Cryptographic Services, Code Signing Service, Keychain Services.
An anti-malware fortress
Daemons are background processes with which macOS carries out checks to prevent unauthorized access to the device’s core. For their part, helper tools allow users with elevated privileges to only alter small parts of code at a time, instead of giving them access to all the options that have to do with the internal functioning of the system.
Added to this is that the root user, that is, the user with elevated privileges, is disabled by default in macOS. To use it, we will have to provide a password, which will give us access, as we say, to a very specific space of maneuver to run a program not certified by Apple or similar, but not much further, and with a time limit.
All this security is sometimes annoying for Mac users, since every time they want to use an app that is not certified by Apple, they will have to manually go into Settings to grant permissions. But this provides an appreciable level of security.
Mac users can adjust this measure in System Settings > Privacy and Security > Allow Apps from, being able to choose between only the App Store or “App Store and Known Developers”, these being those who are identified as Apple developers.
As for System Integrity Protection, we can check if we have it activated (it is activated by default) by entering the Terminal and writing the command [csrutil status]. We press enter and we should see “enabled”.
We also have FireVault, a system that automatically keeps all the files on our hard drive encrypted, so that even if they fall into the hands of a hacker, they cannot be read. Another novelty is the introduction of isolation modewhich, like the iPhone, allows you to block various functions of the computer to make it impenetrable.
