You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: Arnf1
Arnf1 Author
User level: Level 1
4 points

MAC security

Hello, I am upgrading from an IMAC Mid 2011 running High Sierra 10.13.6 to a new MACbook PRO. I have read that the new MAC OS has built in security and I don't need antivirus. What is recommendations for anti-phishing, anti-tracking, malware and secure web browsing/use (in particular relative to financial web use - banks buying things etc.) Is it recommended to install an anti-phishing/tracking/malware package? What about using a firewall, VPN and password vault ? if yes, are there any software recommendations for these features?


Should I install security features on the IMAC prior to migrating data to new MACBook Pro?


Thanks

MacBook Pro (2020 and later)

Posted on Nov 1, 2021 5:58 AM

Reply
Question marked as Top-ranking reply
User profile for user: Barney-15E
Barney-15E
User level: Level 10
116,722 points

Posted on Nov 1, 2021 6:43 AM

If you are doing any sensitive activity on the Web, you should always use a Private Browsing window.

The keychain (password vault) is built into the OS. You can share it among devices using iCloud Keychain in the AppleID system preferences.


A firewall isn't a security tool. It is a network management tool. Yes, the hardware that protects a company from external threats is called a firewall, but it is nothing like a software firewall. You likely have a Network Address Translation (NAT) router between you and the Internet. That is effectively a hardware firewall.


Similarly, a VPN allows a company to allow employees access to the internal network from outside the network. The Private in Virtual Private Network doesn't mean "privacy."

If you are using a VPN for privacy, all you are doing is routing all of your activity through one server which can aggregate you into one single, magnificent bundle to sell you off to the highest bidder. That bundle is worth a lot more than the individual pieces collected by a single website.


In Safari 15, Apple has introduced IP Private relay which obfuscates your IP address so that you cannot be identified (tracked) while surfing the web. The IP it reports may not even be within your region. This does cause problems with Streaming Cable services which expects you to be on their network or with services that do not want you going through a relay. You can disable it when you need to do those things.

Effective defenses against malware and ot… - Apple Community


View in context

Similar questions

6 replies
Question marked as Top-ranking reply
User profile for user: Barney-15E
Barney-15E
User level: Level 10
116,722 points

Nov 1, 2021 6:43 AM in response to Arnf1

If you are doing any sensitive activity on the Web, you should always use a Private Browsing window.

The keychain (password vault) is built into the OS. You can share it among devices using iCloud Keychain in the AppleID system preferences.


A firewall isn't a security tool. It is a network management tool. Yes, the hardware that protects a company from external threats is called a firewall, but it is nothing like a software firewall. You likely have a Network Address Translation (NAT) router between you and the Internet. That is effectively a hardware firewall.


Similarly, a VPN allows a company to allow employees access to the internal network from outside the network. The Private in Virtual Private Network doesn't mean "privacy."

If you are using a VPN for privacy, all you are doing is routing all of your activity through one server which can aggregate you into one single, magnificent bundle to sell you off to the highest bidder. That bundle is worth a lot more than the individual pieces collected by a single website.


In Safari 15, Apple has introduced IP Private relay which obfuscates your IP address so that you cannot be identified (tracked) while surfing the web. The IP it reports may not even be within your region. This does cause problems with Streaming Cable services which expects you to be on their network or with services that do not want you going through a relay. You can disable it when you need to do those things.

Effective defenses against malware and ot… - Apple Community


Reply
User profile for user: Barney-15E
Barney-15E
User level: Level 10
116,722 points

Nov 1, 2021 6:53 AM in response to Arnf1

Why would it matter if it was a public server or not?

You should not be doing anything sensitive on a public server. It doesn't matter what intervening technology you use, the result is the same. The threat isn't from the public server. The threat is someone intercepting your connection to the public server, well before you connect to the VPN.


Remember, everything you hear from those companies involves scaring you into buying their product. They talk up all of these threats like you are going to get attacked incessantly. The risk of all of those threats is extremely low. The threat that is very high risk is believing the horse hockey these companies peddle.

Reply

MAC security

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up