ManFromGlass wrote:So Desmond - from what you know, is it really a major job to try and keep ahead of OS hackers? Every update mentions security upgrades. Is the Mac OS constantly under attack?
Well, let's say you're a bank, and you have something valuable to protect. It doesn't take constant robbery attempts to make you decide to put a big lock on the bank vault door - it's just a prudent security precaution. And it also deters potential robbery attempts, as a bonus.
Apple have a focus on locking things down, to try to prevent bad stuff from happening that damages their platform, and their users (and their business interests too, of course!). iOS works well for them, because they can to a large extent control the code running on the platform, and what it can do.
The Mac, coming from a historical standpoint, can more or less run anything, and so the potential for damage is higher. They have bit by bit been implementing things to restrict the potential damage malicious code can do, and there are reasons for all the stuff they are doing.
For instance - SIP means nothing can tamper with essential system files. Gatekeeper prevents untrusted code from running, unless the user explicitly permits it. Notarisation let's Apple kill an app that's been reported as malicious... and so on...
The Mac has traditionally had far less attacks than the Windows platform, but *anything* online is potentially attacked, whether by a large fishing expedition, or targeted attacks on figures of note, like politicians, celebrities, journalists etc.
Apple want their users to be as safe as they can be on their platforms, and have implemented these things as precautions, and for good security practice. Basically, they think these things are good ideas for the good of everbody.
As so far, informed users can bypass, turn off, or get around these things if they choose too - for instance, I turn some of these things off, for good reason - but I know *why* I'm doing it, and I'm (mostly) responsible for what I run, and am aware of the security vulnerabilities I'm opening up...
As for minor security updates - that's just responsibly fixing problems as they turn up. Everyone does that.
So I'd say, don't see these things as a sign that the Mac is always being compromised, more as a sign that Apple are responsibly trying to keep the platform from being pwned as much as they can.