> But what about security? Are you sure you want to stay on an older version of Mac OS? — Thankfully I’m tech-savvy enough to know what I’m doing. The two Macs I use most are still on High Sierra and Mojave, and haven’t received security updates in quite a while. I haven’t had any security-related problem whatsoever. ...
Lots to unpack here. First, the author is stating a personal preference and won't be swayed. Fair enough.
But the idea that the author would know they "haven't had any security-related problems whatsoever" is debatable at best. The attack surface is enormous.
Even security experts admit they have trouble securing a consumer computer. And it doesn't sound like the author spends much time dealing with the topic in depth.
How often do ordinary people actually get owned by zero days like you're describing? The majority have got to be malicious links, opening dangerous attachments, etc. Or, back in the day, a misconfigured firewall; I'd still absolutely recommend a strict firewall on the router.
It is not a zero-day if it has been fixed in a newer OS version. I would say, the main risk here are known vulnerabilities, like, bug in a system library which does image rendering, font rendering etc.
Targeting known CVE for old (no longer updated) MacOS versions might actually be quite good targeted attack: probably a bunch of users of such computers are technical folks with access to production servers, cloud credentials etc.
Yeah, I won't say that I've enjoyed the restrictions that've come with the various security-associated measures added over the years, but I leave them turned on anyway because all it takes is one zero-day on some site you visit that manages to worm its way through your blocking extensions.
I've been using computers for 25+ years and have been technically capable for the better part of that, but that doesn't mean I'm any less vulnerable. I'm not going to be intentionally clicking on fishy links or anything but we all make mistakes, which makes it more a matter of when than if.
macOS is much more prevalent than it used to be, but the attack surface is hardly “enormous” considering the prominence of security vulnerabilities on Windows.
Would be more interesting to actually cite examples of high-risk exploits that have been discovered since High Sierra and Mojave.
Lots to unpack here. First, the author is stating a personal preference and won't be swayed. Fair enough.
But the idea that the author would know they "haven't had any security-related problems whatsoever" is debatable at best. The attack surface is enormous.
Even security experts admit they have trouble securing a consumer computer. And it doesn't sound like the author spends much time dealing with the topic in depth.