Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Very Important Question: How To Keep High Sierra Secure???

M

mdgm

macrumors 68000
Nov 2, 2010
1,665
406
I haven't read all the thread, but if you want to run Windows 10 on the 2011 Mac Mini if you have one with only the integrated graphics HD3000, I think that's not supported by Windows 10, so you'd need to find a way to use an eGPU to run Windows 10. The AMD Graphics in the Mini with the discrete GPU is supported by Windows 10 but that AMD GPU is known to have higher than normal failure rates.

I've just started booting my 2011 Mac Mini off a TB3 NVMe SSD and it's faster than an internal SATA III hdd would be. I intend to keep using this Mini for some time to come though I am hoping to find a bargain on a quad-core 2012 mini though that seems unlikely.
 
K

Kent W

macrumors member
Jan 6, 2019
61
32
Kullavik, Halland, Sweden, EU
High Sierra, just like previous MacOS versions slips behind for each MacOS security update that gets released by Apple for newer MacOS versions over time.

If you are stuck on High Sierra, evaluate your options. If you start to treat it as more of a hobby system, rather than your day-to-day driver I assume you may be fine avoiding any sensitive data handling or financial stuff, etc.

If there are no MacOS options available (no unofficial patching up to Catalina possible (or wanted) which actually have a non-metal graphics fall back solution that makes patching of older machines possible), then keep HS on one partition and install a supported system on the other partition like Linux or Windows 10 (yes maybe some tweeking, but it works).

Writing this from my own iMac 27 2011 on High Sierra that is not even supported for unofficial upgrade to Catalina due to the AMD GPU. Anyhow I keep HS and run Target Display Mode with it connecting it to a bit more modern Big Sur MBA as well as installed Windows 10 on an external Thunderbolt drive.
 
B

BeautifulWoman_1984

Contributor
Original poster
Sep 5, 2016
517
69
I'm now considering just running MacOS High Sierra on my Mac Mini mid2011.

It's been a while since I made this thread... Is there anything else I can do to keep my Mac Mini mid2011 running High Sierra 100% secure?
 
Juicy Box

Juicy Box

macrumors 604
Sep 23, 2014
7,527
8,862
BeautifulWoman_1984 said:
Is there anything else I can do to keep my Mac Mini mid2011 running High Sierra 100% secure?
Click to expand...

There really isn't anything that can make any Mac 100% secure.


If security is such an important issue to you, I would consider upgrading to something more modern.

Otherwise, just using a web browser that is still being supported on your machine would greatly improve the security of your old machine.

Firefox is still getting updates for High Sierra, and probably will continue to get security updates for a few years.
 
  • Like
Reactions: BeautifulWoman_1984 and BugeyeSTI
mattspace

mattspace

macrumors 68040
Jun 5, 2013
3,161
2,865
Australia
Does anyone have a source stating whether the recent Webkit vulnerability that was patched on Safari 14 was a Safari 14-specific issue, or is it a problem for Safari 13 as well?

While I'd rather not "upgrade" to Mojave, switching to Firefox on the Mac, means having to switch on iPad and iPhone as well, and then get a Firefox account for sync etc, and I REALLY don't want to have to deal with that (nor frankly do I want to deal with Firefox's neediness of constant connections to mozilla.org).
 
mortlocli

mortlocli

macrumors 6502a
Feb 23, 2020
686
635
..just a suggestion as an alternative to FireFox. Ive been running Brave as my web browser on an Imac 10,1 with High sierra being its last (offical) OS. Might be worth a look..depending on your needs.
 
Bodhitree

Bodhitree

macrumors 68000
Apr 5, 2021
1,935
2,037
Netherlands
I’ve been wondering about that as well, I have a 2011 MacBook Air and a 2011 iMac 21.5” that both run HS as the most up-to-date OS. Time to install a browser which still gets security support sometime soon I think, as both these machines sometimes work with sensitive sites.
 
mattspace

mattspace

macrumors 68040
Jun 5, 2013
3,161
2,865
Australia
Bodhitree said:
I’ve been wondering about that as well, I have a 2011 MacBook Air and a 2011 iMac 21.5” that both run HS as the most up-to-date OS. Time to install a browser which still gets security support sometime soon I think, as both these machines sometimes work with sensitive sites.
Click to expand...
The real pill of a thing is if you have an iOS 12 limited iOS device, you're still getting security updates, but if you switch bowser on your HS mac, you lose reading list / bookmark / history browser sync.
 
B

BeautifulWoman_1984

Contributor
Original poster
Sep 5, 2016
517
69
mattspace said:
Does anyone have a source stating whether the recent Webkit vulnerability that was patched on Safari 14 was a Safari 14-specific issue, or is it a problem for Safari 13 as well?

While I'd rather not "upgrade" to Mojave, switching to Firefox on the Mac, means having to switch on iPad and iPhone as well, and then get a Firefox account for sync etc, and I REALLY don't want to have to deal with that (nor frankly do I want to deal with Firefox's neediness of constant connections to mozilla.org).
Click to expand...
Thank you for your reply Mattspace!

I'm hoping someone has answers for this and other ways to keep High Sierra secure as I don't want to use the "unofficial non-Apple way" of upgrading my Mac Mini mid2011 to Mojave.
 
T

TiggrToo

macrumors 601
Aug 24, 2017
4,205
8,838
BeautifulWoman_1984 said:
Thank you for your reply Mattspace!

I'm hoping someone has answers for this and other ways to keep High Sierra secure as I don't want to use the "unofficial non-Apple way" of upgrading my Mac Mini mid2011 to Mojave.
Click to expand...

You can't. It's inherently insecure and will only get worse.

One of the biggest reasons is that your Mac uses TLS to communicate via encryption. Every so often a fix is required to shore up weaknesses in the various versions, e.g. In 2017 Apple updated High Sierra with a fix to enable TLS 1.1 and 1.2 due to weaknesses in 1.0.

1.1 is already deprecated and 1.3 is currently being pushed out.

You will get exactly zero fixes now for any problems found there.

You Mac has built in protections to prevent third parties from gaining access. Weaknesses are found in various libraries all the time. Without patching the OS becomes more vulnerable.

The longer you stay on High Sierra, the less secure your machine is.
 
  • Like
Reactions: Runs For Fun
mortlocli

mortlocli

macrumors 6502a
Feb 23, 2020
686
635
TiggrToo said:
You can't. It's inherently insecure and will only get worse.

One of the biggest reasons is that your Mac uses TLS to communicate via encryption. Every so often a fix is required to shore up weaknesses in the various versions, e.g. In 2017 Apple updated High Sierra with a fix to enable TLS 1.1 and 1.2 due to weaknesses in 1.0.

1.1 is already deprecated and 1.3 is currently being pushed out.

You will get exactly zero fixes now for any problems found there.

You Mac has built in protections to prevent third parties from gaining access. Weaknesses are found in various libraries all the time. Without patching the OS becomes more vulnerable.

The longer you stay on High Sierra, the less secure your machine is.
Click to expand...
high sierra is the end of the line for my iMac...unless I go for an unsupported upgrade. (Which is a possibility..seeing Ive got one running ok on an iMac 5,1 running Mavericks.) Or using a live linux to go online with.
I need a Mac osx running to run eyetv.

After reading this I thought I better check out my virus program..Avira..still running ok with a trial version.
But on checking a comparison site found it doesn't do wifi checking.

Top Antivirus Software For Multiple Devices | Top8antivirus

Find the Best Antivirus Protection For Your Devices. Compare Top Leading Brands based on Price, Threat Protection, Firewall and more. Get the Best Deal Now!
tinyurl.com tinyurl.com

Anyway..you may find something here to help..or check out options at filehorse:
mac.filehorse.com

FileHorse.com / Free Software Download for Mac

Fast and simple way to download free software for Mac OS X. Latest versions of hand-picked programs sorted into categories.
mac.filehorse.com mac.filehorse.com
 
mortlocli

mortlocli

macrumors 6502a
Feb 23, 2020
686
635
oops - made a mistake..its actually a freeware version of Avira march 30th 2021, that Im using - not the trial version.
 
MBAir2010

MBAir2010

macrumors 603
May 30, 2018
6,433
5,920
there
no one is getting a virus just by using High Sierra,
the late 2010 macbook air running mountain lion wont get a virus today,
or is vulnerable to being hacked.
the web browsers might let a bad web page through the ad blocker,
but still that browser will alert those if something is wrong or harmful for your computer.
you still need to be careful and use that firewall on the system presences.
 
T

TiggrToo

macrumors 601
Aug 24, 2017
4,205
8,838
MtLoin2020 said:
no one is getting a virus just by using High Sierra,
the late 2010 macbook air running mountain lion wont get a virus today,
or is vulnerable to being hacked.
the web browsers might let a bad web page through the ad blocker,
but still that browser will alert those if something is wrong or harmful for your computer.
you still need to be careful and use that firewall on the system presences.
Click to expand...

Please don't give bad advice. An unpatched computer is an at risk computer.

Millions of IoT devices are at also risk because they remain unpatched.

Just this month researchers discovered a huge issue with many TCP stack implementations (Name:Wreck)

This goes well beyond malware - AV can't protect against such low level risks.

Fortunately the Mac wasn't affected by this one, but the next one...?
 
  • Love
Reactions: Runs For Fun
MBAir2010

MBAir2010

macrumors 603
May 30, 2018
6,433
5,920
there
TiggrToo said:
Please don't give bad advice. An unpatched computer is an at risk computer.
Click to expand...
this is more experience than advice.
people should not give up on their MacBook's version of OSX because the support is fading,
there are many users here who use older versions and ppc pre-intel processors with no problems or fear and post their experience and advice as well on those threads here.
 
  • Angry
Reactions: Runs For Fun
T

TiggrToo

macrumors 601
Aug 24, 2017
4,205
8,838
MtLoin2020 said:
this is more experience than advice.
people should not give up on their MacBook's version of OSX because the support is fading,
there are many users here who use older versions and ppc pre-intel processors with no problems or fear and post their experience and advice as well on those threads here.
Click to expand...

You miss the point: the OP is specifically asking the security question.

I've zero objection myself to older operating systems, but my response was in context to her question.
 
MarkC426

MarkC426

macrumors 68040
May 14, 2008
3,557
1,992
UK
2 words, Safe Browsing..... ;)
Be sensible which sites you visit, and you should be pretty safe.

A lot of people are too much of a sucker for anything that is free, and will click stuff.
 
Rodan52

Rodan52

macrumors 6502
Sep 21, 2013
431
146
Melbourne, Australia and Bali, Indonesia
Use a good no tracking, ad blocking browser like Vivaldi or Brave, run a full time VPN like Express and practice "safe" browsing habits. We pretty much have to do this with current macOS now anyway. Add to that a good anti malware app like DetectX Swift and you have covered all the bases.
 
  • Like
Reactions: mortlocli
mortlocli

mortlocli

macrumors 6502a
Feb 23, 2020
686
635
I only started using Brave just recently...been finding it surprisingly good...and puzzled as to why its not mentioned more than it is.
 
Rodan52

Rodan52

macrumors 6502
Sep 21, 2013
431
146
Melbourne, Australia and Bali, Indonesia
It's been around for a while but it is getting mentioned more and more lately. If you couple it with the DuckDuck Go search engine it's pretty good. Do have a browse through its privacy settings you can pretty much eliminate tracking. As for its BAT responsible advertisement option you can take it or leave it.
 
mortlocli

mortlocli

macrumors 6502a
Feb 23, 2020
686
635
Rodan52 said:
It's been around for a while but it is getting mentioned more and more lately. If you couple it with the DuckDuck Go search engine it's pretty good. Do have a browse through its privacy settings you can pretty much eliminate tracking. As for its BAT responsible advertisement option you can take it or leave it.
Click to expand...
ta Rodan..Ive gone thru the prefs and sorted it - prefer duckduckgo,,and left out the BAT.. makes for a leaner browsing experience.

Must take a look at Vivaldi too.
 
davidlv

davidlv

macrumors 68020
Apr 5, 2009
2,291
874
Kyoto, Japan
B

BeautifulWoman_1984

Contributor
Original poster
Sep 5, 2016
517
69
TiggrToo said:
You can't. It's inherently insecure and will only get worse.

One of the biggest reasons is that your Mac uses TLS to communicate via encryption. Every so often a fix is required to shore up weaknesses in the various versions, e.g. In 2017 Apple updated High Sierra with a fix to enable TLS 1.1 and 1.2 due to weaknesses in 1.0.

1.1 is already deprecated and 1.3 is currently being pushed out.

You will get exactly zero fixes now for any problems found there.

You Mac has built in protections to prevent third parties from gaining access. Weaknesses are found in various libraries all the time. Without patching the OS becomes more vulnerable.

The longer you stay on High Sierra, the less secure your machine is.
Click to expand...
Wow, TiggrToo, thank you for your reply!

I was just wanting to use this Mac Mini mid2011 running High Sierra as a "backup computer", but from all the posts I've read from you it seems like I'd be safer installing Windows 10 or a Nix based operating system?
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom