Dumb Question Corner – Can Older Hardware Stay Secure?

This week’s Dumb Question comes from Steve Ladhams and it’s a fantastic question. He wrote:

Dear Allison

Love the show. You bring tech knowledge to the masses. Well done.

I have a question about MacOS security as my first Mac, an early 2009 24″ iMac and my son’s Mac Mini from 2009 (second hand from eBay last year) will not be supported on Sierra. Both machines work ok, the iMac is very quick given its age, so I have no wish to replace either of them but am concerned that I will fall behind on security updates if I cannot get onto 10.12.

Can you let me and your other listeners know if my older macs will become vulnerable from October or if ? still issues security updates for older OSs and based on current update available how far back this might stretch.

Thanks for your time. Yours sincerely, Steve Ladhams

I love this question because it shows that Steve has been carefully listening to Bart and me when we say that the #1 thing you can do to keep yourself secure is to make sure your software and operating systems are patched. That’s why Bart’s tagline for Security Bits is “Stay patched, and stay secure.”

The good news is that you don’t necessarily have to be on the latest operating system in order to get security updates. Apple has been fantastic at supporting the latest OS on older hardware but as Steve says, many models that can run El Capitan will not be able to run macOS Sierra.

We can’t say for certain what Apple will do in the future, but traditionally they have kept operating systems up to date two versions back. For example, the latest security update to OS X (or do I already call it macOS?) is update 2016-001 and according to Apple Knowledge Base Article HT201222, this security update was released for El Capitan, Yosemite and Mavericks.

If they keep to the pattern, that would mean that when macOS Sierra comes out they would continue to patch not just El Capitan but also Yosemite.

Bottom line for Steve and everyone is that you definitely do not have to replace your hardware yet, and if it’s running well, just make sure you allow the operating system to continue to run the updates as they come in. There will come a time when your hardware can’t be updated but that time is definitely not now. You’ve probably got another few good years on those machines.

It’s one of the things I think most people don’t take into account when buying a computer – that while Macs cost more on the front end, they are useful far longer than a cheap PC and have higher resale value.

If you’ve got hardware that technically can run a supported OS like El Capitan but it’s running super slow, you might be able to repurpose that hardware by making it into a Chromebook. I did that about a month ago with a 2008 Macook and it went from super slow to snappy with the Chrome OS. I have to admit that I haven’t tried a nuke and pave on that little Mac, so that might have sped it up too. If you’re interested, I put a link in the shownotes to a blog post I did about using CloudReady to build a Chrome OS installer for the Mac.

Now that I think about it, I did the nuke part of a nuke and pave on that MacBook so I could go back and install El Capitan on it later to see if that sped it up. It usually does!

Thanks Steve for an awesome “dumb question” that I bet will help a lot of other people understand what we mean by “stay patched and stay secure.”