Is my MBP safe to use?

[M.PaulCezanne]

Mid-2009 upgraded with SSD and 8GB RAM. Running El Capitan.

I’m hoping someone who knows for certain will tell me whether this machine can be used for secure Internet transactions, iCloud connections (mail), file transfer and such without fear of invasion, attack or theft by malicious jerks.

Thanks!

 

[Howard2k]

...If you have to ask.

No computer will be totally safe. In fact, one of the biggest security flaws is you. Perhaps not you specifically, but people. Social engineering is the term.

The most honest answer then, is no. It's not as safe as a device running up to date hardware and software. It's not like the next time you use Internet banking you're going to find your account swiftly empty, but you are right to be concerned.

If have an iPhone running iOS 11 or 12, I would consider doing anything sensitive (such as Internet banking) on that.

 

[M.PaulCezanne]

Yeah, I have an iPhone 6 I'm upgrading this year, but I just wanted to know if anyone knows of any particular reason this setup is too old for basic security. The machine works perfectly well (even fast). El Capitan is still supported.

I'm obviously aware of the potential risk. Just looking for more detailed info from someone with higher level Mac OS and Mac hardware knowledge. Thanks.

 

[Howard2k]

Yeah, I have an iPhone 6 I'm upgrading this year, but I just wanted to know if anyone knows of any particular reason this setup is too old for basic security. The machine works perfectly well (even fast). El Capitan is still supported.

I'm obviously aware of the potential risk. Just looking for more detailed info from someone with higher level Mac OS and Mac hardware knowledge. Thanks.

You're protected against Spectre and Meltdown, but I don't know if those flaws were leveraged with much success. Nobody is going to be able to give you a definitive answer though, and if they do, don't believe them. Even if someone tells you you're safe against every known vulnerability today (you're not), who knows what will be exposed tomorrow.

So I don't know of any alarming "hell no, keep it off the Internet" issues, but if you're stuck on El Cap for a while I would be extra cautious with AV and Malware protection, and I would also ensure that my user account is not an administrator (which is good practice anyway). Good computing sense is still your best protection. Don't click unknown links, use a guest account for surfing dodgy sites etc.

 

[simonsi]

The number of malicious jerks actively looking to exploit old hardware/software specifically is vanishingly small as the potential payback is small. They prefer exploits in recent systems (as that is where most sensitive information is kept), but overwhelmingly it is easier to exploit the careless/ignorant/easily tricked user into handing over their credentials, then the most secure system in the world is weak - hence you should use 2-factor authorisation wherever possible.

No need to attack your banking system if they just get your username and password...much easier to walk in the front door with that.

 

[M.PaulCezanne]

Do you guys think connecting to iCloud with such a setup is a security risk?

 

[Howard2k]

Do you guys think connecting to iCloud with such a setup is a security risk?

Yes, there is always a security risk.

Is it an acceptable risk? That depends what you're storing. Family photos? I'd consider that low risk. Nuclear launch codes? High risk. You're probably somewhere on the spectrum between those points, so your risk is between low and high. Sorry, but it's just not totally black and white.

I wouldn't be paranoid, but I wouldn't store unencrypted sensitive information in iCloud. A spreadsheet showing my spending for the month, sure. A copy of my passport, no, probably not. Maybe temporarily while traveling.