MAGICtricks
return

Macintosh Security

Secure your Mac from any and all 'Nasties'

The material on this page is based on a presentation by Robert Y Elphick at the June 2011 MAGIC meeting.

Contents

  1. Introduction
  2. Ways Computers Become Insecure
  3. Mac Protection Strategies.
  4. Anti-Virus Software
  5. Passwords

1. Introduction

 Top Arrow

The objective of computer security includes protection of information and property from:

  • Theft
  • Corruption
  • Natural disaster
while allowing the information and property to remain accessible and productive to its intended users.

Your Macintosh is more secure than some other computer systems because Apple have put a lot of effort into:

  • Secure operating systems
  • Security architecture
  • Security by design
  • Secure coding

2. Ways Computers become insecure

 Top Arrow

There are number of ways in which computers can be attacked for nefarious reasons. Some involve putting software onto your computer which you do not know about and other try to trick you to giving up valuable personal information. Here are the most common possibilities:

Vulnerability

  • Social Engineering
  • Eavesdropping
Exploits
  • Trojans
  • Viruses & Worms
  • Denial of Service
Payloads
  • Backdoors
  • Rootkits
  • Keyloggers

Macintoshes are well protected against most of these. The first and the third group have not happened and are unlikely to do so because of the structure of both unix and Mac OS-X. Windows users are not so lucky.

In the second group: There have been some Trojans, notable Mac Defender, that pretended to be an anti virus software but were actually malware. Os-X has been improved to keep these from getting onto Macs but they are possible in the future - however they can only get onto your Mac if you invite them in so you must look out for something trying to con you into downloading something bad. In the end this is usually a matter of common sense starting with "If it looks too good to be true - then it probably is."

Viruses & Worms - These have yet to be found on OS-X Macintoshes. However it is possible that someone could send you a Windows virus attached to a data file (for example a Word or Excel file) and when you forward it you might be infecting someone else's computer even though the virus will not hurt your Mac. If you are nervous about the possibility of viruses, there are several anti virus software packages that can be used (see below).

3. Mac Protection Strategies

 Top Arrow

Backup

Backup often! Use Time Machine and SuperDuper! software for local backups. Also consider an online backup strategy against the possibility of natural disasters for your non-sensitive data. Sensitive data should be recorded on an encrypted DVD and placed off-site.

More information on backing up can be found on this website here.

Mac Configuration

There are several things you can do to keep you Mac secure from outside threats. Many of these are already configured in your Mac by default but it is a good idea to keep an eye on them and make sure they are being used when appropriate.

System Preferences

Here are the ones you need to access from the System Preferences:

  1. Turn off Sharing when not being used or you are in strange locations. Here is an example of sharing being used at home but it is a bad idea to do this in a coffee shop or other public location.Sharing
  2. In System Preferences, go to the Users section and click on the Login Options and make sure that the Automatic Login is off. Automatic Login
  3. In System Preferences, go to the Security and Privacy section and click on the Firewall. Make sure the Firewall is turned on at all times.Firewall
  4. While you are there, click on the Advanced option and then make sure that the "Enable stealth mode" is checked. Stealth Mode
  5. Also, click on the FileVault option and consider turning on FileVault. This will encrypt all your data so that even someone did manage to break into your account the data would still be unreadable because it will be heavily encrypted. If you do this you MUST have a safe password and never forget it!FileVault

Online shopping

Whenever you make a transaction online you should check two things on the browser page:

  • The site has a URL the begins with https:// instead of the More common http://
  • There is a padlock on the screen (in the red box below) and that when you click on it it provides a certificate that is valid (this example is from the Apple store.)

certificate

Backup

Did I mention that you should backup often?

Additional advice on securing your Mac can be found on the Apple website starting at this page.

4. Anti-Virus Software

 Top Arrow

Below is a table of recognized anti virus software packages. Be careful about any that are not on this list (like Mac Defender) that may be malware. Although there are no OS-X viruses these packages can:

  • Remove Windows viruses before passing them on
  • Remove Spyware
  • Remove Phishing and Trojan malware
Sophos Antivirus
(Mac Home edition)		 This is a reputable package that has a free "Home" version available for Mac users
MacScan This is distributed by the "SecureMac" developers who run the SecureMac.com blog on Mac malware and other security threats
VirusBarrier Another long-standing Mac antivirus utility, VirusBarrier has tackled this threat from when it first came out
Kapersky Kapersky is a reputable program for Windows and Linux, and also has an option for OS X users. Some virtualization programs for OS X ship with trials of Kapersky antivirus
ClamXav This is a popular and free open-source antivirus scanner
iAntivirus this is a free Mac specific virus scanner for OS X users
Avast This is a commercial antivirus suite that has been developed for OS X, and is a reputable option for Windows as well
MacKeeper This is a maintenance and OS-X tweaking tool that has a ClamAV client
McAfee VirusScan McAfee's VirusScan developed from the original Virex for Mac, and has been developed since into a solid option for OS-X users

Wizards Note: I use and recommend ClamXav and Sophos Anti-Virus. They are both freeware.

5. Passwords

 Top Arrow

In the end the security of your account on your Mac and any other security that you use is only as good as the passwords that you use. If they are easy to guess than you might as well give your computer to the bad guys. Here are some suggestions for password generation.

  • Never use the same password two security purposes
  • Never use any real words
  • Always use at least eight characters
  • Use at least one upper case letter
  • Use at least one lower case letter
  • Use at least one number
  • Feel free to use non letters and numbers
There are software packages such as the freeware Ciphsafe that will remember all your passwords and can also generate ones that are safe and totally unguessable. They usually require a phrase (I suggest a long one that you can remember) to access them and they are encrypted.
return

Copyright:

 Made on a Mac

©Macintosh Appreciation Group of Island County (MAGIC) 20011
last updated: 5 September 2011