- Secure Your Mac OS X System Now!
- Keychain: Are You the Keymaster?
- More Security with More Account Options
- Know Your Services and Configure Them All Securely
As I sit here typing this on my MacBook Pro, I'm struck by how much my MacWorld has changed. Mac software is available, and more than just games or Microsoft products. Everyone loves Apple technology—including today's hacking community.
The hacking community seems more interested in system and application compromise. We Mac users are less likely to see worms and viruses that have taken down Windows systems. Many of those “chain-reaction” attacks will need higher Mac OS X numbers to work as effectively. Does this mean we Mac users can ignore security?
As never before, we need to secure our systems. As our iPads and MacBooks roam corporate hallways, thanks to “bring-your-own-browser” (BYOB) computing initiatives, our purchased gear is more likely to be attacked for any corporate information remnants (in memory, in cache, etc.).
Research CanSecWest, a regional security conference. One contest, Pwn2Own, showed in 2008 that among the three major consumer operating systems, Mac OS X fell down fastest, with Windows Vista creating a formidable defense. At this year's contest, Safari and Internet Explorer browsers led to their operating system's downfall quickly. We need to improve our security now!
These days, we have so much more information, starting with Apple's improved focus on giving us better security information. Review Apple Support and begin reading. These articles help with basics. Now let's dig into Mac OS X security specifics.
Passwords: Use Good Ones and Secure Them
I'm amazed we still use passwords. Today's hacking software can break through passwords too quickly. Today's pre-built password dictionaries routinely include the skript kiddie $pe77!ngs that once kept password crackers at b@y. For more information on password weaknesses, read my Informit article. Let this article help you select difficult-to-guess passwords. Even with this security measure, passwords can be easy to break. What then?
Use a Basic User Account for Browsing
Let's start security with the basics: Does your daily-use account have Admin authority? You must expect trick URLs, trick email attachments, and trick files thrown at your computing session. If you let your guard down—just once—those tricks run on your computer with privilege. Plant a backdoor? Sure. Maybe your telnet daemon returns to life. Maybe a hacker's public key is placed into your SSH's authorization files.
Improve system security by being less than all you can be: Use a non-admin account for daily work.