New To Mac-Forums?

Welcome to our community! Join the discussion today by registering your FREE account. If you have any problems with the registration process, please contact us!

Get your questions answered by community gurus • Advice and insight from world-class Apple enthusiasts • Exclusive access to members-only contests, giveaways and deals

Join today!

 
Start a Discussion
 

Mac-Forums Brief

Subscribe to Mac-Forums Brief to receive special offers from Mac-Forums partners and sponsors

Join the conversation RSS
Security Awareness Discussion of all things related to the security of Apple devices.

General Security Tips for your Mac


Post Reply New Thread Subscribe

 
Thread Tools
vansmith

 
vansmith's Avatar
 
Member Since: Oct 19, 2008
Location: Toronto
Posts: 17,815
vansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond repute
Mac Specs: 2012 13" MBP (2.5 i5, 8GB)

vansmith is offline
Contrary to popular myth, OS X is not impenetrable nor is it without fault. For this reason, you are encouraged to remain vigilant and exercise caution when using your machine (without being paranoid of course). At the end of the day, your Mac is just a personal computer and like every other device on the planet, it requires you to interact with and keep it clean. With that, here are some tips to help keep your machine safe and clean, ensuring smooth and enjoyable operation.

Before we dive into some tips for some best security practices, let’s look at what OS X provides you with already.

GateKeeper
Built into OS X, GateKeeper, enabled by default, will limit what software can be installed on your machine. In its default configuration state, GateKeeper will only let you install software from the Mac App Store and software that has been signed by developers who have registered with Apple (developers who have validated their applications with Apple). Although easily bypassed by users, this mechanism can help to ensure that software on your machine has undergone some semblance of quality control by trusted peoples. Although this is not a bulletproof method of ensuring “clean” code (Researchers outwit Apple, plant malware in the App Store - Computerworld), it works fairly well at mitigating the propagation and installation of malicious software.

Who should use it?
If you only install software from the Mac App Store, you might as well keep it enabled since it won’t affect software installation. If you install third party applications, you may also want to consider keeping it enabled since, if you can trust the developer of your third party app, it can be easily and temporarily bypassed.

Who shouldn’t use it?
People who have deep knowledge of OS X and/or install a lot of obscure software packages (ones that 90% of Mac users won’t install) will probably find that it might be a nuisance. Simply put, those who shouldn’t use it know who they are and can likely do so without concern because they know what to look for. If you don’t know whether or not you fall into this group, you probably don’t and should keep it enabled.

More info here.

XProtect
Built into OS X as well is XProtect. This piece of software checks applications against a database of known malware. The files for this can be found in /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources. Don’t modify or tinker with these files – this is just here for reference.

XProtect is non-interactive meaning that you are not meant to do anything with it since it does not expect user input. It runs silently in the background, only updating whenever Apple needs to do so.

Who should use it?
Everyone and you don’t really have a choice so embrace it.


While some of the aforementioned services and practices can protect you and the software that you run, they are hardly sufficient in and of themselves. Many of the techniques that malware (and eventually viruses) will use exploit user mistakes and misinformation. Here are some tips to keep in mind while using your Mac (all computers).

Random and Strong Passwords
Passwords are the key to your machine – everything important requires one for one very simple reason: that which is password protected needs to be secure. Remembering this and crafting good passwords as a response to this very basic fact is an important step in securing your machine.

Creating a password with unconventional combinations of all types of characters (letters, numbers and symbols) is the best type of password to create. Unfortunately, these can be unruly and hard to remember (if at all). However, here are some tips for creating passwords. First, let’s start with a really weak password and strengthen it: hello.
- Use different cases throughout. So, let’s capitalize our password: HeLlo.
- Be generous with characters. So, let’s do that: HeL1o@
- The longer, the better. Many apps designed to crack passwords will take longer if there are longer words (not always the case but it doesn’t help these apps): HeL1o@%H1
- Avoid dictionary based words. Many tools designed to crack passwords work through dictionary words first since they are the most obvious. If possible, remove dictionary based words: Hqr1@neq23#

At this point, the password is rather illegible and, to be frank, hard to remember. The solution to this problem is not writing it down – this defeats the purpose. Storing them anywhere that isn’t encrypted or in your head is useless so you’ll need to use something that encrypts them (or start training your brain to remember these). A forum favourite for the app option is 1Password.

If you’re looking to generate strong passwords, consider one of the following built in tools to help you generate them (and one website).
- Keychain Access (/Applications/Utilities): go to File > New Password Item… > click the key icon and choose a type & change the length. The longer the green progress bar, the better the password.
- Norton Identity Safe Password Generator: https://identitysafe.norton.com/password-generator.
- OpenSSL (and other command line tools): Generate Random Passwords from the Command Line

Wireless Networking
Most of us use wireless networking at home, work or on the road. Here are some tips for the wireless networkers among us.

Note – much of what is discussed is hardware dependent. Feel free to ask questions about how to do what is discussed below for your piece of hardware.

Home Network
Securing your home network is important and something that should be amongst the first things you do once you plug in your router. In the configuration screens for your router of choice, you’ll be given options for what type of security. If you’re confused, here’s a simple one word answer: WPA2. Avoid WEP as if it was the plague – it’s antiquated, weak and easily cracked. WPA2 is no more difficult from the users perspective while remaining a much better choice for the purposes of security.

If your router has a firewall feature, use it. There’s no reason not to and any nuisances it might cause (likely not a concern for 95% of users) can be easily managed.

Networking on the Go
If you’re using a mobile Mac, you may not be able to enjoy the benefits of your secure network all the time. When you leave your home, you have to depend on the security functionality that the establishment/person has set up. Thus, the best you can do is secure your Mac. The first thing you’ll want to do is enable the firewall on your Mac. Go to System Preferences > Security & Privacy > Firewall > unlock the pane (click the lock in the bottom left hand corner) > enable it. While the router that you connect to in public might have a firewall on, you will likely be on the same network as many other people who may not be as nice as your family members/roommates.

General Tips
Vigilance – always be wary of software from websites that do the following:
- claim to be better than others (if this is the case, they probably aren’t).
- have a lot of advertising (an abundance of advertising is a likely sign that they just want ad revenue).
- offer deeply discounted or free versions of software that they do not develop (the legality of that software is likely questionable).

Don’t know what it is? Don’t run or open it. This seems like a simple tip but really, people are quicker to do this on their computer than they are in real life (if a stranger offered you something and didn’t tell you what it was, would you open/eat/use it?).

If something says that you need to install something else so as to ensure proper functionality, look it up or ask us. Shady websites are notorious for this, commonly notifying users of the need to install third party codecs or something else so as to ensure proper website functionality. Many of these popups also mimic the look and feel of native browser popups so be cautious. A general tip – you will likely only ever need Java, Flash or Silverlight (if you even need these at all). If a website says you need something other than these three, it’s probably not a good idea to install it.

The Anti-Virus Question
This is a question commonly broached by people transitioning over from Windows where AV is a part of daily life. For Macs, the necessity of AV software is not quite as prominent. You can safely go without AV software if you remain aware of what you’re doing on your machine. In other words, if you use your machine thinking it’s Superman, you’re going to lose the game that is Russian Roulette online because your Mac isn’t Superman. There is malware and pernicious pieces of rogue software that exist and will continue to exist for the foreseeable future. While little of it necessitates AV software, the widespread claim that you don’t need AV software doesn’t mean that nothing malicious exists.

In short, you probably don’t need it but that doesn’t mean that evil stuff doesn’t exist. Also be open to the idea that, at some point, AV software is likely going to be needed for Macs. Do not become complacent – that gets you nowhere productive quickly.

Final Thought
Mac users, of all types, are quick to defer to history as the reason for lax security practices. This is hardly a reason to shun responsibility for your machine. Not only is a Mac a PC (in the literal sense) like any other in form, it is far from perfect. Hubris gets us nowhere – it didn’t work for the captain of the Titanic and it backfired on the Soviets during WW2 when they invaded Finland (history moment for those history buffs on the forums). Practicing safe computing is important regardless of what operating system you’re using. And while anti-virus may or may not be needed as of right now, it doesn’t mean that it won’t in the future nor does it mean that you should use your machine without reservations. I’m not suggesting that you use your machine with fear or reticence but rather, you should use it intelligently which means remaining aware that, as with anything manmade, it has faults.
I’m not trying to scare you – much of what I’ve said is common sense and should be followed regardless of what platform you’re using. Follow some of the tips above and any others from our knowledgeable members and you’ll likely have a secure and enjoyable experience with your Mac.

If you've got any questions, tips, concerns or ideas, feel free to discuss below. I'll update this as/if necessary.

Important Links: Community Guidelines : Use the reputation system if you've been helped.
M-F Blog :: Write for the blog
Writing a Quality Post

Last edited by vansmith; 01-13-2014 at 11:26 AM. Reason: Spelling
QUOTE Thanks
Slydude

 
Slydude's Avatar
 
Member Since: Nov 15, 2009
Location: North Louisiana, USA
Posts: 6,393
Slydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant future
Mac Specs: 2.8 GHz MacBook Pro 10.8,3 8 GB mem, 2.66 GHz Mac Pro - Dead, iPhone 4

Slydude is offline
Excellent suggestions as usual. See what happens when you stop slacking ad get back to work.

Sylvester Roque Former Contributing Editor About This Particular Macintosh

"Got Time to breathe. You got time for music." Denver Pyle as Briscoe Darling
QUOTE Thanks
vansmith

 
vansmith's Avatar
 
Member Since: Oct 19, 2008
Location: Toronto
Posts: 17,815
vansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond repute
Mac Specs: 2012 13" MBP (2.5 i5, 8GB)

vansmith is offline
Woah, you have to go ruin my post by making a joke about me? As the token Canadian on staff, I'm not used to that!

Important Links: Community Guidelines : Use the reputation system if you've been helped.
M-F Blog :: Write for the blog
Writing a Quality Post
QUOTE Thanks
harryb2448

 
harryb2448's Avatar
 
Member Since: Nov 28, 2007
Location: Nambucca Heads Australia
Posts: 17,424
harryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond repute
Mac Specs: iMac i5 2.7GHz OS X.9.4 and OS X.10

harryb2448 is offline
Don't worry Sly. We have the same 'little brother' problem with Kiwis!

Hang on to those original install discs like grim death! Using OS X.7 or later make a bootable USB thumb drive before running Installer!
QUOTE Thanks
Quietone

 
Quietone's Avatar
 
Member Since: Mar 30, 2013
Location: US
Posts: 107
Quietone is on a distinguished road
Mac Specs: 13" MBP, OSX 10.8.5, 2.5 GHz Intel core i5 4 GB 1600 MHz DDR3

Quietone is offline
I really appreciate all the advice here. Security is so important, I like to stay informed about this too, because I've also read that the Mac is not immune, so it's good to let everyone know and remind them. Thanks for taking the time to write all that.

I Love My Mac! I finally got an iPad Air.
QUOTE Thanks
vansmith

 
vansmith's Avatar
 
Member Since: Oct 19, 2008
Location: Toronto
Posts: 17,815
vansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond repute
Mac Specs: 2012 13" MBP (2.5 i5, 8GB)

vansmith is offline
Not a problem, glad that you found it useful.

Important Links: Community Guidelines : Use the reputation system if you've been helped.
M-F Blog :: Write for the blog
Writing a Quality Post
QUOTE Thanks
cradom

 
cradom's Avatar
 
Member Since: Feb 14, 2004
Location: Nederland, Texas
Posts: 3,075
cradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant future
Mac Specs: 21in iMac core2 Duo- 13in macbook - 10.9 on both

cradom is offline
As usual up to your lofty standards. Very good post. (well, except for that one little misspelling)

Craig Domingue - resident redneck.
“Never argue with an idiot. He will only bring you down to his level and beat you with experience.”, George Carlin
QUOTE Thanks
vansmith

 
vansmith's Avatar
 
Member Since: Oct 19, 2008
Location: Toronto
Posts: 17,815
vansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond repute
Mac Specs: 2012 13" MBP (2.5 i5, 8GB)

vansmith is offline
Quote:
Originally Posted by cradom View Post
As usual up to your lofty standards. Very good post. (well, except for that one little misspelling)
Don't leave me hanging! What am I looking for here (I get lost reading my own writing)?

Important Links: Community Guidelines : Use the reputation system if you've been helped.
M-F Blog :: Write for the blog
Writing a Quality Post
QUOTE Thanks
cradom

 
cradom's Avatar
 
Member Since: Feb 14, 2004
Location: Nederland, Texas
Posts: 3,075
cradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant futurecradom has a brilliant future
Mac Specs: 21in iMac core2 Duo- 13in macbook - 10.9 on both

cradom is offline
Well now I cant find it
Could have sworn I saw a misspell or an awkward wording somewhere. Been painting all day, maybe that's it.

Craig Domingue - resident redneck.
“Never argue with an idiot. He will only bring you down to his level and beat you with experience.”, George Carlin
QUOTE Thanks
Slydude

 
Slydude's Avatar
 
Member Since: Nov 15, 2009
Location: North Louisiana, USA
Posts: 6,393
Slydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant future
Mac Specs: 2.8 GHz MacBook Pro 10.8,3 8 GB mem, 2.66 GHz Mac Pro - Dead, iPhone 4

Slydude is offline
You weren't perhaps going to give him a bit of grief for this ere you?
Quote:
A forum favourite for the app option is 1Password.
That was the only thing I noticed. Except for a word or two that MS Word prefers to be hyphenated.

I used to be able to spell, then I got a computer. Now, as several of my posts have proven, I can't spell anymore.

Sylvester Roque Former Contributing Editor About This Particular Macintosh

"Got Time to breathe. You got time for music." Denver Pyle as Briscoe Darling
QUOTE Thanks
vansmith

 
vansmith's Avatar
 
Member Since: Oct 19, 2008
Location: Toronto
Posts: 17,815
vansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond reputevansmith has a reputation beyond repute
Mac Specs: 2012 13" MBP (2.5 i5, 8GB)

vansmith is offline
Quote:
Originally Posted by Slydude View Post
You weren't perhaps going to give him a bit of grief for this ere you?
You mean the proper spelling?

Important Links: Community Guidelines : Use the reputation system if you've been helped.
M-F Blog :: Write for the blog
Writing a Quality Post
QUOTE Thanks
Slydude

 
Slydude's Avatar
 
Member Since: Nov 15, 2009
Location: North Louisiana, USA
Posts: 6,393
Slydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant futureSlydude has a brilliant future
Mac Specs: 2.8 GHz MacBook Pro 10.8,3 8 GB mem, 2.66 GHz Mac Pro - Dead, iPhone 4

Slydude is offline
If "proper spelling" means "containing superfluous vowels" that would be the one.

Sylvester Roque Former Contributing Editor About This Particular Macintosh

"Got Time to breathe. You got time for music." Denver Pyle as Briscoe Darling
QUOTE Thanks
RavingMac

 
RavingMac's Avatar
 
Member Since: Jan 07, 2008
Location: In Denial
Posts: 7,612
RavingMac has a reputation beyond reputeRavingMac has a reputation beyond reputeRavingMac has a reputation beyond reputeRavingMac has a reputation beyond reputeRavingMac has a reputation beyond reputeRavingMac has a reputation beyond reputeRavingMac has a reputation beyond reputeRavingMac has a reputation beyond reputeRavingMac has a reputation beyond reputeRavingMac has a reputation beyond reputeRavingMac has a reputation beyond repute
Mac Specs: 4GB Mac Mini 2012, 13" MBA, 15" MacBook Pro OSX 10.7, 32 GB iPhone 3GS, iPad2 64gb 3G

RavingMac is offline
Excellent post, despite the extraneous vowels.

I've always wanted to be smart, handsome and modest. But, I guess I'll have to be satisfied with two out of three . . .
QUOTE Thanks
harryb2448

 
harryb2448's Avatar
 
Member Since: Nov 28, 2007
Location: Nambucca Heads Australia
Posts: 17,424
harryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond reputeharryb2448 has a reputation beyond repute
Mac Specs: iMac i5 2.7GHz OS X.9.4 and OS X.10

harryb2448 is offline
Actually vansmith being a Canadian, we use English English the way it evolved from Anglo Saxon / Latin rather than the shortened American versions of favourite, humour etc etc.

Nonetheless a top article sure to be a favourite.

Hang on to those original install discs like grim death! Using OS X.7 or later make a bootable USB thumb drive before running Installer!
QUOTE Thanks
RadDave

 
RadDave's Avatar
 
Member Since: Jan 20, 2012
Location: North Carolina
Posts: 1,187
RadDave is just really niceRadDave is just really niceRadDave is just really niceRadDave is just really niceRadDave is just really nice
Mac Specs: MBP 13" (2013); 2.6 GHz i5; 8 GB RAM; SSD 256 GB; OS 10.9.4

RadDave is online now
Quote:
Originally Posted by harryb2448 View Post
Actually vansmith being a Canadian, we use English English the way it evolved from Anglo Saxon / Latin rather than the shortened American versions of favourite, humour etc etc.

Nonetheless a top article sure to be a favourite.
Thanks Vansmith for the excellent summary - sure to help others!

But off the subject and to Harry's statement, American English accents (or lack of them) are so varied that their origins are difficult to pin down; but regarding what the English sounded like back in the 1600s & 1700s, the best place to hear the possibilities are in the Appalachian Mtn regions & in New England - in particular the English/Scottish ballads that were learned centuries ago there and passed down via oral tradition better replicate the sound of English back then.

The English accents that are now heard, especially in the American movies of the 20th century are basically incorrect for their periods of time - current 'upper crust' English accents are a product of recent development, i.e. 1800s into the next century. Plenty of material on the web supporting these views - a short discussion HERE for those interested. Dave
QUOTE Thanks

Post Reply New Thread Subscribe


« Mac Security Review | 2 Step verification comes to iCloud »
Thread Tools

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off
Forum Jump

Similar Threads
Thread
Thread Starter
Forum
Replies
Last Post
General questions about Mac OS X. NcR Switcher Hangout 2 03-13-2008 04:44 PM
Mac Users Get More ISP Choices schweb Apple Rumors and Reports 1 03-06-2003 10:57 AM

All times are GMT -4. The time now is 02:35 PM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
X

Welcome to Mac-Forums.com

Create your username to jump into the discussion!

New members like you have made this community the ultimate source for your Mac since 2003!


(4 digit year)

Already a member?