Linked by Bill Leeper on Tue 7th Feb 2006 23:55 UTC
Features, Office "Assuming that 'because it's a Mac, it's safe' is no longer wise" is probably one of this book's most important themes. It has been my experience that too many Mac users "know" that OS X is secure and therefore they have nothing to worry about. This book shows just how wrong that attitude is.
Order by: Score:
v Attitudes
by Tom K on Wed 8th Feb 2006 01:09 UTC
RE: Attitudes
by protagonist on Wed 8th Feb 2006 06:55 UTC in reply to "Attitudes"
protagonist Member since:
2005-07-06

Name calling aside your point is valid. But mac users security attitudes are no worse than that of the typical Windows user. I fix problems for Windows users frequently and most of them have absolutely no idea how insecure their system is. Out of the box a Mac is much more secure than a Windows machine. We need to educate the vast majority of computer users in security issues as that would make all our lives a lot less complicated.

Reply Score: 3

RE[2]: Attitudes
by rockwell on Wed 8th Feb 2006 18:07 UTC in reply to "RE: Attitudes"
rockwell Member since:
2005-09-13

// Out of the box a Mac is much more secure than a Windows machine.//

That's debateable. Yesterday, I setup a new Dell Dimension. After maybe 10 minutes of running "Windows Update," the system was completely patched.

Two months ago, I setup a new Mac Mini ... took about the same amount of time, to run Software Update so that everything was patched.

And ... for the life of me ... I've setup probably 50 PC's in the last three years, and I've *never* experienced the "you-will-be-hacked-within-three-minutes-of-going-online" crap.

I'm starting to wonder how much of that is even true. Has anyone else experienced this? Just wondering.

Reply Score: 1

Just download this pdf
by JustAnotherMacUser on Wed 8th Feb 2006 01:47 UTC
JustAnotherMacUser
Member since:
2006-01-08

Just download this pdf,

http://homepage.mac.com/hogfish/.cv/hogfish/Sites/.Public/securing-...


Oh and don't give your admin password to just anything, don't use MS or Symantec products or really anythiing that runs as root all the time.

Watch for phishing email scams, run P2P gotten apps in a fake "user" for awhile. Run clamXav to rid the windows malware before passing it on.

Run a port scan once in awhile from a website that offers such service like scan.sygate.com

Clone your boot drive occassionally to a external, keep disconnected, and make file backups daily using Deja Vu (search Apple)

Actually keep two copies, if your first clone gets owned, c boot off a installer cd and Disk Utility erase w/zero all infected drives and reverse clone from second clone.

Watch for suspicious windows asking for your admin password, know what processes are running and what they are, search online for the answers.

Install Little Snitch to block unauthorized network connections

Enable the Mac OS X firewall and log for maximum protection,

Check to make sure no services are running in System Prefs>Sharing

Do not allow others to be or use admin

Use a low level debit card online with funds transfered in person only from another account with no ATM or internet access. this way if money is lost, it's the banks fault. Microsoft software is everywhere, buisneses are more insecure than the Mac using public in general.

Use longer than 14 character alpha/numeric passwords 45 characters is prefered (botnets create all the password combinations, the more characters the harder and longer it takes to generate a list)

Avoid wireless, even bluetooth (was a electronic warfare tech in the Navy, forget security, your wide open, even your plastic case PC is mine)




Mac OS X is pretty secure, but nothing is 100% safe, a ounce of prevention is cheaper than a ton of cure.

So be safe than sorry.

Edited 2006-02-08 02:05

Reply Score: 5

RE: Just download this pdf
by protagonist on Wed 8th Feb 2006 07:02 UTC in reply to "Just download this pdf"
protagonist Member since:
2005-07-06

Some good suggestions but I would take some exceptions to the following.

"Avoid wireless, even bluetooth (was a electronic warfare tech in the Navy, forget security, your wide open, even your plastic case PC is mine) "

I run a wireless home network and though it would not be impossible to compromise it it would be hard enough that you would either give up or I would find out you were attempting to hack in before you actually did so.. If the proper precautions are taken it is reasonably safe. Also my neighbor is on the City Police force and if you were parked across the street from me for very long you would probably have someone tapping on your window. Besides, I was the one who informed him that he was running a wireless network that was unencrypted. (Daughters friend hooked it up so they could connect a laptop and did not secure it. :-) )

Anyway, wireless can be secured well enough for the home user not to have to worry to much.

Reply Score: 1

Just one more thing...
by JustAnotherMacUser on Wed 8th Feb 2006 02:10 UTC
JustAnotherMacUser
Member since:
2006-01-08

Play some background music to mask the keyboard sounds, as this can be recorded and your passwords decipered.

Check your USB cables for keystroke loggers

Reply Score: 2

RE: Just one more thing...
by postmodern on Wed 8th Feb 2006 09:09 UTC in reply to "Just one more thing..."
postmodern Member since:
2006-01-27

Who still uses hardware to keylog? It's a lot more common and easier to just slip in software to spy on various system information. Clever trojans and people armed with livecds come to mind.

Reply Score: 1

RE[2]: Just one more thing...
by skingers6894 on Wed 8th Feb 2006 13:01 UTC in reply to "RE: Just one more thing..."
skingers6894 Member since:
2005-08-10

I think it was a joke, I laughed at least.

Reply Score: 1

RE[3]: Just one more thing...
by protagonist on Wed 8th Feb 2006 17:28 UTC in reply to "RE[2]: Just one more thing..."
protagonist Member since:
2005-07-06

This is exactly the attitude this book tries to combat. Complacency is the biggest reason for the mess we are in with regards to security. There is no such thing as a 100% secure OS and for anyone who thinks otherwise, I have a bridge for sale. Contact me.

Reply Score: 1

bigger problems now
by postmodern on Wed 8th Feb 2006 04:32 UTC
postmodern
Member since:
2006-01-27

A good security reference is always good, but there are now more worrisome things.

http://www.securityfocus.com/news/11375?ref=rss

"At the recent ShmooCon hacking conference, one security researcher found out the hard way that such venues can be hostile, when an unknown hacker took control of the researcher's computer, disabling the firewall and starting up a file server."

"While such compromises have become common in the Windows world, this time the computer was a Apple PowerBook running the latest version of Mac OS X. The victim, a security researcher who asked to remain anonymous, had locked down the system prior to the conference and believes that a previously unknown exploit caused the compromise. However, in the following weeks, forensics performed on the system did not reveal any clues as to how the PowerBook had been compromised."

I believe this is first contact between Apple's security process and hardcore *nix hacking.

Reply Score: 5

My Problem
by Finchwizard on Wed 8th Feb 2006 05:33 UTC
Finchwizard
Member since:
2006-02-01

My problem with articles like these that are by so called "Professionals" that own websites and talking about Mac OS X security.
And because it's a reasonably big site, the average joe will believe it.

They will point out a flaw or exploit and fail to mention that this flaw or exploit on a service needs to first be enabled.

The large majority (I'm not saying all, but most of them) are flaws/exploits that are on services that are disabled by default.

Either that or the exploit needs physical access to the machine.

You will always get problems with an OS, it's a given, there's always someone out there a little smarter that will find a weird and wonderful away around it.

The thing that does matter, is how easily, and how quickly the fixes/patches/updates are.

I would much rather have the Software Update program jump a few times and easily install it, then waiting months for Windows to fix it, because it's not within their scheduled time slot to patch it.

That said, there needs to be more teaching into what to do and what not to do in General, not something specific to the OS.

I mean, regardless of the OS, you shouldn't open attachments without some type of scan or check. Simple things like these prevent a lot of problems, and people need to taught the basics of security.

Would be a lot more useful teaching kids about Security in school than how to use a Word processor.

Edited 2006-02-08 05:39

Reply Score: 1

RE: My Problem
by protagonist on Wed 8th Feb 2006 07:08 UTC in reply to "My Problem"
protagonist Member since:
2005-07-06

"They will point out a flaw or exploit and fail to mention that this flaw or exploit on a service needs to first be enabled.

The large majority (I'm not saying all, but most of them) are flaws/exploits that are on services that are disabled by default.

Either that or the exploit needs physical access to the machine."

Actually, the authors do a very nice job of pointing out these things. They even go so far as to point out vulnerabilities and then list versions of the programs that are effected and tell you where to get the updated version that has been patched. They do not try to scare you into a panic and most of the programs they talk about are freely downloadable open source programs.

Reply Score: 1

This is not bad for apple!
by hraq on Wed 8th Feb 2006 06:21 UTC
hraq
Member since:
2005-07-06

If apple needs a book to show that it's not secure, then windows will need an encyclopedia, even a library to expose all its weaknesses.
As a rule of thumb: Use the least insecure OS if you can. There is no OS that is 100% fool proof; so if you want to be wise simply choose the least insecure OS.

Reply Score: 1

RE: This is not bad for apple!
by protagonist on Wed 8th Feb 2006 06:49 UTC in reply to "This is not bad for apple!"
protagonist Member since:
2005-07-06

As the writer of this review I have to say I agree with you. For most people the OS is reasonably secure simply because they are not running running multi user/multi machine networks. This is why I stated their money could be better spent elsewhere. There is useful information for them, but not enough to justify the price of the book.

I have been into computers for more years than I care to mention. The book did, however, point out information I had forgotten over the years. I also learned a few things in the process. I liked the book, but then I also thought "Rise and Fall Of The Third Reich" was a good book, and will be referring to it in the future when I am setting up a new home network next year.

The intent of the book was not to show that OS X is insecure, but rather to show you how to make it even more secure than it already is. There are weaknesses in it just as there is in any OS. One of the main reasons I now run a Mac and OS X was because I got tired of dealing with all the problems involved with running Windows. Anyway, it is a very good book on the subject.

Reply Score: 1

Advertisement...
by devnull on Wed 8th Feb 2006 09:10 UTC
devnull
Member since:
2005-07-06

This is just an advertisement.
While i do care about MacOSX and its security this whole article looks just like one big advertisement.....paid
by Amazon.

Pitty.

Reply Score: 0

RE: Advertisement...
by protagonist on Wed 8th Feb 2006 17:21 UTC in reply to "Advertisement..."
protagonist Member since:
2005-07-06

Open mouth, insert foot...

I wrote the article and I have NOT received one dime from anybody. I volunteered my time to write this as a service to OSNews readers. You might at least try to get your facts straight before posting.

Reply Score: 1

RE[2]: Advertisement...
by devnull on Wed 8th Feb 2006 22:42 UTC in reply to "Advertisement..."
devnull Member since:
2005-07-06

"I wrote the article and I have NOT received one dime from anybody. I volunteered my time to write this as a service to OSNews readers."

The whole article is build up like an advertisent, below you can find the amazon button/link to buy the book.
How does that look?

no hard feelings..its nice of you to write an article but i looked as an advertisement to me.

Edited 2006-02-08 22:46

Reply Score: 1

RE[3]: Advertisement...
by protagonist on Wed 8th Feb 2006 23:46 UTC in reply to "RE[2]: Advertisement..."
protagonist Member since:
2005-07-06

Actually, I never even looked to see if any of the online stores had a write-up on the book. And I did mention in the review that the cost of book was not worth it for beginners. You could call any positive review of any product an advertisement looking at it that way. You have to realize I haven't done a "book report" in more years than computers have been in our lives.

We need to start taking articles in here the way they are intended. I see so many articles being ripped to shreds not because of any factual errors, but rather because the person commenting does not agree with the article. And that is the surest way to guarantee that people will not want to submit articles. So far the comments on this article have been quite civil. I wish it were that way all the time. Anyway, I appreciate your responding.

Anyway, down off my soapbox...

Reply Score: 1