“The Mac Attack” - Mac Tips, Tricks, and Hints
An Introduction to Mac OS X Security
by Steve Stanger
At the core of Mac OS X is Unix. Apple’s version on Unix is called Darwin. One of the many ways Apple ensure that Mac OS X is one of the most secure operating systems available is by making the source code of Darwin available to developers. This is known as Open Source. This allows developers to examine the system security measures and can point out any weaknesses they may find. Improvements can then be made and security holes closed. This lays the groundwork for providing stronger security standards.The Keychain application makes it easy to manage your passwords. Keychain can store all of your password information you use to log into file servers, FTP servers and Web servers. When you log into Mac OS X the system opens your Keychain. OS X can be set to lock your Keychain when the system sleeps or is inactive for a time. The system will ask you for your password the next time you try to access secure data. Other users on the system cannot access your Keychain or its data. The Keychain application can be found in your Utilities folder.
The Password Assistant is a user-friendly application that assists users in choosing secure passwords. Password Assistant can be accessed by clicking the “key” button that is present on all password choice dialogs in Tiger. (See the graphic below)
Secure Empty Trash is a form of permanent deletion, which allows you to
“shred” your data when emptying trash. This command can be found in the Finders 'Finder' menu. Secure Empty
Trash deletes the file listing from the disk directory which is what a normal
'empty trash' does but then overwrites the data with random text to keep it
from being recovered.
FileVault uses the latest government security standard (AES-128 encryption) to safeguard your files. FileVault protects all the data in your home folder. FileVault can be configured in the Security preference pane in System Preferences.
Auto Update can download software updates automatically, so that you stay current with the latest security patches and software releases directly from Apple. Apple digitally signs the updates, so you can be sure they come from a trusted source.
Two Quick Security Tips
If you are not using file sharing - turn it off. File sharing can be found in the Sharing preferences pane.
In a work or multi-user environment a password should be required to wake the computer from sleep or from the screensaver. Automatic login should be disabled for all users of the system, ensuring that each user must enter their username and password before being granted access.
If you have any questions or comments about this Article please feel free to email me at sstanger@maccompanion.com
