Top 8 OS X Safety Tips
There was a little speculation recently that McAfee had unnecessarily worried people into buying its products with the news that, from 2003 to 2005, the amount of vulnerabilities discovered on the OS X platform had increased by 228%, whereas Windows vulnerabilities discovered in the same time period had increased by only 73%. To the blind-sighted or Mac newcomers out there, this is a worrying fact, but rest assured the truth is being bent—quite a bit.
It is probably true that the number of vulnerabilities in OS X have increased that much, but it’s also clear that those vulnerabilities are quite minor when compared to the Windows threats. It’s nothing that should really worry people, as the truth is being blown completely out of proportion just to increase sales of McAfee software. To make it a little more understandable when comparing the OS X and Windows threats, I’ll quote ZDnet with, “In the last decade, deaths caused by chocking on ice cream went up by 200 percent whilst deaths from smoking went up by 10.” I bet you’ve not heard of many people dying from chocolate chip ice cream, have you?
I don’t like to ramble on about security threats too much, especially as I don’t want to worry the new kids on the block. However, I do think it is important that we aren’t arrogant about the whole affair of OS X being “virus” free, because we will be hit by a large virus. It’s just a matter of time.
So what steps should people be taking in order to protect themselves further?
1. Get some Anti-Virus software
There’s no real need for this at the minute, but if you want to be extra safe, some anti-virus software isn’t going to be a miss. McAfee has just recently announced its Virex anti-virus software turning Universal and, although I’ve not used it, I’m told it’s a clever tool to own.
Norton also has an anti-virus program for the Mac platform that is currently in its tenth edition and has also recently turned Universal.
Once again, while the amounts of threats to OS X are few-to-none, you should bare in mind a few things. There are a large number of Word and Excel viruses on the Office platform that affect both Windows and Mac users, thus, threatening Mac users. There’s also the unknowing threat of a virus outbreak occurring right out of the blue. Who’s to say that a virus won’t be unleashed overnight and affect millions of unsuspecting Macintosh systems that are all without anti-virus software? Okay, that’s not likely to happen, but it’s not impossible.
Now which do you want to be? The guy that says he won’t need antivirus software and then ends up needing it, or the one who can sit back and relax because he has antivirus software, and say later down the line when a virus does hit, “I told you so”? I know which I’d rather be.
2.Turn that Firewall on
Although the thought of some Spyware creeping into your system, and some important information of yours being transmitted outbound, or the idea that you might be getting spied upon by someone close to you are all horrid (and unlikely at the moment). They are possible.
The Firewall, which is both off by default and difficult to find for new Mac owners, should be turned on before you connect to the Internet.
The easiest way to turn it on from your desktop is to direct yourself to Spotlight, type in ‘Firewall’, and then click on the search result “Sharing” that will open the Sharing pane in the System Preferences—you’ll find the Firewall located there. Turn it on and lock the keypad at the bottom to stop it accidentally being turned off. You may want to check which services you wish to allow your Firewall to use without causing a disturbance. Most of the time, you won’t need to turn any on, especially if you’re simply a home user.
3.Services
You’ll notice in the Sharing pane that there are three tabs: Services, Firewall and Internet.
We’ve just dealt with the Firewall, it’s also an idea to check out which services are active. I’ve been over these before in a previous article, but to quickly go over it again; Services are the ports (or ‘Doors’) to your computer as seen from the Internet or local area network. When a service is turned on, you’re opening one of those doors to allow someone (or something) to access it. Although it might sound risky, they are useful, especially if you’re part of a network, but if you don’t know what they are or how they are used, you’re putting yourself at risk. To be safe, you should keep them all off.
4. FileVault
If you’ve ever browsed through your system, you may have come across something called FileVault. FileVault is exactly as it sounds, a vault for storing all of your files. The FileVault (open as you did with the Firewall) uses the latest government security standard called AES-128 encryption and helps safeguard your files. It encrypts and decrypts on the fly (as you’re working) and all without you knowing. FileVault can protect prying eyes from files such as your banking details, private letters or even family photographs using a password—set up by you. An excellent way to give you peace of mind when using your Macintosh system.
5.Keychain pop ups
Ever been asked something when using Safari regarding a keychain? Well, all the username and passwords you use throughout your system are stored there and are only accessed when the system asks you to enter the administrator password. In short, it keeps all your passwords in one safe place, away from prying eyes and harmful Spyware.
6. What else you can do
There are a few other ways of protecting yourself when you’re on a network or the Internet, some of which are a little too ‘over-kill’, especially if you’re a new Mac user. However, there are a couple of last steps you can take, on top of everything I’ve mentioned above, to keep yourself extra safe.
In Safari, turn off the option to automatically open downloads when completed. To do this, open up Safari, click on “Safari > Preferences” and then under the “General” tab, untick “Open “safe” files after downloading.” Although Safari will never open an unsafe file, it’s only so smart and can never know for sure if a file is definitely safe. By turning this off, your also turning off the likelyhood of a virus trying to open itself after being downloaded.
7. Keep cookies restricted .
Think of cookies as a token-pass. Every time you visit a website, you’re issued with a token so that your computer knows you’ve been there before. They’re quite useful because they store some basic information that helps to speed things up when browsing the Internet. However, some websites like to give you tokens with tracking-beacons in them, and whenever you go about your business on the internet, your tracking-beacon is sending information back to the website it originally came from. It’s never nice to be spied upon, so keep your cookies restricted. To do this in Safari, go to “Safari > Preferences”, click on the “Security” tab and then select one of three options under “Accept Cookies:.” I usually keep mine set at “Only from sites you navigate to”, because I know the ones I navigate to are safe.
Your Mac auto-updates itself by default, but it’s always best from time-to-time to double check there are no more updates available using the ‘Software Update’, which can be found underneath the Apple (top left in menu bar). Any security patches that need to be installed on your system will be done so via here, and Apple is always working around the clock to find more holes in the system.
8. Being smart is the easiest, cheapest and most reliable way to keep yourself safe from Internet-baddies. Use a bit of common sense when surfing the web or reading e-mails. Never click on a link that claims to offer you free junk, especially if it asks for your details such as e-mail address or name. If you ever receive an e-mail that claims to be from your bank, read it with an open mind and be careful. If they should ask you to enter any details, it’s likely to be an act of Phishing—which is where someone poses as your bank and aims to get your details in order to, you guessed it, steal your money. Don’t fall for it, and immediately contact your bank.
The last thing to be careful with is your passwords. Whether you’re buying something from the Internet, logging into your e-mail, checking Internet banking, or even installing something on your computer, you’ll always be asked for a username and password. Be smart with this. Always include uppercase and lowercase letters, numbers and possibly an underscore or two in your username and passwords to make life a lot harder for a thieving hacker. Also be sure to set a username that doesn’t easily identify who you are and a password that has absolutely no relevance to your username.
None of these ideas will ever fully guarantee that you are safe from evil on the Internet—nothing is fool proof—but with all of these precautions combined, you will be safe enough to use your computer with peace of mind.
So tell us your view. Do you believe Mac systems require an anti-virus, or do you think large enough viruses will never hit us? What other steps do you take to protect your computer, personal data and last years Christmas photos?
Comments
Hadley Stern says:
“Good one ziggybopper. For everyone out there Apple Matters encrypts all emails addresses (built into Expression Engine)”
Good one Hadley. Could you define encrypts?
Thanks.
noFUD
ziggybopper:
It appears if you include a URL when signing up, it uses that when you mouse over the name instead of your email. I am not sure how to change it after the fact [was just checking to see if i could figure it out].
Hadley:
I like the site, don’t get me wrong. Read it often. Just saying you and I disagree on what encryption and security really are, especially given the context of this thread on Safety Tips. I can give more specific details, but I tend not to tell how things work to the masses, just in case they really do not know. (+=
FYI, email encryption works like this:
My email address could be: .(JavaScript must be enabled to view this email address)
Using the Spamstopper program, my address could look something like this if you viewed the code on this page: #109;#97;#105;#108;#116;#111;#58;#115;#111;#109;#101;#111;#110;#101 (modified so your browser doesn’t display the address)
But if you mouse-overed my user ID after a comment, your browser decrypts this hex code and you’d see this in the browser status bar: .(JavaScript must be enabled to view this email address)
One of the reasons this works is that there are so many freely available email addresses on the net, spammers don’t bother to harvest the scrambled addresses.
I suppose technically, this isn’t really encryption but a scrambling of plain text with hex code.
Choosing View Source for this page shows that the commenter’s ID is replaced with a javascript. Making it difficult for a spammer to harvest my email address.
Using a hex code scramble or a javascript, mouse-over gets you an email address in the status bar. That’s the extent of my knowledge on this. Don’t know if spammers will be able to harvest these addresses if they really tried.
While protecting the email addresses of commenters may be a topic covered in the web design world. This is the first time I’ve seen it in the popular Mac news blogosphere.
Since spam is such a big source of nastiness. Shouldn’t we, as users, be advised to demand address protection for commenting and only comment on sites that provide protection?
I just clicked, now there are more blogs, any computer user who is interested will learn of any problems earlier. Five years ago you needed a dialup to get the 250k of updates monthly to protect yourself. But these days, (with wireless, broadband and RSS), I read news on the internet faster than I see it on TV.
I’ll bet the fist real virus on the Mac will be documented on blogs, allowing the users who reads any blogs, to protect themselves faster than a AV company offering protection.
And backups are the way forward. €100 will buy you enough storage space to backup your entire system. A process that will encourage users to take responsibility of thier data. They know when they clone, they know they are safe back to that date.
Peace
Mac Wizard
apart from a good backup plan and a thight firewall the single most important tip should be - never, never ever work online while being loged on as admin, let alone root.
give your user as few rights as possible.
On OS X enable your firewall first and formost. Consider ‘little snitch’ to enhance your firewall-fu. After that I’d say having a verified backup of your data is the most important thing.
I picked apart this list over here: http://www.creationrobot.com/?p=2361
With Windows was easier.When I started having problems with my computer a friend recommended to download a software to see what’s wrong.I found out that my computer was having registry problems.The solution was pretty simple actually.I downloaded the regcure registry cleaner.It’s easy to use and it automatically solve the problems you’re having.With my Mac I’m going to pay for sure to resolve the problem.