Top 5 Threats to You and Your Mac
- Malicious Software
- Phishing / Social Engineering Scams
- Prying Eyes Invading Your Privacy
- Network Attacks
- Physical Theft
Protection from Malicious Software Techniques to prevent infestation and to detect when you have been exposed
Update, Update, Update! The most critical step is to keep your MAC OS X software up-to-date. Detection Detect when keyloggers or other trojans leach themselves with Anti-virus program. Hardening Your System Make it harder for criminals by hardening the common places malware targets. Run Apple’s Disk Utility to ensure your file/folder permissions are correct. Harden newly created files by changing the default umask. Prevent trojans from grabbing root access by fixing the sudo weaknesses. Keyloggers Keyloggers are one of the security threats around. Automatic Form Filling Keyloggers would be useless if you never typed sensitive information. This is exactly what this unique password manager does. It fills web forms without using the keyboard or clipboard so keyloggers can’t steal your online account information. Network Monitor Trojans and Spyware exist to send the gathered information back to its owner. Keep an eye on who your programs are talking to with Little Snitch.
Phishing Defenses Techniques to prevent scammers from stealing your information
This site covers Mac phishing protection techniques in depth. Below are the highlights. There are not that many products on the market yet that protect you from phishing scams. There are a few but they are not all created equal: Automating the Login Step Automating the login process is the best way to protect yourself. If you always rely on the computer filling in the password, you will never accidentally give your information to a scammer because the computer won’t let you. AutoFill for Safari doesn’t work for all websites and is not enabled by default. This makes it easy for you to accidentally give your data to a scammer (oh man, is Safari not working again! I better type it…) The Firefox password manager is much better and always works. It only works in Firefox of course. The 1Passwd password manager works on all sites and most browsers. Toolbars The Google firefox toolbar is a fair attempt, but it does have a few issues. Ebay also has a toolbar, but it is designed to protect your eBay/PayPal accounts. Aside from not providing complete protection, these toolbars don’t support all the diverse browsers available on Mac. Firefox 2.0 The new Firefox browser comes with a "black list" of phishing sites. Trying to keep up with the criminals is a bad idea. Emblems and Seals Some sites allow you to create "seals" or "emblems" that are supposed to help. This is a pathetic attempt at phishing protection.
Keeping Your Privacy Private Strategies to keep your private information and usage habits secret
Network Protection Protect yourself from network attacks
Network and Port scanners Enable your firewall. Securing Your Wireless Network Enabling encryption and authentication on your Wireless Network does provide a fairly good level of security. However, there are easy ways to break WEP. It is therefore important not to rely on the security of you network as your only defense. In fact, security expert Bruce Schneier doesn’t use WEP at all. Since WEP is not secure enough to guarantee his machines’ safety, he doesn’t bother to enable it. Network Sniffing Assume that everything you send over the network can be read by criminals, because it can. You must encrypt everyting that you don’t want people to see. Be sure to secure your email access, especially over insecure wireless networks.
Physical Theft Defenses Techniques to keep your data protected even if your Mac is stolen.
Once you lose your machine, account logins and firmware passwords can’t help you anymore. It’s trivial to copy your harddisk contents to another machine and scan your data. Keeping your information encrypted is your only defense. You should use one of the various Mac password managers to keep all your confidential information. FileVault and Encrypted Disk Images are also good defenses.
Category: Articles & Tutorials