15 ways to protect against security risks in Mac

Network Administration - One of the most advertised advantages of using Mac is the higher security and the reduction of malware attacks than the computer running Windows. We can simply explain the above assumptions through a variety of attacks from viruses, malware, trojans, . other malicious software into the Windows operating system .

In fact, the recent Trojan horse hidden in a pirated copy of iWork '09 infected via peer-to-peer file sharing sites is the most prominent because it is the first virus to attack Macintosh computers. overflowing on the Internet (although there were still some malware for Mac computers in previous years). While the malware speed is much lower and the emergence of network attacks does not prove that Mac can be immune to such things.

Indeed, there is still an incomplete debate over the years that whether Mac users are possessing secure or simple computers that have 'little known security'. 'because they represent a fairly modest partition in the number of all computer users worldwide. While this debate continues - and there are a few valid issues in both respects - however this article does not mention that debate, it only mentions some simple questions: 'Mac How safe are you 'and' How do you be safer with Mac? '

One possible fact is that, Apple Inc. Provides a pretty safe platform. The company has invested and launched a number of advanced technologies to help protect users as well as their data. However, no system is perfect and any system can have vulnerabilities - many of them are easy to patch - and the vulnerabilities on Mac OS X systems are the same. Here are 11 ways to fix the detected security risks and protect your Mac.

Note: Unless we specifically say a certain tip is only for Leopard, it will work with most versions of OS X, although the specific steps may vary slightly.

Disable the way to automatically open 'safe' downloads in Safari

Perhaps one of the biggest flaws in the Mac is Apple's Safari web browser, which can download files that you click on or certain files that can be embedded in a specific web page. This can cause problems because Safari's mechanism is designed to open 'safe' files as soon as they are downloaded to the computer. However, the 'safe' definition includes both installers and image files that can contain malware in it. If these malware files are embedded in a website, they can be downloaded and opened automatically.

Apple has made a significant improvement in its potential damage in Mac OS X Leopard, which can automatically detect images and applications downloaded from the Internet via Apple applications ( Safari, Mail and iChat). However, to get real security, one of the best ways to do that is to disable the automatic opening of such files in Safari.

15 ways to protect against security risks in Mac Picture 1
Disable automatic opening of downloaded files

From the Safari menu in the menu bar, choose Preferences, click the General tab, uncheck the "Open 'safe' files after downloading" option. After doing this, you will have to manually open the downloaded files by double-clicking them in the Downloads folder or in the list of downloaded items of Safari.

Do not click the "Do not show" option in the warning dialog that Leopard displays when opening downloaded files; That way, you will always be alerted the first time you open each downloaded item. (Note: this tagged file feature has been introduced in Leopard and does not apply to previous versions of Mac OS X).

A similar security feature in Leopard is support for code markings, which is almost a digital signature in application files; Your Mac will check them on launch to make sure they are not changed and give you a warning if that happens. Although there are many other vendors' applications that do not yet support this feature, it is still a powerful feature and you should be aware of any such warnings. Like tagging downloaded files, you also don't click on the "Do not show option" option if you see one of those warnings.

Install antivirus software

Because the number of virus attacks on Mac OS X is much more limited than Windows, some Mac users often feel that it is more secure than Microsoft's operating system. However, the truth is, despite the low number of viruses, that does not mean that there will be no threat to the operating system. There are also some ideas that Macs cannot be infected by a virus that attacks the mass or damage when a malicious virus is created and launched into the Internet.

However, even if it does not affect directly, you can still get and accidently get Windows viruses. The most typical case is macro viruses inside Office documents - one of them has the ability to affect computers if the Office version of Mac has macro support enabled.

If you are using Windows - in a dual-boot configuration with Apple's Boot Camp or in a virtual tool like Parallels Desktop - your Mac is also vulnerable to PC viruses. In fact, if you install Windows operating systems on a Mac, then you need to consider virus protection for both Mac OS X and Windows.

When it comes to antivirus programs for Mac, an open source option worth noting is ClamAV for Unix (which can work with Mac OS X but only with the command line interface).

If you want a full-featured product to be commercially available to provide strong protection for Mac, check out Intego Systems Inc.'s VirusBarrier. ($ 70 per device; $ 200 for five devices), Sophos Anti-Virus SBE (prices may vary depending on the number of users and the amount of service, starting at $ 45 for one register or $ 190 for the year of registration), Norton AntiVirus of Symantec Corp. ($ 50 per user) or VirusScan by McAfee Inc.

Do not allow remote guest access or activate Leopard's guest account

Macs always support client access for file sharing, in that case, remote users can connect to a Mac without providing a username, password or other identity. The idea of ​​allowing remote access to your Mac is always a matter of compromise in security. Therefore, it is never allowed because security issues can easily attack the system vulnerability.

In Leopard, Apple expanded the local client access: Users can log in and use Mac with a guest account that does not require a username or password. The idea of ​​another account is intended for convenience purposes. For example, if you have friends or family to visit, you can allow them to use your Mac without allowing them to access your user account or files. When they log out, their home directory and the files they created are automatically deleted.

However, there are some system folders, such as Unix / tmp folders, that can log data to that directory, which may or may not be deleted when logged out (or restart capture). tie). The guest account also has access to installed applications, so it can be easily used to perform malicious actions from your computer. If you have to use another account, limit its access with Parental Controls parent controls.

15 ways to protect against security risks in Mac Picture 2
Disable guest account

You can turn off both guest accounts and remote guest account access in the Accounts pane of System Preferences in Leopard. Select Guest Account on the right side of the panel, then cancel selecting "Allow guests to log into this computer" and "Allow guests to connect to shared folders."
If you still prefer to have guest accounts but restrict its access to files and applications, check the "Allow guests to log into this computer" option and click the Open Parental Controls button.

Use secure passwords

User passwords are one of the basic foundations of security. If you use a simple and easy-to-guess password, you are inviting someone to invade your computer or account.

Mac OS X has password support that will automatically generate random passwords according to a certain level of complexity, it also allows you to check the complexity of the passwords you create. This feature should be used whenever you need to create a new password - with other websites or services, as well as your Mac OS X user account.

To get this support, go to the Accounts panel in System Preferences, select a user account, click the Change Password option, and then click the button with the key icon next to the New Password field.

15 ways to protect against security risks in Mac Picture 3
Password support can create secure passwords

One thing to know is that the most complex password can be cracked, so you need to remember to change your password often. If you don't trust me, remember to set up a monthly reminder action in iCal.

Disable automatic login

As part of the installation support - Setup Assistant runs when you install Mac OS X or launch a new Mac, Mac OS X will automatically activate the first user account login you create - that means that you can log in without providing a username and password whenever it starts.

15 ways to protect against security risks in Mac Picture 4
Disable automatic login

While automatic login is convenient, if you only use that Mac, it means that anyone who has physical access to your Mac can restart it to Increase access for your accounts and files. This is a potential security risk for Mac laptop users.

You can disable this automatic login feature in Accounts of System Preferences by clicking the Login Options button at the bottom of the list of user accounts on the left. The automatic login option will appear at the top of the right panel area; Select Disabled from the menu that appears.

Do not show suggestions about usernames or passwords when logging in

By default, the login window of Mac OS X will display a list of all users in the Mac (or all users who can access it in a network). This makes it easy for anyone with physical access to the Mac to gain access to it, because they only need to guess the password. Disabling the display of all users will add a layer of security because it requires an unauthorized user to know the corresponding username of the account.

Another simple way to secure your account is to disable password suggestions (this is a feature that Mac OS X still displays to help users remember their passwords after three failed login attempts). . This significantly affects the security of using passwords, so please disable it.

Both of these options can be configured in the same Accounts pane, where you can disable automatic login. To disable password hinting, uncheck the box next to 'Show password hints'. To not display the username in the login window, select the "Name and password" button next to "Display log-in window as", the option means that the user will have to type both the username and its password to login.

Set up a firmware password

The biggest security risks appear if your Mac is stolen or compromised physically. Even if thieves can't log into your account, they can increase access to data on your Mac with one of the special boot modes available on all Macs, If you want to boot from an installation DVD and reset your password, use Target Disk Mode to make your Mac work as an external hard drive, or boot into Unix-style Single User Mode.

However you can set a firmware password on a Mac. This password is written to the firmware chip on the Mac motherboard by using Open Firmware on PowerPC or Extensible Firmware Interface (EFI) machines on Intel machines. Regardless of the platform, you can use Apple's free tool for implementing firmware passwords called Open Firmware Password Utility.

If you or someone else wants to use special startup mode, then you will be asked to enter the firmware password. This helps both personal computers and businesses avoid unnecessary scrutiny. However there is a problem here to note that, if you forget this password there really is no way to reset or remove it.

Use the security panel options in System Preferences

Panel Security in System Preferences gives Mac users some simple but powerful options for protecting their systems - requires a password for wake up from sleep mode or screensaver mode, disabling auto-login feature (requires start-up authentication), requires an administrator account username and password to change settings in System Preferences, automatically logout after a time-out period somehow.

15 ways to protect against security risks in Mac Picture 5
Use the options in Panel Security

Each of these options has the advantage of protecting your data access if someone has physical access to your computer. This is really important in case you own a laptop or are working on a Mac that provides some form of public access.