Mac Security

Just came across an interesting article on MacWorld. Here’s an excerpt:

Two well-known Mac hackers are updating a widely used hacking toolkit, making it easier to take control of a Macintosh computer…Although there are still many more exploits available for Windows software than for Macs, the new payload code means there is now “more or less the same functionality if you want to target a Mac box or a Windows box.”

No need to get too worried here, but it’s a good reminder that we are not immune from the problems that plague Windows users. And, as this article suggests, it may be only a matter of time before we face similar problems.

There’s a lot of brouhaha over the necessity of installing Mac antivirus software. I didn’t run AV software on the Mac for a long, long time, but now I do. Why? It doesn’t cost me anything. It only slows down system performance a tiny bit. And it makes me feel better. Here’s a full rundown of the steps I take to ensure a basic level of security:

I’ve used ClamXav (free) in the past and just started using iAntiVirus (free for noncommercial use) in the hopes that it’s a bit speedier. It’s not a bad idea to run an AV package, if only to prevent transmission of viruses to colleagues on Windows.

I think a good password vault is essential. The excellent 1Password is my choice. It generates complex passwords, ‘remembers’ them, and protects against phishing and keylogging.

I also use LittleSnitch to control and monitor outbound network traffic. I use this in the interest of privacy, but it will alert me if any unknown malware on my machine tries to phone home.

Next, I’ve set up my Linksys router with a kick-ass password and have set it to only accept connections from known MAC addresses that I’ve manually added (household Macs, my iPhone, my wife’s iPod Touch).

Finally, I use Apple’s built-in Firewall protection. It’s a good idea to make sure it’s turned on (go to System Preferences > Security > Firewall. Choose ‘Set access for specific services and applications.’ Also, I have both boxes checked in the ‘Advanced…’ preferences to enable logging and stealth mode). I also use NoobProof. Taken together, this establishes application and network firewall protection. See this article for more background on that.

If anyone has an alternative or better set-up, please share.

As an aside, if you use FinalCut Studio and keep getting an annoying prompt to allow incoming net traffic from ‘qmasterd’ every time you boot (even though you’ve already added it to the ‘allowed’ list), try adding /Applications/Utilities/Batch Monitor to your list of applications that allow incoming connections. To do this, command+shift+g to paste in the file location.

Troy Kitch @troykitch