RMG195 - Mac Security in an Insecure World
RMG195 - Macintosh Security In An Insecure World.
Once again, the popular press is making noise about Apple Mac OS security vulnerabilities. Several weeks ago, it was Oompa Loompa's in iChat and evil web sites in Safari. Apple quickly issued patches to address both.
Now news of a new security issue surfaced yesterday. The ZD Net Australia site reported on a challenge issued in Sweden where it was reported that a Mac mini was compromised in less than 30 minutes.
Actually, the news isn't all that bad, as the individual issuing the challenge gave the hacker a user account on his Macintosh and had enabled SSH.
While this wasn't the end of the world, it points out that we shouldn't be too complacent about security on the Macintosh. I was recently asked about virus protection software for the Macintosh, and sadly, I have nothing to suggest. MacScan from SecureMac.com has an application that watches out for remote administration exploits, key loggers and spyware, but really hasn't had anything thrown at it to test it.
The best advice I can give is to secure your machine and your network. I can't say "non-trivial passwords" too many times. Tiger has some excellent security features. The Password Assistant will tell you how strong a password you are using.
Keychain keeps your passwords straight. Here's a great Apple page on Tiger security. Be sure to keep your keychain backed up.
On that same page, you can find information on Apple's implementation of the UNIX ipfw firewall. How difficult is it to turn it on? Not very. Just go to the Sharing preference pane and click on the Firewall tab. Press "Start". That's it.
I have to give props to Apple for staying up-to-date on the security stuff. Listen. If Apple releases a Security Update through the Software Update system, install it.
When messages pop up and warn you that you're doing something insecure, stop and think about what the message says. Are you sure you want to install that application? Where did it come from?
Finally, and you might have heard me say this before, BACK IT UP!
The podcast ends with Lost in Austin by NYC band, Buddy Woodward and the Nitro Express. The tune comes to us from the Podsafe Music Network and is dedicated to all the hard workers at the Apple Campus in Austin Texas; especially those folk working in the technical support trenches. You guys rock!
0 Comments:
Post a Comment
<< Home