In the following series of articles, we are going to focus on the security side of MAC os X. The majority of the information will be focused towards 10.5 (Leopard). For more information on the other 10.x operating systems, please let me know.
Out of the box security
Out of the box, the Mac has several benefits for both single users and for the business enterprise – on the security level.
The Basics
The need to protect against hackers and other threats is a fact of life. Mac OS X features a number of built-in technologies to help you fend off attacks and keep unwanted email out of your employees’ inboxes.
User benefit:
When users are protected from spam and other computer security threats, they can do their jobs without wasting time deleting spam messages or calling IT to fix a computer that has a virus.
Business benefit:
Proper computer security—including spam protection—can potentially save huge amounts of money by minimizing lost work time and emergency IT costs. It also keeps outsiders from stealing confidential business information.
How the Mac Does It
Every Mac is very secure right out of the box, but can be made even more secure. Leopard is an Open Brand UNIX 03 Registered Product, and has been designed to protect your personal data and online activities.
In addition, many security features built into Mac OS X are on by default. They are unobtrusive and easy to use, so you don’t have to be an expert to protect your Mac.
Apple responds quickly to computer threats, providing timely software updates that are easy to install and manage. Of course, it’s always a good idea to use all available resources to protect your Mac and important information you keep on it.
Both commercial and open source antivirus programs are available for Mac OS X. You also may install another level of mail-filtering software to supplement filtering provided by the Mail application. Make sure your ISP
offers robust protection against viruses and spam.
For the tech’s out there, a little more in-depth information.
Out-Of-The-Box Security
By default, all native services— personal file sharing, remote login, etc.—are turned off. You (the end user) control which ports and services to activate. If you need to open any ports, the built-in personal firewall can protect your computer from unauthorized access by monitoring all incoming network traffic.
When you enable the personal firewall in Mac OS X, all inbound connections are denied except those you explicitly permit. There’s even a stealth mode, meaning your Mac won’t even acknowledge its existence to people scanning for computers to attack.
Mac OS X is designed to protect you from deceptive software applications.
People attempting to break into computers sometimes disguise a malicious program as a picture, movie, or other seemingly non-executable file. When a Mac detects that you are downloading a file that may contain a computer program you are not aware of (such as one inside a JPEG file), it will alert you and ask for your permission to proceed.
One of the greatest security strengths of Mac OS X is that it is an Open Brand UNIX 03 Registered Product, conforming to SUSv3 and POSIX 1003.1 specifications.
At its core is Darwin, the open source, fully conformant UNIX operating system—built on Mach 3.0 and FreeBSD 5. Because Darwin is an open source project, computer programmers and security experts all over the world continually look for ways to make it stronger and safer.
Apple is an active participant in the Darwin project, and incorporates the best suggestions from the Darwin community into Mac OS X updates and new releases.
Apple also works with a number of security organizations, including CERT/CC, FIRST, the FreeBSD security team, and the Department of Homeland Security in the United States.
In Closing
Out of the box, Mac OS X Leopard is very simple to use and very safe. It should be noted though, that the personal firewall is turned off by default.
As to why Apple did this, we will never know. Turning it on is straight forward. To do so:
- Open system preferences
- Open the Security option
- Open the firewall tab
- Set the “Select access for specific services and applications” option
- To enable stealth mode, click on the advanced button and tick the “stealth” mode option.
That’s it! Easy.
In our next article, we will examine the other security benefits of the Mac.
All comments are welcome.
Warm Regards,
Scott Malpass
Aquafruit Media.
2 Trackbacks
[...] Mac OS X – inherently secure? – part 1 [...]
[...] as I have the time, I thought I would digress from the security side of Mac os X for a while and talk about the [...]