10 Simple Tips for Boosting The Security Of Your Mac

At the moment, there are more than 100 million Mac OS X users around the world. The number has grown switfly during the past years we expect this growth to continue. Until recently, Mac OS X malware was a somehow limited category and included trojans such as the Mac OS X version of DNSChanger and more recently, fake anti-virus/scareware attacks for Mac OS X which boomed in 2011. In September 2011, the first versions of the Mac OS X trojan Flashback have appeared, however, they didn’t really become widespread until March 2012. According to data collected by Kaspersky Lab, almost 700,000 infected users have been counted at the beginning of April and the number could be higher. Although Mac OS X can be a very secure operating systems, there are certain steps which you can take to avoid becoming a victim to this growing number of attacks.

 

Here’s our recommendation on 10 simple tips to boost the security of your Mac:

 

1. Create a non-admin account for everyday activities

 

Your default account on Mac OS X is an administrator user, and malware writers can take advantage of that to infect your computer.

For everyday activities, we recommend you create a non-admin user and you only log in as administrator when you need to perform administrative tasks. To do that, go to the “Accounts” pane of “System Preferences, then create a non-administrator user. Use the new account for everyday tasks like e-mail and web browsing. This greatly helps to limit the damage from zero-day threats and drive-by malware attacks.

 

 

2. Use a web browser that contains a sandbox and has a solid track record of fixing security issues in a prompt manner.

 

We recommend Google Chrome, for many reasons, one of them being that it’s updated a lot of more often than Apple’s built-in Safari browser. In addition to its own sandbox, Chrome ships with a sandboxed version of Flash Player that puts up a significant roadblock for malicious exploits. Google Chrome also has a silent, automatic update mechanism that removes the burden of patching security vulnerabilities. Make sure the new browser is also set as your default web browser.

 

3. Uninstall the standalone Flash Player.

 

Unfortunately, Adobe’s Flash Player has been common target for hackers looking to take control complete over your computer. An old version of Flash Player will most certainly put you at risk when browsing the internet. To uninstall Flash, you can use the two utilities provided by Adobe, for versions 10.4-10.5 and 10.6 and later. See this link for details.

 

 

4. Solve the Java problem.

 

Like Flash Player, Java is a preferred target for exploit writers looking to plant malware on your machine.

We recommend you completely uninstall it from your machine. Unfortunately, Apple doesn’t allow Oracle to update Java for Mac directly. They do it themselves, usually several months later! This means the window of exposure for Mac users is much longer than PC users.

The Java Preferences utility is in /Applications/Utilities; uncheck the boxes next to the versions listed in the General tab.

 

If you must use Java for some specific applications, it’s very important that you at least disable Java in Safari and other Web browsers. In Safari, go to Preferences -> Security -> Web Content and uncheck “Enable Java”.

 

 

5. Run “Software Update” and patch the machine promptly when updates are available.

 

Many of the recent attacks against Mac OS X take advantage of old or outdated software. Commonly exploited sxploited suites include Microsoft Office, Adobe Reader/Acrobat, and Oracle’s Java, but there are other applications that can be abused as well. Office for Mac 2011 is much better from a security point of view than Office for Mac 2008. If you are still using 2008, we recommend you update to 2011 as soon as possible. Whenever you see the Apple’s “Software Update” prompt, be sure to apply the fixes and reboot the machine when necessary.

 

6. Use a password manager to help cope with phishing attacks.

 

The good news is that unlike Windows, Mac comes with a built-in password manager, the “Keychain”.

 

Whenever possible, try to generate unique, strong passphrases for your resources and keep them in the keychain instead of remembering easier passwords. Whenever the cyber-criminals manage to compromise one of your accounts, they will immediately try the same password everywhere – GMail, Facebook, eBay, PayPal and so on. Hence, having an unique strong password on each resources is a huge boost to your online security.

Another, though more complicated advice is to have a separate keychain, with a 3-5 minutes password cache timeout, for important passwords only. What are important passwords? Well, things such as resources which when compromised can cause direct financial loss: eBay, PayPal, online banking and so on. If somehow your “Keychain” gets compromised, you don’t loose all the passwords.

 

 

7. Disable IPv6, AirPort and Bluetooth when not needed.

 

Turn off connectivity services when not in use, or when not required. These include IPv6, AirPort and Bluetooth, three services that can be used as entry points for hacker attacks.

IPv6 is a relatively new communication protocol which your Mac can use. This is rarely used in practice , although in my years of travelling, I’ve seen only one hotel which supported IPv6 in parallel to IPv4. Hence, it’s probably safe and even a good advice to disable IPv6 proactively.

To disable IPv6 on your computer Choose Apple menu > System Preferences, and then click Network.

If the Network Preference is locked, click on the lock icon and enter your Admin password to make further changes. Choose the network service you want to use with IPv6, such as Ethernet or AirPort.

Click Advanced, and then click TCP/IP. Click on the Configure IPv6 pop-up menu (typically set to Automatically) and select Off.

(More details here.)

 

8. Enable full disk encryption (MacOS X 10.7+) or FileVault.

 

In MacOS X Lion, Apple updated their encryption solution (FileVault) and added full disk encryption. It is now known as “FileVault 2”. This has the advantage of security the entire disk instead of just your home folder and can be very useful if your laptop gets stolen.

(More details here.)

 

9. Upgrade Adobe Reader to version “10” or later.

 

Adobe Reader has been one of the preferred targets of cybercriminals on the Windows platform and it still ranks high among the most exploited software in the world. Version 10 includes numerous security enhancements which make it a lot safer than any previous versions. Please make sure you get the latest version from the download page at Adobe – unfortunately, many of the older versions are still available for download and it can easily become confusing.

 

 

10. Install a good security solution.

 

“Mac’s do not get viruses” has been a common theme ever since the famous 2006 commercial with the sick PC and the healthy Mac. Six years have passed and the situation has changed dramatically. In 2011, cybercriminals began pushing DNSChangers and fake anti-virus lures to Mac users in a very aggressive way. The Flashback trojan which appeared in September 2011 caused a huge outbreak in March 2012, which amounted for over half a million infected users worldwide. (see this article on the methodology used to calculate the number)

Nowadays, a security solution is absolutely mandatory for any Mac user. You can download and install a trial of Kaspersky Anti-Virus for Mac.

For Mac OS X power users, a utility like Little Snitch can be used to determine when a program attempts to establish an outgoing Internet connection and give you the option to allow or deny this connection.

 

 

 

In conclusion…

 

At the beginning of 2012, we predicted that an increase in the number of attacks on Mac OS X which take advantage of zero-day or unpatched vulnerabilities.

This is a normal development which happens on any other platform with enough market share to guarantee a return-on-investment for virus writers so Mac OS X fans shouldn’t be disappointed because of this. During the next few months, we are probably going to see more attacks of this kind which focus on exploiting two main things: outdated software and the user’s lack of awareness. If you follow the above steps, keep everything updated and be aware of these attacks, your chances of becoming yet another random victim will be greatly diminished.

 

credits:Thanks to Ryan Naraine (@ryanaraine) for contributing to these tips.

Hide Unwanted System Preference Icons [OS X Tips]

 

In Mac OS X Lion, it’s finally possible to customize your System Preferences, removing unwantedpreference panes as well as sorting them in different ways. Here’s how.

 

Launch System Preferences from the Applications Folder. Click on the View menu, and choose “Customize.” A checkmark will show up next to each preference pane icon, allowing you to uncheck the ones you don’t need in there. Click on the “Done” button in the upper left, and those icons will disappear.

If you want to find them again, simply choose Customize from the View menu again, and the hidden icons will show up, ready for you to check their boxes and make them visible again.

Want even more customization options? Notice in the View menu that you can choose to organize by Categories (default) or Alphabetically. If you’re a fan of the alphabet, that second option should make you squee with delight.

 

source:http://www.cultofmac.com

The Best Address Book App for Mac OS X

Mac OS X has a great built-in address book and a number of useful third-party alternatives, but out of all the options Cobook is our favorite. It’s a very new app, currently still in beta, but its intelligent search and social media integration make it very easy to love.

Cobook

Platform: Mac OS X
Price: Free
Download Page

• Identifies the type of information you’re searching or adding as you type it.
• Automatically updates your contacts via social media sites like Facebook, Twitter, and LinkedIn.
• Utilizes the Mac OS X built-in Address Book database so you can still use Address Book if you want. This means you can still sync with iCloud and any other service Address Book supports (e.g. Google Contacts).
• Lives in your menubar for quick and easy access.
• Very simple setup process that walks you through everything you need to do to get started.
• Global keyboard shortcut allows for full keyboard control.
• Automatically checks for updates and offers to update itself.

Cobook understands what you’re typing based on its format, whether you’re searching or adding new information to a contact. If you type in a phone number that doesn’t exist it’ll offer to create a new contact. If a contact is listed, it’ll offer to add whatever information you’ve put into the search field. Cobook just knows what you’re trying to do. This makes it super easy to find and update your contacts.

On top of that, Cobook pulls data from Twitter, Facebook, and LinkedIn to updated your Address Book without any effort on your part. This saves a ton of time because your updates will involve adding notes more so than it will involve adding phone numbers and addresses.

All in all, Cobook automatically updates your address book for you and makes it much easier to perform an manual updates you need to make yourself. Plus it’s free, and we love apps that both cost nothing and also happen to be pretty amazing.

Because Cobook’s interface only lives in the menubar, this poses a few problems. First and foremost, if you want to view contact information while you’re typing in another window, you can’t really do that because clicking away from Cobook will hide the interface back in the menubar. Additionally, Cobook can really only live in one location and can’t be resized. While I like having it tucked away in the menubar, it can be problematic on occasion and it would be nice to be able to switch to a moveable window when needed.

Because Cobook syncs with your social media accounts, you’re letting it change you address book based on what other people input into their profiles. Most of the time this is great because you don’t have to update anything at all, but you also can end up with more information than you want or a different information than you need. This isn’t Cobook’s fault, but it’s something to be aware of when using an app that uses data you don’t control to change the data you do.

Address Book is the obvious competition. It’s already built into Mac OS X and is pretty great. Cobook relies on it, so it’s hard to argue it can do anything that Cobook can’t. In fact, you really have to use them together if you’re planning on setting up sync with iCloud (or other services) as Cobook can’t handle that functionality. While it’s technically another app and therefore competition, both work very well together and you don’t really have to pick one or the other.

Microsoft Outlook for Mac is what you use when you need an address book app with Microsoft Exchange support. Other than that, there aren’t too many plusses.

Contact Book ($5) is an Address Book alternative that pulls from the same databased but offers a slightly different interface and a few bonus features. You can color-code contacts, add social networking information, remind yourself of various events, and more. But it costs $5 and does less than Cobook, so it’s hard to consider it as a better option.

Private Contact ($7) is a simple address book that’s designed for storing private contacts. The idea is pretty simple and straightforward, but pretty useful if you want to safeguard your contacts.

The Daylite Productivity Suite ($230 or $30/month) includes more than just a contacts app. It is, as the name suggests, a large suite of tools to help you get things done better. This allows for tighter integration with its other apps so you can better manage your contacts and sort them by relationship rather than just name. This is a good option if you’re looking for something more business-oriented, though the cost is pretty high if all you want is the contacts app.