A Few Security Reminders

Well in November we had the "Month of Kernal Bugs", now in January we will have the "Month of Apple Bugs". This is the work of two security researchers who refuse to give vendors a chance to fix the bugs before they are announced. Whatever your feelings on the ethics of this are, it does point out a mounting threat to OS X's security. Many OS X users become complacent when it comes to security, feeling bulletproof. I wanted to remind everyone that while OS X may be inherently more secure due to things like separating users and requiring passwords for installs, etc, there is no security against the uninformed user. So here are a few reminders of how you can help yourself be more secure. For what its worth, many of these are also true of Windows and Linux.

• Use A Limited Account - This is one very few people due, and it may be the most important. By default OS X makes you an Admin, giving you Admin rights. By creating a limited user account and making that your daily account, malware cannot install itself. In general, malware will have the rights you have, so keep them limited. All of those escalating rights exploits you have heard about dealt with raising an Admin to Root, they did not effect Limited users. The only disadvantage is having to enter your password a little more often.
• Don't Click Links In Email - Phishing is a huge problem these days. Don't think you can be phished? Take a look at this phishing archive. With HTML email, a phisher can make the link say whatever they want. Type the link by hand. This is also a good time to remind you to turn off the preview pane in you mail client. HTML email is one of the most popular attack methods.
• Don't Download Attachments - Just don't do it. Even if you know the person. One of the first things a virus will do is email itself to everyone in your address book, so you are more likely to get a virus from someone you know. If you are expecting an attachment from the person, you are probably ok. If not, email them back, ask them.
• Stay Away From Shady Sites - Try to stick to known popular sites. I know when doing research this is tough, but try to be vigilant. If you must go to unknown sites often, look into disabling scripting for unknown sites. In Firefox you can do this by running a extension call NoScript.
• Pay Attention When Installing Software - Only download software from reputable sites. If it seems to good to be true it probably is. This is very important. No amount of OS X security can save you from yourself. If you voluntarily install malware, you have no one to blame but yourself.
• Turn On The OS X Firewall - By default the OS X Firewall is not turned on. Turn it on. This will prevent someone coming in over a port you may have opened by using a service such as file sharing. This is especially true for those not behind a router or those who use public Wi-Fi a lot.

I know many of you think security is already taken care of on OS X, but as I said before, no amount of security can protect you from yourself. While it is true there are no malware in the wild for OS X, a day may come when there is, and by practicing good habits now, you will be prepared.

 

Thanks cash!
You're right, the worst thing anyone can do when it comes to security is to think they are invulnerable.
This has been a big problem with Apple fan boys, who refuse to believe that anything could ever touch OS X. While there may not be viruses in the wild and such, some day...
And yes, it does not prevent phishing and other shady behavior.

 

Could somewhat direct me to this? I'm new to OSX, its very 1337 by the way, and trying to used to it. Thanks.

 

Go into preferences, go to sharing, click the firewall tab, change your settings to turn the firewall on.

 

When I bought my new c2d mbp I had to create a new account which was an admin account. I used migration assistant to move everything from my other macbook to the mbp. Now I have to admin user accounts. How do I delete one and create another limited account?

*Edit

I turned the migrating account into a standard account y unchecking the 'allow users to administer this computer" option in the preferences pane.

 

Although not many pieces of Malware and Viruses can hit OS X, this guide can stop you passing them onto your friends and family as well, so it's probably a good idea to follow it even if you haven't been hit yet.

 

You don't delete the admin account. Unix/Linux (of which OS X is a variety of) always require a root account. You simply created a limited user account (which seems you have done) and use that one instead.

Did it make you create an admin account AND a normal user? I know some of the linux distros are doing that now, which is really good.

 

Thanks good info

 

OS X makes you create an Admin account on first bootup. I then migrated my old account over from my macbook which also had Admin rights. I turned that account into a standard account. Now if I try to install anything or change settings it will ask me to authenticate it before proceeding (which is good).

I also realized after reading this I had my firewall turned off, so I switched it back on.

 

Yes, but does it FORCE you to make a limited user as well? When I installed OS X, it only makes you do the admin account.

 

NO it doesn't.

 

Ah okay!

It really should.

 

ok thk you,
concerning the firewall i've turned it on, but do we also have to check any specific box ? (it is under the button turn on)

 

Just click the turn on button and you should be good to go!