Past Meetings

July 28, 2006

Mac Security

Nine people braved the torrential downpour to have lunch together (thanks for the pizza and soda, Ed). Attending were: Tom B, Bob S, Bill N, Jim P, Ed K, Nancy C, John R, Joan R, and Jack H.

The meeting focus was Mac security. The MacFixit website has a nice tutorial called 10 Simple Steps for Securing Your Mac . Another concise list of security tips can be found on the Apple support page called Apple's Security Notes for OSX. Another good article found in Macworld magazine is 18 Ways to Safeguard Your Data and Privacy. And yet another in AppleMatters article: How to: 5 Ways to Safeguard Your Mac.

When traveling with your Mac Laptop, avoid flashy, expensive computer cases that scream computer inside. Packing your laptop inside a small travel bag, backpack or large purse will draw less attention. (So put aside your Mac vanity and go incognito! :-) When approaching an airport security scan, unpack your laptop and have it in the sleep mode ready to be instantly powered on if asked. Another good idea before taking your laptop on the road is to turn off the Auto Login option in System Preferences under Accounts (see how here). In the rare event your computer is stolen or lost, the most a stranger could do would be erase the HD and start over. Some hotels are now providing in-room security safes, large enough to lock up your laptop when going out.

Cable Lock for laptop (that's why there is a small eliptical hole in all computer frames). One product is Kensington MicroSaver for $40.

By default, Apple sets up your first user account to have Administer permission. To be safer, you should add a second account (name it anything you want to), check the Administer permission box, then log-in as this new user and change the original account to Standard (i.e. uncheck the Administer permission box for the original account). Then log-in as original User again. (For more details, see Step 3 in 10 Simple Steps for Securing Your Mac).

When shopping on-line, always be sure there is a visible padlock icon on the browser 'checkout' page before entering any credit card numbers or personal information. This insures that all transmitted data (including credit card numbers) will be securely encrypted. Also a secure website will always begin with https:// rather than the standard http:// in the URL window.

Spam, Scams and Phishing - Beware the 'Nigerian e-mail scam'(see example) hitting eBay auctions recently. Generally, high ticket items such as computers and electronics are being targeted. The scammers are so stupid, they don't even know enough to change Nigeria to a different country. Usually the broken, cut&paste English and bad grammar is a tip-off. Also the bit about sending a FedEx truck to pick up the merchandise is standard fare. Although 99% of people will see through these scams, they are still a major annoyance in ending auctions prematurely and restricting potential legimate buyers (since you have to put more restrictions and safeguards on your sales such as mandatory Pay Immediately via PayPal). Upon notifying eBay of the scam, the bogus buyer's account is immediately cancelled. But they will most likely set up another one. Never respond to 'phishing' e-mails that ask for personal data, account numbers or passwords. Hoaxes, spoof e-mails, and potential viruses can be checked out on several websites such as Hoax Busters, Truth or Fiction, and Symantec's Virus Alerts. Don't forward chain e-mails because they increase spam and often spread viruses.Use group mailing to hide long lists of recipient addresses.

ClamXav - Free anti-virus checker for OSX Tiger - download (15MB)

Use an on-line e-mail mailbox (such as Yahoo, Juno or even your own ISP mailbox) rather than in-computer mail programs (such as Apple's Mail in OSX or Microsoft's Outlook Express in OS 9). Some advantages of on-line mailboxes are 1) the e-mail is scanned for viruses, 2) all e-mail stays with the on-line server, 3) you can check it from any computer from any location.

For anyone who still uses 56k dial-up modems for internet access (myself included), there is a certain, inherent safety aspect to slowness - mainly that malicious users will not be much interested in slowness either and will not be able to affect nefarious schemes that might be easier via high speed, on-line-all-the time connections. (Shades of the tortoise-hare fable?)

Apple has a very good Firewall built into OSX. By default Firewall is activated to protect all ports on your Mac but can be modified by going to System Preferences > Sharing > Firewall. You can modify the ports being protected by the Firewall by checking the boxes.

Use Disk Utility to create a password-guarded Disk Image (dmg). This Disk Image can then be copied to another drive such as a portable 'stick' (i.e. USB JumpDrive) as a safer way to carry valuable info, in case the stick might get lost or stolen.

In OSX, Apple provides a great utility to keep track of all your passwords called KeyChain Access. You can open it and double-click on any of the entries to find your password for a specific location or item. You only need to know your original Admin account password to be able to view the hidden passwords.

The bottom line question in computer security is akin to Dr. Thomas Sowell's great economics illustration:

Q - Should cars be made as safe as possible? A - No.(because they would be too heavy, too costly to run, and too unaffordable to most people)

The real answer is to be as secure as is feasible with a dose of common sense and an appreciation of reality. After all, who would really want what is on your computer?

Open Firmware Password - Read how to protect your mac against misuse of the Target Mode by using this on-board Apple application (found in Utilities on the install disk- just drag and copy to your Admin account to use it) - see Apple article . If you forget your firmware password or buy a used machine which is locked, the only way to over-ride the firmware password is to change the amount of RAM in the computer, then immediately boot up and reset the P-RAM by holdling down keys Com-Opt-P-R until you hear three reboot chimes.

* * *

Some other interesting (but less known) features of common Mac applications ...

Have you discovered how handy the Dictionary in Applications is? Just drag a copy to your Dock for quick spelling checks, pronunciation, origin and even a thesaurus! Just open Dictionary, type a letter or two, then double-click the word for more info.

TextEdit (descendant of SimpleText) now has tables! In Tiger applications, open TextEdit, go to Format > Text > Table ... Also you can copy and paste a table from TextEdit into a Sticky note. Another cool thing is try highlighting a word or sentence in TextEdit or Stickies, then go to Edit > Speech > Start speaking.

To view more highlights of Past Meetings, link to H'PORTMUG homepage . Next meeting: August 25

[Note: To bookmark or print a specific page on this website, click on the NonFrames link on Homepage or go directly to the NonFrames version here - then navigate to the page you wish to bookmark or print.]

Hammondsport Mac Users Group - Hammondsport, NY 14840 -