About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Home » Learning Curve » Red Hat Diaries

Secure Your Mac the Mac Way

Get out your metal detector.

Get It

Try It

For every ten switchers to OS X from Windows there are at least fifteen computer users frightened by the malware situation on the Internet today. Some watched the switcher ads and were granted a clue. They came over - and then their jaws dropped.

'What's surprising to me is that there is a new trend in the OS X publication community', comments Sean Collins in 'Technically Sound'. 'I'm seeing quite a few articles as well as dedicated series of articles focusing on the issue of computer and information security.'

'This is good. It's better than it was a year ago when the fanboys were jumping up and down over the Month of Apple Bugs and Maynor's Wi-Fi exploit denying that they were real and using underhanded character assassinations to undermine the findings of researchers.'

No argument there. But it isn't all rosy. Here comes a jaw dropper.

'What was disappointing to me was the fact that many of the articles are not factually correct! Honestly some of these tips are just flat out ridiculous and the only people that they would fool would be under the age of five.'

Collins cites two sources for this claim - the 'security series' at Macworld (who call themselves 'the Mac experts') and TUAW.

TUAW: Secure Your Mac
Macworld: Walking the walk (Lock It Up)

Hidden Folders Redux

From TUAW's fabulously titled 'Crouching user, hidden folder' by Dave Caolo.

Create a hidden folder

Mac OS X automatically hides a folder that begins with a period. We can use this to our advantage and create a secret folder. However, it's not as easy as creating a folder in the Finder and naming it '.MyPrivateStuff'. But it's not difficult, either.

Collins again.

'Give me a break. Just because it has a period in front of it doesn't mean you actually are going to be hiding anything from anyone. In fact, you can scan for files and folders that have the period in front of them. It's very easy. Especially with the ACP from Rixstep.'

'But if you're going to hide things with the Finder, the ultimate way to hide them is by using 'Finder flags' which only the Finder cares about. Another useful ACP utility can enable these flags and disable them. But regardless, they'll still show up in a quick scan by a superior program like Xfile, or even the Unix commands.

$ ls -A

'You're not getting very much protection out of renaming files to have a period in front of them.'

Get Out Your Metal Detector

It gets worse. After Caolo led the charge for the 'under five' demographic the blog readers take over, repeatedly suggesting such pinhead solutions as HideOut which very simply puts a dot in front of a file name, thereby redefining both 'lame' and 'smugly stupid' to ever higher criteria.

Collins is back to restore order.

'Users and journalists are missing the point. You cannot hide things on a filesystem. The entire point of a filesystem is to keep track of things. You can't avoid it. You can however limit access.

'Unix was built upon everything being a file with specific permissions.'

'Users can be denied access to files and directories. The TUAW tip is like taking your treasure and putting it into a shoebox and burying it in the rose garden. All you need is a metal detector and a shovel to get at it.'

Spin Lock

'Unix would be the safe you have in your basement. You put your treasure in it, spin the combo lock and you're done. You can't hide the fact that you have a safe, but you can limit who can actually get to it, as well as who has the combination to actually open the safe.'

'Let's move past the hocus pocus 'hide your dirty secrets in my special hidden folder (hint - its name is Untitled)' and move on to the 'my account is protected with a strong password and permissions settings and the only way to get at it is to have the password' model'.

Switchers from Windows have never heard of security and legacy graybeards on OS X have never heard of computers and the last people they should listen to are journalists with absolutely no chops in either.

About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Copyright © Rixstep. All rights reserved.