Security for the Mac



It’s important to be secure in one’s papers. This includes your home computer, i.e. “The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized.” Press HERE for a thorough explanation of the Fourth Amendment to the Bill of Rights. The Founding Fathers would be ashamed at America now. Press HERE for another perspective on freedom and encryption.

It is critically important to “lock up” your data to both prevent an FBI “Smash and Grab” or a common criminal stealing your laptop or Mac from your home for the data on your hard drive. [Or worse yet, to prevent your wife from looking at your private files.] Press HERE for an explanation of the police state tactics used on citizens.

It’s vital to use “point to point” email encryption with like-minded friends. The problem is to get your friends and relatives interested in the need for and use of strong encryption. This is an important freedom issue. It used to be the policy of the United States that “gentlemen don’t read other people’s mail." Press HERE to see that that policy is kaput. With the NSA telephone scandal, Press HERE realize that the government [the NSA] is a huge vacuum for data to conduct searches and to data mine the results of those searches. Press HERE and THERE for more information. To be fair, the NSA denies targeting US Citizens. Press HERE. I don’t believe it for a minute. If you use strong encryption with a strong pass-phrase, your emails will be private. If everyone used strong encryption, the NSA would go out of business.

In my first post on Lew Rockwell: Press HERE there were questions from others about Mac security. I bought a MacBook Pro [OS X] to find out for myself.

The definitive text on Mac security is a joint NSA/APPLE publication found on the NSA’s website Press HERE. Another excellent webpage on Mac OS X security is found HERE.

In my opinion, the important issues on the Mac are choosing a strong passphrase, securing your files, erasing your files and free-space, email security, and browsing. I will address each of these items in turn.

To choose a strong passphrase, you could use this simple method. Take the first stanza of the 23rd psalm. “The LORD [is] my shepherd; I shall not want. He maketh me to lie down in green pastures: he leadeth me beside the still waters. He restoreth my soul.”

Choose the first letter of each word: tlimsisnwhmmtldigphlmbtswhrms

This construction is 29 characters. My opinion is that 29 characters is sufficient for casual security. Further, you could re-create your passphrase knowing the particular passage. Read the following for information on pass-phrase length: Press HERE. Many security experts recommend changing your passphrase every three months.

Secondly, to secure your files and computer while you are not using it, you MUST use File Vault or competing systems. I like File Vault because it is native to the Mac. According to Apple: “File Vault automatically encrypts and decrypts the contents of your home directory on the fly with powerful AES-128 encryption.” You MUST use a strong pass-phrase to go along with it. Go to “Apple” “System Preferences” “Security” and turn ON File Vault. Enter the strong pass-phrase you generated as above when prompted. Do NOT automatically store your password. It will take a little while to encrypt your files. When your computer is turned off, the encryption will lock down your files. Others could set up their own File Vaults on the computer. Warning: If you forget your passphrase, you lose ability to ever open the File Vault.

To erase files in your trash-bin, use “Finder” “Secure Empty Trash” This operation overwrites files seven times. This should be adequate, and the files can’t be recovered. For the paranoid who want to erase 35 times, get Permanent Eraser Press HERE.

To erase the free-space on your disk, go to “Disk Utility” select “Computer” select “Erase” and then hit “Erase Free Space." I overwrite seven times. If you are away for a weekend you might choose 35 times.

For email security, you have some options. I favor PGP for the Mac (PGP Desktop 9.6 for the Mac). Press HERE. But, read up on bugs in this version of PGP Press HERE. Do NOT download update 9.6.1 due to some quirks in the program. Suffice it to say, backup [copy] your PGP public and private keyrings once you generate them. I speak from experience on this tip. I was not able to get Mac GnuPGP to work on my computer Press HERE Perhaps you might on your Mac.

For browsing, I was able to find a subscription $ “secure tunnel” utility for the Mac Press HERE and there are other FREE services, such as “TOR for the Mac” Press THERE. But I was not able to get TOR to work. I even read the instructions. I would recommend avoiding delicate sites such as “Hot Russian Underage Teens” and “Iranian Red Crescent Society” Assume that any site you visit will be logged both by your ISP and the NSA.

I choose to use both the Mozilla email client “Thunderbird for the Mac” [because I couldn’t get Mac Mail to work with my ISP’s system] Press HERE and the “Firefox web browser for the Mac” Press there although I do use Safari [Mac web browser] it simply doesn’t have the features and addons of Firefox. Make certain you clear your cache, history, and cookies periodically. After you do that you can schedule an “erase the free space” (see above) on your hard disk, at night, say.

It is important to use the firewall provided by selecting Apple’s: “System Preferences” “Internet and Network” “Sharing” Select “Firewall” Select “Advanced” check “Enable Stealth Mode”

Finally, I believe you need an anti-virus product for the Mac OS. After researching reviews on Amazon, I selected Press HERE as a good product or its “free-ware” competitor ClamxAV Press THERE. I don’t recommend any Norton product because of their lack of support on my parent’s home computer. Not that I carry a grudge or anything.

You will have a much better computing experience if you follow these tips for your Mac. Press HERE for a text I relish reading. Smash the State!

April 24, 2007