[DM-MUG] Security question

Darcy Baston darcybaston at mac.com
Wed Jan 31 11:15:41 CST 2007 

For me, security risk is measured by a few probabilities:

1-How many virii exist?
2-How likely am I to come across them?
3-How likely am I to complete the necessary steps to infect myself when I do come across them?

For me:

1-I don't know of a single virus that exists for OS X.

2-I am very unlikely to come across them because probability has it that a low number makes it hard for them to find me and vice versa. Plus, I don't download anything shady, don't forward messages with attachments, don't open attachments etc.

3-OS X is secure in that you can't do anything overly damaging (which includes making a virus resident or stored on disk) without going through confirmation dialogs that give a clue as to something of depth occurring. Since I take the time to read every dialog box that ever appears on my screen, I am very unlikely to type in my administrative password without knowing why.

So in my situation, I don't feel I need antivirus software (yet) on my Mac.

I've had behavioral responsibility as my antivirus. I've used computers since the early 80s, and to date, after I include all my x86 PCs, Amigas and Macs, have absolutely NEVER had a virus on my computer. I've cleaned and dealt with tons of viruses on other computers though, even the ones where I had to reset the battery on a PC to get a virus out of its BIOS.

I'm not a typical user though. For anyone else I recommend getting an antivirus software package that offers the most frequent updates, consumes the least resources, is not made by Symantec, and is only ever meant for machines that aren't in production for resource hungry settings like music production. I'd recommend people disconnect their audio production machine from the internet entirely if possible. :)

As far as internet invasion goes, you have to invest time and effort into this no matter what platform you're on. An open port on an IP address is an open port and asking for trouble. I'd recommend:

-Make sure your user account's password on your computer has some degree of complexity like mixing lower/upper case letters and special characters. Don't store that information in a file on your computer or anyone else's.

-Have your net connection go into a router that has its own firewall and then into your computer with the OS X firewall turned on too. Make sure the router is password protected, cannot have its admin tools accessed from the internet. Set a long hard password too!

-Figure out what your IP address is, and port scan it from a different computer outside your internal network.

-If you have wireless internet broadcasting in your home, make sure the broadcasting router has the MAC filter turned on, is not making the ESSID public and is WEP 128bit protected (or better).

-Any time you can do media sharing with iTunes, iPhoto, files etc., make sure it's always password protected.

-Never set your computer to log in automatically on reboot and set the "wake from sleep" to be password protected too. Make your computers inconvenient to access if stolen.

-If you share files and media only occasionally, leave sharing services off until you need them.

-Turn off Airport on your laptop when not in use.

-Any time you need to store financial information on your computer, put it in an encrypted disk image that you only mount when you need it, and never store the password to it in your keychain.

Anyway, just some of the things I do to keep a clean record of non-infection/invasion. :)

Darcy



 
On Wednesday, January 31, 2007, at 10:26AM, "Roses Derise" <homeonthefarm at iowatelecom.net> wrote:
>Dear Friends,
>
>I am so glad that DW told me about this group. I wish I'd known about you
>sooner! 
>
>Here's a new question: Its commonly said that Mac is safe from virus and
>other internet invasion, but I don't feel fully confident about that. What's
>the consensus at DMMUG? If the answer is no, then what kind of protection is
>best?
>
>Thanks again,
>Roses
>
>
>_______________________________________________
>Dmmug mailing list
>Use this Address to send mail to the list:
>Dmmug at dmmug.org
>Use this page to modify subscription options:
>http://cialug.org/mailman/listinfo/dmmug
>
>

More information about the Dmmug mailing list