« Lesson: Be Nice to Random Strangers Claiming to Have Owned Your DNS | Main | Hey, Good News, Tokelau! »

June 3, 2008

Apple Releases Leopard Security Guide

“The Security Configuration Guides provide an overview of features in Mac OS X that can be used to enhance security, known as hardening your computer.

“The guides are designed to give instructions and recommendations for securing Mac OS X and for maintaining a secure computer.

“To use these guides, you should be an experienced Mac OS X user, be familiar with the Mac OS X user interface, and have at least some experience using the Terminal application’s command-line interface. You should also be familiar with basic networking concepts.

“Certain instructions in the guides are complex, and deviation could result in serious adverse effects on the computer and its security. The guides should only be used by experienced Mac OS X users, and any changes made to your settings should be thoroughly tested.”

They left out “Do Not Taunt Happy Fun Mac.”

There are six pages (124-130) devoted just to explaining POSIX permissions, ACLs and umask.

All in all it’s an interesting guide.

Not to be a total nanny, but it would be nice if this information were refactored for users who are not particularly experienced and don’t have “at least some experience using the Terminal application’s command-line interface.” Those people are told to get bent before they even bother to download the guide, but it’s got a lot of useful information.

The problem is, some of that useful information would probably scare less security-aware users away, and some of it is the kind of t-crossing and i-dotting that rapidly induces fatigue:

“One method to secure appearance preferences is to change the number of recent items displayed in the Apple menu to None.”

“If intruders gain access to your computer, they can use recent items to quickly view your most recently accessed files. Additionally, intruders can use recent items to access authentication mechanisms for servers if the corresponding keychains are unlocked. Removing recent items provides a minimal increase in security, but it can deter unsophisticated intruders.”

x 240 pages.

(Link)

E-mail   0 Comments    Digg This    add to del.icio.us

Posted by mhall at 6:49 PM | Add Comment

Leave a comment











Type the characters you see in the picture above.

 




JupiterOnlineMedia

internet.comearthweb.comDevx.commediabistro.comGraphics.com

Search:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info


Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers