Welcome to the free online Mac OS X tutorial: learn and switch to Mac OS X!

Security
Safely on the Net: the build-in Firewall

Computer security is a hot item these days. You might wonder if you're as vulnerable with your Mac as with a Windows computer.
Relax; the answer is 'No'.
At moment of writing, there are no viruses or Trojan Horses and hacking is not common practice.
This is not because of the smaller percentage of Apple Computers, but a higher level of security than the average Win-Tel computer. In Windows, different software programs are intertwined. A leak in one of them means a leak in the whole operating system. Programmers use this to write viruses and break into your system. This is not the case in Mac OS X and in other Unix ports like Linux.

This does not mean that hacking or infecting a Mac is impossible! It's not a question of IF but a question of WHEN the Mac community will be the victim of fast spreading malware...

A safe computer starts with a user who uses it safely. MacMeep can name a few different basic rules to do that:

- Keep your passwords at a safe place, on paper. Safe passwords are words that do not exist, with numbers in them. Use different passwords for your Mac-account, your Email account, Internet account, and et-cetera. By the way: Mac or no Mac, remember that email is an open book to hackers!

- Do not open strange files that unknown people send to you by email

- Use the Firewall when you're online

- Keep your System Software up-to-date with Software Update

- A virus scanner helps your Windows friends. Although a Windows virus doesn't hurt a Mac at all, you can send it to your friends. But remember: the safety an anti virus program gives you, only lasts a while. You need to update the virus definitions regularly! This doesn't mean daily, monthly is okay.

- Power Users: do not use the root-account! Prefer the 'sudo' command in Terminal. Sudo gives you five minutes time to work as 'root'. Is it absolutely necessary to work as 'root', de-activate the account as soon as you're done. Don't let it show itself in the log-on user list when the Mac boots.

- This tip is for the Switchers: DO NOT PANIC! Don't think of a virus or Trojan when your Mac is in trouble. Also realize that even a computer as safe as a Mac is not totally on-vulnerable. Every program contains programming errors. That's because programmers are human.

- Go and visit a Mac news site regularly (for example Macintouch.com) to stay informed.

You are not anonymous on the Internet...

What is a Fire Wall?
A computer in a network communicates with other computers through so-called 'Ports'.
Every port has a number. Some port numbers are reserved to certain protocols and programs. Traffic on the Internet, for example, goes through port 80, Email port 25 and FTP port 21.
Ports who are not used (thousands) can be miss used by hackers and Worms. So it is obvious that you should close those ports. This is what a Firewall does.
A Firewall is a piece of software (or hardware) that lets the computer use only those ports its user approves of.
There's a Firewall in Mac OS X. Go to System Preferences => Sharing. Turn on the Firewall at 'Firewall':

At 'Services' you can choose to open certain ports in case you want to use your Mac as a server in a network:

Editing the Firewall
Experienced users can edit the Firewall by clicking the 'New' button. This can be useful to specific P2P programs or other server programs. Some ports are pre-selected:

Choose 'Other' to specify one yourself, for example BitTorrent:

And there's your new port-configuration:

Security in Safari
Security issues in Apple's main internet browser:

In case you're downloading a program, Safari will warn you:

Go to the Safari Menu => Preferences => 'General' and deselect "Open "safe" files after downloading":

At 'Security' you have also the option to Disable scripts, plug-ins, forms and Cookies:

Note that when you Disable plug-ins or javascript/java, some websites won't work properly

Privacy in Safari
Also in the Safari Menu you can select the 'Private Browsing' option:

At the 'History' Menu you can find 'Clear History':

Securely emptying the Trash
When you empty the trash, the file you threw away isn't really gone. The Mac only 'forgets' its place at the hard disc. The data itself continues to exist until other data is written over it.
With specialized software, anyone can access those hidden files, it can take months for them to be overwritten.
That is what this safe option is for. Data isn't only removed, it will be overwritten too. So in case you might think this option is for reducing the risk of accidently remove data: it is not!

Safely sell your Mac or hard disc.
Erasing a hard disc doesn't mean its completely free of data. Only the index of the discs is being erased and its data can still be recovered.
'Disc Utility' gives you the opportunity to erase your disc completely and make all its data unreadable:

-

There are companies who specialize in recovering data from hard discs. Even fire or water won't make a disc totally unreadable!

Secure the data on your hard drive
At System Preferences => File Vault you have the option to encode the data in your user folder. Without your password, or a master password, the data cannot be read and will be lost.

TIP
Secure data on your iPod or an USB stick
Open Disk Utility and click on the 'New Image' icon:

Choose the appropriate size and give the disk a name. Select at 'Encryption': "AES-128":

Enter a password:

And a .dmg disk is created. Copy this .dmg to your iPod or USB stick.

When you open the .dmg, a password will be asked:

Now you can access your secured virtual disk:

How secure is my Mac?
If you want to know the safety-level of your computer, you can test it online. For example at 'Shields Up' from Gibson Research.

It's a nice site. There's a tutorial about ports and computer safety.
The site probes all your ports and makes a visual report.
'open' = red (this is not safe)
'closed' = blue (this is okay)
'stealth' = green (this is the best: no one can even see your ports exist).

Maximum physical safety of your Mac
Later on in this training, you'll learn how to boot your Mac from cd and change user passwords. Booting in Classic mode (if possible on Macs made prior to 2003) will also give you access to all the files on the Mac. This is a potential safety-issue.
First: be careful with those system cd or DVD you got with your Mac. Put them away and out of sight.
If you want to close your Mac COMPLETELY to foreign access, use Open Firmware. Firmware is the instruction that is not on the hard disc but on a special chip at the motherboard. This only restricts physical access, it does nothing against hackers, crackers or script kiddies.
You can find more information about this method at Apple Knowledge Database document No. 120095.

I'm afraid my Mac gets stolen
'Undercover', a program from the Belgium company Orbicule, ( http://www.orbicule.com), helps to find back a stolen Mac. Ingenious!

Disclaimer: Use of the information and data contained within this site is at your sole risk. If you rely on the information on this Site you are responsible for ensuring by independent verification its accuracy, currency or completeness. Copyright of all screenshots: Apple Computer Inc.