Can I put business sensitive documents on it without worry?
If not secure, what's the best methods to secure an Apple?
They are pretty secure but I'd encrypt sensitive documents just to be safe. If you make an encrypted read/write disk image with disk utility, that should do just fine. Then secure delete any files. Do not use sparse disk images ever - always fixed size.
By encrypting your files, you ensure that if you suffer a computer malfunction, you can be assured that no repair men can see your files either. For ultra super-duper protection, you can keep the encrypted disk image on an external volume and disconnect it while online so that if anyone even managed to somehow install a keylogger to get your encryption password, they can't get at the files.
Can I put business sensitive documents on it without worry?
If not secure, what's the best methods to secure an Apple?
In an out-of-the-box configuration your files are 100% secure assuming that you don't let the attacker physically sit down at your computer, and if you do, then as the previous poster suggested, file encryption will guarantee that they will never be able to read your files. You can use FileVault (under security in the system preferences) to easily encrypt your entire home folder.
For extra security you can turn on the software firewall (which uses IPFW)
Windows ships with several ports left open... through which hackers can own your machine.
'Nuff said.
Or is that not what you were asking?
See above quotes on encrypted disk images.
If you're really paranoid, you can also use PGP to encrypt disks (although it's a 3rd party program which costs).
Quote:
Originally stated by William Crowell, Deputy Director of National Security Agency, in testimony to US Congress, March 1997*
If all the personal computers in the world - ~260 million computers - were put to to work on a single PGP-encrypted message, it would still take an estimated 12 million times the age of the universe, on average, to break a single message (assuming that each of those workstations had processing power similar to each of the Berkeley student's workstations).
Originally stated by William Crowell, Deputy Director of National Security Agency, in testimony to US Congress, March 1997*
If all the personal computers in the world - ~260 million computers - were put to to work on a single PGP-encrypted message, it would still take an estimated 12 million times the age of the universe, on average, to break a single message (assuming that each of those workstations had processing power similar to each of the Berkeley student's workstations
I really love that "on average" coming hard on the heels of "12 million times the age of the universe".
"Well, you know, some really tough nuts take 14 times the age of the universe, and some practically decrypt themselves-- you know, no more that 10 times the age of the universe".
My iMac is arriving next week and I am preparing for it.
When Mac users say they never have problems with Virii etc I often wonder if they actually do and simply don't know it. My XP setup(s) have been broken into at least 5 times in the last 2 years and only now am I really getting a hold of how to properly and securely lock my XP boxes down - I run a Hardware and Software firewall, The Computer Security Tool ( A Blessing for all XP users - a MUST download and the usual raft of anti-virus and anti-spyware stuff.
Are Mac users saying that your systems are immune, that you would trust your system just like that out the box? No AntiSpyware or AntiVirus software or Third Party Firewall Software?
If so, it seems awfully shocking for me - that an OS can be THAT secure - I still doubt I would trust it 100% out the box to be 100% safe - maybe OS X is perceived to be more secure cause when they do get "hax0red" they don't know it or think it's a hardware malfunction or perhaps all the Apple Fanboys of the world don't want to admit defeat?
Okay - so securing OS X - 1. Encrypt the Disk so that it's a Sparse Disk 2. ?
There are more than 90,000 Windows viruses/worms/trojans in the wild, with an average of more than 100 new per week.
After six years on the market, there are zero Mac OS X viruses/worms/trojans. For reference, there were only ever about 50 viruses for all previous versions of Mac OS, most of them MS Word Macro viruses.
The last two months have seen three proof of concept pieces of malware for the Mac, all of which require active user installation, (including downloading them, double-clicking to unpack, double-clicking to install a jpeg \, and user authorization for said install [as long as you're smart and not running as an admin user])... they don't self-propagate or auto-infect.
That's the sum total of all known Mac OS X malware to date.
No viruses, no spyware, no worms, no self-propagating risks except for those which users choose to mindlessly click on and expose themselves to minor risk with (in the same way a user could click on a disguised app to wipe their drive if they were gullible... but that's not a virus, that's gullible user error.).
As for why, there's a well known page on Daring Fireball called Broken Windows which explains a lot.
I've owned macs since 1993 and not once have I encountered a virus, spyware, trojan or other malware. I have worked on OS X since Jaguar (10.2) WITHOUT any anti-virus software, just my router's firewall... I've felt safer since OS X but I still run the free ClamXav once and awhile and keep up to date on Mac news should a virus etc. appear.
Meanwhile, when they installed WindowsXP on computers at my church, they had a virus within 45 minutes - hadn't even been used.
I find this all so hard to believe - that Apple's are essentially "immune" to the harsh enviroment of the enviroment.
My scepticism stems from the years and years of using Windows and the constant attacks and threats - with the Apple brand becoming "iconic" and gaining market share, I will not be surprised if the hacker community will start concentrating on OS X.
Perhaps this OS X Switch will be beneficial, I am not giving up on Windows in that there are certains things that still need XP to run but I think I will be spending more time on the Mac from now on ( when I take delivery of a tester iMac next week! )
Are Mac users saying that your systems are immune, that you would trust your system just like that out the box?
Nobody is saying they are immune. They ARE about 1000x harder to penetrate due to the OS design, compared to Windows.
Quote:
No AntiSpyware or AntiVirus software or Third Party Firewall Software?
There are no spywares or viruses for the "antivirus software" to check for! Such software would have an empty database.
(Insert standard disclaimer here about Windows malware being passed on to Windows colleagues via the Mac - but is not my job to protect everyone who just had to have the computer "everyone else" uses - they made their choice and now they can deal with it).
I'm curious why you ask in an open thread about how secure an apple iMac is out of the box! And yet every one joins in to give an honest opinion, you say fanboys ect.
We're not replying to this thread for the good of our health!
Everything you've read here is honest and truthful.
I understand you could be sceptical, but you'll see that there's no bullshit here pretty soon!
I switched to using apple about a year ago, if I had viruses on this thing I would say so, I have no reason to talk shit here. I've nothing to gain, and that goes for the rest of the people here!
The reason I think apple user can be passionate at times is because after a while of using the system, they kinda think, why isn't everybody using these!
I find this all so hard to believe - that Apple's are essentially "immune" to the harsh enviroment of the enviroment.
The first thing that you have to get your brain around is the fact that MacOS X is not Windows. MacOS X is darned near immune to viruses, but the other non-Windows OSes are pretty darned secure as well. Windows is not the rule, it is the exception. It is only because Windows has such a large installed base that people think that virus infestations are the normal state of computer software. They are not.
Quote:
Originally posted by kmhtkmhtkmht
My scepticism stems from the years and years of using Windows and the constant attacks and threats - with the Apple brand becoming "iconic" and gaining market share, I will not be surprised if the hacker community will start concentrating on OS X.
You assume that attackers are not concentrating on MacOS X now. Just because they haven't succeeded doesn't mean they aren't trying. The number Macintosh viruses in the wild peeked back in the days of System 6. Since then the number trailed off to nothing. The number of Macintosh viruses dropped because the design of the hardware and software made it easy to stop them. On the other hand, Microsoft has made several high-profile announcements about its new emphasis on security over the years. With each new announcement, the problem has only gotten worse, particularly in the severity of the threats.
Quote:
Originally posted by kmhtkmhtkmht
Perhaps this OS X Switch will be beneficial, I am not giving up on Windows in that there are certains things that still need XP to run but I think I will be spending more time on the Mac from now on ( when I take delivery of a tester iMac next week! )
There is nothing OS X does different than the myriad of *nix/GNU/Linux systems out there. So no, OS X is not "darned near immune" to viruses, as aren't hundreds of *nix variants out there. They get them less, or not at all, but immunity implies total resistance to viruses, and that's not the case. OS X just follows basic *nix policy of a regular user, root disabled, and in order to get privileges, you need to either use 'su' (in some *nix systems) or 'sudo' (in OS X, Ubuntu, among others).
There are virus scanners out there, and if you're paranoid, you can pick up one of them. Avoid Norton like the plague though. Turn on the Firewall, and if you're extra paranoid, use Little Snitch. Turn of opening of downloaded files in Safari (if you use it) and don't click on .jpg files without knowing what they are (no trojans though, they say... ) and you should be all set.
Can I put business sensitive documents on it without worry?
If not secure, what's the best methods to secure an Apple?
If you're working with sensitive documents you should be using PGP. It staggers me how many companies fail to properly protect IP.
That said Mac OS X has some good basic security. I dislike their firewall UI but the security tab is handy. I dislike FileVault because you can end up filling the image and then you need to relog to get space back.
There is nothing OS X does different than the myriad of *nix/GNU/Linux systems out there.
From a system security standpoint OS X is just another secure *nix variant, but where OS X shines is human interface security, with features such as the admin password prompt even for those with admin access, the fact that the main admin user is BELOW root, etc.
.... So no, OS X is not "darned near immune" to viruses, as aren't hundreds of *nix variants out there. ...
You stood up that strawman and knocked it flat on its butt. I said that there are non-Windows OSes out there that are less vulnerable to viruses than Windows. I did not say that these are all *nix variants. I didn't even use the phrase. Nor did I even so much as hint at the numberof these non-Windows OSes.
I tried out the PGP Desktop program last night but don't really get it - I "encypted and signed" the My Documents folder and I could still just double click the My Documents and open anything in there - don't really understand that concept at all - will read manual.
All above responses are very constructive and have convinced me that OS X is secure - I will be PGPing the whole computer and using the Sparse Disk Idea.
So now it's down to my evaluation of the iMac next week and if I like it I'll start ordering more!
Comments
Originally posted by kmhtkmhtkmht
How secure is an iMac out of the box?
Can I put business sensitive documents on it without worry?
If not secure, what's the best methods to secure an Apple?
They are pretty secure but I'd encrypt sensitive documents just to be safe. If you make an encrypted read/write disk image with disk utility, that should do just fine. Then secure delete any files. Do not use sparse disk images ever - always fixed size.
By encrypting your files, you ensure that if you suffer a computer malfunction, you can be assured that no repair men can see your files either. For ultra super-duper protection, you can keep the encrypted disk image on an external volume and disconnect it while online so that if anyone even managed to somehow install a keylogger to get your encryption password, they can't get at the files.
Originally posted by kmhtkmhtkmht
How secure is an iMac out of the box?
Can I put business sensitive documents on it without worry?
If not secure, what's the best methods to secure an Apple?
In an out-of-the-box configuration your files are 100% secure assuming that you don't let the attacker physically sit down at your computer, and if you do, then as the previous poster suggested, file encryption will guarantee that they will never be able to read your files. You can use FileVault (under security in the system preferences) to easily encrypt your entire home folder.
Originally posted by akheron01
You can use FileVault (under security in the system preferences) to easily encrypt your entire home folder.
What are the pros and cons of of FileVault vs Encrypted Disk Image?
Originally posted by fahlman
What are the pros and cons of of FileVault vs Encrypted Disk Image?
An encrypted disk image holds a specific set of files that you wish to be encrypted, while FileVault will simply encrypt ALL of your files.
Encrypted disk images created manually, on the other hand, cover only a part of your home directory.
*) Sparse meaning that the image can dynamically grow as your home directory becomes larger.
I'll give you an example, I have my iMac 1 year!
Never one problem with security, no viruses, or break downs, not once!
The beats the PC I used to have at least one of each per day!
I'm off now to relax in a nice bath, life's a breeze.
Very safe, and extremely reliable!
Bwahahahahahahahahaha...
OS X ships default with all ports closed.
For extra security you can turn on the software firewall (which uses IPFW)
Windows ships with several ports left open... through which hackers can own your machine.
'Nuff said.
Or is that not what you were asking?
See above quotes on encrypted disk images.
If you're really paranoid, you can also use PGP to encrypt disks (although it's a 3rd party program which costs).
Originally stated by William Crowell, Deputy Director of National Security Agency, in testimony to US Congress, March 1997*
If all the personal computers in the world - ~260 million computers - were put to to work on a single PGP-encrypted message, it would still take an estimated 12 million times the age of the universe, on average, to break a single message (assuming that each of those workstations had processing power similar to each of the Berkeley student's workstations).
* testimony to US congress
Originally stated by William Crowell, Deputy Director of National Security Agency, in testimony to US Congress, March 1997*
If all the personal computers in the world - ~260 million computers - were put to to work on a single PGP-encrypted message, it would still take an estimated 12 million times the age of the universe, on average, to break a single message (assuming that each of those workstations had processing power similar to each of the Berkeley student's workstations
I really love that "on average" coming hard on the heels of "12 million times the age of the universe".
"Well, you know, some really tough nuts take 14 times the age of the universe, and some practically decrypt themselves-- you know, no more that 10 times the age of the universe".
My iMac is arriving next week and I am preparing for it.
When Mac users say they never have problems with Virii etc I often wonder if they actually do and simply don't know it. My XP setup(s) have been broken into at least 5 times in the last 2 years and only now am I really getting a hold of how to properly and securely lock my XP boxes down - I run a Hardware and Software firewall, The Computer Security Tool ( A Blessing for all XP users - a MUST download and the usual raft of anti-virus and anti-spyware stuff.
Are Mac users saying that your systems are immune, that you would trust your system just like that out the box? No AntiSpyware or AntiVirus software or Third Party Firewall Software?
If so, it seems awfully shocking for me - that an OS can be THAT secure - I still doubt I would trust it 100% out the box to be 100% safe - maybe OS X is perceived to be more secure cause when they do get "hax0red" they don't know it or think it's a hardware malfunction or perhaps all the Apple Fanboys of the world don't want to admit defeat?
Okay - so securing OS X - 1. Encrypt the Disk so that it's a Sparse Disk 2. ?
(on the PGP point, found this: http://www.pgp.com/products/desktop/...nal/index.html )
After six years on the market, there are zero Mac OS X viruses/worms/trojans. For reference, there were only ever about 50 viruses for all previous versions of Mac OS, most of them MS Word Macro viruses.
The last two months have seen three proof of concept pieces of malware for the Mac, all of which require active user installation, (including downloading them, double-clicking to unpack, double-clicking to install a jpeg
That's the sum total of all known Mac OS X malware to date.
No viruses, no spyware, no worms, no self-propagating risks except for those which users choose to mindlessly click on and expose themselves to minor risk with (in the same way a user could click on a disguised app to wipe their drive if they were gullible... but that's not a virus, that's gullible user error.).
As for why, there's a well known page on Daring Fireball called Broken Windows which explains a lot.
Meanwhile, when they installed WindowsXP on computers at my church, they had a virus within 45 minutes - hadn't even been used.
My scepticism stems from the years and years of using Windows and the constant attacks and threats - with the Apple brand becoming "iconic" and gaining market share, I will not be surprised if the hacker community will start concentrating on OS X.
Perhaps this OS X Switch will be beneficial, I am not giving up on Windows in that there are certains things that still need XP to run but I think I will be spending more time on the Mac from now on ( when I take delivery of a tester iMac next week! )
Are Mac users saying that your systems are immune, that you would trust your system just like that out the box?
Nobody is saying they are immune. They ARE about 1000x harder to penetrate due to the OS design, compared to Windows.
No AntiSpyware or AntiVirus software or Third Party Firewall Software?
There are no spywares or viruses for the "antivirus software" to check for! Such software would have an empty database.
(Insert standard disclaimer here about Windows malware being passed on to Windows colleagues via the Mac - but is not my job to protect everyone who just had to have the computer "everyone else" uses - they made their choice and now they can deal with it).
We're not replying to this thread for the good of our health!
Everything you've read here is honest and truthful.
I understand you could be sceptical, but you'll see that there's no bullshit here pretty soon!
I switched to using apple about a year ago, if I had viruses on this thing I would say so, I have no reason to talk shit here. I've nothing to gain, and that goes for the rest of the people here!
The reason I think apple user can be passionate at times is because after a while of using the system, they kinda think, why isn't everybody using these!
Originally posted by kmhtkmhtkmht
I find this all so hard to believe - that Apple's are essentially "immune" to the harsh enviroment of the enviroment.
The first thing that you have to get your brain around is the fact that MacOS X is not Windows. MacOS X is darned near immune to viruses, but the other non-Windows OSes are pretty darned secure as well. Windows is not the rule, it is the exception. It is only because Windows has such a large installed base that people think that virus infestations are the normal state of computer software. They are not.
Originally posted by kmhtkmhtkmht
My scepticism stems from the years and years of using Windows and the constant attacks and threats - with the Apple brand becoming "iconic" and gaining market share, I will not be surprised if the hacker community will start concentrating on OS X.
You assume that attackers are not concentrating on MacOS X now. Just because they haven't succeeded doesn't mean they aren't trying. The number Macintosh viruses in the wild peeked back in the days of System 6. Since then the number trailed off to nothing. The number of Macintosh viruses dropped because the design of the hardware and software made it easy to stop them. On the other hand, Microsoft has made several high-profile announcements about its new emphasis on security over the years. With each new announcement, the problem has only gotten worse, particularly in the severity of the threats.
Originally posted by kmhtkmhtkmht
Perhaps this OS X Switch will be beneficial, I am not giving up on Windows in that there are certains things that still need XP to run but I think I will be spending more time on the Mac from now on ( when I take delivery of a tester iMac next week! )
Good move.
There are virus scanners out there, and if you're paranoid, you can pick up one of them. Avoid Norton like the plague though. Turn on the Firewall, and if you're extra paranoid, use Little Snitch. Turn of opening of downloaded files in Safari (if you use it) and don't click on .jpg files without knowing what they are (no trojans though, they say...
Originally posted by kmhtkmhtkmht
How secure is an iMac out of the box?
Can I put business sensitive documents on it without worry?
If not secure, what's the best methods to secure an Apple?
If you're working with sensitive documents you should be using PGP. It staggers me how many companies fail to properly protect IP.
That said Mac OS X has some good basic security. I dislike their firewall UI but the security tab is handy. I dislike FileVault because you can end up filling the image and then you need to relog to get space back.
Originally posted by Gene Clean
There is nothing OS X does different than the myriad of *nix/GNU/Linux systems out there.
From a system security standpoint OS X is just another secure *nix variant, but where OS X shines is human interface security, with features such as the admin password prompt even for those with admin access, the fact that the main admin user is BELOW root, etc.
Originally posted by Gene Clean
.... So no, OS X is not "darned near immune" to viruses, as aren't hundreds of *nix variants out there. ...
You stood up that strawman and knocked it flat on its butt. I said that there are non-Windows OSes out there that are less vulnerable to viruses than Windows. I did not say that these are all *nix variants. I didn't even use the phrase. Nor did I even so much as hint at the numberof these non-Windows OSes.
I tried out the PGP Desktop program last night but don't really get it - I "encypted and signed" the My Documents folder and I could still just double click the My Documents and open anything in there - don't really understand that concept at all - will read manual.
All above responses are very constructive and have convinced me that OS X is secure - I will be PGPing the whole computer and using the Sparse Disk Idea.
So now it's down to my evaluation of the iMac next week and if I like it I'll start ordering more!
Apple - 1
Windows - 0