Mark Conrad
2005-04-06 23:15:09 UTC
Is there anyone out there over 80 years old who can explain "real" OSX
security to me, in simple terms, without resorting to "Terminal Hell"
techno-speak?
By "real" security I mean the realistic view that OS X _can_ be
broken into - - - not the garbage that is constantly spouted in this NG
that OS X is somehow immune to breakin by a skilled cracker.
Here is the "Lack of Progress" that I have suffered so far, in my
futile thrashing around, trying to get a reasonable level of security
for myself. (I run TB2 so I _need_ added security)
1) First, I frightened myself by browsing two books:
A) "The Happy Hacker" by Carolyn P. Meinel 1999
(general Unix security horror tales)
B) "Mac OS X Maximum Security" 2003 ISBN 0-672-32381-8
(747 pages on general Mac security issues)
I am laboriously trying to wade through all the stuff on the
Rivest-Shamir-Adelman algorithm, along with the stuff about OpenSSH
which is the version of SSH that ships with OS X.
Apple's OpenSSH itself has vulnerabilities, which are detailed in
the book. (pages 394-397) - - - I don't know how much success I will
have in actually understanding all this technical crap.
The smaller 'Happy Hacker' book was especially frightening.
It detailed what was likely to happen if one tangled anuses with the
crackers - - - not a pretty picture at all, considering the extreme
damage they might do to a Mac user who decided to take them on without
being prepared for the consequences.
2) Next, I goofed by purchasing LittleSnitch, only to find out that it
was beyond my capability to properly configure. Not only that, but
browsing Google using the search term "LittleSnitch" turned up some
rumbles on page-2 of the results page that LittleSnitch itself was
guilty of "calling home" !!!
That is like the fox guarding the henhouse, because LittleSnitch is
supposed to _prevent_ an errant program from "calling home".
I did not yet check further, but the author of that message offered to
respond to posters concerning the details.
3) Next, I downloaded free "Paranoid Android", only to find that it did
not include any install or configure instructions. It was advertised
as doing about the same job as LittleSnitch.
4) Next, I bought a "NetBarrier" bundled app' for $100, which is
advertised as an easy to setup alternative to OSX's builtin firewall.
I will see just how easy it is to set up, once it arrives.
People, hope that you do not become senile like I am. Get your smarts
now, while you still have the young brains to assimulate knowledge.
Mark-
security to me, in simple terms, without resorting to "Terminal Hell"
techno-speak?
By "real" security I mean the realistic view that OS X _can_ be
broken into - - - not the garbage that is constantly spouted in this NG
that OS X is somehow immune to breakin by a skilled cracker.
Here is the "Lack of Progress" that I have suffered so far, in my
futile thrashing around, trying to get a reasonable level of security
for myself. (I run TB2 so I _need_ added security)
1) First, I frightened myself by browsing two books:
A) "The Happy Hacker" by Carolyn P. Meinel 1999
(general Unix security horror tales)
B) "Mac OS X Maximum Security" 2003 ISBN 0-672-32381-8
(747 pages on general Mac security issues)
I am laboriously trying to wade through all the stuff on the
Rivest-Shamir-Adelman algorithm, along with the stuff about OpenSSH
which is the version of SSH that ships with OS X.
Apple's OpenSSH itself has vulnerabilities, which are detailed in
the book. (pages 394-397) - - - I don't know how much success I will
have in actually understanding all this technical crap.
The smaller 'Happy Hacker' book was especially frightening.
It detailed what was likely to happen if one tangled anuses with the
crackers - - - not a pretty picture at all, considering the extreme
damage they might do to a Mac user who decided to take them on without
being prepared for the consequences.
2) Next, I goofed by purchasing LittleSnitch, only to find out that it
was beyond my capability to properly configure. Not only that, but
browsing Google using the search term "LittleSnitch" turned up some
rumbles on page-2 of the results page that LittleSnitch itself was
guilty of "calling home" !!!
That is like the fox guarding the henhouse, because LittleSnitch is
supposed to _prevent_ an errant program from "calling home".
I did not yet check further, but the author of that message offered to
respond to posters concerning the details.
3) Next, I downloaded free "Paranoid Android", only to find that it did
not include any install or configure instructions. It was advertised
as doing about the same job as LittleSnitch.
4) Next, I bought a "NetBarrier" bundled app' for $100, which is
advertised as an easy to setup alternative to OSX's builtin firewall.
I will see just how easy it is to set up, once it arrives.
People, hope that you do not become senile like I am. Get your smarts
now, while you still have the young brains to assimulate knowledge.
Mark-