Being a PC guy for nearly 2 decades, I got accustomed to the shortfalls of Windows systems in regards to privacy and security, and thus, eventually the steps necessary to secure my shit.
Now that I made the switch to a Mac full-time (and regret not doing so much sooner), I am at a loss.
The obvious things stand: Lock the router down/enable IPS/etc, set good passwords, use a firewall, scan your shit, use Chrome/FF with the right extensions, etc. but I am wondering if anyone has any further suggestions.
What I have so far (speaking purely about the machine itself) is
Firewall: OSX firewall disabled, but IPS firewall enabled on Router
Outbound firewall: Little Snitch
Password security/storage/encryption: 1Password
General Maintenance: CleanMyMac and CCleaner (both using 3-pass wipe settings)
Rootkit: OSXrkhunter and Sophos anti-rootkit
Virus/malware: Sophos Anti-Virus
Other: OnyX
I use time machine and have set it up on an OSX encrypted partition, but I'm not sure how good the built-in encryption on OSX actually is.
I've disabled the root account, and I use a moderate password for user account settings, and a solid one for the encryption.
So any other suggestions/recommendations/tips would be welcome.
Also, I have, for many years now, used TrueCrypt full-disk encryption, which I loved. I still use it in many forms/layers on external storage, but I feel naked without the main HDD fully encrypted, as it doesn't do FDE on Mac systems.
In trying to enable the OSX disk encryption option for the main drive, I am told I must re-install OSX and restore from a TM backup in order to do so. Considering this is a hackintosh setup and it took me days to finally get it working flawlessly, I do NOT want to start over again. I simply can't afford the downtime.
So, any suggestions? Any extra tips?
I'm not a security expert, and while I have no problem locking down Ubuntu/Deb boxes quite well (plenty of in-depth instructions on the net for that), I have no idea how to securely lock down this one.
I feel sort of the same way I do about my iPhone. I love it, but it offers no real security. Whereas something like a BlackBerry at least tries to fend off prying eyes/hands, I feel like Apple is open to anyone with even mild skills.
Now that I made the switch to a Mac full-time (and regret not doing so much sooner), I am at a loss.
The obvious things stand: Lock the router down/enable IPS/etc, set good passwords, use a firewall, scan your shit, use Chrome/FF with the right extensions, etc. but I am wondering if anyone has any further suggestions.
What I have so far (speaking purely about the machine itself) is
Firewall: OSX firewall disabled, but IPS firewall enabled on Router
Outbound firewall: Little Snitch
Password security/storage/encryption: 1Password
General Maintenance: CleanMyMac and CCleaner (both using 3-pass wipe settings)
Rootkit: OSXrkhunter and Sophos anti-rootkit
Virus/malware: Sophos Anti-Virus
Other: OnyX
I use time machine and have set it up on an OSX encrypted partition, but I'm not sure how good the built-in encryption on OSX actually is.
I've disabled the root account, and I use a moderate password for user account settings, and a solid one for the encryption.
So any other suggestions/recommendations/tips would be welcome.
Also, I have, for many years now, used TrueCrypt full-disk encryption, which I loved. I still use it in many forms/layers on external storage, but I feel naked without the main HDD fully encrypted, as it doesn't do FDE on Mac systems.
In trying to enable the OSX disk encryption option for the main drive, I am told I must re-install OSX and restore from a TM backup in order to do so. Considering this is a hackintosh setup and it took me days to finally get it working flawlessly, I do NOT want to start over again. I simply can't afford the downtime.
So, any suggestions? Any extra tips?
I'm not a security expert, and while I have no problem locking down Ubuntu/Deb boxes quite well (plenty of in-depth instructions on the net for that), I have no idea how to securely lock down this one.
I feel sort of the same way I do about my iPhone. I love it, but it offers no real security. Whereas something like a BlackBerry at least tries to fend off prying eyes/hands, I feel like Apple is open to anyone with even mild skills.
