Slashdot Mirror
Securing Mac OS X
LogError writes "This paper addresses operating system hardening in terms of patching, administration roles, and setting passwords. It also provides information on Mac OS X network security: namely, basic firewall configuration and hardening of network services such as FTP, SSH, and Apache."
While OS X is quite secure by default, it is good to recognize that OS X, like any OS, isn't without vulnerability. The fact that the OS is getting a thorough look-over for security concerns is just one more step in getting it taken seriously. I'm going to have a full of the paper now.
Not quite true, particularly in a corporate setting. Let me state first off that I run OS X and don't have any anti-virus software, but I can see a use for it.
Chances are that the email you're sending is getting read on a Windows box. If you're forwarding along a mail containing an attachment, you might be unwittingly forwarding a Windows virus which is totally harmless to you, but not so to your recipient. I had one the other day - README.CPL. Mac users don't need to care that that's a Windows control panel, and might not even know. Your virus checker might not prevent you from catching non-existent viruses, but it will help you be nicer to the Windows-using world by catching anything you're sending out. Can also help with macro viruses I imagine, though I don't have MS Office on my machine so I can't be certain of that.
Cheers,
Ian
Do anti-virus programs on the client scan email that you send out? I was under the impression they scanned files that were copied to the hard disk, it would have to be very closely integrated with the email software to scan incoming email, and frankly there are better enterprise products for scanning mail attachments on the server side anyway.
Not forwarding attachments that you don't recognise/need is common sense - why would you possibly forward an email like that??? So I think the grand-parent's point stands - until there is a virus in the wild for OS X, installing anti-virus software is not going to help anyone.
The only possible use I can see is to scan for word macro viruses which you might pass on to windows users, however there is another solution to that problem. Also, if they have anti-virus software (which they should have) it should pick that up.
Sorry, but the Windows-using world can kiss my ass. I don't see how I should be expected to buy antivirus software for Mac OS X simply as a courtesy to Windows users with whom I may communicate. Frankly, as a longtime Mac user I'm fucking sick and tired of bending over backwards to accommodate Windows users, and not getting a fraction of that courtesy in return.
They should be running their own damned antivirus software so any file that I pass them gets checked/disinfected on their end.
If Windows users want me to run antivirus software on my Mac which does not need it, then they are more than welcome to buy it for me-- surely they can afford it, since they saved soooo much money by buying a Windows PC, right?
Yes, because we have anti-virus software that can see into the future, and protect against viruses that haven't been written yet.
There are no tiger attacks in my area and it's all because this rock I'm holding keeps the tigers away.
This alone isn't enough. You need physical security, too. If I can get physical access to the machine, I can walk out of the room with the whole thing, or just it's hard drive, or even just an image of it's hard drive, and start working on it.
The only truly secure computer is encased in concrete and sitting at the bottom of the Pacific Ocean, two thousand miles south of Honolulu.
End of Line.