NSA Security Guide for Mac OS X
An anonymous reader writes "The National Security Agency has just released a Security Configuration Guide for Apple Mac OS X (pdf). The guide mostly contains common sense configuration information that applies to many Unix systems. It also includes specific discussion for Apple's unique features such as Keychain and FileVault. It should be useful to most Mac OS X users and will be particularly useful for US Government organisations that use Mac OS X and for commercial IT Departments that are supporting Mac OS X. A range of other NSA Security Configuration guides for other operating systems, applications, and IT kit are also available."
I tell you one interesting thing. While it was working back in 2003, I updated a 68030 Mac Duo laptop 7.6's modem driver from Apple site. I even had support about how to add more ram. That machine is back from 1994 or something.
OS X updates aren't service packs, they are new OS'es. 10.3.0 is a new OS , 10.3.1 is a service pack.
About antivirus and anti adware? As its a BSD based real OS, its run by rights. As its a pain in the ass to code a spyware on linux, its much more harder on OS X. Guess why? OS X shows a user friendly window which is centralized by OS GUI whenever a program needs administrative access.
Oh there is a program on OS X, comes with it and has a unsolved security problem. Yes, it still exists. Guess what is it? INTERNET EXPLORER macintosh edition.
In Soviet russia, only old Koreans profit from pictures of Natalie Portman stored on Beowulf Clusters.
Yikes! The replies to this story are completely screwed up. I'm starting to feel sorry I ever tried to make a joke. I figured others would have something more insightful to say. Well, since no one else will, I'll try to say something insightful.
It seems to me that most OS X users are pretty quiet on the topic because they can't find anything to say. Not because they're ashamed, but more because OS X Just Works(TM). Since the OS Just Works(TM), security guidelines like this are nothing more than hints on how to prevent users from accidentally opening security holes.
Contrast this with Windows, where everyone is always looking for the "magic solution" that will allow them to completely close of the machine from attack. Yet Windows insists on requiring various services (e.g. RPC) to be running and publicly available before it will run properly.
Some might argue that OS X is so secure because the developers had an opportunity to view OSes which came before them. This may seem like a reasonable argument, but quickly falls apart once OS X's heritage is investigated. You see, OS X is really the next major release of NeXTSTEPl an OS that pre-dates Microsoft's creation of Windows NT & 95. NeXT got it right back then. Why can't other OS makers get it right today?
Javascript + Nintendo DSi = DSiCade
Everyone has USB, why not use this instead of requiring a card reader?
:(
Excellent idea though, I have been in support of that concept for a while. This could be extended to requiring a password to unlock the private key on the card/usb drive or even have a small thumbprint reader on the card/usb drive itself to unlock the key. This would remove my major complaints about biometrics (ie replay attack)
These technologies all exist and would be simple, but people simply do not see the need for them so there is no demand (outside of of some rare government, education, and corporation groups). Unfortunately the average joe is content with a digital world that relies completly on his mother's maiden name for authentication
Finkployd