7 tips to help you keep Mac safe

Many users are concerned about the security of their computers and ask "How can I protect my Mac on the Internet?" Or "Should I install a different anti-virus software?". These issues to varying interpretations often excite the minds of users. Most often they can be heard by people who have recently moved to OS X with Windows and have not yet had time to get rid of old habits, means installing antivirus programs detect spyware and other such things in security.

The easiest way, of course, to make a joke and say that the most secure computer is one that is disconnected from the Internet or even turned off.

But seriously, what is recommended for people taking care of the safety and security of their data? We decided to look at this problem more broadly and consider it from all sides.

instead of a prologue

I spent some time searching for the information and gathered some useful tips to help you protect your Mac and work for them, without fear of problems when something goes wrong. These tips are neutral and do not contain any recommendations on, as I have in this there is no interest. And yes, I do not believe in the absolute invulnerability of the computer, it did not work on whatever platform. Some of the recommendations below are not directly related to malware, but one way or otherwise, they affect the security of your data in case of loss, theft or damage to your computer.

In fact, the collapse of the security OS X already predicting for many years, and as soon as the news of any slightest vulnerability, everyone is screaming, foaming at the mouth: "Look, look! I told you that your maki no better than PCs with Windows! ». Most of these articles on the Internet and blog posts biased and more focused on public relations of various anti-virus software, and one way or another, related to the sale. All of the arguments are usually summarized as follows: "Despite the fact that you have OS X, sooner or later it will have the same problems as in Windows. So, you better be ready for that inevitable day in advance and buy our anti-virus. "

But the funny thing here is that only any serious security problem in OS X Trojan Flashback was in April 2012, and oddly enough at wave of this "success" was not able to earn no company that sells antivirus software, for the simple reason that no antivirus failed him detect. :)

So what are the reasonable precautions should be taken to people who want to protect your computer and safety of your data?

Council №1: Bacup

Backups with Time Machine

Telling people that they should do backups, this is probably the same as what to say to them that they have started to eat right or exercise. Everyone knows that it is supposed to do, many are planning to start next Monday, but almost no one comes to real action.

You can ignore all other advice, but please listen to this. Make backups! Nikakago no excuse to not do backups in OS X. Its structure includes Time Machine, is perhaps the most convenient and easy tool for creating backups and buy a second hard drive to store them is not too difficult and expensive. Time Machine at the first connection prompts you to configure it, and in the future everything will happen automatically, without your intervention.

Using Time Machine - it's like the seat belts in your car, without them it is possible, but very dangerous.

Creating a disk image (clone)

Time Machine is great, but do not dwell on it. If you want to be absolutely safe, you should have an image of the system partition of your hard (or SSD) drive. It is an exact replica, in other words, his clone, which you can use to boot your computer, if your primary disk is damaged in any way. You can do it like using Disk Utility, and with the help of third-party applications such as SuperDuper or Carbon Copy Cloner.

Use Time Machine disk image and can be compared with the seat belts in the car and a good insurance that covers all accidents.

backup backup

If you look at things with more skepticism, it is worth noting that keeping backups of your home may not make sense if consider the possibility of their theft, along with a host computer or damage during the time of fire or other natural distress. The way out of this situation is to store your backups remotely, which can be organized in several ways.

The easiest - to create two backup and take one of them to a remote safe location, such as to work or to your friend home. Starting with OS X 10.8, Time Machine makes it easy to use for backups of different wheels, so that it will not be a problem. Thus you will have a local backup copy and, in any case, even one in a safe place.

This has certain disadvantages, namely that you will have to periodically update their backups, which, in turn, will create discomfort with all this fuss with hard drives and their movements. More elegant solution is to use special applications or services for remote backup. For example, BackBlaze, CrashPlan, Mozy, Carbonite, JungleDisk or any other that will create remote backups of your data in real time.

Cloud for the most important files

In fact, the cloud, for example the same Dropbox, are not a means of backup, however they can offer some interesting things related to your field of data security.

Firstly, as soon as you save any document in the Dropbox folder (or any subfolder), he will be immediately copied to the cloud. This means that after some few seconds (depending on the speed of the Internet), you will have the remote copy of the file you were working with. For example, if you typed the document at 10:15, and at 10:20 spilled coffee on your laptop - your work will not be lost and you can always restore the backup of the document.

Second, Dropbox will also help in cases where the computer may be damaged or removed by those very important files. Dropbox stores versions of all changes for each of your file for 30 days. Therefore, you can easily compare versions of documents to find the latest version of the unspoiled and save it, using the web interface. In addition, there is one optional feature Dropbox with the eloquent title Plyushkin available in paid subscription, which allows you to recover different versions of files from Dropbox even after 30 days, which actually involves them for an indefinite period of time storage (runs until you pay for function).

File corruption may be more complicated problem than to remove them, so the ability to restore previous versions, in fact, a very important feature that helps cool. In fact, Time Machine is doing the same and it can help to restore previous versions of files that you worked on, but there there is one drawback - it makes backups only 1 times per hour, which may be too little if you are actively working with files and documents.

About security. You can argue about the use of the recommendations of Dropbox as a place to store your personal data as it means sending them to third parties, which in turn could (theoretically) means the threat of leakage or security problems Dropbox. I think this is extreme. Firstly, I (and probably you, too) do not keep any super secret data of national importance in your Dropbox. For sensitive information, I use 1Password, which encrypts all data and at the same time they are protected by my reliable master password. Second, the probability of damage or deletion of data (hard disk failure) is much greater than what someone needed my files and he breaks into my Dropbox, to reach them. Therefore, we can say with confidence that Dropbox - it's a great solution that just works. Automatically. Around the clock. On all your computers.

If you belong to the category of skeptics who are prone to exaggerate the likelihood of a particular threat, as an extra precaution, it may be advisable to use data encryption. It's free can be done using native means (Disk Utility), or use third-party solutions like Knox. And so, instead of Dropbox, you can use any other cloud, whether it is Google Drive, SkyDrive, or anything else.

Council №2: Do not set up everything

Now let's consider the threat of malware and how you can deal with them.

Most often, these worms, Trojans and other byaka gets on our computer for our own negligence. Often we (or anyone else) set them thinking it is some other software. If I wrote a primitive application for Mac with minimal functionality and convinced you to use it by entering your password - I could do a lot on your computer.

Found on torrent some high-quality and expensive application that you do not want buy (or can not afford), it is very difficult to resist the temptation to download and install his. As justification, we usually say to ourselves that the use it often enough to buy or what you need before you buy it to try. One way or another, but the problem is that you just never know what you are installing. This may be a "safe" version of the hacked applications, and can be an application that simultaneously install on your Mac any malicious software, along with the fact that you've been craving. Thus, as soon as you start to install applications from untrusted sources, you are at risk. What to do in this case?

Use the Mac App Store, which Apple is promoting as a safe place to buy and install applications. There are many free apps, and the price paid is not so high compared with the opportunities that they provide. We can not say with 100% certainty that the Mac App Store will never get malware, but there is this probability is reduced to a very tiny percentage.

Use software from trusted developers. Along with the Mac App Store, which is achieved by a variety of security restrictions that Apple binds developers there are many worthy and functional applications, it turns out outside, just the same because of these restrictions. Nevertheless, I always install a variety of applications from third-party developers, making it quite calmly, because Practicing some precautions.

Starting with OS X 10.8 Lion, Apple introduced the Gatekeeper, which is an additional layer of protection against malicious software. By default, Gatekeeper allows you to only install apps from the Mac App Store or from trusted developers who paid $ 100 per developer license and can sign their application specific cryptographic key, thus confirming that they had not modified. Theoretically, an attacker could create a malicious software and signing it by purchasing a license for $ 100, to distribute on its website. In practice, however, such a scenario is highly unlikely.

It is more likely that you will encounter a situation where the application you need to be unsigned, and the system will give you a warning that it was created neakkredetirovannym developer. There will melt things more complicated, because the application can be good and created a conscientious developer has not signed it, for whatever reason. Perhaps this is an old application that was created before being introduced to the Gatekeeper. Or perhaps the developer to create your app in free time or non-commercial purposes, without wanting to buy a license.

A reasonable person should weigh all the consequences of both present and potential possibility that the application may be malware. Oh, and do not forget about elementary logic. Whether it surveys the ever respected the Mac-resources? is it known application? Stay away from away from applications that are distributed via email or uploaded to the page in the middle of some of the forum.

Council №3: first read, then set

No, we are not talking about tedious licensing agreements, as you probably think. I would like to stress the importance of staying in touch with the latest Mac-news, which will certainly be mention of any vulnerabilities or malware if they appear, since this topic has always given very wide publicity.

This does not mean that you have to update your RSS-reader every 15 minutes or read a bunch of Mac sites. It will be enough to run through the titles look every day to stay up to date. Also, do not forget to read the reviews of the application that you want to install. We try to review all popular applications and new items, so you can simply use the search by Makradaru.

In conclusion to this point. As is the case with the beta versions of the OS, do not rush to install new utility or application of the first. Let the technical experts, observers and journalists risk their computers. If you find something interesting, but still, for some reason in doubt, set it application or not, just add it to your favorites and check that this case will say resources. In 99.99% of cases, everything will be fine, and these doubts will be in vain, but you do not want to be the most 0.01%, right?

Council №4: Do you need antivirus?

My answer is no. Is it possible that in the future Mac users will have to use a constantly running antivirus and malware detection tools? Yes. How likely is this? Negligible. Unfortunately, applications to detect malware in real-time proved to be ineffective. And, in fact, OS X is no such abundance of threats too, from which to defend themselves.

However, if you insist on the need for anti-virus for your Mac, you might try ClamXav or Sophos. But choose something one, and in no case do not run two antivirus at the same time, as this will bring you more harm than good.

Just next time, when you see a mention of the imminent threat to the security of your Mac, and you want to use the profile antivirus software - whether the author of such statements does not check any relation to the development or sale of most antivirus and everything will in its place.

Council №5: Use the built-in tools

Apple earned a reputation as a manufacturer who is very worried about his safety products and user data, but apparently, the times are changing, and in this regard there small shifts. Now we have some options regarding safety, centered in paragraph protection and security in the system settings.

In addition to the password, and the system disk encryption query options, there is a tab Firewall and Privacy Policy, which we are interesting:

• tab Firewall You can enable and configure it sootvetvenno to shut out unwanted incoming connections from the outside. He also shows how such a play about the application. You can allow or prevent such attempts, as well as manually add here applications that you forbid to go online.
• tab Confidentiality you are on a similar principle can keep track of what applications have access to your contacts, calendars, accounts, etc. And just to set up access, limiting it to those applications that you You do not trust.

№6 Tip: Make Safari safer

There are several options, changing you make your stay on the Internet a safer place. First, open the Settings app (⌘,) and the Basic tab, uncheck Open safe files after downloading.

Also do not forget that security vulnerabilities are often subject to Adobe Flash. Of course, I am not telling you to remove it completely (though so surely it would be better), but to stop the automatic startup of various plug-ins on sites that are very desirable. You can do this in the settings tab Security — Internet Plugins — Set up a website.

Another potential vulnerabilities in Safari is Java. I did not see that often use Java-script in Safari, so I decided to just disable them. If you are a regular user, you can most likely do the same. This is done in the same tab Security in Safari preferences. Many consider it extreme, but once we were talking about security, it was worth mentioning.

I also recommend the use of useful extensions ClickToPlugin and ClickToFlashWhich will not only protect you from unwanted advertising banners, but also save the battery of your poppy, adding some half an hour to the total runtime. So you'll be able to control content playback, it will be more balanced and reasonable approach.

Council №7: Reasonable protection

For those who read to the end, I still have a piece of advice that will help you to protect yourself from malicious software. In order to understand its essence, you need to have predstavavlenie about how applications are run (and demons working in the background), after you turn on or reboot your Mac.

For example, as soon as you log in to your account, some applications are downloaded and immediately begin to work. Their list can be found in the system settings, see Users and Groups - Login Items:

However, some small utilities and daemons that are started automatically also do not appear in this list. In OS X there are several system folders, where to put applications and utilities that load automatically at startup. Here they are:

• ~ / Library / LaunchAgents
• /Library/StartupItems
• /Library/LaunchAgents
• /Library/LaunchDaemons
• /System/Library/LaunchAgents
• /System/Library/LaunchDaemons
• /System/Library/StartupItems

I checked the folder on his poppy and found about 400 files. This is not a cause for concern, as there are placed the files that are responsible for the execution of necessary I installed and system applications that perform useful work. Often, however, it is here that the developers of malicious software trying to hide it.

What do we do when our computer starts to behave strangely? Most likely you restart it, is not it? This is very important, because the first thing that you need to make sure whether you are a developer of a worm or virus, that is what your "creation" will be loaded at startup or after reboot inclusion. To prevent detection, the first run malicious software will not perform any action, immediately after the restart.

Why am I telling you all this? The idea that there is a great way to keep track of everything that is added to the startup and see what new apps and the demons have been added there. It is obvious that you have no idea what purpose are all those numerous files contained in the Startup folders, and which ones are harmful. Our poppies perform a variety of useful work in the background and you do not have to worry about a lot of demons startup. It's like having your basement or storage area. You have there a lot of stuff stored up to the moment when things go skladyvete you, you do not care. But if you put your trash to someone else without your knowledge, you want to know about it.

guys from CIRCL (Computer Incident Response Center Luxembourg) created a useful free utilityThat tracks any record added to the startup list, whether the application or daemon. After it is installed, as soon as any application to add the files to the specified folder - you'll get notice and even then will be able to understand whether this is a useful application or vredosnoe, and then be able to take a further decision.

However, keep in mind that everything will be detected entries, including useful, it is quite harmless application. You do not have to worry about the performance impact of your poppy because of such monitoring - it almost does not feel as monitoring will take place only for a few folders, not the entire contents of your hard drive, as is the case in the anti-virus BY. Again, this is not a 100% guarantee of protection, but sensible precautions that you should use.

Do not panic

Despite all the warnings about the "inevitability" of malware threats on OS X, this problem is more far-fetched and untrue. I'm not saying that you should ignore all the recommendations, but at the moment no critical threat does not exist. It would be nice to do right now is take care preventive precautions in the form of backups, and above all guided by logic and common sense.

(via)