A Reasonable Guide

Originally posted 2013-01-11. If you are reading this in the distant future, the security problem mentioned above may be fixed, but my recommendation to leave Java disabled remains.

I gave a presentation to the [Naples (Florida) MacFriends User Group][1] on January 9th, 2013 Since I was going to be presenting online over iChat/Messages, we did a quick "bandwidth check" the night before, and found that we were having issues with my video and sound dropping out. Because of that, I decided to make a Keynote presentation which would serve as a low-bandwidth alternative to looking at my face for an hour, and to make sure that people could follow along even if they had trouble hearing me because of some connection issue. *Warning:* They aren't pretty. They are mostly plain white background and black text. It's pretty much exactly the sort of slideshow you'd probably hate if the person was in the room with you, but for our purposes, I think it worked well. I also think it's a good introduction to what steps I think people should make to protect their Mac, and the folks who heard the presentation seemed to like it. The presentation is not a transcript, more like an outline, but I thought it might be useful to others. ## **~Download The Presentation~** ## I made them in [Keynote][] and exported it to [PowerPoint][] and [PDF][], so you can have your choice of format, but it's all the same presentation. ## **~Contact~** ## If you have a question about Mac or iOS Security, you can [Ask Me](http://reasonableguide.com/ask). If you have a link (article, graphic, etc) that you'd like me to review for possible inclusion on the site, you can [Submit It](http://reasonableguide.com/submit). If you would like to get in touch about something else, you can [Contact Me](http://reasonableguide.com/contact). [1]: http://www.naplesmug.com [Keynote]: http://share.luo.ma/reasonableguide/NMUG/ReasonableGuide.key [PDF]: http://share.luo.ma/reasonableguide/NMUG/ReasonableGuide.pdf [PowerPoint]: http://share.luo.ma/reasonableguide/NMUG/ReasonableGuide.ppt

(Note: screenshots are from Mac 10.8.2. Other versions may look different.)

I suppose it would be kind of weird if I did not link to this, since it was (unintentionally) the inspiration for this site.

Wil Shipley on why he believes that "sandboxing" on OS X is not the right solution to improving security. (Note: This is a somewhat advanced topic discussing theoretical benefits and drawbacks of different security systems, but if you want to know why some people dislike 'sandboxing' despite its apparent advantages, this is a good article to read.)

> Current Mac OS X malware often persists and automatically starts by using the built-in launch system. This tool makes use of Automatic Folder Actions in order to create a very basic but effective way of monitoring the addition of new launch objects to standard locations. In case a new object is placed in one of the monitored directories, a pop-up informs the user about the change, who then has in turn to decide if the change was legitimate or not. > **This is a *pro-level* tool for monitoring your system.** The 'danger' here is that *most* of what this will find will be harmless. The trick will be knowing the difference between something installed that you installed versus something malicious. [MacFixIt](http://reviews.cnet.com/macfixit/) has an article about this tool and the rationale behind it: [Monitor OS X LaunchAgents folders to help prevent malware attacks](http://reviews.cnet.com/8301-13727_7-57415311-263/monitor-os-x-launchagents-folders-to-help-prevent-malware-attacks/) *If this feels like something beyond your abilities right now, bookmark it and come back to it later.*

Debunking the myth that most Mac users think they are immune to security-related issues.

To know *Artie MacStrawman* is to know the perception of Mac users when it comes to security issues. It is also important to understand that Artie is a *parody.* (I can't believe I had to say that, but apparently some people didn't get the joke.) By John Moltz of [Very Nice Website](http://verynicewebsite.net).

[Crying Wolf](http://daringfireball.net/2004/04/crying_wolf) is a 2004 article by [John Gruber/Daring Fireball](http://daringfireball.net) about a Mac OS X trojan horse and (perhaps more importantly) how the tech press reacted to it. In May 2011, John wrote [Wolf!](http://daringfireball.net/2011/05/wolf), an overview of "the impending malware crisis" on Mac OS X from May 2011 (when it was written) back to October 2004. The moral of the story being that people have been saying *The End Is Near* for almost as long as OS X has been around. However, as [Guy English pointed out](http://kickingbear.com/blog/archives/166) (a link which I discovered via [Daring Fireball](http://daringfireball.net/linked/2011/05/06/english-wolf)) the moral of the story of the boy who cried wolf is *not* just about the boy, but about the village which failed to pay heed because they had heard this warning before and chose to ignore it. A reasonable person should read all three of the above articles because they should know that: a) dire predictions of malware on Mac OS X "any moment now" have been happening for almost a decade (and, therefore, new predictions should be taken with sufficient 'grains of salt'). b) just because these predictions have been wrong does not mean that there will *never* be malware on Mac OS X. The key is to find the proper balance between the two.

An excellent summary from Rich Mogull, Security Editor at [TidBITS](http://tidbits.com) of the state of Apple's security efforts as of the end of 2012: > It’s clear Apple recognizes that security plays an essential role in maintaining the growth of the company. To that end, the company has not only been more responsive, albeit in its own way, but has made important long-term investments in the security of the Apple ecosystem. These efforts paid off in 2012, and we are likely to see them continue to pay off for years to come. > Must read.

This site started as an article I wrote for [TUAW](http://www.tuaw.com) called [Securing Your Mac: A Guide for Reasonable People, Version 1.0](http://www.tuaw.com/2012/11/30/securing-your-mac-a-guide-for-reasonable-people-version-1-0/). In writing that article as well as thinking about follow-up, I realized that there is a lot more to say and that it would be helpful to have it in one place for people who are looking for information about this topic. Most of the information that I found about this topic was either a) on several different websites or b) on websites which want to sell you some sort of solution. I'm not trying to sell you anything. ## **~No Warranty Expressed or Implied~** ## I am not infallible. This information may be incorrect. Use entirely at your own risk. I take no responsibility for it. ## **~Who runs this site?~** ## My name is [TJ Luoma](http://luo.ma). I have been writing about computers online since 1995, going back to the days of NeXT. I currently write for [The Unofficial Apple Weblog](http://www.tuaw.com). You can [find an archive of my TUAW articles here](http://www.tuaw.com/editor/tj-luoma). I am not associated with any of the products or services referred to on this site. These pages represent my *opinion* which I like to consider a reasonable, and informed opinion, but nevertheless an opinion. Others may disagree. My goal is *not* to cover *every* suggest that everyone can do. My goal is to give an "average" Mac user enough information that she or he can bring home their new Mac and take a series of basic steps which I believe are sufficient for a *reasonable* person. Of course 'reasonable' is a completely subjective definition. In addition, I will occasionally provide some 'advanced' or 'expert' suggestions for those who wish to go a step or two beyond the basics. ## **~"Why should I believe anything you have to say?"~** ## Well, my first response is that you shouldn't. By which I mean, you shouldn't just look at the list of things I suggest and do them because you read them on the Internet. However, I think that these are truth worthy recommendations because they are the steps that I take myself, and the steps that I would suggest to my own family members or friends if they asked me. Finally I think my suggestions are trustworthy because I have absolutely no financial stake in selling you any type of solution. I think you should *always* be skeptical of someone who warns you about the dangers of "Something" if they are also the person who wants to sell you protection from "Something". Don't buy the "solution" until you are convinced of the reality of the problem and the validity of their solution.