15 easy fixes for Mac security risks

How safe is your Mac? Maybe not as safe as you think. Here are some quick ways to beef up its security.

1 2 3 4 5 6 7 8 9 Page 7
Page 7 of 9

Leopard's new dynamic firewall interface is really a simple way to establish basic firewall rules. Connections are still evaluated based on the network port numbers used by each request, but the firewall has been made much simpler for everyday users to enable and configure. For power users, the full ipfw suite, which lets you develop much more complex firewall rules, is still included as part of Leopard and can be accessed via the Terminal. And as with any computer, you can use port-scanning tools to verify the effectiveness of your firewall configuration in shielding your Mac.

One reason to understand and use the firewall is the common use of public Wi-Fi networks. Such networks are often unprotected, meaning that any data you exchange over the network can easily be snooped on. However, it also means that any malicious user connected to the same network has the capacity to port-scan your Mac and attempt to determine vulnerabilities. Working with the firewall and enabling stealth mode are two good ways to protect your Mac in these situations.

Delete files and erase disks securely

While you may think that you're permanently deleting files when you empty the Trash or erase a disk using Disk Utility, the truth is that you aren't. You're really just marking the disk sectors where files were stored as available to store new data. Until the disk space occupied by the "deleted" files is overwritten at least once, many hard drive recovery and forensic tools can recover deleted files.

Fortunately, Macs offer a couple of ways to ensure that deleted data stays deleted. First up and simplest is the Secure Empty Trash command, located just under the normal Empty Trash command in the Finder's File menu. This performs a simple overwrite of the disk sectors containing any files being trashed. In some instances, serious forensic investigators could reconstruct files that have been overwritten with a single pass, but for most users, this option offers ample security by preventing easy recovery of deleted items.

Securely erase deleted data

Securely erase deleted data.

Click to view larger image.

If you really want to ensure that items can't be recovered, Disk Utility's secure-erase features allow you to erase an entire disk or the free space of a disk, which includes both disk space that was never used and space where files had existed before being deleted.

Whether you're erasing the entire disk or just the free space, you can choose to securely erase data with a single pass of blank data (also known as zeroing out a disk), seven passes or 35 passes. A seven-pass erase meets U.S. Department of Defense standards for secure data removal; a 35-pass erase typically takes hours or days to complete but will ensure that nothing is recoverable. When erasing an entire disk, click the Security Options button to choose the number of passes; when erasing free space, click the Erase Free Space button to see these options.

Choosing the number of passes for a secure erase
Choosing the number of passes for a secure erase.

To use either feature, select the hard drive or volume that contains data you want to erase securely in the list to the left of the Disk Utility window, then select the Erase tab on the right side. If you want to erase only free space, click the Erase Free Space button.

To erase an entire disk/volume, click the Security Options button, select the number of passes to be made, and choose the appropriate disk format and the name for the newly erased disk. Then click Erase to erase the disk. (Note: You can't erase the start-up disk that a Mac is using -- if you want to securely erase the primary/startup drive, you'll need to boot from an alternate disk, such as an external hard drive or the Mac OS X Install DVD.)

1 2 3 4 5 6 7 8 9 Page 7
Page 7 of 9
7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon