June 2017 – Page 5 – Bill Gallop Consulting

Between September 2005 and July 2011 I was a regular contributor to MacFormat in the UK.

Whereas I’m posting the published articles for my MacWarehouse writing with the MacFormat ones I’ve decided to post the text as submitted, including any comments that I included for design. I am, however, allowing myself a few small edits for clarity.

The particular one is my fifth column, written in January 2006. This is presented purely as a historical record as much, if not all, of the information contained in it may well have changed in the meantime.

Securing your Mac, pt 1

As computers become an integral part of everyday life it becomes more important that you secure not only your Mac but, far more importantly, the data that it contains. From a business point of view the cost of the hardware itself should only be a minimal consideration, whilst you should take reasonable precautions to satisfy your insurance company replacing a Mac is a trivial expense compared to the cost of loosing business critical data, allowing someone unfettered access to your bank accounts or allowing commercially sensitive data out into the wild. For home users the cost of replacing a lost computer is a much bigger issue but it is still very important to consider what the thief will have access to if they manage to get their hands on an unsecured Mac.

In the first part of this article I am going to look at the security risks surrounding an isolated Mac, later I’ll look at issues affecting the network administrator and the steps that you can take to protect your data.

The important thing to ask is “what are you protecting and who are you protecting it against?”

The first part of this question seems easy to answer at first. You need to think about all the information that is stored on a computer; business or personal financial records are likely to be the biggest part but do you keep a file with the PIN numbers for all your bank or credit cards? What about the passwords you use for online banking, do you keep them on the computer, maybe with the account number so that you can remember which ones to use for each account? If you don’t do that maybe you save the password so that your web browser enters it automatically. A thief may not be able to read your password but they don’t need to is all they have to do is go to your bank’s website and Safari helpfully enters all the details automatically.

What other personal information do you have on your computer, information that could be used to impersonate you? Do you do Self-Assessment of Income Tax, if so you probably have your National Insurance number somewhere on the computer, as well as details of your employer. You may shred letters and bills that you receive through the post but what about those that you get via email or letters that you write on your Mac which include useful information such as details of loans or your mortgage?

When thinking about who you are protecting the data against here are a few things to consider:

Who has access to your computer? A thief can easily hide in plain sight, the office cleaner, the builder that you give a key to so that they can work on the house while you are out, you may trust a friend who comes in to water the plants when you are on holiday but who has access to the key that they have or what happens if they get broken into? The basic fact is that you may well not be aware that somebody has had access to your data until long after it has happened. Somebody does not have to actually steal your computer to be able to steal the data that is on it. You need to take precautions against the casual thief as well as the determined burglar.

If somebody does actually steal your Mac they can spend a lot more time trying to gain access to the data on it. The techniques that you use to deter the casual thief will generally only take a few minutes to overcome, enough to stop someone who wanders by your desk when it is unattended but not enough to be an inconvenience to you when you are using the computer. If someone can have access to your Mac for a long period of time much more serious measures need to be taken to stop them compromising your data. If you have a PowerBook or iBook you need to take strict security measures all of the time as it is just as easy to leave it in a taxi or have it taken from your table when you pop to the toilet as it is to have it stolen from your home or office.

In the next part of this article I’ll look at the techniques that you can use to protect your Mac from both the casual and more determined thief.

Between September 2005 and July 2011 I was a regular contributor to MacFormat in the UK.

The particular one is my fourth column, written in December 2005, and is an expansion of a section from my first submission which was cut for length. This is presented purely as a historical record as much, if not all, of the information contained in it may well have changed in the meantime.

The rights and wrongs of installing

In my first column I mentioned that you should learn the safe way of installing and should always make sure that you can back out of an installation, but how exactly do you do that?

There are seven stages to a successful update, or indeed for installing a new product.

1 – Take an image of your system as it is now

Apple’s Disk Utility enables you to make an exact copy of your hard drive as either a bootable copy on another hard drive or as an image file that can be saved on any volume such as a drive or a server.

Taking an image of your system before you start to work on it means that you can always go back to a known working state if things go wrong with the update. Restoring an image is far faster than wiping the hard drive and installing everything from scratch or trying to undo whatever the update just did.

2 – Repair privileges

Disk Utility can also check that things on your drive are as they should be, making sure that file privileges for certain items are correct. It is important to make sure that things are as they should be before you start to make changes.

3 – Clean caches and run maintenance routines

Delete the folders

~/Library/Caches and /Library/Caches

Run the periodic routines which usually run every night. These give your system a minor “tune-up” before you start the installation. To force them to run when you want them to open Terminal and issue the following commands:

sudo periodic daily

sudo periodic weekly

sudo periodic monthly

Repairing privileges, clearing caches and running maintenance routines will fix any minor problems that you may not have been aware or and will ensure that the caches will be created afresh taking the update into account rather than risk using any old data.

4 – Disconnect all FireWire devices

This is particularly important when installing OS updates and has been known to cause problems if not done.

5 – Install the update or program

6 – Repair privileges again

7 – Leave things where the installer put them

Some programs, particularly Apple ones, will not update properly if they are not in the same place that they were installed, or you may have problems with the application not being able to find required support files. e.g. if you put iTunes into a sub-folder of your Applications folder called Music then there have been reports that Apple installer will not be able to update it. If you want to have your applications in another folder then create an alias of the application and then put that into the folder concerned.

Isn’t there an easier way?

Yes there is, you can do all of the above without having to go into the command line or remember which cache folders to delete.

Carbon Copy Cloner is a great way of making images of your system and is a lot friendlier than using Disk Utility.

http://www.bombich.com/software/ccc.html

Two utilities, Xupport and Cocktail, enable you to clean out your caches, run maintenance routines, optimise your system and repair privileges without you having to go anywhere near the command line.

Xupport now appears to be dead

http://www.maintain.se/cocktail/