Watching and researching for security issues and solutions for our readers has been quite a task lately. Not for lack of news, information blog & social discussions; and that flow does not stop. There is more of an overlap or blur between security and privacy, and the available preventative tips & solutions. We will now start covering the vulnerabilities and protection of both with a combination of tips, products and services.
This article is intended to be good advise for typical Mac users with a common sense approach to sifting through the scary news headlines and random advise & warnings given to the computing public.
While we would like to provide a definitive guide on computing privacy and securing your computer, we can’t cover every aspect of these topics in a comprehensive manual. It would never get finished, because the information and findings change daily!
We hope to give you a different way to look at the issues at hand and information that is often overlooked. Six tips will be provided to help you survive what comes your way. Be a bit proactive and you’ll be safer and save time and $ as a result. I hope that this article is helpful enough to stay safe on your own. I always answer questions in the article comment section online. I really like hearing back from you and any comments are welcome!
If you’ve taken our advise in the past, you’ll appreciate what follows. If you want more advise and more detail, see the end of the article for additional resources.
What specifically is meant by privacy and security? After considering the following, do you see why they are covered together in this article?
What safety is at issue?
Security of your personal information from thieves?
Privacy from big corporate or government data-collectors
Your Spouse? Physical or just private personal activity information.
A person lying in wait at a coffee shop on the wifi reading what’s being received and sent over the network?
A friendly server at a cafe in some city you are visiting that bent over to pick something up while taking your credit card to the register, that was paid to wear a device on his her ankle for the day and swipe cards through it.
Who are we to fear?
Stalkers – yes, local stalkers using the Internet to get info or remote stalkers, dangerous just the same.
People of other perversions
Credit card theft rings based on the other side of the world
That sell your credit card numbers to people all over for pennies.
People that sell your email address, stolen or not, for less than pennies to unsuspecting people who have been scammed into thinking they are starting an online business.
Businesses selling you bogus job or work opportunity information.
Work at Home Schemes
All of the above can threaten your privacy, physical security and the security of information on your computer as well as information you send or receive electronically. That’s the difficulty I found when attempting to write a short article this week to provide tips on keeping your computer secure.
Many just think the worst case is identity theft. That is a big risk, but it happens in many more places that using a credit card online. It started with people stealing new checks from mailboxes, And much of it is now happening with little hidden swipe devices where your card is physically swiped. Let’s not forget stolen information from bank computers and other companies.
When it comes to security and privacy measures I consider recommending for your computing devices:
It’s not just the individual computer’s security.
It’s also not just the privacy of the data on the computer.
If your computer is compromised or stolen that’s one thing,
If your physical safety or personal privacy is compromised, that is another.
But they can both happen as a result of risks to your computer and from your use of it,
And the risks can be reasonably controlled.
What’s on your computer and what you do from your computer is, in my opinion, more important and not emphasized enough. I could cite some statistics for you to back my opinion. However, I believe my personal experience and my involvement in helping others is sufficient credibility. I would be willing to tell you one-on-one some of the seemingly outrageous stories.
Protect your private information on your computer but also what’s NOT ON the computer.
IMPORTANT TIP# 1: If you want privacy, don’t put information about yourself on social network sites.
Most of the sites are businesses, not non profit services. Yes there are privacy settings, but every week, someone discovers a way that they are making your information available and haven’t notified you of the opt-out setting for that particular service they are providing to the companies paying them. Facebook for example is the poster company for this. Whenever they implement a change or new feature, by default you get it and by default, it’s at the lowest possible security setting.
Privacy settings only apply to other users and some third party applications anyway. Those large data collectors that are paying fees to the network in exchange for access to you data don’t count. Read the terms of service and you’ll find there is no guarantee of privacy, but quite the opposite. They claim ownership of everything put on the site. That gives them the legal right to sell it.
Stalkers and creditors can follow you on the Internet, even posing as friends to gather information about your employer or you, have been reported in the press. A new trick used by social engineers (hackers).
Pretty much everything you post on the Internet, even if you removed it or closed your account, is being collected and kept in an archive that potential employers, creditors and others can access. True story.
If you want that free report or ebook or coupon in exchange for your email or mobile number, realize they plan to use it.
IMPORTANT TIP #2: Don’t do online banking or make purchases when on open wifi network. Using Google mail is secure though, by default it’s encrypted.
If you don’t want the search engines keeping logs of sites you’ve visited and things you like, or don’t want your employer or spouse recording you online activities, you can use a proxy service such as Anonymizer. (I’ve tested and used it, see sponsor add to the right on our page they are a sponsor of MacJuicy News). It also encrypts the data flowing to and from your computer. it works as advertised and the company is great to deal with.
IMPORTANT TIP #3: Anonymizer is good for protecting your use of public WiFi networks. It encrypts what you send and receive.
Surfing anonymously or using a proxy server can have disadvantages, though. See anonymous surfing below. It does slow your connection. Also, it does not protect you from yourself – posting comments on pages and anything you put on a social network or service.
To protect your online accounts, the very best thing you can do right now is not save passwords in your Internet browser. They are not safe there. The browser developers are working on that, but it will only affect the new versions of the browsers that come out, most likely not supporting the older macs and older versions of OS X. Some browsers now have a private browsing feature. But not all site comply with it.
Watch for phishing scams (yes, like fishing) usually in the form of an email asking you to log into your Paypal or other account. They are really sending you to a look alike site to record your login and password. Those companies don’t ask you to do that.
When you are not sure, you can look at the web address, the from address in the email, or just call the company. This is so common that the code and instructions are available on the Internet for anyone to use.. Especially popular is a hotmail kit that anyone can use to send an email to a target asking them to log on to hotmail. It provided the perpetrator a very legit looking login page to dupe the target then sends the user name and password back to the Perp.
Fake virus alerts on web ages are a common scam. There is no way a web page can see your entire hard drive and see viruses. Besides, there has never been a Mac virus in the wild. Only malware such as the nuisance Trojan horse Macdefender.
IMPORTANT TIP #4: When you get emails or alerts, look at the grammar and watch for typographical errors.
I’ve been using 1password and love it. It integrates with my internet browser and it encourages me to get in the habit of using different passwords for each login. And it keeps them encrypted. I just need to remember one master password. Another product is Lastpass, it’s more secure but a little bit trickier to use. I stick with 1 password because I don’t want to have an excuse not to use it. If you don’t use it for all your passwords, it defeats the purpose of having it.
You can clear your cache and cookies in your browser once you have collected and stored your passwords in one of the programs.
IMPORTANT TIP #5: To be extra safe, you should export your bookmarks uninstall the browser, then reinstall it. You can then import your bookmarks and you have a clean install of the browser without the text file containing the login information you previously let it save.
There are many security applications coming out because Mac users are now more concerned about security and privacy.
IMPORTANT TIP #6: For now, save your money and stick with the most essential items, keep up on the latest scams to watch out for, and use common sense until something more comprehensive rises to the top. Also, Apple will address security in coming releases. I know OS X Lion coming out this summer will have additional security built-in.
Here is what I’m using now, you’ll have to check to see if they will work on older systems. A good idea for older systems is to run iAntivirus or clamAV and not let your browser remember your various account logins. Check to see if 1password or Lastpass work on your system. Just being vigilant and practicing safe browsing habits should be fine for a while. If you’ve seen my latest articles about malware, you know not to enter your macs password unless you are intentionally installing something that you know is safe.
It may not be ideal, and I am not saying this is for everyone, heck I still have a long way to but here is my set up:
Back up external drive using Time Machine.
Critical files and drafts are synced with SugarSync and DropBox n the cloud, offsite and available to iPhone and iPad
Hide info worth hiding on my computer using TruCrypt
Sophos Antivirus for Mac
Lil snitch (might be overkill for most people and it’s kind of confusing)
1password on my Mac, iPhone and iPad. They share an encrypted password file.
Every time you connect to the internet, the internet service provider’s IP address assigned to the network at that location is included in every communication and request made on the internet. When I want to surf anonymously I’ve used Anonymizer (paid service but easy to use) and Tor with Vidalia (free but more difficult to set up). However some of your favorite sites won’t let you on if you are anonymous, because you could be a bad guy. (Remember that just changing your ip address is not enough if you are very concerned about identifying yourself. Each computer has it’s own identifier AKA MAC address).
I also use a utility that changes the identification of my computer. My bank and Paypal won’t let me in though if they can’t see that it’s me on one of my usual computers. I don’t recommend Tor or changing your MAC (not Mac as in Apple) identifier for regular users.
Make Use Of Guides:
www.howtobeinvisible.com seems overboard to some but the advise is very good. It has helped me immensely with privacy, stalkers and personal safety (death threats).