Cynthia Roderick wrote: > Not long ago, someone indicated that the belief that Macs are secure > may not be true... > Although I've had no problems that I know of, I'll soon be ordering a > new Mac and am wondering what is the best approach to security? > Thanks much in advance, The *vast* majority of the security problems and serious intrusions that we see (and hear about across campus) are windows machines. Macs give us almost no trouble at all. However, that does not mean you are home free. Security has become a very complex issue and has become more dependent on the behavior of computer users. This is because firewalls and other blocking behaviors have become more standard, and so those who want to intrude try to get the computer user to do something that overrides those protections -- clicking on a link, allowing a script to run, opening an attachment, etc. I use Firefox for browsing and reserve Safari for sites I need to access that just won't work with script blocking. Then I use a couple of add-ons for Firefox -- noscripts and web of trust. NoScripts blocks absolutely everything and then gives you a menu at the bottom where you can allow particular sites either temporarily or permanently. It's a pain sometimes, but it means that you are secure from clicking on links that try to run scripts that try to download or install stuff on your computer, and that can happen with supposedly reputable sites if their web site has been hacked. I have been wanting to get Rosetta Stone for my daughter. It's very expensive. I got an email that looked legitimate that was offering it at about 10% of the normal price. Since it was an unsolicited email, I did a web search. I found the same site. When I clicked on it, web of trust popped up a window saying that this was a site known for scams and malware and gave me the option of backing out or going ahead. That's nice to know. If I had gone ahead, I would have had a second line of protection in noscripts. I don't run any Microsoft software. Period. That can be a problem for some people, but I've found that OpenOffice can open almost everything I ever get that I need to open. Make sure your firewall is on and your sharing is off. That's pretty much the default, but check it anyway. If you are getting a laptop and using it in public settings, then there is more to worry about. I don't have that situation, but I saw recently an addon for Firefox that was something like https by default. What it did was use a database of major web sites that have secure connections. When you enter a non-secure connection, it would automatically use the secure connection instead. I would be inclined not to do anything that involves the exchange of passwords or any kind of sensitive information from a public wireless connection. I don't think any of the Mac virus protection software is worthwhile or necessary. Lots more, and I'm sure others will have things to add. If you want to do some browsing and additional reading, check through some of the tips here: http://www.us-cert.gov/cas/tips/. -- --------------- Chris Hoogendyk - O__ ---- Systems Administrator c/ /'_ --- Biology & Geology Departments (*) \(*) -- 140 Morrill Science Center ~~~~~~~~~~ - University of Massachusetts, Amherst <hoogendyk at bio.umass.edu> --------------- Erdös 4