Security on the mac

What kind of security precautions should I take on a mac? I tend to do some online shopping. I might consider doing some online banking. Any tips and advice?

 

Nothing special. Just open your browser and go. When visiting sites where you might share sensitive info, make sure there's https:// in the address line AND the certificate is valid.

Mrk

 

like mrk said check your link and valid certificate its also good to clean your browser cache before using online translation if you use only one browser

best is keep at least 2 different browsers one for general surfing eg firefox with no script and another one for online banking on which you only visit secure sites

last the most important step if you like free games torrents p2p sharing visiting underground sites crack sites ............etc

please dont use the same computer or at least same boot for using credit card...etc

 

What would be a good browser for secure activities like shopping? Opera? Do they even have Opera for mac?

 

Firefox, Opera and Chromium are all available for Mac.

 

Caution with java and flash, for general and certainly "risky" browsing I'd disable them. PDF is another candidate but as long as you stick with Preview.app you should be fine. Rule of thumb for Mac security: cross platform stuff is the riskiest, and watch what you install and where you enter your admin password (Trojans).

 

Anyone have any experience with Opera on Mac. Is it any good? Is it safe for online shopping?

 

Not on Mac but it's the same. Sure Opera is available for Mac http://www.opera.com/download/

As regards security, see here http://www.opera.com/browser/features/

You can use it for banking without having more concerns than using say Firefox or IE.
Wait for Opera 11 final - should be out soon. Screenshot is from Opera 11 beta which I find pretty good.

 

I've used it, it's great and it's safe. You'd really like it. I've been a loyal Opera user since 2000. But right now on my Mac, I just use Firefox with the proper security configuration.

 

What's "safe"?
There's the (albeit over- and often misused) marketshare argument.
It's closed source, you can't really verify how it's designed.
It comes with no sandboxing.
And it runs all plugins (Flash!) with full user privileges.
They boast about quick security updates but that doesn't tell us anything about 0days being circulated among black hats.

Now compare with Chromium:
It got sandboxing both for the browser, for pdfs and for flash. I don't know if that's still windows only though.
It has seen lots of code review (open source), did well in pwn2own, Google even pays for discovered exploits and it got a considerable marketshare.

But OS X got a native sandbox too one could maybe even use with Opera.
There's the ironfox project that tries to do just that with firefox.

 

I don`t take any special security precautions on the Mac.
I`m happy to use Safari for all my online transactions.

 

i agree with phaedrus as long as you are a good boy you are safe even with default browser of mac


my cousin is using IE with windows xp and NIS from 5 years now and till date he didnt get single virus.....etc on his system

IE consider most venerable browser among all and so is xp 32 bit but what make safe is using internet wisely

 

Thanks for responding everyone. Does Opera still have that Unite nonsense? Even in its Mac versions?

My issue with chrome is that it has privacy issues or atleast it used to and I dont trust the guys behind it.

As for firefoxes safety issues vis-a-vis sandboxing, I dont think it should be too big of an issue seeing as how macs dont have any known virii in the wild. I think with macs trojans are the bigger problem.

Anyone know any good sites which keep track of malware threats and security issues for macs?

 

Re: Unite
All that's needed to disable can be done via operarefs (enter in address bar),

In User Prefs. Unchecking "Enable Unite", saving and restarting will uncheck "Enable" under "Webserver" and will remove the Unite panel, Unite button on the status bar and the Unite entry under the tools menu.
If ultra paranoid like me additionally Uncheck the following under Web Server:-

'Service Discovery Enabled'
'UPnP Enabled'
'UPnP Service Discovery Enabled'
'Websever Always On'
'Webserver Used'

Hope that is of assistance.

 

Thanks Ocky!

 

Hi katio!

And thank you! I apologize for using the inferior Opera browser. I could use your superior wisdom when it comes to security issues. You know, I try and I try, but I guess I must be using the browser incorrectly since I've never been hit with any type of browser exploits from malware over the years. It could be my configuration settings I suppose. I'll guess I'll have to work on that. But I'll tell you what, I promise to keep you posted as to when I'm totally saturated with malware infections and it's all Opera's fault. Thanks again!

 

You've missed a thing, something like a [/s]...
You know, sarcasm doesn't translate well over written text.

"Opera is safe" is a very broad statement. Is it "safe to use for a desktop user on a Mac"? Yes absolutely as so far we don't see any exploits targeting it. Note I didn't say anything to the contrary above (strawman attack really).
But it's far from a secure by design browser. When it comes to targeted attacks like in pwn2own it will fail and I'm sure you can buy a 0day on the black market any day. There aren't enough security layers in that setup. OS X has only incomplete exploit mitigation techniques, there's no sandboxing, no anti-execution, no integrity levels nor access control. A single exploitable buffer overflow error results in full user level compromise and I tell you, it's really not hard to find one in a millions of LOC C++ program.

 

hey katio!

well, glad ya'll stopped by!

hey, i jist did sum real 4-wheelin stuff in duh internet with muh opera, before I took off though, i made shore it wuz configured rite before I hit dat ol' pedal on duh floor,

by golly! that ol' internet gots sum ruff roads out dare, i mean, woowee! dares all kinds of stuff ta git yor ol' scripting in a tussle, i mean, i went everywhere man, ya know, some of dem hacked sites and hacked links, i even went to one place dat sed i needed to have muh flash enabled, well, let me tell ya boy, i dont flash nobody man, cuz dat stuf can git ya arrested! dats wut happended to ol' billy boy on one of dem girly sites last week! then, i saw annuder site that sed it needs sum javascript, now wut the heck is javascript man? now dats sounds to me like sum new fangled delux coffee or sumthin', well, i'll tell ya sumthin' man, if'n i dont need it, then duh site dont need it either! dats how i look at it!

well, i jist shut down duh ol' opera and let her cool off, well, looky there, ya know sumthin'? after all dat rock climbin' and dodging all dem snake bites and after all dat dern smoke finally lifted, i jist checked muh live malware gauge, and shore enough, by golly! it still sez empty! well, damn! i must be doin' somthin' wrong, ya tink maybe its becuz dat ol' opera is closed source? maybe its becuz it aint got no sandbox! well, i'll keep tryin' and i'll let ya know,

oh, and sory about yer pwn2own infecshun, i done got one of doz purvenshun shots from duh doctor last month fer that.

well, ya take care ol' buddy, and i'll see ya!

 

WOT and Firefox are a good combo.

 

ParadigmShift
Don't know what to say about your new style. It's not like I couldn't read it but I'd still prefer some proper English instead.

Apart from that I'd also like a response to my post instead of just repeating your previous arguments. For the uninitiated it might almost look like you are actually refuting my arguments though of course you did none of that.

pwn2own is no infection, it's a hacking competition and gives some (alberit very limited, scientifically speaking) insight on the security of a certain software configuration against a targeted attack.
If you don't know what a targeted attack is, some characteristics:
- they don't happen randomly, so randomly surfing the dark sides of the internet won't make you a target
- they often do not get published (PR reasons for example, doesn't look good if your company lost customer data)
- you might never detect that it happened, since there are only few targets it often stays under the radar and will never get added to web filters or AV and IDS definitions.

Your security comes from disabling scripts and plugins? Doesn't help against a good targeted attack. Out of the few million LOC you'll still have hundreds of thousands doing nothing but handling html, css, tsl, urls, images and lots of other little things. You think those are now magically bug free? Look at the history of Opera advisories, while a lot depend on js or plugins being available, certainly not all exploits will be blocked that way.
Against the usual malware sites it's very effective (though probably more than required if you use Mac as they still only drop exe's, java exploits being the only notable exception that enables cross platform drive by downloads)

And now your message changed, it's no longer the stark "Opera is safe. Period". It's got more specific and by that more accurate: "I've never encountered any kind of malware or exploit while using Opera with JS and flash disabled". Fully agree with your new testimony.

 

10 years using Opera and zero infections. My oh my!*
(*zero infections achieved by using various O/S and browser security configurations)

My Opera is safe, sorry about yours.

 

He's Wilders account might have been hacked, so it's not (Him) that is writing

 

Sorry but this doesnt work on mac. Can someone please give me the instructions to completely disable Unite on Mac? Thanks.

 

opera:config#UserPrefs|EnableUnite

Are you sure ? Are you unable to get to User Prefs with the above link ? If you can then Untick Enable Unite

 

Thanks for this Ocky. Finally got it to work. Anyway what are the other tips and tricks to improving security and privacy on Opera? Whats Geolocations? Doesnt sound very privacy conscious imo.