Thursday, October 06, 2005

I never noticed

My computer was hacked into. Ten years ago. At the time, my main workstation of choice was from Sun, with a Mac used as a secondary machine. I actually didn't initially notice that my Sun workstation was compromised, and even afterwards my first reaction was to just contact the cracker and ask him to be cool about it. Yes, that's old school thinking, though it probably wasn't too far off the mark at the time. The break-in, of course, was the result of amateur sysadminning (by me) and easy availability of "root kits" that allow even novices to break into unhardened machines.

That's no longer the case, as the Infoworld article linked above discusses. Computer break-ins, and software development towards that end, is becoming more professional and more targeted at generating monetary damage. On the other hand, I've moved on to using Mac OS X as my primary work environment. As far as I can determine, there is still no "real" malware for Macs (by "real", I mean software that can do its thing without user intervention -- that doesn't require the user to install the software himself). Maybe it's the benefit of being on a platform with relatively low market penetration. I suspect, however, that there are fundamental architectural differences between Mac OS X/Unix and Windows -- primarily the monolithic nature of Windows that creates single points of failure for security -- that make it much easier to break into Windows machines. I even don't have much of a spam problem, other than the need to periodically check my spam trap to see if any good messages got erroneously flagged.

That's no reason for complacency, however. Never give crackers the keys to your computer. Use the software firewall that comes with OS X (under "Sharing" in System Preferences) and only allow connections that are absolutely necessary. Only turn on network services (also under "Sharing") that you really need, and even at that, only those that use encrypted protocols, like ssh. Use a hardware firewall at home. Have separate sets of "secure" and "insecure" passwords, and never send secure passwords over unencrypted channels. Never use your computer password for a web site. Change passwords periodically, on the assumption that you'll occasionally (by mistake) send a secure password unencrypted across the net. Don't install software if you're not confident of the honesty of its source. Set "Software Update" to check for updates automatically, and install security updates promptly. Have I forgotten anything? Check out this macCompanion article for more.

Topics: , .

No comments:

Post a Comment