About SecureMac Advertise Security Consulting Mac Security Store Send Feedback

Site Information
Site Background
Who runs the site
Security Consulting
Feedback Form

SecureMac Software


Mac OS X Security
sudo buffer overflow exploit + fix
Disable Single User Boot Mode
Malevolence - Dumping Passwords
nidump security
Startup Security - Open Firmware Password Protection

Mac OS X Network Security
Secure FTP Wrapper
Ettercap - sniffer interceptor logger
Snort - Network Intrusion Detection System
SSH Admin
SSH Helper
xnu - enable MAC Address spoofing

Mac OS X Virus

Mac OS X Firewalls
Firewalk Firewall Utility
NetBarrier X

Mac OS X App Sec.

Mac OS X Encryption
GPGMail - PGP Functionality

Mac OS X DoS

SecureMac Library
Mac Cable Modem Security
Mac Security Auditing
Mac OS X Security Understanding
Mac OS X Security Second Lessons
Mac OS X Security Third Lesson
Mac OS X Single User Mode Root Access
Mac OS X Shareware Firewalls
Mac OS X Secure Installation
Cable & DSL Connections - Security Measures
Better Safe than Sorry Security Resources
Marketing Macintosh Security Programs

10 Security Tips for Safe Computing for OS X Mountain Lion

by Israel Torres

OS X, formerly named 'Mac OS X', is ever increasing its integral and nearly transparent security configuration on each progressive release. As of this writing we are at Mountain Lion 10.8.2 and will go over the latest and greatest security updates.

!If you haven't already please review the previous article '20+ Top Security Tips for Safe Computing for Mac OS X' for additional security tips that still remain relevant today.

The following 10 security tips take advantage of the latest Mountain Lion security features:

1. Gatekeeper

Gatekeeper's control resides under Preferences/Security & Privacy and it's main function is to allow the user to control which apps can be run without further escalation and or attention. For example it is by default to 'Mac App Store and identified developers' so if you download an application that doesn't meet this criteria you will not be able to run the application immediately or more so accidentally.


You can either change the preference to 'Anywhere' (not recommended) or simply right click (or control click) on the App instead of the normal single double click to open it.

Gatekeeper: shift-open

2. Software Updates

Updates often gets overlooked as a security measure; however fundamentally you want to keep your Mac updated with the latest and greatest updates. Most often users don't update their Macs to the latest because the update has phased out their application from working, or the user feels they are too busy to update their Macs. Don't be that user. Instead inquire with the software developer's support system to find out what they are doing about their incompatible product - many often become aware of this issue through their internal testing and generally try to push out a patch or updated version quickly. If they lag see if you can find an alternate product until they update. It's always good to have another good product on standby.

Copy to install a no no

3. FileVault 2

Laptop and even Desktop encryption should be automatic nowadays. Losing a few thousand dollars of hardware is much better than losing all your data to someone later to find it pasted all over the Internet or worse sold on the blackmarket. Use whole disk encryption any chance you get. The rewards far outweigh the risks.

FileVault 2

4. Privacy Controls

Privacy is important and shouldn't be taken for granted. Make sure you keep track of whom is keeping track of you by tuning your privacy controls accordingly.

Security and Privacy Control Panel

5. Firewall

The firewall interface under Preferences/Security & Privacy is very basic, there are a few third party interfaces available however keeping things simple is a good practice. Be sure to use the firewall to tune it to your needs whether it be at home, work or travel. You may think you have nothing to hide, however you have plenty to steal.


6. Password Assistant

Face it, for most creating a good password is hard. It involves a lot of thinking not only to come up with one that you don't already use, but then remembering it without having to write it down is a task within itself. This is where Keychain Access is your friend, use it. Inside Keychain Access is a handy tool named Password Assistant you can use it to quickly come up with a password and you can save it in your keychain to use on various logins.

Password Assistant

7. Anti-phishing

For those that use Safari (6.0.2 ) over Chrome or Firefox you may have to make a firewall adjustment otherwise Safari may not be able to communicate correctly to receive updates from the The Google Safe Browsing Service, therefore leaving your browser out of date and more vulnerable.


Anti-phishing reccomended settings

8. iCloud Mac locator and remote wipe

For those that use iCloud your Mac can be enabled similar functionality as your iDevices for communicating with your Mac if it gets lost or stolen once it is reconnected to a network. It certainly is better than nothing, however you have less to worry about if you use FileVault2 to encrypt your Mac.

9. Secure Empty Trash

Another feature the Mac users may forget to use often especially on USB keys is the Secure Empty Trash Feature. By default files are simply marked for deletion and not really deleted making file recovery simple for an attacker. Using Secure Empty Trash things get much more difficult to recover.

use Secure Empty Trash to delete files

10. Control Access

Make sure you are the only person accessing your account by requiring a password immediately after sleep or screen saver begins. Enable a hot corner to activate the screensaver and get used to hitting that hot corner before leaving your Mac. Get used to doing this at home and it will come naturally everywhere else.

Controll Access to your computer

In conclusion...

Mountain Lion comes with a plethora of integral security features not really meant for the user to control such as file screening, sandboxing and runtime memory protection and without an interface to monitor or view users don't think about it and just trust it. However as you could see in the Anti-Phishing example above with Safari unable to update for the last 82 days it becomes curious as to what else may not be working as designed. ;)

Online Resources Mentioned Herein:

Security + OS
PowerBook Security Control Panel
Empower Pro
Deus Lock Master
Keys Off
MacOS Algorithm
Modem Security
Password Key
Shift Key Suite
Stealth Signal
SuperLock Lite
SuperLock Pro

Macintosh Viruses
Sophos Anti-Virus
Norton AntiVirus
Nav 7 Nav 6 Nav X
Virex - Oct
VirusBarrier - Netupdate
vScan - Discontinued.

Mac Physical Security

Macintosh Firewalls
DoorStop Firewall
Firewall Q & A
Norton Personal Firewall

Mac Spyware & Privacy
NetShred - Delete Files Safely

Network Security
Oyabun Tools

Application Security Issues
AIM - AOL Instant Messenger
Back Orifice
Eudora E-Mail Client
Internet Configure
IE 5.1, OE 5.1, Powerpoint, Excel Vulnerability
MS Personal webServer
Outlook Express 4.5 Password Flaw
Sub7ME Server

Resource Info
AppleShare Server Info

Mac OS Encryption
My Secret
PGP Personal
PGP Freeware
Private File
Quick Encrypt
SubRosa Utilities

Deleting Files
Eraser Pro


Apple Hardware

Mac Attack

All material (c) 2014 and respected owners