Tag: Mac

How To Setup Security & Privacy Settings In Safari

The following information is based on OS X 10.10 Yosemite. If you are running an earlier version of OS the information might still useful but you may have to look in different system preferences.

Introduction

My friends and family often ask me what they can do to make their Mac more secure. They are often concerned about viruses or people spying on their computer while they are online. No computer can be considered "secure" once it's connected to a network, but a few things you can do now to make using your web surfing safer in the Safari web browser.

General

This is one security setting that is often overlooked. I think Apple should move this under the security settings tabs. For convenience, Apple defaulted Safari to automatically open certain content -- movies, photos, PDF file, etc. -- automatically upon download. Given that many users get tricked into downloading files that contain malicious software1, having this setting enabled can be dangerous. Imagine clicking a link and unknown to you the link is actually a malicious PDF file that has a key logger2? Having Safari automatically open the listed types of files is a not a good idea. Turn this off!

Security Settings

Launch Safari and find click on Preferences from the menu. Click on the Security tab. We have a few options here but they are both easy to understand and use. I have them all enabled on my iMac and MacBook.

screenshot, security, safari
Security Tab

Fraudulent sites: This is a Google service that protects you from scams and phishing by identifying fake websites and displaying a warning message before the website is displayed. You then have the choice of navigating away from the site or proceeding to it anyway. You definitely want to keep this one on. Most personal computers, if configured correctly, have decent protections against hackers. However, most users fall victim to phishing attacks and click on a link to fake websites. The websites look like the real thing and attempt to trick you into entering your user id and password or into installing software that will steal your passwords. This Safari setting will help protect you from those sorts of attacks.

screenshot, security, safari
Security Tab -- Web Site Plugins

One thing I recommend strongly is whitelisting which websites you allow to use your browser plugins. I wish the web would move away from browser plugins such as Adobe Flash, Java, etc. but it seems it will be a long time before this deprecated web technology disappears. If you must run Adobe Flash or other browser plugins I recommend choosing the "Ask" setting for all of them and/or defaulting to block. When you visit the website, Safari will display a placeholder instead of the plug-in content. You can then click the placeholder to allow the website to use the plug-in.

I also restrict (white list)3 which websites have access to the plugins. This helps you reduce the chances that a malicious website could use vulnerabilities in those plugins against you. You should make sure to keep your plugins up to date and update them only from the Adobe and Microsoft etc. There are a lot of websites with fake versions of these plugins. The fake versions contain computer viruses and Trojans and key loggers etc.

Privacy Settings

All the settings below are about limiting the amount of information your browser shares with a web site you visit. Many websites and services think they have a right to track you and find out as much about you as they can. I suspect that were it not for certain laws some of these companies would send someone to install cameras in your home and tap your phone calls.

screenshot, security, safari
Privacy Tab

Most websites can use information about your location (based on data from nearby Wi-Fi networks or looking up a database of ISP network addresses) to provide services and features. This setting lets you specify how often Safari must ask you if a website can use your location information. If you don’t want to be asked, select “Deny without prompting.” I have mine set to once a day.

A lot of web sites use cookies to track your usage of their web site or to help keep tracking of your site preferences. Some other web sites use cookies managed by multinational data mining "you are the product" companies whose only mission appears to be to track your every move around the web. Some of these companies believe privacy is old-fashioned concept and you should expect none. I think these companies are a threat to any free society.

For if we are observed in all matters, we are constantly under threat of correction, judgment, criticism, even plagiarism of our own uniqueness. We become children, fettered under watchful eyes, constantly fearful that -- either now or in the uncertain future -- patterns we leave behind will be brought back to implicate us, by whatever authority has now become focused upon our once-private and innocent acts. We lose our individuality, because everything we do is observable and recordable.Bruce Schneier

I don't mind Lands End knowing how I use their web site if it helps them provide better service to me. However, I don't see how letting one company with whom I do very little business track my every move across the web. You want to block these as much as possible. You can set Safari to accept cookies and data only from websites you explicitly visit. Safari uses your existing cookies to decide whether you have visited a website before and prevents blocks third-party advertising networks from storing cookies and data on your Mac.

If at any point, you get a bit paranoid you can remove some or all the cookies and website data stored on your Mac or review which websites store cookies and other information.

Some websites keep track of your browsing activities when they serve you content, which enables them to tailor what they present to you. You can have Safari ask sites and their third-party content providers (including advertisers) not to track you. The latest proposed draft of the Do Not Track specification requires that users must choose to turn on the anti-behavioral tracking feature in their browsers and software. Apple is adhering to the specification. Google ignores "Do Not Track" setting entirely. Most web sites do the same. This setting may not do anything useful today or in the future. Leave it enabled anyway.

Conclusion

The web can be a safe place. Learn to practice safe browsing habits and with the tips outlined here, your browsing will be more private and safer. If you really want to dig into the details of Safari security check out the Center for Internet Security Benchmark.

  1. Malware, short for malicious software, is any software used to disrupt computer operation, gather sensitive information, or gain access to private computer systems. 
  2. The action of recording (or logging) the keys struck on a keyboard, typically in a covert manner so that the person using the keyboard is unaware that their actions are being monitored. See wikipedia entry
  3. An emerging approach in combating viruses and malware is to whitelist software which is considered safe to run, blocking all others. See wikipedia entry

How To Make and Receive Phones Call and Texts On Your Mac

The following information is based on OS X 10.10 Yosemite and iOS 8.1. If you are running an earlier version of either OS the information might still useful but you may have to look in different system preferences.

Using your iCloud account, Handoff lets you start something on one device -- e.g., writing and email or using a web site on your iPhone -- and instantly pick up where you left off another devices. The app you need appears in the lock screen, app switcher and Dock on your Mac. Handoff works with your favorite apps like Mail, Safari, Pages, Numbers, Keynote, Maps, Messages, Reminders, Calendar, and Contacts. And clever developers are building Handoff into their apps.

One clever feature of Handoff is the ability to use the cellular features of your iPhone to make and receive phone calls and send and receive SMS messages. Apple calls this feature Continuity. I love this feature.

Quite often when I'm at home using my iMac or reading on my iPad, I'll get a call on my iPhone. Sometimes I may have my iPhone charging or I left it in another room. I don’t want to get up. I don’t want to leave what I’m doing and go get my phone. Voila, with Continuity I see the incoming call on my Mac or iPad. With a flick of the wrist and a click of the mouse I can answer that call. Right on my Mac.

When a call comes in I can see the caller’s name, number, and profile picture. I can even choose ringtones just like on my iPhone. Dude, this is so cool!

The Continuity feature also works for SMS messages via the Messages app. I send text messages to my friends and family, some of whom have BlackBerries and Android phones, right from my Mac’s keyboard.

Ok, this all sound great, but how do you set it up and use it?

Apple's support site has the official requirements but you'll need a free iCloud account, an iPhone 5 or 6 with an activated carrier plan and running iOS 8.1 and a 2012 (or later) Mac running OS X Yosemite.

For Handoff and Continuity to work your iPhone and your Mac must be connected to the same Wi-Fi network and you will need to enable Bluetooth on each device. On your iPhone and/or iPad, go to Settings-> General-> Handoff & Suggested Apps and make sure Handoff is On. If you’re out of Wi-Fi range, your Mac can connect to your iPhone’s personal hotspot.

On your Mac, open System Preferences and go to General. Select “Allow Handoff between this Mac and your iCloud devices.” If you don't see this setting, your Mac may not support Handoff.

[fusion_builder_container hundred_percent="yes" overflow="visible"][fusion_builder_row][fusion_builder_column type="1_1" background_position="left top" background_color="" border_size="" border_color="" border_style="solid" spacing="yes" background_image="" background_repeat="no-repeat" padding="" margin_top="0px" margin_bottom="0px" class="" id="" animation_type="" animation_speed="0.3" animation_direction="left" hide_on_mobile="no" center_content="no" min_height="none"]

system preferences, os x
Enable Handoff in the General section in System Preferences

On your Mac, open the FaceTime app. Go to FaceTime->Preferences and turn on “iPhone Cellular Calls.” You can exit FaceTime once this step is complete.

[/fusion_builder_column][fusion_builder_column type="1_1" background_position="left top" background_color="" border_size="" border_color="" border_style="solid" spacing="yes" background_image="" background_repeat="no-repeat" padding="" margin_top="0px" margin_bottom="0px" class="" id="" animation_type="" animation_speed="0.3" animation_direction="left" hide_on_mobile="no" center_content="no" min_height="none"]

facetime, preferences
In FaceTime Preferences make sure iPhone Cellular Calls is checked.

Next, go to System Preferences, and sign out and then sign in again to your iCloud account. I’m not sure why this step is required but things won’t work unless you do this.

[/fusion_builder_column][fusion_builder_column type="1_1" background_position="left top" background_color="" border_size="" border_color="" border_style="solid" spacing="yes" background_image="" background_repeat="no-repeat" padding="" margin_top="0px" margin_bottom="0px" class="" id="" animation_type="" animation_speed="0.3" animation_direction="left" hide_on_mobile="no" center_content="no" min_height="none"]

incoming call, notification, os x
Incoming call notification using Handoff
You are now all set to answer phone calls on your Mac. You might want to test this out by having a friend or family member call you. If everything is working, your iPhone will ring and then a second or two later, you’ll see a notification pop-up on your Mac.

Making calls requires a little more work. You can make calls by selecting a contact from the Contacts app and clicking the little blue telephone icon.

[/fusion_builder_column][fusion_builder_column type="1_1" background_position="left top" background_color="" border_size="" border_color="" border_style="solid" spacing="yes" background_image="" background_repeat="no-repeat" padding="" margin_top="0px" margin_bottom="0px" class="" id="" animation_type="" animation_speed="0.3" animation_direction="left" hide_on_mobile="no" center_content="no" min_height="none"]

contacts, os x
Click the little blue icon to make a call.

OS X will notify you of the outgoing call with a pop-up.

[/fusion_builder_column][fusion_builder_column type="1_1" background_position="left top" background_color="" border_size="" border_color="" border_style="solid" spacing="yes" background_image="" background_repeat="no-repeat" padding="" margin_top="0px" margin_bottom="0px" class="" id="" animation_type="" animation_speed="0.3" animation_direction="left" hide_on_mobile="no" center_content="no" min_height="none"]

outgoing call, notification, os x
Outgoing Call using Handoff
Once a call is connected OS X will use your Mac’s built in speaker and microphone. End the call when you like or hit mute for some privacy. Another cool feature is that if you are calling someone who has answered on another Apple device you can switch the call to a video call. Sweet!

Sending and receiving SMS messages on the Mac is easy. Open the Messages app, type in the recipient's phone number, and start type. It's no different from doing it on your iPhone. You can use emoticons and attach images and video.

[/fusion_builder_column][fusion_builder_column type="1_1" background_position="left top" background_color="" border_size="" border_color="" border_style="solid" spacing="yes" background_image="" background_repeat="no-repeat" padding="" margin_top="0px" margin_bottom="0px" class="" id="" animation_type="" animation_speed="0.3" animation_direction="left" hide_on_mobile="no" center_content="no" min_height="none"]

messages, os x, screenshot
From your Mac you can send SMS messages to anyone

My iPhone 6 and iCloud have become the hub of my digital communications. Being able to extend the capabilities of my iPhone to my Mac and make and receive phone calls and SMS messages has been a time saver.[/fusion_builder_column][/fusion_builder_row][/fusion_builder_container]

How To Setup System Security & Privacy Settings In OS X

The following information is based on OS X 10.10 Yosemite. If you are running an earlier version of OS the information might still useful but you may have to look in different system preferences.

My friends and family often ask me what they can do to make their Mac more secure. They are often concerned about viruses or people spying on their computer while they are online. No computer can be considered "secure" once it's connected to a network, but a few things you can do now to make using your Mac safer.

Security & Privacy

Select Security & Privacy from the System Preferences application.

Screen shot of OS X System Preferences
System Preferences (Faded)

General

From the General tab you can choose a few items to improve your Mac's security. Having a password on your Mac protects your privacy. But if you walk away and leave your Mac unattended while logged in, anyway with physical access to the Mac can get in and access your files, email etc. To protect my privacy I set my Mac to activate the screen save 5 minutes after the screen saver starts. I then set the screen save to start when my account has been inactive for 10 minutes. With these two settings I am assured that if I walk away from my Mac the account will be automatically locked after 15 minutes of inactivity.

OSX, Privacy, Security, Preferences

Clicking the Advanced button bring up another set of options. I have set my Mac to require an administrator password to get access to any system preferences. This protect me from myself if for some bizarre reason the Mac gets hit with a virus (rare I know). It also prevents someone who may have access to my Mac from creating new account or changing system preferences to reduce the security of my Mac. If your Mac is a MacBook or in a very public area then you want to logout after a certain amount of account inactivity.

OSX, Privacy, Security, Preferences

Malicious software can be found all over the net. Users looking for a bargain are often duped into downloading illegal copies of well-known applications such as Microsoft Office. Many times this software has been modified to install key loggers etc. on to you Mac or in the worst case, hold it for ransom. To help protect users Apple has built the App Store around the similar concept at the iTunes App Store. The App Store is more like shopping in a mall as opposed to a flea market. Apple has taken steps to reduce the chance of a malware making it on to your Mac. Apps in the App Store have had security checks, and the developers have been vetted by Apple. Apps in the App Store have also been assigned a security certificate. If Apple later discovers that a particular app or developer has abused security the application can be yanked from the store.

Of course users will want to run third-party apps that are not available in the App Store. You can still do this on your Mac with two level of lowered security expectations. Some developers have chosen to have their apps signed with an Apple certificate. This means that Apple didn't do a security review of the app but did verify that the application is a legitimate application from that particular developer. This is the setting I have chosen. I think it's a good balance between the limited set of apps from the App Store and the flea market of the Internet. The least secure is the Anywhere option that allows you to install whatever you want from anywhere on the Internet. Caveat emptor!

File Vault

Truthfully, I have yet to enable this on any Mac I've owned. OS X will encrypt the entire hard drive and make it unreadable. I think it might be useful for MacBook users who have very sensitive information to protect; things like patient health information or financial records. For the general consumer, they will have to weigh the risks of losing access to their files if they lose the decryption against the risk that someone gets access to their personal information.

OSX, Privacy, Security, Preferences

Firewall

For the most paranoid or those wanting an extra layer of protecting when connected to Internet hotspots etc., I suggest blocking all incoming connections. You can turn this on an off as needed. For day to day use on a trusted network, I have enabled stealth mode and white listed the application that I want to have Internet access. To add an app or service, click Add, select the item in the list, then use the Up Arrow and Down Arrow keys to set the limits for the app. Stealth mode prevents your Mac from responding to probing requests that can be used to show its existence. The Mac still answers requests from authorized apps, but unauthorized requests such as ICMP (ping) get no response. I have also allowed signed applications to get access to the Internet. This allows apps and services that are signed by a valid certificate authority to be automatically added to the list of allowed apps, without your authorization. For example, iTunes is signed by Apple, so it is automatically allowed to receive incoming connections through the firewall.

Screen shot of OS X Firewall Settings
OS X Firewall Settings

Privacy

The privacy settings are used to limit what information about your Mac shares between the applications and services install on your Mac. When you turn on Location Services, you allow apps and websites to use your Mac’s current location to provide information, services, and features appropriate to where you are. For example, when using Facebook I may not want to let Facebook know the location of my computer. System Services allow the location of your Mac to be used by Spotlight or Spotlight Suggestions in Safari. This presence window shows the apps that want access to your contacts, calendars, or reminders. Deselect the app if you want to prevent it from accessing this information. I may want to limit which application have access to my calendar and contact list. I may want to restrict which applications can update Facebook or Twitter.

It's a good idea to spend some time thinking about what information you want to share and what apps have access to this information. Don't rush this one.

Screenshot of Privacy Tab in Security & Privacy Section of OS X System Preferences
Privacy Tab in Security & Privacy Section of OS X System Preferences

Conclusion

Like most computer, the Mac is only as secure as you want it to be. The Internet can be a dangerous place but if you configure a few security settings you can reduce your risk.