Careers & Certifications

06:00 AM
Connect Directly
RSS
E-Mail
50%
50%

Inside OS X Security

Mac expert John Welch takes you through the threats, holes, and exploits swirling around Mac OS X, and offers up some tips and tactics to protect your system.

The best way to deal with these problems is awareness and avoidance.

Be aware of the people and entities that would have a legitimate reason to get various kinds of information from you. In the case of passwords, there's no IT department that is even vaguely competent that needs your password to run any kind of test, upgrade, or what have you. Unless you are the sole possessor of the root/directory administrator password, there's no reason for IT or anyone else to need "your" password.

On the networks I run, I can do anything I need without needing a user password. If I need a user to log in as themselves, then I have them do that. I don't know, nor do I wish to know, anyone's password but the ones I have to know to do my job. It's a bad idea on every level to know other people's passwords unless you have a hard, unavoidable reason to do so. I've yet to run into one.

If you give someone your login credentials, especially if they're admin-level access credentials, then there's little the operating system can do to stop them, as they'll not be "hacking" into the box at all. They'll be signing on as a legitimate user: You.

At that point, the operating system is going to let them do whatever those credentials allow for, because that's how it's supposed to work. Even worse, any action they take will look like you took it, because it's happening under your credentials.

Previous
2 of 11
Next
Comment  | 
Print  | 
More Insights
Cartoon
Slideshows
Audio Interviews
Archived Audio Interviews
Jeremy Schulman, founder of Schprockits, a network automation startup operating in stealth mode, joins us to explore whether networking professionals all need to learn programming in order to remain employed.
White Papers
Register for Network Computing Newsletters
Current Issue
Video
Twitter Feed