[andreas_g4]

If you have the firmware password activated, how secure is my data on my iBook? I'm not anything paranoid. Just for the case, my book gets ripped off, is it secure when it was shut off? Starting from an other volume wouldn't work, unless the firmware password is reset. How easy is that to do? If the HD is taken out, is the password still active? I think not. Of course, sensitive data is on an encrypted disc image, but anyway...

If anyone has some info on the security issue, pleased to hear from you.

[Agent69]

All someone has to do is take out the hard drive and connect it to a computer as a slave drive, boot, log in as root, and they will have access to everything.

[OreoCookie]

As soon as someone has physical access to your computer and some time, your data is available, except if you use a PGP disk or something along those lines for ?private' stuff.

As far as -- say -- network security is concerned, I would say that X is pretty safe for a home user.

1. X is very rare compared to Windows.
2. X has a firewall installed that's known to be robust.
3. X has Unix underpinnings (especially FreeBSD and NetBSD) that are known to be more hack prone than Windows.

Even if you are in a professional environment, I would still say that it is safe.

Remember, all it takes is the amount of work you want to put into a system in order to hack it. At my university, some servers were hacked on a yearly basis -- and those people were running some varieties of Unix (Linux, FreeBSD, Solaris) and knew what they were doing.

[int69h]

X has Unix underpinnings (especially FreeBSD and NetBSD) that are known to be more hack prone than Windows.

??? Slammer/Code Red/Back Orifice and the Outlook attachment virus of the day don't factor into the metric you use to determine "hack prone"? Do you read BugTraq?

[Sophie]

I did a google search on "os x encryption" and found one website called Securemac

For high security, you can encrypt part of your hard disk through the use of a diskimage. This was mentioned at Apple Security and at an AppleCare document that explains how to use it. I haven't thought of this before just showes that you learn from these forums.

[Agent69]

Originally posted by int69h:
??? Slammer/Code Red/Back Orifice and the Outlook attachment virus of the day don't factor into the metric you use to determine "hack prone"? Do you read BugTraq?

Sometimes it's good not to have a 95% market share in operating systems.

[Millennium]

If your computer gets stolen, it's generally accepted that You Are Screwed. This holds true for any operating system. Putting sensitive stuff on a strong-encrypted disk image can help, but only if you don't store the password for that image in your Keychain.

OreoCookie's advice is, unfortunately, shaky at best. The fact that OSX doesn't have much marketshare is irrelevant; that's just "security" through obscurity which is no security at all. The firewall is known to be robust, this is true; there are better firewalls out there but this one is actually quite good. But the bit about the Unix underpinnings being more "hack-prone" than Windows is totally false.

OSX has a good reputation for security, though, in its default configuration. You can enhance its security significantly by using the firewall, encrypted disk images, and good strong passwords. You should stay on top of the security updates, but these are becoming rarer nowadays.

You can also undermine the security, though. Allowing anonymous FTP uploads is a major no-no, though enabling this feature requires a fair amount of command-line hacking (this was deliberate on Apple's part, so that it could not be enabled accidentally). Abusing the Keychain is also a recipe for disaster. Keep those in mind, though, and you should be fine.

[Wet Jimmy]

Just boot it with the OSX CD and change the root password.

Security? Eh, who needs it?

[Xeo]

Originally posted by Wet Jimmy:
Just boot it with the OSX CD and change the root password.

Security? Eh, who needs it?

With a Open Firmware password, as the original poster mentioned, you can't boot from CDs or other volumes. At that point, they either have to guess the password or remove the hard drive. THEN, once the hard drive is in a different Mac, they can use the CD to reset the password.

I haven't heard of any ways to defeat the Open Firmware password without brute force, but I'd love to hear if it's possible.

[Cipher13]

Originally posted by Xeo:
With a Open Firmware password, as the original poster mentioned, you can't boot from CDs or other volumes. At that point, they either have to guess the password or remove the hard drive. THEN, once the hard drive is in a different Mac, they can use the CD to reset the password.

I haven't heard of any ways to defeat the Open Firmware password without brute force, but I'd love to hear if it's possible.

Open the computer, take out the RAM, put it back in. Voila - OF password reset and disabled.

Originally posted by andreas_g4:
If you have the firmware password activated, how secure is my data on my iBook? I'm not anything paranoid. Just for the case, my book gets ripped off, is it secure when it was shut off? Starting from an other volume wouldn't work, unless the firmware password is reset. How easy is that to do? If the HD is taken out, is the password still active? I think not. Of course, sensitive data is on an encrypted disc image, but anyway...

If anyone has some info on the security issue, pleased to hear from you.

No system is secure if you have physical access to it.

If I ripped off your machine, once I got it home, 10 minutes later I'd have all your data.

The only way to secure your data is to encrypt it... and even that isn't foolproof.

[GENERAL_SMILEY]

The best (disclaimer: my opinion only) you can hope to do is use encrypted disk images, including an encrypted user image - even then a determined attacker could do his best to guess a variety of things about your system from the User folders which cannot be encrypted because they are needed early on in the systems startup. The disadvantage here here is that anybody coming across your lap top will notice what a paranoid lunatic you are and assume you have something to hide.

PGP disk seems pretty good, although the Disk Copy option is fine - if lacking certain refinements, and seemingly a little slower.

Of course all of this is irrelevant if you're carrying human rights material into Central America, and get stopped, then my best advice is run system 9, and PGP - you'll have them confused for hours with the use of invisible files, changed meta data, and hidden disks - (weird example I know but a friend of mine did work out there for awhile.)

As an interesting (to me anyway) side point check out this quote from The Register:
"Brian points out that some of the most secure Department of Defense Web sites -- ones that don't make headlines by getting cracked all the time -- run old versions of Mac OS and the venerable WebSTAR server suite. "[Mac is] a great operating system for that application," he says. "No scripting or remote capability at all, so there's no way for them to get in."

So there you go.
(link)

[OreoCookie]

Originally posted by int69h:
??? Slammer/Code Red/Back Orifice and the Outlook attachment virus of the day don't factor into the metric you use to determine "hack prone"? Do you read BugTraq?

You need to be aware of what purpose a machine has. If you are talking about the ?average consumer/office' machine, then you have a different understanding of security than for a server that is on the net 24 h a day, 7 days a week.

For a home machine, OS X is more secure than Windows 2000/XP. Just for the fact that you have an OS that 97 % don't have.

If you are talking about a system that is available on the net, then you need to take different security precautions. As the example of my university shows, it is far from trivial to secure a system, no matter what OS you are using.

[int69h]

Originally posted by OreoCookie:
You need to be aware of what purpose a machine has. If you are talking about the ?average consumer/office' machine, then you have a different understanding of security than for a server that is on the net 24 h a day, 7 days a week.

I don't know about the situation in Germany, but a huge number of `average consumer/office' machines are connected to the Internet 24/7 here in the US and in SE Asia.

For a home machine, OS X is more secure than Windows 2000/XP. Just for the fact that you have an OS that 97 % don't have.

The fact the OS X is a smaller target does help, but it is hardly the sole reason OS X is a more secure platform by default. Apple takes a proactive stance towards security. MS takes a reactive stance. They react months after the fact if they react at all.

If you are talking about a system that is available on the net, then you need to take different security precautions. As the example of my university shows, it is far from trivial to secure a system, no matter what OS you are using.

The only secure system is one that's not plugged in. A system's security is directly proportional to its adminstrator's competence. If I had been signing the paychecks of the admins in charge of the systems you mentioned, I would have also signed their pink slips.

[stew]

Encryption is the only thing that works.

Yes, OF passwords can be worked aroud with tricks, even though Apple denies it.

[car1son]

Originally posted by Millennium:
Putting sensitive stuff on a strong-encrypted disk image can help, but only if you don't store the password for that image in your Keychain.
Abusing the Keychain is also a recipe for disaster. Keep those in mind, though, and you should be fine.

I'm curious about this, if you don't mind elaborating.

I was under the impression that the Keychain's content is AES-128 encrypted. Shouldn't that make the passwords stored there as secure as the encrypted disk image itself?

Also, what constitutes Keychain abuse?

[car1son]

Duplicate post removed.

[Richard Edgar]

A system's security is directly proportional to its adminstrator's competence. If I had been signing the paychecks of the admins in charge of the systems you mentioned, I would have also signed their pink slips

Without knowing all the details, I don't think that's entirely fair. At a university, the 'opposition' are going to be students. They will be
a) Clever (at least some)
b) Have a lot of time on their hands
c) Have substantial access to the hardware
Security always has to be balanced with convenience. If the university system in question was for student use, then convenience is likely to reign supreme. There will be nothing of great import on the system, and anyone who takes it down is probably going to be facing a student lynch mob. In my department, all the machines NFS cross mount (so you can walk up to any machine and use it). This is very convenient, but NFS is a known security hole.

When I got to university, we were told something along the lines of "We try to lock things down, but our systems have holes. We know this. However, your exam results are not stored on a networked machine, and we will almost certainly be able to identify anyone who cracks us." It was also mentioned that the punishment for cracking the systems was being made sysadmin.

[Cipher13]

Originally posted by GENERAL_SMILEY:
The best (disclaimer: my opinion only) you can hope to do is use encrypted disk images, including an encrypted user image - even then a determined attacker could do his best to guess a variety of things about your system from the User folders which cannot be encrypted because they are needed early on in the systems startup. The disadvantage here here is that anybody coming across your lap top will notice what a paranoid lunatic you are and assume you have something to hide.

PGP disk seems pretty good, although the Disk Copy option is fine - if lacking certain refinements, and seemingly a little slower.

Of course all of this is irrelevant if you're carrying human rights material into Central America, and get stopped, then my best advice is run system 9, and PGP - you'll have them confused for hours with the use of invisible files, changed meta data, and hidden disks - (weird example I know but a friend of mine did work out there for awhile.)

As an interesting (to me anyway) side point check out this quote from The Register:
"Brian points out that some of the most secure Department of Defense Web sites -- ones that don't make headlines by getting cracked all the time -- run old versions of Mac OS and the venerable WebSTAR server suite. "[Mac is] a great operating system for that application," he says. "No scripting or remote capability at all, so there's no way for them to get in."

So there you go.
(link)

Indeed. I believe the Army uses OS9 and WebSTAR. Since they 'switched', they have not been hacked once. Anyway, OS9 and 8.6 are the only systems I completely trust online. If something goes wrong while using them, chances are it's my fault.

Originally posted by stew:
Encryption is the only thing that works.

Yes, OF passwords can be worked aroud with tricks, even though Apple denies it.

Indeed. However; Apple doesn't deny that OF passwords can be worked around. Infact, Apple does not acknowledge the OF password feature at all.

Originally posted by car1son:
I'm curious about this, if you don't mind elaborating.

I was under the impression that the Keychain's content is AES-128 encrypted. Shouldn't that make the passwords stored there as secure as the encrypted disk image itself?

Also, what constitutes Keychain abuse?

AES-128 is sub-par. And anyway, there's always a flaw. Especially when people use weak passwords.

No matter if you're using Blowfish, 3DES or PGP, if you use your birthday as a password, your data is as good as 'theirs'...

[Millennium]

Originally posted by car1son:
I'm curious about this, if you don't mind elaborating.

I was under the impression that the Keychain's content is AES-128 encrypted. Shouldn't that make the passwords stored there as secure as the encrypted disk image itself?

Here's the problem. Once they've stolen the hard drive, they can get password hashes out of your NetInfo database and use tools like John the Ripper to get your login password at their leisure. Once they have that, they can put the drive back and log in, and then they don't even need to get the passwords for anything else in your Keychain.

Also, what constitutes Keychain abuse?

Don't use it for anything really important. Web forums and such are generally OK, because while getting your account hacked there is annoying, it's generally not critically damaging. Blogs can be problematic, if you have personal private information there. Things like online banking sites are another beast entirely. It's less convenient, but for things like that you really should enter the password manually.

And don't use it for disk-image passwords. That defeats most of the point of encrypting the disk in the first place.

In general, when considering whether or not to store something in the Keychain, ask yourself how much of an inconvenience it would be if that password were to be hacked. Then, assume it happens; if you can live with that, then go ahead and store the password. Otherwise, do it manually.

[car1son]

Originally posted by Millennium:
Once they've stolen the hard drive, they can get password hashes out of your NetInfo database and use tools like John the Ripper to get your login password at their leisure. Once they have that, they can put the drive back and log in, and then they don't even need to get the passwords for anything else in your Keychain.

Okay, thanks, I can live with that.

I have two keychains, one for common stuff and one for more sensitive stuff. The latter has a completely different password. For the first, I use a >8 character login password (which Keychain uses in its entirety, while OS X login throws out everything beyond the first 8), so cracking the hash and logging in still doesn't unlock the Keychain.

Originally posted by Millennium:
Don't use it for anything really important...

Well, all these PINs and passwords have to go someplace - I'm more comfortable with AES-128 than I am with a yellow sticky or my memory.