Mac Security: Privacy
At the very least, losing your wallet to a thief is a major pain in the neck: you lose your cash and (possibly) some precious mementos, and you have to cancel your credit cards and replace your driver’s license. More seriously, the thief could steal your identity, using your personal information to make purchases, get loans, or cause you all kinds of grief by pretending to be you.
All that and more could also happen if your Mac’s data were to fall into the wrong hands.
Privacy software addresses concerns like these by making sure that any confidential information you keep on your computer or send across the Net can be seen only by you and the people you designate. In most cases, that means using some form of encryption.
Threats to computer privacy—and the software tools that address those threats—fall into two broad categories: threats from physical loss and threats from electronic snooping.
Physical Loss Computer theft is unfortunately quite common. Thieves are certainly interested in your Mac, either to keep or to sell. But anyone with a bit of curiosity and a few minutes could discover all kinds of useful things about you by examining your files—especially if your keychain is unlocked or has an easily guessable password.
A laptop is more likely to be stolen than a desktop, especially if it spends a lot of time outside your home or office. A Mac Pro in a locked room of an isolated house with a big guard dog is certainly less likely to be stolen than a MacBook Air you carry with you all the time as you walk around a big city.
Also, laptops are frequently simply lost—left on restaurant tables or at bus stops, forgotten at airport security checkpoints, or otherwise misplaced. Although an honest person might locate and return your lost computer, you might not be so lucky.
Even if your computer is right where it’s supposed to be, other people can still get to your personal information. Family members, friends, or coworkers, say—any of them could, in theory, snoop around on your hard disk. And if your Mac breaks down, any repair technician could potentially see your private data.
Electronic Snooping A criminal doesn’t need physical access to your Mac to do you wrong. He or she can snoop into your network traffic (unencrypted Wi-Fi connections are especially easy), looking for strings of characters that might be passwords, account numbers, and the like.
There’s no way to determine the exact likelihood of your network traffic being intercepted. But anecdotal evidence suggests that snooping is quite common. Whenever you use an unsecured wireless network—from an office, coffee shop, airport, or park bench—someone could be eavesdropping.
Snooping on wired Internet connections is harder but still possible. In theory, anyone who can tap into the network at any point between you and the servers you visit (for example, an employee of an ISP, a government agent, or someone else with physical access to one of the many routers your data passes through) could pick out your passwords, account numbers, and other private data.
Whether you’re talking about physical vulnerabilities or electronic ones, you do have the odds in your favor. Thieves, hackers, and spies have only so much time to do their work. They can’t attack all the computer users out there. But even if the odds are one in a million that you’ll be attacked in this way, you can make it just about impossible by using encryption and other software to protect your privacy.
OS X’s Privacy Tools
Encryption software can ensure the privacy of data you’re storing on your hard drive or sending to other people, by making it essentially impossible for anyone else to read. OS X itself has some built-in encryption tools that address part of the problem, and third-party software can help with the rest.
Protecting Your Files To protect yourself against people who have physical access to your Mac, you should consider encrypting at least some of the data on your hard disk. You can encrypt anything from a single file to the contents of an entire volume. Unless you’re protecting state secrets, one of the many off-the-shelf encryption tools available for the Mac, combined with a good password, should be good enough to keep your data safe.
OS X’s FileVault feature encrypts the entire contents of your user folder (/Users/youruserfolder). To activate FileVault in Leopard, go to the Security preference pane and click on the FileVault tab. If you haven’t already done so, click on Set Master Password and specify a password that you can use to unlock FileVault if you forget your regular login password. Make it a good one but one that you’ll remember—and be sure not to lose it. Then click on Turn On FileVault. (The process of encrypting your user folder takes time.) Remember that, before you start, you’ll need at least as much free space on your disk as your user folder currently occupies. Once FileVault is on, logging out will encrypt all your files, and logging in will decrypt them again.
While you’re at it, you should consider encrypting your virtual memory (select Use Secure Virtual Memory on the Security preference pane’s General tab). Then if someone examines the virtual memory files written to disk as you use your Mac, they won’t find any unencrypted copies of your data.
If encrypting your entire user folder with FileVault seems like overkill, you can instead store important files in an encrypted disk image created with Disk Utility.
To do so, open Disk Utility (in /Applications/Utilities). Choose File: New: Blank Disk Image. Enter a name for the disk-image file and choose a location; also enter (in the Volume Name field) the name you want the mounted image to have. From the Volume Size pop-up menu, choose the maximum size you want your disk image to have. Select Mac OS Extended from the Format pop-up menu, choose 128-bit AES Encryption from the Encryption pop-up menu, leave Partitions set to Single Partition - Apple Partition Map, and choose Sparse Bundle Disk Image from the Image Format pop-up menu. Then click on Create. When prompted, enter and repeat a password and click on OK.
To use your new disk image, simply double-click on the file. Enter your password when prompted, and the volume will mount in the Finder. You can then copy files to it and open them directly from the image. When you eject the image, log out, or shut down, the files will be inaccessible to anyone who doesn’t have the password.
Protecting Your Communications To protect your e-mail, you can use one or more forms of encryption. Similarly, you can encrypt live chats in iChat or other instant-messaging clients to protect them from interception. (For more advice on securely transferring files, see Transferring files securely.)
The easiest way to start ensuring secure communications is to use SSL (Secure Sockets Layer). Almost all modern e-mail services (including, naturally, MobileMe) offer SSL as an option for receiving mail (using IMAP, POP, or Exchange) and for sending mail (using SMTP). SSL encrypts e-mail as it travels between your computer and your e-mail provider (in either direction); though, messages will still be stored unencrypted on your mail server and the recipient’s mail server.
In most cases, you just need to turn on this option in your e-mail program—but before you do, confirm that your e-mail provider supports SSL, and find out if it requires the use of a special mail server address or other configuration changes.
To activate SSL in Mail, choose Mail: Preferences, click on Accounts, and select your e-mail account in the list on the left. To use SSL for incoming mail, click on the Advanced tab and make sure the Use SSL option is selected. To use SSL for outgoing mail, click on the Account Information tab and choose Edit Server List from the Outgoing Mail Server (SMTP) pop-up menu. Select the SMTP server associated with this account, click on the Advanced tab, and make sure the Use Secure Sockets Layer (SSL) option is selected. Click on OK.
If you use another e-mail program, consult its documentation to learn how to turn on SSL. If your e-mail provider doesn’t support SSL, you can opt to encrypt your entire Internet connection with a VPN instead.
SSL protects your messages during just part of the journey between sender and recipient. To make sure that no one but you and your correspondents can read your messages, even when those messages are sitting on a mail server, you need to encrypt their contents. Apple Mail has built-in encryption capabilities. (Again, see this month’s Mobile Mac, page 86, for more.) If you use another e-mail program, or if you want a simpler setup procedure, you can use third-party software (described just ahead) to encrypt e-mail.
Instant-messaging (IM) sessions in iChat or another client are also vulnerable to snooping. If you use IM mainly for small talk, this risk might not bother you at all. But if you exchange business plans, passwords, or other confidential information via IM, you should consider encrypting your chats.
Some IM programs (such as Skype) encrypt chats automatically. iChat can encrypt chats if you’re a MobileMe member. To set this up, open iChat and choose iChat: Preferences. Select your MobileMe account in the list on the left, click on Security, and make sure the message at the bottom of the window indicates “iChat encryption is enabled.” If it reads “iChat encryption is disabled,” click on the Enable button to enable it.
Third-Party Privacy Tools
When it comes to encrypting your files or keeping your communications confidential as they traverse the Net, there are several third-party apps that can substantially supplement OS X’s built-in tools.
Protecting Your Files If neither FileVault nor an encrypted disk image suits your needs, you should consider a third-party encryption program instead.
Numerous Mac programs can encrypt individual files or folders (or create “vaults,” often in the form of proprietary disk images, for holding multiple files). Examples are Intego’s $40 FileGuard X5, Marko Karppinen’s $30 Knox ( ), PGP Desktop Home ($99; ), and Smith Micro’s $80 StuffIt Deluxe ( ).
These programs typically offer greater flexibility and more features than either FileVault or Disk Utility.
For example, StuffIt Deluxe not only encrypts but also compresses your files. PGP Desktop Home can also encrypt e-mail and instant messages (a new version of that program should be available by the time you read this; see Macworld.com for our review after it comes out). You can set FileGuard to securely overwrite the original versions of your files automatically when they’re copied to an encrypted image.
If you want to encrypt an entire volume (other than your startup volume), consider the free, open-source TrueCrypt, which can also create hidden encrypted volumes. Two products can encrypt an entire Mac startup volume: Check Point Full Disk Encryption ($120) and PGP’s Whole Disk Encryption ($119). Check Point Full Disk Encryption is geared toward corporate customers who buy in volume, while PGP Whole Disk Encryption is readily available to individual consumers.
Protecting Your Communications If you want to be absolutely certain that a message will get to its destination without being read by anyone else, but don’t want to jump through the hoops Apple Mail requires, look for a third-party option. Your best bet is software based on PGP (Pretty Good Privacy), a widely used, platform-neutral encryption system.
The commercial version of PGP, PGP Desktop Home, lets you sign and encrypt e-mail messages with just a few clicks; it also ensures that all your e-mail accounts use SSL. (Your correspondents must also be using some version of PGP.)
Alternatively, you might try the free, open-source Mac GNU Privacy Guard (or Mac GPG for short). Mac GPG lacks many of PGP Desktop Home’s snazzier features. It also requires the installation of several different packages and takes a little bit of effort to set up. (For example, to use it with Mail, you’ll need a separate open-source add-on called GPGMail, the Leopard version of which is still in beta.) But it’s compatible with PGP and makes a good, inexpensive way to get started with e-mail encryption.
For most users, simple approaches (perhaps even using OS X’s built-in software) are more than enough to protect privacy. Secure your e-mail with SSL and your iChats with MobileMe encryption, and either create an encrypted disk image to hold sensitive files or use FileVault to encrypt all your personal documents. If you need more power or flexibility, try a third-party program, but be sure to download a demo version and give it a thorough tryout before buying it. Even the most powerful encryption software does you no good if using it turns out to be so cumbersome that you avoid it.