I work in information security and have been a security engineer at an organization that uses mainly mac machines. I'm using Cookies Manager in FF for this, but I assume other alternatives exist. Banning cookies from most invasive domains (eg Google and many ad networks).I should really be running all browsing out of its own VM. Sensitive things like work and bank related issues are run from their own dedicated browser in their own dedicated VM.Nameservers that claim to be authoritative for Apple and a number of other hosts, including most social media.Everything over a VPN whenever possible.Most privacy/security related things in system preferences set to be as hobbled as possible.Disable Spotlight searching external volumes.Disable anything network related in Spotlight.Apple has a way around this with physical access, which means everyone else does as well. Enable firmware password in an effort to prevent booting off other media.Just log for a day or two with tcpdump and everything set to as private as possible and you'll see.īeyond that, not counting what you've already done: The problem with disabling things in OSX is that it still sends plenty of data out. It works quite well and is well worth the money in my opinion. Try Little Snitch for blocking individual applications and hosts. Some of them are quite suspicious in nature, like " PasswordBreachAgent" sending signatures of your Safari used/saved passwords upstream to see if any have been compromised.ĭid you know that was running all the time? It is. Light up Little Snitch in Block/Alert mode and watch how many hundreds of services try to phone home without your consent or knowledge.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |