It all started when I was trying to export a video from iMovie to iDVD on my Mac. Things were chugging along just fine. The progress bar was progressing. I had turned to another computer to continue working on a project, when suddenly…

ka-thunk… ka-thunk… ka-thunk…

What??? I frantically whipped my head around because that sound was all too familiar to me. I watched in horror (because it is almost Halloween), as my beloved black MacBook displayed the spinning beach ball and then everything froze on the screen.

Rebooting resulted in the “folder with question mark” display on the screen. Those of you with Mac’s know that this is not a Good Thing.

So, I’ve had this MacBook for 4 years and this is the first drive crash it has had. I’ve got another drive that I can put in, so that is not a problem.

But, what about all of that important data that was stored on the computer? Have I lost it?

The short answer is NO. An external drive and the Time Machine software in OS X saved the day. I’m restoring the system as I write this post. All should be well before the end of the day.

So, you are doing backups, right?

Several solutions exist for backups.

I really, really like the highly reliable, but simple to use, Time Machine with Mac OS X. If you use a Mac, you should invest $150 in a large external drive and set up Time Machine.

If you are running WindowsXP, you can use the built-in NTBACKUP.EXE application. On Vista/7, you can use the Backup and Restore application in the Control Panel. You could even use ROBOCOPY.EXE to do things manually.

Third-party applications can be purchased for both Mac OS X and Windows that work well. Often you will find that if you purchase an external USB-connected hard drive, it will come with backup software.

Many people like the online backup services. These only work well if you have broadband Internet regularly available to you. Dial-up users might pass on to the Afterlife while waiting for the initial backup to complete.

I see that my Time Machine restore is about 56% complete with a little over an hour to remaining. Ahhhh… What a good feeling to know that all my important information will be back in just a little while.

Here’s hoping that your backups are as good as mine,

- Dan

Sorry to bring this up, but your computer is not perfect. Neither were the programmers who wrote the programs. Neither were the dude’s who designed the hardware. And of course the user is not perfect!

Patches and Updates are used to correct programming errors and fix vulnerabilities in the software.

It is difficult to keep up with the vulnerabilities that are found for Windows, OS X and all the programs that are running on them.

So, today’s tip is to use the automated facilities of Windows and OS X to automatically update the operating system and applications.

To enable this in Windows, go to the Control Panel and look for Automated Updates.

For OS X, go to the System Preferences application and open Software Update.

Both Windows and OS X allow for the computer to download the updates on a set schedule. When you are notified of updates, you should let them install.

It’s convenient to just turn on your computer, go get a cup of coffee and have the desktop waiting for you when you come back. Right?

But do you realize that you are putting your sensitive data at risk when you do that?

What if you lose your computer? One barrier to the Bad Guys accessing your files is removed. I can think of countless scenarios similar to this.

If you are running Mac OS X, here are the steps to turn off automatic login…

1. Open System Preferences and then open the Security pane.



2. Put a check mark beside “Require password to wake this computer from sleep or screen saver”, and also put a check mark beside “Disable automatic login” for all accounts on this computer.

What about Windows XP or Vista? First off, you need Local Administrator rights to make this change. Second, if you are joined to a Domain, then by default your auto-login is turned off and this is managed by the Domain Administrator.

Here are the steps to turn off automatic login in a Windows XP and Vista environment…

1. Go to Start… Run… and then type control userpasswords2 in the Run… box and hit enter.



2. Put a check mark in the box beside Users must enter a user name and password to use this computer. Click Apply, then OK.

That’s all there is to it! Pretty simple, and greatly increases the security of your files in the event you lose your computer, or someone without permission turns your computer on.

- Dan

Rob Griffiths over at MacWorld.com created a list of his eight favorite OS X features. It can be found here.

Item number three for Rob is The Unix underpinnings. I couldn’t agree more!

The Unix security model is left fairly well intact in OS X. As a result, the standard installation of OS X is reasonably secure. This is a big win for the home or small business that does not have qualified I.T. or InfoSec staff handy.

It should be noted that it is easy for the OS X user to make the system vulnerable. Weak passwords, indiscriminate file or printer or screen sharing, and messing with permissions on directories and files can all affect the security of the system.

OS X fits the bill for many organizations. Why not give it a try at yours?

- Dan

I’m in the process of setting up a seldom-used PowerBook G4 to use as my “Security Tools” notebook. It is running 10.5.6 with the xcode tools installed.

Now, the software that I’ve installed so far for InfoSec purposes…

• MacPorts – This is “a system for compiling, installing, and manaaging open source software” on mac. Yep, the purpose for this is to make the installation easier for several tools. I know that I could go through the manual compile, but if MacPorts can make it easier, why not use it?
• nmap v4.76 via MacPorts – Ok, so a pre-compiled binary is available from insecure.org, but I wanted to use a known tool for my first MacPorts install. Nmap is a very powerful network scanning tool.
• KisMAC – This is a passive wireless scanner in the vein of NetStumbler.
• Wireshark – A open source protocol analyzer

More tools will be added later.

Oh yeah, I probably have not put your favorite tool on the notebook. Let me know what you are using.

- Dan

You probably have sensitive information stored on your notebook computer and may not even realize it. The loss or theft means that sensitive or confidential information has been removed from your control. Who knows where the information will end up, or what it will be used for.

1. You can take some very practical steps toward protecting the sensitive information that is stored on your notebook computer. Let’s start with basic steps and progress to some more complex solutions.
2. Make sure that your notebook is configured to disable automatic logins into Windows, or whatever operating system you choose to use. While it is convenient to just turn your computer on and begin using it, if it is lost or stolen, there are no barriers preventing access to the sensitive information.
3. Consider enabling the boot password. This is sometimes called the BIOS password. Notebooks using the newer EFI have a similar capability. This provides yet another barrier in the event of theft.
4. Disable the default administrator account. Many Windows users do not even know that they have an administrator account active. Unix or OSX users should make sure that this account has a very strong password.
5. Speaking of passwords, your user login (and the administrator login) should have a password that is complex. It should be a combination of letters, numbers and special characters. It should not be written on a label that is stuck to the keyboard. Yes, I have seen this done!
6. Consider whether you really need this sensitive information on your computer. If you are in a public school, do you really need your complete grade book with student names, addresses and phone numbers on your notebook? If you have a small business, do you really need the credit card numbers from your on-line sales carried around on your notebook?
7. If you determine that you really do need the sensitive information with you, then you should use file or disk encryption. Most recent operating systems have this feature built in. If you need or want more features there are a variety of 3rd-party encryption solutions available. Windows XP comes with EFS. Windows Vista has Bitlocker. Mac OSX has Filevault and can create encrypted disk images. If a more robust solution is required, consider PGP Disk or TrueCrypt.

The bottom line is this, the loss or theft of a computer containing sensitive or confidential information can have a significant impact on your reputation, or the reputation of your organization. Are you willing to accept this risk?

- Dan