Computer security ”who would ever have thought that Macintosh users would have to worry about computer security? Macs were the computer for "the rest of us" ”for the folks who didn't want to have to read complicated manuals, learn complicated commands, or worry about complicated technical subjects. Apple promised us computers that would get out of our way and let us do our jobs, enjoy our hobbies, or do whatever else we wanted.
For years Apple delivered. For years , Macs were the easiest machines to use. From a security standpoint, they might as well have been toaster ovens: They didn't have a shred of security built in, and didn't need it either, because there wasn't a thing you could do to compromise a toaster oven. But we, the users, weren't satisfied. We didn't want toaster ovens. We wanted more: more power, more functionality, more accessibility, more software. We heard industry buzzwords like "preemptive multitasking" and "protected virtual memory," and we wanted our Macs to have these nifty new features. Industry pundits and the media made fun of Macs because of their " backwards " OS. Worse, after that other big OS manufacturer finally figured out that users wanted mice and graphical user interfaces, they also started working on adding other advanced OS features to their systems. We heard the taunts and shouted for Apple to give us more. How dare that other OS vendor make a system that could legitimately claim to be "almost as good as a Mac"? Worse, how could their users actually get to enjoy features that were more advanced than what we had on our Macs?
Apple listened, better than some of us hoped, better than many of us expected. Now we, the users, have to live with the consequences of getting what we've asked for. It's most definitely not all bad. We've once again got, hands down, the best OS around, and we've got so much more power and potential available that it will be a long time before we should need to think about another major revision of the OS. But, as they say in the movies, with great power comes great responsibility. The price of the modern operating system features that were requested , and that Apple has provided, is that these features are much more easily abused and misused than the previous versions of Mac OS, and must be more carefully defended. As citizens of the modern globally connected Internet, we've a responsibility to prevent that abuse and misuse of our machines, both for our own protection and for the protection of our networked friends and neighbors.
The good news is that Apple seems to see the wisdom in following a time- tested security model borrowed from the same BSD/Unix source as the underpinnings of Mac OS X. Unlike other OS vendors who loudly shout "You are secure!" to their users while selling them products with intentionally designed-in security holes, Apple appears to be encouraging you to make your computer secure, and to be putting the tools and information in your hands to test, verify, and maintain that security. If you do nothing more than install Apple-recommended software updates, and stay away from certain troublesome applications, you'll probably be more secure than the vast majority of computer users. You might not enjoy your previous toaster oven “like invulnerability, but so far, Apple's doing the right things, the right way. In this environment, the job of this book is to introduce you to security topics that Apple can't conveniently cover (such as how to mitigate the additional threat that simply running a more powerful operating system brings to the machine), and to teach you as much as possible about the computing and security culture you've suddenly been thrust into as a (willing or unwilling) Unix user.
Many of you reading this may not initially think that there could be anything remotely interesting about keeping your computer secure, and are probably reading this hoping for a collection of "do this, click that, and you're secure" recipes. Unfortunately , it's not that easy. It now takes a bit more work to protect your computer and network so that you can use them and so that others can't use them for mischief. The intent of this book is to make it as easy as possible for you, and give you every possible bit of recipe-like help, but Unix security requires a certain way of thinking, which isn't something you can approach as you would a cookbook. Wrapped around the recipes provided here is the much more important information that will let you see how the vulnerability came about and why the recipe solves the problem. The real thing you should focus on is developing an understanding the fundamental design flaws and other problems that allow the problems to exist in the first place. By understanding these, you will also be able to see where similar undiscovered problems might occur in other software or OS features, and it is this understanding and insight that will allow you to make your computing environment secure.
Sometimes the tone may seem pedantic, but this is because we really do want you to learn to "Think Secure." Too many computer users either take their OS vendor's hollow promises of security seriously or consider it a useless topic to be concerned about. You, however, are Mac users ”you're better than that. A large part of the satisfaction of writing this book is the knowledge that during the daily bouts of cursing filtering from computing staff offices regarding idiot computer users who refuse to take security seriously, you aren't going to be one of the ones they're cursing about.
This book is divided into four conceptual sections. The first three cover the concept of computing security from different angles, and the fourth outlines tools and principles that broadly apply across the scope of computing security. The first section focuses on security principles, philosophy, and the basics that you need to know to develop the skill of thinking secure. In this section you can learn everything that you actually need to know about security ” essentially develop the instinct to know when to be worried, and about what , and have the sense to act on your concerns . The second section covers the basic types of attacks and systematic security flaws that are possible. Most of these attacks or flaws are applicable to a great number of pieces of software and areas of the operating system. In this section, you'll fill in the gaps in your understanding, in case you aren't naturally paranoid enough to see these after reading the first section. The third section of the book addresses specific applications and the vulnerabilities you'll find in them. Although this book covers those areas and applications that are the source of the most significant flaws, these should be considered to be representative of general security issues with all similar applications. The discussion of specific application vulnerabilities in the final section should serve to further reinforce your understanding of the ways that the security principles and philosophy outlined in the first section apply to the types of attacks and flaws in the second and result in the variety of vulnerabilities seen in the third. The final section covers computing security tools, both in the specific sense of certain tools that can be broadly applied across the application domains that have been previously discussed, and in the general sense of the types of tools and capabilities that you should be searching for when trying to find good solutions to security problems.
If you've a mind like a steel trap, and a good technical grounding , the first and last sections may be all the book you need. If you're one of us mere mortals , it may take a bit more time for the import of the implications from the first section to sink in. That's what the second and third sections are for.
In another fashion, you may think of the first section as laying a groundwork for the understanding of computing security. The second section segments this ground longitudinally into types of attacks and flaws, and the third overlays this with a grid of applications, highlighting the flaws that exist in each. The fourth section then provides both some specific tools, and an overview of the general field of broad-application security tools, that you can use to blanket large areas of this groundwork with various layers of protections . As new types of flaws are discovered and new attacks are invented, and as you consider applications other than what we've covered here, you'll need to further subdivide and extend the groundwork, but the skills you've developed learning to think about the issues covered here should allow you to do this easily.
If you're a creative problem-solving type, or like mind teaser-type puzzles, you might even find that this can be fun. It's as competitive as any multiplayer strategy game, and by virtue of the networked nature of many security issues, it pits you against a nearly unlimited arena of competitors . As long as you can balance the need to take it quite seriously with not letting it start to feel like work, fixing computer security can be a quite gratifying pastime or occupation .
If your computer security has already been compromised, stay calm and proceed directly to Chapter 20, "Disaster Planning and Recovery," and also swing by the security section on www.macosxunleashed.com with your specific security issues. We want you to learn to keep your computer secure, but the assumptions of the rest of the book are that your computer is starting from an uncompromised state. If your security has been breeched, you need to repair that breech now and repel the intrusion. After you have things under control, then you can come back and learn how to keep them under control.
Finally, please realize while you read this that there is no such thing as a complete book regarding computer security. Because of the breakneck speed of the battle between the hoodlums who would do your computer harm, and computing security hobbyists and professionals, this text, like every other computing security book, will have outdated information in it before it even hits the bookstore shelves . Likewise, there will be new attacks and vulnerabilities that we haven't heard about that are in active play on the Internet before you've finished reading this introduction.
There are also a number of security topics that have undoubtedly been given, through page-count concerns, perceived audience interest, or sometimes simply due to where our limits of experience are as authors, less coverage than some readers may think that these topics deserve.
We've tried our best in writing this to provide you with the tools and resources to intelligently meet these new threats and to independently discover and master topics that we might have missed. We hope that we've provided a solid enough foundation for you to learn how to face new areas without going out and buying yet another (inevitably outdated) book. To assist you further with this, we are creating a security section for the www.macosxunleashed.com website, and we will populate this section with errata to this book, pointers to new and pressing information that we discover, and any additional topics that we find need more thorough coverage. Think of this site as a living appendix to this book. If you find new threats, new techniques, or new security topics that you would like to see covered, please consider submitting the suggestion to the security forum on www.macosxunleashed.com, so that we can better serve you, and other readers who might be interested in the same topic.
Best of luck, and compute safely!
John, Will, and Joan Ray
PERSONAL NOTE TO THE READER:
Computing security is one of the topics about which I cannot write without some of my severe distaste for certain actions and mindsets coming through in the writing. You may be surprised to note that I hold those who would invade your system and do it harm to be some of the most contemptible scum of the computing world, but I can simultaneously admire the cleverness with which some of the programs are written and some of the methods are devised. More surprising to some will be the fact that I hold the people who knowingly write software that facilitates the creation and propagation of such attacks, and who persistently and insistently continue to produce and sell this dreck, even in the face of the ongoing havoc and devastation that it creates, to be beneath contempt. Many of the most serious security threats and compromises that you will meet are unfortunately enabled by the intentional acts of commercial software vendors, rather than by the clever discovery of flaws in a system's infrastructure. The people and companies who sell you software with such flaws do so with the full knowledge that the software contains the flaws, and of the potential harm these flaws might cause. They do so for one motive only: profit. Allowing the flaws to exist allows them to provide more apparently " convenient " features, with less investment on their part. These scabs on the festering underbelly of computing act as the drug dealers of the computing world, pushing their damaging wares on the unsuspecting, claiming it to be safe like candy , all for the purpose of bolstering their bottom line and fostering further addiction to their products, all with a complete disregard for the actual safety, security, and productivity of the end users.
The people and companies that will do this, however, are allowed to continue only because the mass population of computer users have thus far been kept in the dark regarding the security costs of the conveniences that come in their software. You have the power to change this pattern, to say "no, I won't accept software that makes my life 1% simpler, at the cost of making my computer 100x more likely to be broken into," and to demand a higher class and quality of software. For you to protect your computers, improve the state of computing security, and to become responsible network citizens of the global online community, educating yourself about the consequences of the software you run, and taking responsibility for its actions, is a step that you must take. Throughout this book, I will do my best to help you learn to see these consequences, and to convince you that the benefits of being a responsible, informed, and proactively secure computer user far outweigh the minor inconveniences that you will incur as a cost of behaving responsibly.
In short, although I feel I can relatively dispassionately describe to you the threats, consequences, and solutions to a large cross section of computing security issues, I will not withhold my venom for those whose "professional" actions are designed to facilitate these threats, and I will not sugarcoat my descriptions of the consequences of running such "designed insecure " software. In this day and age of concern for national and personal security, it would be nearly impossible for a dedicated group of terrorists to engineer more effective defects into our national computing infrastructure than what is being sold to consumers every day by major software houses . There are evil people out there who would do you harm, and there are even more viciously evil people out there who would not only allow you to come to harm, but facilitate harm's ability to find you, to further their own corporate goals. If you don't want to hear about them, you're reading the wrong book.