IN THIS CHAPTER
What Is Security?
Traditional Mac OS Versus Mac OS X
Understanding the Threat
P ANIC ! This can't be happening, not now! Your hands shake so badly you can hardly be sure you've typed your password correctly, and the clammy cold sweat down your back fights with the rising temperature of your brow making you wonder whether the room's suddenly gotten too hot or too cold. But there it is again ”that quick shimmy of the login box, and your Mac OS X machine rejects your valid login again. Your machine has been connected to the Internet for a while, and you've been putting off worrying about making certain it's secure. Now it's rejecting your login ”something's wrong, possibly terribly wrong.
Sometimes it's the electronic equivalent of a bump in the night, the creak of that noisy floorboard in the hallway, when you know that you're home alone. If you're lucky, maybe the cracker you face is timid, and a shout and a wave of the shotgun are all that are necessary to save your data. Other crackers are less cautious, and less subtle; you might be about to experience an electronic mugging. Still others you're unlikely to ever be aware of, unless they choose to trash your system for amusement after they've explored it and used it for whatever their purposes might be.
Sound a bit melodramatic? Can't quite wrap your head around the scenario, or why you should be worried? Imagine that your term paper's in there, and it's due tomorrow. Or perhaps it's April 15th, and you were just finishing up your income taxes. Now your machine is telling you that it doesn't believe that you exist. Even if rebooting it cures the login symptom, do you know what's happened ? Can you be sure that someone hasn't been digging around in your system, leaving themselves little back doors with which to get back in? Is that project you've been working on still intact? What about files belonging to other users of your machine? Welcome to the world of Unix security, or more aptly, insecurity.
Whether it's a login that's suddenly changed, files that are missing, or a credit card that's been maxed out by mysterious online charges, the evidence that you've been cracked is rarely pleasant, rarely sufficient to identify and track the perpetrator, and almost never discovered early enough to prevent the damage.
More insidiously, with networked, multitasking, multiuser computers such as Macintoshes running OS X, a security hole can allow malicious individuals to make almost undetectable connections through your machine to other, remote systems, using your machine to disguise their path . It's quite possible ”in fact likely ”that crackers using your machine as a stepping stone will leave no trace on your machine, and the only evidence that they've been there will be the damage that they've done to someone else's, with all the logs pointing back to you.
If you've come to OS X from a traditional Macintosh background, this last issue is one you've never had to deal with before, and quite probably one that you don't want to think about dealing with now. Many users of another major commercial operating system don't want to know about or deal with that problem either. The result is an ongoing series of network security debacles that have all but brought the entire Internet to a screeching halt several times over the last year alone, and that regularly costs businesses and consumers billions of dollars in damage and lost productivity. We'd like to think that Macintosh users are a more thoughtful breed, and that although you may be even less inclined to want to look at the ugly underbelly of your operating system than those other guys, you're a bit more concerned about having a machine that's useful and stable, and also more sensitive to the next guy's need for security, too.
This book teaches you about the ways in which your machine can be insecure , and some of the things that you can do to protect it. Apple's done the best job we've seen of providing a reasonably secure Unix, straight out of the box, and we'll help out by providing you with some more tools and tips that will be useful. The most important tool in your security toolbox, however, and the one we most want to help you develop, is a certain level of paranoia . In computer system management, confidence in your system's security is the prime requisite for the occurrence of a security breach. The contents of this book will enable you to develop and maintain an informed level of caution regarding your system's security, and to explain and defend that caution to others who might not be as concerned. The target of "a secure system," however, is constantly changing, so you should take what this book contains as a primer in how to think about system security, not as a final statement of everything necessary to remain secure for all time.
In some places you may think we're suggesting that you be too paranoid , or that we've waxed overly melodramatic. Perhaps we have, or perhaps it's just not possible to fully appreciate some of the things we'll talk about unless you've had the privilege of a visit from the men in nice suits and dark glasses (yes, G-men really do dress the way they're stereotyped). Either way, the worst thing you can do for your system's security is to let something that's supposed to encourage you to be wary instead convince you that it's just not worth it. Yes, many of the people who use that other operating system don't worry at all about their system security or the damage that the lack of it is doing to others, and the FBI rarely if ever visits them ”but the security world is largely convinced that they're all too naive (actually, security professionals tend to use less polite terms) to understand security, and educating them is too large a problem. We're firmly convinced however that Mac OS users actually care about security, and that they are willing to put forth the effort to learn some basic security skills. The way you're going to avoid security headaches isn't by taking a Valium, zoning out, and playing dumb to security issues; you're going to do it by being an upright and responsible network citizen, and taking proactive responsibility for your computer's security. The fact that you're reading a book on computer security is evidence that you already stand a cut above the crowd . Keep up the good work, and let us help direct your learning efforts.
We're here to teach you to be paranoid like a pro, and to respond to what the paranoia tells you in an intelligent , measured fashion. At the worst, eschew the paranoia and practice the security measures we outline: They'll keep you mostly safe, most of the time. The paranoia's good for informing you of issues that haven't been discovered yet, or that we haven't thought to include, but you can get by better than 90% of the users out there, even if you decide that professional paranoia is too difficult. At the best, who knows : You might discover that you like this stuff. Computer security is the only information-technology field where salaries keep on rising, and jobs keep on being created without a blip, as though the dot.com bust had never happened.