What Is Security?

Among other definitions, Webster's New Universal Unabridged Dictionary defines "secure" as "free from danger, not exposed to damage, attack, etc." This is a reasonably good definition of secure for the purposes of computer security. Unfortunately, in computer security, especially with an operating system as powerful and as complex as Mac OS X, it's arguably impossible to attain a state that is "free from danger." "Almost free from danger" may be attained, but only almost, not absolutely. It turns out that for most computer security issues, there is a sliding scale between usability and security. The closer you get to making your machine absolutely secure, the less usable it becomes, and the more usable it is, the less secure it will be. If you disconnect it from the network, it can't be attacked via the Internet. Likewise, if you disable passworded logins, you don't need to remember your password to use the machine, but nobody else needs one to access it either. Of course, if your machine is insecure and someone takes advantage of that to break in and do damage, your machine loses usability as well.

Security for your machine therefore is an ongoing series of trade-offs between making your machine usable enough to get done what you want to do, and secure enough that it retains its usability. Because users in different situations have varying needs for stability and usability, there is no single "best" answer for how you approach system security. You need to evaluate your own needs and make your own decisions regarding what is "secure enough" for your computer.

Regardless of the level of security you decide on as appropriate for your own use, be aware that if your machine is connected to a network, even if only by a dial-up connection, you have responsibilities and security needs with respect to the rest of the computer-using world as well. Even if you can tolerate extreme insecurities on your machine for the sake of the additional convenience it brings in usability, a good network citizen does not allow his machine to be used as a stepping stone for attacks on other computer users. Your responsibilities with regards to other computer users are less flexible than your responsibilities with respect to your own use. Administrators of traditional Unix systems have historically been thought of as highly respectable network citizens , because they have a history of policing their own, and of maintaining a high standard of concern for the well-being of other network users. Users and administrators of some other operating systems, including some nontraditional Unix variants, have, on the other hand, become thought of as generally uneducated boors and scofflaws in the network community. This is because of their general lack of concern for the damage that their unsecured systems cause to other computers around the world. We hope to see Mac OS X users and administrators welcomed into the fold of respectable, responsible Unix users, and hope that we can do our part in helping you to understand how your decisions affect other members of the network community.