Sometimes we don’t want to just securely delete single files. Sometimes we want to do this to the entire hard drive. This is what’s known as a low level format. Sure we can do a regular format in Windows, but us Mac guys have the option to perform low level formats on our drives. Not only do we have the option to perform a low level format, but we have the option to perform seven consecutive low level formats, which is the current government standard before disposing of hard drives that may contain sensitive data. But if you’re even more paranoid than the United States government, you even have the option to perform thirty-five consecutive low level formats on a drive. Another cool feature of the Mac, which isn’t really a security feature, is something called target disk mode. I can connect my iBook into another Mac or even a PC via a firewire cable and boot my iBook while holding down the “T” key. When I do this, my iBook will work as if it were an external firewire hard drive. Relating this to formatting hard drives, I can perform the format by connecting my iBook to another computer via firewire, instead of booting from a CD that can do this or having to remove the hard drive and plug it into another computer.

Now, you may feel your Windows computer is relatively safe behind that NAT at home, but what about your laptop when you go to those coffee shops that offer wireless internet? Not only do you have to worry about those other pesky Windows users bringing worms on their unpatched laptops from home, but you have to worry about the local 1337 hax0r that hangs out port scanning. Well, Mac OS X has a solution: Stealth Mode. Go to “Sharing” under the “System Preferences,” select the “Firewall” tab, click the “Advanced…” button, and check the box that says, “Enable Stealth Mode.” Beneath the check box, Apple provides us with a description of this feature, “Ensures that any uninvited traffic receives no response – not even an acknowledgment that your computer exists.” So now when the local 1337 hax0r uses a port scanner like nmap, he’ll get no response. How 1337 is that?

The last feature I’m keen on isn’t so much a feature with Mac OS X. It’s with the Safari web browser. Safari has an option called “Private Browsing.” Select “Safari” in the menu bar and then select “Private Browsing.” But what does it do? Safari states when you click this option, “When private browsing is turned on, webpages are not added to the history, items are automatically removed from the Downloads window, information isn’t saved for AutoFill (including names and passwords), and searches are not added to the pop-up menu in the Google search box.” Of course, truly secure web browsing requires a bit more than that. But it’s nice to know that with a simple, single option, I can prevent important information from being stored locally on my computer. For example, my user name and password when I do my online banking.

Now, to sum these features up, we have: FileVault, secure virtual memory, secure empty trash, erase free space, low level formats, stealth mode, and private browsing in Safari. Of course, these are just some Mac OS X features that Windows lacks. Ensuring security and privacy takes a whole lot more than this, and good practices by the user.

If you’re interested in learning more about securing your personal computer whether you’re using a Mac, Windows, or Linux, the NSA has a plethora of publications on their website that I feel is a good starting point. A particularly noteworthy publication:

Apple Mac OS X v10.3.x “Panther” Security Configuration Guide

http://www.nsa.gov/snac/os/applemac/osx_client_final_v_1_1.pdf

The End