Washington Apple Pi

A Community of Apple iPad, iPhone and Mac Users

Mac Security: Physical, Mental, and Spiritual

Part I: Physical Security

© 2005 Lawrence I. Charters

Washington Apple Pi Journal, reprint information

Note: this is Part I of a three part series. The three articles can be found at:
http://www.wap.org/journal/security/
http://www.wap.org/journal/security2/
http://www.wap.org/journal/security3/

Prelude to a storm

Over the past several years the issue of computer security has left the cloistered realm of computer science and computer user group publications and entered the mainstream, with front-page stories in newspapers large and small, lengthy reports on the evening TV news, and full-page ads (from Microsoft) in newspapers and magazines. Even USA Today, infamous for avoiding big words and news stories longer than a sound bite, devoted two massive two-page, illustrated, well-written spreads to computer security last year.

Virtually all of these stories, with good reason, focus on the various flavors of Microsoft Windows. Individually and collectively, the jumbled versions of Microsoft Windows are by far the least secure operating systems you can use. In several tests with “honeypots” (the term was picked from “Winnie the Pooh” stories, where Pooh can resist anything but a pot of honey), default installs – no customization at all -- of Windows 2000, Windows XP, Red Hat Linux, Solaris and Mac OS X were made on stock computers and then the computers were placed, unprotected, on the Internet. Hackers (usually automated hacking programs) took over the Windows computers within minutes; the fastest documented compromise was 18 seconds. None of the Macs, by the way, were compromised at all.

All this attention and publicity, while warranted in the Windows world, has distorted the issue in the minds of Mac users. So consider computer security in three different realms:

In the Windows world, the threats to a computer are, in order of most likely to least likely:

  1. Spiritual: it is almost impossible to run a Windows computer and avoid having unseen demons creep into it.
  2. Mental: with Windows computers, mental errors are far more common and more likely.
  3. Physical: Windows computers are just as vulnerable to physical security issues as Macs.

In the Mac world, the threats are essentially reversed:

  1. Physical: Macs are just as vulnerable to physical threats as Windows computers, and most problems with Macs come from poor physical security.
  2. Mental: while the Mac interface has been derided by (non-Mac-using) critics as “coddling,” such pampering does help keep the user from making poor choices. But mental errors are still the second most likely way for Macs to come to grief.
  3. Spiritual: without doubt, Macs are far, far better protected from alien possession and demons than Windows computers. But they aren’t invulnerable.

Since physical security is the most pressing problem in the Mac world, and since few of the flood of articles and newscasts mention it, we’ll begin there.

Part I: Let’s Get Physical

There are an endless number of ways to physically kill or damage a Mac, or the information stored on the Mac. Some of them are obvious, but just because they are obvious doesn’t mean people don’t routinely ignore the obvious.

Hurricane damage

These homes, on a barrier island near Pensacola, served as expensive illustrations of what happens when you ignore physical security. Barrier islands get their name from the fact that they act as barriers to the most ferocious elements of storms: surging waters and high winds. Placing million dollar homes on a sandbar is tempting the Fates, and the Fates won: not only were the homes destroyed, even the streets, sidewalks, driveways, power poles – and personal computers -- were washed away as the Gulf of Mexico (on the right) swept around and through the homes and across the island, dumping everything into the sound on the left. (Aerial photo courtesy of National Ocean Service and U.S. National Oceanic and Atmospheric Administration)

Solid foundations: furniture

For many people, a Mac is their first computer. And, much like first parents, the owners find themselves ill prepared. Instead of lacking cribs and car carriers, first-time computer owners lack proper computer furniture, and end up putting their computers on inappropriate things.

Cables, cords and bricks

When you buy a computer, you get cables and cords. As you add additional capabilities and peripherals, you add more cables and cords, plus the ubiquitous power bricks that go with them. Not only do these cables, cords and bricks bring things together and power them, they are also among the top killers of computers. Keep in mind this simple rule:

Never, ever move or store a computer or peripheral with attached cables and cords. Unplug everything, from everything. Every time.

Inside your computer (or peripheral), the cables attach to a fiberglass motherboard. While fiberglass is reasonably strong, it is still fiberglass. When you try to move a computer with a cord or cable attached, you run a great risk of putting strain on the connection, and that strain could damage the motherboard. “Damage” in this case means “break,” which means “buy a new computer or peripheral.”

The most common explanation for moving or storing something with the cords and cables attached is laziness: the individual didn’t want to take the time to unplug everything. Obviously, this is a poor excuse for killing your computer. The second most common excuse is one of confusion: the individual is afraid they will never figure out where the cables and cords need to be plugged in.

To address the second problem, Apple carefully labels all their cables and cords with symbols. The symbols on the connectors match with the symbols on the ends of the cables and cords. Apple is also careful to make sure that, for the most part, only the proper cable will fit into a given connector.

However, returning to the laziness theme, many people simply cannot see the symbols, either because they are printed very small, or are not printed so much as molded into the plastic, or most commonly because they aren’t wearing required glasses when plugging things in. The solution: go to Staples or Office Depot or your favorite office supply company and get a labeler, and make your own labels in lettering large enough for you to easily see.

Labels are also critical for power bricks. These ugly things tend to look pretty much the same, but plugging a 3.3 amp power brick into a device that needs 7 amps will probably damage the device. Plugging a 7 amp power brick into something that requires 1.5 amps may actually start a fire. So: label your power bricks, and eliminate the ambiguity.

The final problem with cables and cords: they get in the way, and people tend to string them in awkward ways. Running a network cable across an aisle is a great way to damage two or more computers. Running cables under tables or chairs in such a way that they can be snagged by legs, feet, vacuum cleaners, pets or children can also be quite expensive, and not just to those people and pets that are snagged.

The body electric

Perhaps the most obvious need for a healthy computer is a steady supply of electricity. But “steady” means more than “it works most of the time.” “Steady” should also mean it is at the proper voltage.

Since the East Coast is prone to frequent thunderstorms, most users should forgo a surge suppressor in favor of a UPS (uninterruptible power supply). When using a UPS, your computer actually runs off a battery in the UPS unit, and current from the wall socket constantly charges the battery – until there is a power failure. At that point, your computer runs off the battery, giving you a chance to properly close up files and shut things down. A close lightning strike might fry the UPS unit, but your Mac should emerge unscathed. Some things to consider:

Once upon a time, UPS units cost thousands of dollars, and used auto and truck batteries that gave off an unpleasant, sulfuric smell. Those days are long over. You can now get a low-end UPS for under $100, and the sealed lead acid batteries give off no odor at all.

Finally: be careful when you turn your computer off. If you want to reboot your computer, use the Reboot menu function; do not simply kill the power. If you do power your machine (or any other peripheral) down, leave it turned off for at least a minute or three before turning it back on. The switching power supplies used in computer equipment should be allowed to “drain” before being turned back on; if you turn them off and on too quickly, you could destroy them. In fact, blown power supplies are one of the most common problems with Windows computers, and almost all the failures are caused by not waiting a minute or three before turning the power back on.

Cleanliness is next to data longevity

Over the years, Washington Apple Pi has seen an amazing variety of “things” that have found their way inside people’s computers. Here is a short list (and none of these are good for a computer):

As mentioned earlier, you want to keep all food and drink on a surface separate from the computer, and positioned so that any spills will not fall on the computer. Get a can or two of compressed air at a photography store (make sure it is nonflammable) and periodically use the compressed air to blow out the keyboard. Periodically, and only after shutting everything down, open up your computer and blow out the dust from inside. Your computer will be happier, and a happy computer helps make for a happy user.

And a special note on makeup: fingernail polish remover (and several other makeup aids) will damage or destroy computer keyboards, mice, cases, and in particular LCD panels.

Wear a seat belt

When the first personal computers came out, they were too complex and bulky to transport. Today, not only are laptops quite transportable, but even desktop machines are fairly easy to lug around. And moving computers is a great way to break them.

Willow Design case

Most computer bags offer very little protection for the computers. This bag, from Willow Design, is an exception: it has padded sides and ends, and the outside pockets add even more protection. When looking for a computer bag, look for high-density foam padding that will actually absorb a sharp shock. Willow Design is technically going out of business, but you might still pick up a bag from the closeout items on their Web site, http://willow-design.com/. (Photo by Lawrence I. Charters, taken with a Canon PowerShot G3 digital camera)

Operating a computer outside a home or office offers additional hazards not found indoors. For example, wind: a gust hitting a laptop screen can easily blow it off a picnic table. And water: when the park department turns on the sprinklers, they are probably unaware your laptop is resting on the grass they want to water. And motion: if you go on a cruise and take a laptop, remember that ships pitch, and roll, and vibrate. So do airplanes.

Let there be proper light

Since a computer comes with a big light – the monitor – many people tend to ignore the subject of proper lighting. There are three major considerations:

Locks and doors and Web pages

In computer security courses there is a constant emphasis on “locking up your servers in a controlled [meaning locked] space.” This same theme applies to the home or office. Protecting your computer from various environmental harms will do you little good if some thief finds it easy to simply enter and walk off with it.

Most people don’t want to bother with adding security cables and locks to their home computers. But if you live in a dorm, or share an apartment, you don’t have complete control over access to your living quarters, so a security cable and lock might be a good idea.

Less obvious, but just as dangerous: windows. The vast majority of computer thefts from homes or offices involve computers that can be seen through windows, including windows in doors. It takes just seconds to break a window and carry off a computer. One apartment in Northern Virginia recently suffered a rash of computer thefts, but from only one side of the building. It turns out the thief lived in an adjacent building, and used binoculars to look into the apartments across the street and do a little window shopping before visiting when people weren’t around.

Personal Web pages can also be a threat. If you are proud of your computer system and plaster photos of your multiple monitors, multiple CPUs, high-end sound system, scanners, etc., all over your Web site, you are essentially telling the world that “I have all this stuff.” Having done so, it is fairly easy to find your street address on the Internet, and soon a thief might have your stuff.

They’re out there

It doesn’t take any great effort to improve the physical security of your computer. Proper furniture, proper lighting, and cleanliness will make you just as happy as the computer. Protecting the equipment from electrical dips, surges, and outages is also easy to do, and inexpensive. Remember: physical security lapses are the most common threats to Macs. Apply some common sense and appropriate paranoia, and you should do fine.

Next up: mental and spiritual threats to your Mac.