Customer Reviews

Mac Security Bible

5 star:		(33)
4 star:		(6)
3 star:		(1)
2 star:		(0)
1 star:		(0)

 

 

This is definitely a book written by and for tech-heads. I consider myself a little bit of a geek, having used Macs for design, video and educational purposes since the mid-1980's. If not a full-fledged geek, I am at least very comfortable managing and administering my Macs myself with few serious mistakes or issues over the years. Even with this comfort level, I found that this book provides vastly more than I would or could ever use.

Perfect for an IT person or a user who needs to understand every (metaphorical) nut and bolt in his or her system, but if you are just looking for some tips on how to tighten up the basic security of your Mac, this book may end up being a bit more than you are interested in digesting.

That said, the writing is clear, concise, and meticulously organized. The parts that addressed my areas of interest were very well presented and easy to understand, but I definitely bit off more than I am interested in chewing when I ordered this book.

I have been using a Mac for going on 20 years. Right now, I've got two running for business use and a handful around the house, including one hooked up for TV streaming. So I am very comfortable with Macs and don't feel shy about noodling around under the hood. And I have more or less bought into the conventional wisdom that Macs are inherently more secure than PCs, so a 900-page book on Mac security seemed a bit over the top.

And then I cracked Kissell's book.

Over the top it is not. Sure, there is lots of stuff in here that even a hard-core, desktop only user can skim (e.g. certificates, Terminal and loads of stuff on Mac OS Server), and there is plenty that anyone with their head screwed on half-straight can just skip (backing up, setting up secondary user accounts, etc.). But each user has different needs, and Kissell plays no favorites. He delves in just deep enough on all fronts to make this book invaluable to everyone, from the newbie to the bithead. The chapters on securing your web browsing, avoiding malware, and securely deleting files ought to be required reading. And the detailed explanations of how to secure wired and wireless networks are important for anyone who has this responsibility. Throughout, the writing is very clear, the instructions cogent and well-illustrated.

The bottom line is one Kissell notes early on: "by far the biggest threat to Mac security is you"... you and conventional wisdom, that is. Complacency is your enemy and ignorance of the dangers lurking out there is nothing like bliss. Yes, a Mac is far and away a more secure and safe machine than a PC. But "more secure" is not enough. There are plenty of areas for vulnerability, and with this book and an hour of two reading the bits most relevant to you, you can lock down your Mac and prove conventional wisdom right.

Regarding an operating system which has had exactly NO viruses (in the wild) since its introduction, you would think it impossible to write 900 pages (including index) on security for the Macintosh. In the "The Mac Security Bible," author Joel Kissel, has done just that and has justified his efforts by providing a thoroughly comprehensive guide. There is much more to security than immunizing a machine or network from viruses. In regard to most other security vulnerabilities, the Mac is no less susceptible to hardware threats, social engineering attacks, network snooping, password cracking, and more.

The author is aa accomplished book writer and authors articles for MacWorld magazine, Tidbits, and others. He writes in amazing scope and depth here on technology topics without being ponderous. The book is written in plain English, straightforward and systematically, and covers both OS 10.5 and 10.6 (Leopard and Snow Leopard). Most sections of the book are heavily cross-referenced with in-line references to topics elsewhere in the book or online sources.

The book is framed by three major foci: protecting hardware, data, and privacy; understanding threats and their solutions; and balancing risks versus ease of work. There are five parts dealing with Mac security basics, privacy, network security and sharing resources, OS X server issues, and advanced security topics. Problems and solutions dealing with Apple's MobileMe cloud services system and other online services are covered as well as running Windows in the Mac. The book is not meant for enterprise situations but for the ordinary Mac user, although the coverage is deep, advanced, and provides more than enough information and guidance for even the most technical geeks. Kissel has a pragmatic approach to security, wanting to balance the best security measures against the trade-off to convenience and workflow. "Best practices" don't always fit the ordinary user.

Part One is a broad security overview of the Mac, dealing with preventing physical threats, securing user accounts, making security settings, using the Keychain application, securing security over networks, and backing up. Kissel provides a useful seven items checklist To Do Now!

The second part deals mostly with application security of e-mail, chat, VOIP, Web, VPNs, the Keychain, and encryption. Up to this point, casual Mac users can readily follow the discussions and take actions to protect their machines and networks while geeks could be a bit bored. But that ends as the depth and complexity develops in the later parts dealing with wired versus wireless issues, advanced firewall setups, configurations using logs, scanning networks, doing monitoring, checking file integrity, vulnerability scanning, and forensic investigating.

Part five covers issues with OS X server, and provides details about third-party applications and solutions to security problems. Much of the material is of a high technical level covering Directory Services, SSL certificates, file sharing, and other network services.

The book is a heavy thick item with easy to read text, many grayscale screen shots (mostly of configuration windows), with a handful sidebars on incidental matters - insurance issues, scripting, and an interesting discussion and explanation of "cold boot" attacks. This is where RAM chips are cooled by gas to preserve volatile memory long enough to pull data from them even when the machine is off. Who thinks these things up anyway!

(FTC disclosure (16 CFR Part 255): The reviewer has accepted a reviewer's copy of this book which is his to keep. He intends to provide an honest, independent, and fair evaluation of the book in all circumstances.)

I've been using computers since the late 90's,there are six I use daily but up until now I've only used Windows PCs and I just recently added a Mac to my computers.

The difference between doing things on my new Mac with my PC corrupted mind was driving me crazy and I have NO Mac friends I can ask, only PC halfwits like myself but with this amazing guide to help me,I'm beginning to see the light.

This well put together guide covers a ton of subjects that I need to understand now and reading the contents I feel confident that I will have the information I need when required in the days to come.

I'm really blown away by this book and as friendly as it is for a Mac newbie like myself,I feel confident that longtime Mac people will like it too.

Mac security? Just turn on the firewall, right? Wrong. This huge Bible-series volume, written for the intermediate to advanced user, describes the many areas of security that a Mac user should be concerned about from file security, to intrusion protection, to vulnerability of Wi-Fi networks.

Heavily illustrated with screenshots, Joe Kissell often refers to 3rd party programs, both freeware/shareware and commercial, that can assist in providing various security functions. Of great benefit due to the size of the book are the frequent "Cross-Ref" callouts to other chapters in the book. These make it easier to dip into the book where needed without having to read the book cover to cover.

I have to take off one star for two issues:

First, some of the most critical information is just blended into long paragraphs, but should be called out in bright lights, such as a sidebar or at least a bold font. Examples of this run throughout the discussion of passwords, keychains, firmware passwords and booting from an installation CD or external drive, but also in the discussion of FTP, VPN, SSH, firewalls and more. Related to this, the author often does not wrap up each presentation with a bottom line conclusion of risks and recommendations. In some cases, it is as if he does not want to expose a severe weakness by explicitly calling out the exploitation sequence.

Second, in spite of the 900 page length of the book, it is often incomplete. As one example, in the discussion of encrypted disk images, the use of sparse bundles is mentioned only in passing and not used for the illustration, even though only sparse bundles make sense for use with Time Machine, or online services such as dropbox. Another example is that the discussion of SSH as a means of securing certain connections contains no meaningful examples of how to do so. The VPN chapter refers back to the SSH chapter as providing an alternative to VPN for certain communications, but there really isn't anything there. The VPN section does not make clear that every OS X client has a VPN server built into it (or how to set it up), only mentioning the OS X Server functionality.

If you are a serious Mac user or an IT person, do get this book. I wager that you will learn enough that you do not already know to make the purchase worthwhile.

Mac Security Bible is an outstanding reference that belongs on the bookshelf of any administrator who has responsibility for supporting Macs. It's also great for anyone who has been designated the Friends And Relatives Technical Support person by their Mac-using friends and family.

I spent the last 15 years of my career providing technical, administrative, and network support for about 300 Windows users in 35 locations using everything from dial-up to duel T-1 connections. I had shelves of books on desktop, server, and network administration. The Mac Security Bible may be the the most comprehensive and clearly-organized book of its type I have ever used.

The book is clearly written and, to me, easy to understand. There have been at least two occasions in the past year when the Mac Security Bible would have been a great help in solving problems on my own home network. I do not think, however, that it will appeal to any but the most highly-motivated beginning or ordinary user. To this day, the first question I ask when someone calls or emails me with a problem is: "Did you try re-starting the computer?" There are very few users who know or want to know anything beyond the basic use of the applications they work with day-to-day. You can put an excellent 900-page Mac Security tome in front of them, but you can't make them read it or heed it.

For those of use who provide professional or personal technical support or who have complex home networks, Mac Security Bible is the most welcome addition to our reference collections in a long time.

The title says it all, Mac Security Bible!! This is not just a 900 page book. This is an incredible resource that you will refer to time and time again. It is divided into 5 parts from a basic overview of privacy and security on your Mac to the more advanced processes in securing your networks, your servers, encrypting data, problem-solving, etc. This book also confirms the built-in strengths of the Leopard and Snow Leopard Mac OS X and the challenges they pose to those wanting to do you harm.

Joe Kissell uses lots of practical examples, screenshots, cross-references and summaries to walk you through keeping your Mac safe and secure from malware, viruses, hackers and even theft. This books shows you how to be smart if you work in a big office or you use public wifi hotspots, internet cafes or simply operate from home. Joe gives you seven tasks you need to do right now which address key security issues of the Mac OS X.

If you want to be proactive and keep your data and your computer as safe as possible, this Mac Security Bible is for you.

Writing a good technical book is something of a balancing act. It must be detailed enough for seasoned professionals to find it useful, yet accessible and friendly enough for the average user. It should be comprehensive but avoid the "everything but the kitchen sink" approach that destroys indexing and readability. Ideally, it should teach the reader something the first time through but still be worth re-reading, holding its value as a reference. I am happy to report that Joe Kissell's Mac Security Bible passes all these tests with flying colors.

This 900-page tome thoroughly covers all aspects of Mac security from keychains to Kerberos with specific examples from Mac OS X 10.5 and 10.6, but teaches security fundamentals and best practices applicable to any platform. Part one of the book (basics) should be required reading for every Mac user; more advanced users will find value in parts two and three (privacy and network fundamentals); and administrators will benefit from parts four and five (advanced security and OS X Server). The only negative this book has is that it does not cover OS X 10.7 - because it isn't out yet!

Note for Kindle users: this book does not come with bundled software, so I recommend the electronic edition just as highly. Let price and personal preference be your guides.

About a year and a half ago, I made the decision to switch from PCs to a Mac. One of the sales pitches I received about the Mac was that it would be virtually impossible for me to pick up malware and viruses on the Mac. Apple technical support echoed the same sentiments. That's certainly what I wanted to hear and the sale was made. I adore my Mac, but for the past year and a half, I have wondered if the Mac is as secure as the salesperson and Apple Support implied. I wondered if I already had malware and viruses present on my Mac. I went to my local bookstore countless times and I could not find a book that specifically addressed Mac security. But I got very lucky- I was offered this book through the Amazon Vine program and I jumped at the opportunity to review it. And guess what? the Mac's reputation for not being a target of malware and viruses is an urban myth. Just not true!

The author Kissell has pulled off the impossible with the Mac Security Bible. No matter what your level of computer knowledge is, there WILL absolutely be many things in this book that will be very helpful in keeping your Mac safe and secure. If you're a beginner with the Mac, you will find a lot of very helpful information. And if you're an absolute Mac computer geek, there are parts of the book that are for those folks. So whatever your level, this book has something useful in it for everyone. And don't let the length of the book scare you. This is not a book that you read from cover to cover, rather you can skip around and find topics and recommendations that resonate with you and skip the parts that aren't for you.

I think this is an absolutely magnificent book and I could not recommend it more highly.

First off, even though the book states that it is meant for the beginning to advanced Mac user I would not recommend this book as a first line of learning for a new Mac user or beginning computer user. You may be overwhelmed.

Most people firmly believe that owning a Mac is much safer than owning a PC and that owning a Mac makes getting a virus much less likely. While this is true, there is no room for complacency in the world of technology as the Mac user base grows and security and virus propagation becomes more necessary and complex.

While the incidence of Mac viruses is extremely low it does not mean that Mac users are immune to security risks and shouldn't be vigilant. This book explores ALL aspects of Mac security even from a physical and material aspect such as laptop theft. Who wouldn't want to steal your pretty, and pricey MacBook Pro? The Mac Security Bible shows you how to protect yourself from even THAT kind of theft. That's important.

The Mac Security Bible delves into issues from simple password management to topics as complex as Securing a Mac OS X web server and even more advanced issues such as forensic inquiry into what might have went wrong if hacked, etc. The book can get advanced and the reader may or may not need all of the advanced material in the Bible ... but it's there if needed or wanted.

In sum, this is a GREAT book that shows the everyday Mac user how to better lock down their computer and help them to ensure that they are using it in a way that helps to keep data and network information safe. For those who want to explore under the hood even more than basic access, file encryption, password, etc ... there is a lot more.

Great book and I would recommend it for someone who is truly interested in delving more deeply into the area of Mac Security. For the new user although the book is very well presented and layed out, it's 900 pages could be overwhelming. This book is a true technical book without fluff and chatter. This is not written in a style like the "Books for Dummies" or "Learn Whatever in 24 hours" - instead it's written in a way that can be applied immediately and learned and referenced along the way. The author starts right off with "Things you should do right now" ... my kind of book. Right down to it!

5 stars.