The digital world has never seemed more riddled with danger, even as Apple has done a fairly remarkable job across decades at keeping our Macs safe. But the best foot forward with security is staying abreast of past risks and anticipating future ones. Take Control of Securing Your Mac gives you all the insight and directions you need to ensure your Mac is safe from external intrusion and thieves or other ne’er-do-wells with physical access.
Security and privacy are tightly related, and Take Control of Securing Your Mac helps you understand how macOS has increasingly compartmentalized and protected your personal data, and how to allow only the apps you want to access specific folders, your contacts, and other information.
Also available: You can save money by buying this book as part of a three-book bundle, which also includes Take Control of Wi-Fi Networking and Security and Take Control of iOS & iPadOS Privacy and Security. Buy all three books for $25.78, which is 40% off the combined cover prices of $42.97. Add 3-Book Bundle to Cart
Here’s what this book has to offer:
- Master a Mac’s privacy settings
- Calculate your level of risk and your tolerance for it
- Learn why you’re asked to give permission for apps to access folders and personal data
- Moderate access to your audio, video, and other hardware inputs and outputs
- Get to know the increasing layers of system security in Ventura and Monterey
- Prepare against a failure or error that might lock you out of your Mac
- Share files and folders securely over a network and through cloud services
- Set a firmware password and control other low-level security options to reduce the risk of someone gaining physical access to your Mac
- Understand FileVault encryption and protection, and avoid getting locked out
- Investigate the security of a virtual private network (VPN) to see whether you should use one
- Learn how the Secure Enclave in Macs with a T2 chip or M-series Apple silicon affords hardware-level protections
- Dig into ransomware, the biggest potential threat to Mac users, but still a largely theoretical one
- Decide whether anti-malware software is right for you
- Discover new security and privacy technologies in Ventura, such as Lockdown Mode and passkeys
What’s New in Version 2.3
This update incorporates changes related to Apple’s support of industry-standard hardware encryption keys for Apple ID starting in early 2023, and the broader rollout of support by websites for such keys across the internet. The changes appear throughout the book, though particularly in “Protect Your Secrets” and “Recover Access to an Account.”
I’ve also updated a topic in “Protect Your Secrets,” “iCloud Keychain Security for Synced Data,” to include details about the weakness in Apple ID password resets documented by the Wall Street Journal in situations in which someone else obtains your iPhone and its passcode through observation, drugging, or violence.
This version also includes minor changes related to the rollout of certain features, such as ADP becoming available worldwide.
What Was New in Version 2.2
Apple added a major iCloud security update that is relevant to your Mac security: Advanced Data Protection. This version of the book contains updates that reflect the ADP encryption option briefly in “Share Carefully via Cloud Services,” and more expansively across a new section, “Enable Advanced Data Protection.”
You can now also use a Mac, iPhone, or iPad to disable access to iCloud-synced data at iCloud.com. See “Access ADP-protected Data via iCloud” in the above section for instructions.
You can now disable iCloud Private Relay in Safari for a single site in a tab. See “Protect Anonymity via a Private Relay.”
What Was New in Version 2.1
This update added two sidebars about fixing Privacy permissions for apps in macOS when everything has gone wrong: the first requires the use of Terminal; the second, a super-strength method when the first fails, has you restart in Recovery mode. See “Fix Broken Accessibility and Similar Permissions” and “The Super-Strength Way To Fix Privacy Permissions.”
This version also checked in on the shipping release of macOS 13 Ventura in late October 2022. It contained no surprises as regards the contents of this book. But it did remove the “beta” label from iCloud+ Private Relay (a note removed from “Protect Anonymity via a Private Relay”) and fixed a bug in adding credit cards to System Settings > Wallet & Apple Pay (a warning removed from “Apple Pay Valid Only for a Single User”).
What Was New in Version 2.0.1
Apple used to offer relatively limited user controls over items that launched at startup. This led me to omit coverage in previous versions of this book. But I realized after the release of the second edition that macOS 13 Ventura was so much better at exposing login items and background items that they deserved their own section, added in this update. See “Launch Items.”
I missed describing one aspect of Lockdown Mode in the initial release of this edition: how the mode affects browsing in Safari and managing sites you choose to exclude from Lockdown Mode. See the updates in “Deploy Lockdown Mode.”
I also added a short explanation of some icons you may see in the menu bar when an app uses your location (see “Configure Your Mac’s Privacy Settings”) or the camera or microphone on your Mac (see “Control Center Display of Recent A/V Use”).
What Was New in the Second Edition
This edition of the book brings the title up to date for the upcoming release of macOS 13 Ventura, expected in fall 2022. Apple dramatically overhauled the organization of system-wide settings. First, they replaced System Preferences with System Settings. Second, they redesigned the general interface for each pane, often replacing checkboxes with switches. Third, they reorganized preferences: many settings are now in completely different places or new Settings panes from where they were found in Monterey and, in some cases, all the way back to macOS 10.0. Throughout the book, I include the necessary instructions for finding a setting for both Monterey and earlier releases and then separately for Ventura.
One important thing to look out for:
- In Monterey and earlier within System Preferences, when a pane needs to be unlocked to make changes, you click the lock icon in the lower-left corner and then use Touch ID or enter an administrator password to modify privileged settings.
- With Ventura’s System Settings, you now often click a button or icon first, and then receive a prompt to use Touch ID or enter a password. The lock icon has gone missing—it’s joined Clarus in the Icon Garden.
Ventura also added or updated these significant features for privacy, sharing, and security:
- Sleeping and locking your Mac: Ventura distributes settings relating to screen locking, screen-saver activation, and password controls among three System Settings panes. See “How to Sleep or Lock Your Mac” for help understanding those new interactions.
- Standard user is for other people: I’ve updated my advice about creating a standard user for your day-to-day Mac interactions as Apple has matured beyond that. You can safely use an administrator account, but see “Set Up a Standard Account for Others.”
- Where to find network settings: The Network preference pane has a whole new look and top-level organization in its transformation to Network settings. See near the end of “What’s Your Risk of Internet Intrusion?” for how to find an IP address and other details.
- iCloud Drive sharing: Ventura overhauls the frankly outdated and wonky approach to sharing files with others from iCloud Drive. The new look is streamlined, putting all the options in a single place. Apple also added support for third-party extensions. See “Share iCloud Drive Items in Ventura.”
- Lockdown Mode: Added in iOS 16/iPadOS 16 and Ventura, Lockdown Mode is a new protective measure you can take if and when you’re concerned about being a focused target of criminals, a repressive government, or even a company attempting industrial espionage. See “Deploy Lockdown Mode” for details.
- Passkeys: Apple also added support in updates to their operating systems for an industry-compatible way of logging in with a high degree of security that doesn’t involve typing in passwords or managing two-factor authentication codes. Passkeys use public-key cryptography to offer strongly encrypted, unique logins for every site you visit that supports them. See the updated section on passwords that now incorporates passkeys: “Protect Your Passwords and Passkeys.”
- USB protection: Apple brought an enhanced USB authentication mode from iOS/iPadOS to macOS. Whenever you plug in a USB or Thunderbolt device in Ventura, you’re prompted by default to approve it the first time. You can set other behavior. See “Control Adding USB and Thunderbolt Devices.”
Finally, Howard Oakley at Eclectic Light discovered Apple had updated in the last six months how its silent XProtect anti-virus system works. Howard found that the introduction in macOS 12.3 of a new tool has led to frequent, active scanning to known malware. See “Apple’s Built-in Protections.”