Mac OS X Lion Security

I’ve been a PC user for years and never really thought about security of my physical kit; ie Full Disk Encryption and Encrypting Backups but also preventing the use of the system hardware if a fresh disk is inserted.

Now I’m a Mac user too and I’ve enabled some features that profess to offer good security with little impact, namely: -

• Encrypted Time Machine backups.  Does what it says on the tin; encrypted my entire USB hard disk that I use for Time Machine and on the first re-connection of said device I had to type in the password, I was then invited to store that password in my user profiles’ KeyChain for future use.  To set this up all you need to do is go into Time Machine Preferences and on the Select Disk menu tick the box to “Encrypt backup disk” then follow the wizard.  This means if my disk is physically compromised then my backup is unusable (unless somebody has my user profile too, so how to secure that? ….)

• FileVault 2 (Full Disk Encryption).  With Lion comes version 2 of FileVault and this allow you to encrypt your entire hard disk but carry on using your machine whilst doing so and quite handily, the encryption process defers resources back to usermode tasks (ie, doesn’t lag the whole system out but extends the timeline within which the initial encryption takes place).  A startup password is required and this then unlocks the entire volume for use by the core of the operating system, to applications this is all transparent as you’d expect from any proper FDE package.  This then means that the data on primary and backup (TimeMachine) hard disks are each protected even if lost / stolen together.  To set this up all you need do is go into the Security & Privacy System Preferences and in the FileVault tab click “Turn on FileVault…” and follow the wizard.  You even get a recovery key that you can store on Apple’s servers in-case you ever draw a blank with your password (I can’t see how you would being as you type it in on each boot).

• Firmware Password. Anybody with IT knowledge could steal a piece of hardware and if they’re not bothered about the data then they’ll simply swap-out the hard disk, install an operating system and off they go.  Well when a Firmware Password is set the Mac hardware will not boot any device other than the default “Startup Disk” without this password.  To set this up you must boot Lion into the Recovery screen by booting your Mac with Command (⌘) + R held down.  Once booted into this mode click Utilities and Firmware Password.  As usual follow the wizard and reboot.  No password is required to boot into the Mac normally.

With all things “security & encryption” they can add overhead so I intend to just see how it goes and report any major problems back.  If you’ve got an encryption or security story then please comment and let me know about it.

iOS 5 Battery Performance

I eagerly started my download of iOS 5 20 minutes after it went live… apparently a few other people were doing the same thing. Over 4 hours later it was installed. I played with the features for a while and was overall impressed with photo-stream, iCloud and Notification Centre.

I put my iPhone 4 on charge that night and my fiancé didn’t bother as hers was at 95% battery and normally lasted her 2 days anyhow. The next morning I sat in bed and checked my twitter, Facebook and the news and thought it a bit strange how my battery had already gone down to 89% during that 10 mins of usage. My fiancé’s iPhone 4 was on 4% !!!

After having been live for a few days it seems we’re not the only ones with this problem. Continue reading →

The future of desktop applications

Having documents stored in the cloud using online storage space such as SkyDrive has been around for a while now but being able to not only access these documents but also edit them online in a comprehensive fashion is still something that has limited functionality such as with Google Docs.  Google Docs is a great service and hugely convenient but sometimes has problems dealing with features embedded in MS Office documents.

In steps MS Office Web Apps – whilst still in “invite only” trials it appears to offer many of the features of MS Office in a streaming fashion.  By no means is this ready for public consumption and in my opinion the infrastructure isn’t there to support it yet but it is very interesting nonetheless.

Read about it on TheRegister

Twitter API put to interesting use

From time to time I see some interesting uses for the Twitter micro-blogging site’s API.  I’ve included some of these below which look fairly interesting, let me know what you think.

Tracking UK Holiday Go-ers
Vodafone UK have chosen a hashtag to trawl through Twitter’s many tweets and produce an overlay on Google maps using location data, check it out here.

Top-40 Chart
The more a track is talked about on Twitter, the higher up the chart it features – a more realistic Top-40 perhaps?  Check the chart.

US Election
Leading infographics website FlowingData mapped the US Election by the use of Tweets.

Please leave comments and suggest any others that people may find interesting.

How do

I’ve finally jumped on the blogging band-wagon – I’ll aim to do at least one post a day, each one full of interesting and wonderful stuff (honest)!

Subscribe if you would and hopefully some of the posts will interest you.