Interview with Nicholas Raba, co-author of “Maximum Security 4/e”
Who is Nicholas Raba? Introduce yourself to our readers.
Call me Nick. I’m the author of SecureMac.com, a site devoted to Macintosh security. This site has allowed me a outlet to report my findings and the finds of others dealing with insecurity and enhancements of security for the Macintosh.
How did you gain interest in computer security?
Having an interest in hacking, and how things worked taught me the insecurities, using that same information educated me in what to do right that others have done wrong when it came to security measures.
Do you have any favorite security tools?
MacScan, an application developed by SecureMac.com to audit the Mac computer for spyware.
What operating system(s) do you use and why?
Apple’s Classic Operating System is still a favorite by me and is still used, both in security auditing practices and everyday uses.
Mac OS X is my new favorite operating system, since I first got my hands on this OS I fell in love. The greatness of the Mac OS I was used to (enhanced of course) tied together with the UNIX. Controlling your Macintosh via terminal application, a fun powerful feeling.
How long did it take you to complete your part for “Maximum Security 4/e“and what was it like?
Since I revised 3/e I knew what I was up against, and during the two books I also created my own manuscript for a book devoted to Macintosh security, the hard part was keeping the chapter short enough and picking out the right topics.
In your opinion, what are the most important things an administrator has to do in order to keep a network secure?
Keep up on the latest security news, follow the hacking scene and keep the systems up to date without running any unneeded software and to audit log files for any possible irregularities.
What’s your take on the full disclosure of vulnerabilities?
It’s a double sided sword in many cases. If you release full disclosure of the vulnerability you have a lot more people trying to exploit flaws at a quicker level but you also have administrators up and active in finding fixes and pressuring venders to release fixes fast.
What advice would you give to people starting to learn about Mac security?
Learn the OS inside and out by itself, see what the system has to offer towards security that is already in place. With Mac OS X it will be good to have some knowledge of UNIX also to take advantage of the terminal console application.
What are your future plans? Any exciting new projects?
Development of MacScan is wrapping up as we’re getting prepared to release MacScan 1.0 and a plethora of new reviews will show upon the SecureMac.com site about current software and security hardware for the Macintosh.