There’s a pretty cool feature included in iOS that lets you run your iPhone in James Bond mode, causing the device to self destruct if an incorrect password is entered 10 times concurrently.

Ok, well it’s not really called James Bond mode and it doesn’t actually self destruct, but it does erase all the data on the iPhone, which is basically the digital equivalent.

Make iPhone erase all data contents after failed password attempts

Enabling this feature will cause the iPhone to erase all data on the device after 10 failed passcode attempts have been entered.

• Tap on “Settings”
• Tap on General
• Navigate to and tap on “Passcode Lock”
• At the bottom, switch “Erase Data” to “ON”

This is a great feature to enable if you are worried about theft or losing your iPhone and your iPhone has a lot of private data on the device that you don’t want in front of some prying eyes. Just be sure to backup your iPhone before enabling something like this, just in case!

I was recently looking around for a Mac OS X GUI to IPFW and came across WaterRoof. If you’re looking for a nice powerful GUI frontend for Mac OS X’s built in firewall IPFW, look no further, WaterRoof is free and simple to use. Using WaterRoof you an easily add, build, and modify ipfw rules quickly and easily.

Here is the full feature list of WaterRoof from the developer:

* uses Mac OS X built-in IPFW firewall. No kernel modules, no extensions, no pain. WaterRoof is free and open-source
* the most advanced Mac OS X free graphic frontend for ipfw now features a new, clean interface. WaterRoof lets you create, modify, delete, move ipfw ipv4 and
* ipv6 rules very quickly.
* build ipfw rules easily with the new simplified interface and the IPFW Rules Translator. Building ipfw rules now is easier than ever
* Backup and deploy firewall rules with WaterRoof Injectors
* Quick dns reverse and whois queries with copy/paste
* manage network bandwidth with dummynet pipes and queues
* check live dynamic rules created by stateful firewall rules
* watch and parse firewall logs, create raw and graphic statistics
* look at active network connections, block them or limit their bandwidth on-the-fly
* list all applications that make network connections
* manage Network Address Translation (NAT) daemon: create a dual-homed firewall/nat/router with port redirection and forwarding; deploy NAT settings using
* WaterRoof Injectors
* import rules from NoobProof Injectors
* keep your favourite firewall rules active at system boot; import/export rulesets
* explore and test ipfw with configuration wizard and ready rule sets
* compatible with Mac OS X Server 10.5 .
* requires Mac OS X 10.5 or 10.6

Download WaterRoof now
Developer home

If you use FileVault and QuickLook you may want to know that the combination of the two may leak some sensitive information from encrypted volumes. Reader Jack R. sent in the following tip, explaining the situation further:

When FileVault and QuickLook are used concurrently, information about what files are stored on the encrypted volume becomes available and completely unencrypted on your hard drive. This is due to QuickLook’s thumbnail caching that is stored within the /var/ directory. Run the following command to see the size of the QuickLook cache to demonstrate the potential:
find /var/folders -name "*QuickLook*" -exec du -h {} \; 2>/dev/null

The worst case scenario is the potential for exposing file names and even QuickLook thumbnails of documents and images. There’s also a sqlite file called index.sqlite within the /var/folders QuickLook cache directories that have a list of file names on the encrypted volumes.

Whether or not this is a legitimate security hole that is patchable or if it’s something I’m aimlessly worried about, I don’t know, but I am willing to bet many people don’t know about this!

Editor note: This definitely seems like a security hole. I imagine the best way to avoid this problem is to just not use QuickLook on the sensitive encrypted data, although that’s more of a workaround than a fix.

You can opt out of Apple’s new iAd location and data tracking service, which will use gathered data on you to serve targeted ads through Apple’s new iAds platform.

To opt out of iAd cookies, visit http://oo.apple.com from the device you wish to opt out with.

Note that you must be running the latest iOS 4 or you will get an error, since iAds requires iOS 4 to run. You will need to view that website directly from your iPhone, iPod, or iPad, and access the site individually per device if you want to opt each out of the service.

Without the iAds location and data tracking cookies, you will just be served generic and less targeted ads.

Personally, I don’t mind location relevant ads as long as they don’t pass on personal data, and I have even found some location based ads to be helpful in the past, so I am not opting out of the iAds cookies at this point.

Spyware is generally something you don’t have to worry about on the Mac, but TheLoop is reporting that a company named ‘7art-screensavers’ is releasing malware on the Mac platform with a series of free screensaver downloads. Apparently the screensavers themselves do not include the spyware, but they attempt to download and install the “OSX/OpinionSpy” app during the screensaver installation process. TheLoop describes the spyware behavior as follows:

Dubbed “OSX/OpinionSpy,” the spyware does a number of things on the users system including recording user activity and sending information to remote servers. The spyware runs as the root user, giving it full system permissions, and opens port 8254 on infected computers.

So what’s the best thing to do? Don’t install dubious screensavers from 7art. If you have installed any suspect screen savers, check your Mac for this particular spyware infection by seeing if the above mentioned port is being used and to see if the spyware process is running.

Check your Mac for Spyware

If you are worried your Mac has been infected by the OSX/OpinionSpy spyware, you can easily check to see if the port 8254 is in use by running the following command at the Terminal:
lsof -i tcp:8254
If anything is reported back, you may have the spyware app installed on your Mac so you’ll want to pay special attention to what is being returned by the lsof command.

Check to see if Spyware process is running:
Next you will want to check to see if a process called “PremierOpinion” is running, to do this:

* Open Activity Monitor which is located in /Applications/Utilities/
* Selet ‘All Processes’ from the dropdown menu
* In the searchbox type: “PremierOpinion”
* If there are no results, you do not have the spyware installed on your Mac
* If you see the PremierOpinion process running, you will want to kill the process and track down it’s source to prevent it from relaunching

Mac Spyware screensavers/apps blacklist

Here is the full list of screensavers to avoid installing:

• Secret Land ScreenSaver v.2.8
• Color Therapy Clock ScreenSaver v.2.8
• 7art Foliage Clock ScreenSaver v.2.8
• Nature Harmony Clock ScreenSaver v.2.8
• Fiesta Clock ScreenSaver v.2.8
• Fractal Sun Clock ScreenSaver v.2.8
• Full Moon Clock ScreenSaver v.2.8
• Sky Flight Clock ScreenSaver v.2.8
• Sunny Bubbles Clock ScreenSaver v.2.9
• Everlasting Flowering Clock ScreenSaver v.2.8
• Magic Forest Clock ScreenSaver v.2.8
• Freezelight Clock ScreenSaver v.2.9
• Precious Stone Clock ScreenSaver v.2.8
• Silver Snow Clock ScreenSaver v.2.8
• Water Color Clock ScreenSaver v.2.8
• Love Dance Clock ScreenSaver v.2.8
• Galaxy Rhythm Clock ScreenSaver v.2.8
• 7art Eternal Love Clock ScreenSaver v.2.8
• Fire Element Clock ScreenSaver v.2.8
• Water Element Clock ScreenSaver v.2.8
• Emerald Clock ScreenSaver v.2.8
• Radiating Clock ScreenSaver v.2.8
• Rocket Clock ScreenSaver v.2.8
• Serenity Clock ScreenSaver v.2.8
• Gravity Free Clock ScreenSaver v.2.8
• Crystal Clock ScreenSaver v.2.6
• One World Clock ScreenSaver v.2.8
• Sky Watch ScreenSaver v.2.8
• Lighthouse Clock ScreenSaver v.2.8

Also included in the list is an FLV to mp3 converter called ‘MishInc FLV To Mp3′ and it reportedly downloads spyware as well, so be sure to avoid that as well.

Remember this is pretty rare and only pertains to the list of screensavers/apps above, so the chance of your Mac being infected is slim at best.

If you’re like me, you store a lot of information on your iPhone that you want to keep private. You might be interested to know that by default the backups from iTunes are not encrypted and can be dug through rather freely, furthermore restoring the device and seeing all your data is just a matter of clicking the restore button.

If you’d like more security with your iPhone/iPod/iPad backups, be sure to enable the encryption feature in iTunes.

* Connect your iPhone/iPad to your computer and select the device in iTunes
* Click on the ‘Summary’ tab
* Scroll down to “Options” and click on “Encrypt iPhone backup” – it will say iPad or iPod if that is your device.
* Select a password at the prompt – don’t forget this password or you won’t be able to access your backups!
* Click “Set Password”

Now all of your backup data that is stored locally will be encrypted, which is indicated by a padlock icon. From this point forward, if you are restoring your iPhone or iPad you will be required to enter a password, and the data is no longer freely accessible by anyone with access to your machine.

I would highly recommend enabling this feature if you have sensitive data on your iPhone/iPad, or you sync your device to a computer that is not under your own control: like a work or school machine.

If you want to be absolutely sure your data is wiped clean with virtually no chance of recovery, look no further than Apple’s Disk Utility tool. The process is simple.

How to securely format a Mac hard disk drive

* Launch Disk Utility (located in /Applications/Utilities/)
* Select the drive you want securely formatted
* Click on the ‘Erase’ tab and click the “Security Options” button
* You’ll see four available choices, the second two are what we’re looking to use
* Select either 7-Pass Erase or 35-Pass Erase, depending on your needs
* Click OK

7-Pass Erase is pretty thorough and it meets the US Department of Defense standard for securely erasing media, by erasing the data then writing over it seven times. If that’s not secure enough for you, 35-Pass Erase is even more intense and provides exceptional data deletion security by erasing the data then writing over it 35 times, which should make data recovery virtually impossible. Because both 7 and 35 pass are writing over the data repeatedly, the length of time it takes to format the drive in this manner can be considerable (particularly 35 pass since it is doing this 35 times in a row), and it’s not unusual on a larger drive for this secure formatting process to take 24 hours!

Of course, if you’re not looking to re-use the hard disk, the most secure known method of wiping a drives contents from the face of the earth is to format the drive using an above method and then simply physically destroying it in a thorough manner.

PeerGuardian is a free open source tool that allows you to easily block large numbers of IP addresses in Mac OS X. It automatically maintains an internal IP blacklist to block IP’s deemed unsafe or dubious in nature, and also allows for multiple IP lists with the ability to block entire protocols. Other features include logging and maintenance tools to see what exactly is being blocked. Many people use PeerGuardian in conjunction with an extensive external IP blacklist when using P2P file sharing applications and networks to better maintain their security and privacy.

Many Mac users are surprised to note that Apple.com is a blocked IP in the PeerGuardian IP list, but HTTP and FTP traffic from Apple.com will flow through fine (ie: websites, Software Update, Apple web services, iCal, etc). This can lead to some problems with other Apple accessed servers though, like .Mac mail, some iChat traffic, and the Network Time Protocol. Of course you can manually edit the IP block list and remove Apple entirely if this is too restrictive for your needs.

If you’re a heavy P2P user, you’d likely benefit from downloading and installing PeerGuardian.

PeerGuardian developer home
Download PeerGuardian for Mac OS X now

PeerGuardian is also available as a free download for Windows and Linux if you’d like to install it on other platforms.

If you want to beef up the security on your Mac, you can try enabling the built-in firewall.

Enabling the Firewall in Mac OS X 10.6 Snow Leopard

* Open “System Preferences” from the Apple menu
* Click on the ‘Security’ icon
* Click on the ‘Firewall’ tab
* In the corner of this window, you’ll see a lock icon, click on that and enter the administrator password
* Now click on the ‘Start’ button to activate the firewall

Yes, it’s that simple.

If you want to allow certain ports, applications, or network connections, you can enter the ‘Advanced’ tab and adjust the settings as necessary. The Mac OS X firewall is quite secure by default and will block nearly all incoming connections (again, unless specified otherwise). It’s my opinion that if you’re behind a router with it’s own firewall, and on a trusted network, you probably don’t need to use the Mac firewall at all. For small home and school networks you should be fine, but for larger, untrusted, or exposed networks, using the firewall may be a prudent idea, even if the likelihood of an attack on your Mac is extremely low in comparison to a Windows machine.

It’s worth mentioning that since Mac OS X 10.6, the Firewall service has been placed under the “Security” systems preference as opposed to ‘Sharing’ as it was in prior versions of Mac OS X.

You can set Mac OS X to always securely empty the Trash just by adjusting a preference within the Finder. Here’s how:

* Enter the Finder Preferences by either going to the Finder menu and selecting “Preferences” or by hitting Command+, within the Finder.
* Click on the ‘Advanced’ tab icon
* Click the checkbox next to “Empty Trash Securely”

Now your Trash will always be securely emptied! Note this makes data recovery practically impossible.