Mastering Terminal To Hack For Better Security [OS X Tips]



Well, so far this week, we’ve shown you how to tweak the Finder and change up some user interface types of things, all using the power of Mac OS X’s Terminal app, a window into the back end of your Mac. Today, we’re going to spend a little time with the Terminal commands to make your Mac just a bit more secure and private.

Erase Free Hard Drive Space Securely
Even the NSA won't be able to see what's in your free space. Hopefully.
Even the NSA won’t be able to see what’s in your free space. Hopefully.

When you delete files from your Mac’s hard drive, they don’t actually go anywhere. What gets deleted is your Mac’s ability to use them in any functional way. When new files are put on the Mac, they might (or might not) overwrite some or all of the older, already-trashed files. To keep your files private, you might want to securely delete files from the Trash, and you might also want to delete all the files from the free space on your Mac.

To do so, simply type or paste the following command into Terminal:

diskutil secureErase freespace 3/Volumes/hard-drive-name

Replace “hard-drive-name” with the actual name of your hard drive, and then hit enter. You’ll get a progress bar, and if you have a big drive, it will take some time, as it overwrites each sector 35 times, five times as much as the US Department of Defense recommends, so you can assume it’s safely removed. This will get rid of any lingering files that you’ve already thrown away on your Mac, but didn’t do so securely.

Reset Privacy Data On Your Mac
Less sharing = more privacy.
Less sharing = more privacy.

We all add new apps all the time, and in our socially-networked world, it’s hard not to jsut give the apps the permissions they need to run, and then move on. Sometimes, though, you might want to just revoke all app access to your private data and start over from scratch. In OS X 10.8 Mountain Lion, you can use Terminal to do just that. You’ll be revoking access to specific data services for all apps, one data service at a time. So, to revoke access to the Address Book, for example, you’ll want to enter the following command into Terminal:

tccutil reset AddressBook

This should revoke all access to Contacts data from your Address Book. For something like your Location Data, enter the following:

tccutil reset CoreLocationAgent

You can get a full list of these types of services by typing

launchctl list

into Terminal. There is, of course, a Privacy preference pane in the System Preferences app, but this is a bit more direct. And geeky, too!

Reschedule Time Machine Backups
Seriously, every FIVE minutes? That's a bit intense.
Seriously, every FIVE minutes? That’s a bit intense.

A core feature of any data security plan is the backup system you use. Mac OS X’s Time Machine backups are fantastic and automatic, making sure your stuff is backed up on the fly, every hour. If you want to change the interval at which it backs your stuff up, however, you can do that via Terminal. Simply enter the following command into your Terminal app.

sudo defaults write/System/Library/LaunchDaemons/ StartInterval -int 1800

You’ll need to enter your admin password here as you’re invoking the Super User command, sudo. The 1800 there at the end will change your Time Machine backups to every 30 minutes, as it is an interval of seconds. To change it to back up every 15 minutes, use 900 in that spot. If you want to change it back to every hour, simply replace the 1800 in the above command to 3600.

Source: MacTuts