How do you configure new MBA?

sfs244

macrumors newbie
Original poster
Aug 6, 2008
10
0
Just got my new MBA 13", upgrading from a pre-unibody MBP. What changes do you usually make to the default settings when you get a new computer, and are there any utilities/software apps you install (not talking about Adobe or anything just stuff to make computer run efficiently/more secure) when you upgrade?
 

GGJstudios

macrumors Westmere
May 16, 2008
44,427
762
Just got my new MBA 13", upgrading from a pre-unibody MBP. What changes do you usually make to the default settings when you get a new computer, and are there any utilities/software apps you install (not talking about Adobe or anything just stuff to make computer run efficiently/more secure) when you upgrade?
For security, I recommend the following:
  1. Make sure your built-in Mac firewall is enabled in System Preferences > Security > Firewall

  2. Uncheck "Open "safe" files after downloading" in Safari > Preferences > General

  3. Disable Java in your browser (Safari, Chrome, Firefox). This will protect you from malware that exploits Java in your browser, including the recent Flashback trojan. Leave Java disabled until you visit a trusted site that requires it, then re-enable only for the duration of your visit to that site. (This is not to be confused with JavaScript, which you should leave enabled.)

  4. Change your DNS servers to OpenDNS servers by reading this.

  5. Be careful to only install software from trusted, reputable sites. Never install pirated software. If you're not sure about an app, ask in this forum before installing.

  6. Never let someone else have access to install anything on your Mac.

  7. Don't open files that you receive from unknown or untrusted sources.

  8. For added security, make sure all network, email, financial and other important passwords are long and complex, including upper and lower case letters, numbers and special characters.

  9. Always keep your Mac and application software updated. Use Software Update for your Mac software. For other software, it's safer to get updates from the developer's site or from the menu item "Check for updates", rather than installing from any notification window that pops up while you're surfing the web.
That's all you need to do to keep your Mac completely free of any Mac OS X malware that has ever been released into the wild. While you may elect to use it, 3rd party antivirus software is not required to keep your Mac malware-free.
For maximizing performance, this may help:

Use iStat Pro (free) or iStat Menus ($16) to get accurate readings of your battery, temps, fan speeds and much more.

This may be useful:

Helpful Information for Any Mac User
Portables Fast Start: The New User's Guide to Apple Notebooks
 

Mrbobb

macrumors 601
Aug 27, 2012
4,989
194
One of the first thing when I got my brand new machine was to install Carbon Copy and made a back up of my Clean OS to an external drive. Subsequently I'd make regular images of the OS (12G clean, 18G with apps), so whenever I feel anything weird, just restore to last known-to-be-good. I have read one can do that with Time Machine but with anything that does incremental backup I don't trust it. Because infection is a way of life no matter how careful one is and I don't feel like be on my tip toes and working for the dang machine instead of it working for me. Restore to last known-to-be-good image, 15-20 mins and am back in business.

This method also allows u to "go back" to an earlier OS, in short order. The latest OS update may not be the greatest as less informed people tell you. U got a saved image, going back is easy-wizzy.

Ur mileage may vary.
 
Last edited:

jsgreen

macrumors 6502
Nov 27, 2007
366
3
NH
Also set an EFI (Firmware) password, prevents people from re-installing the OS and wiping the drive.

Turn on FileVault drive encryption

Also check out services like Crashplan for online backup
 

sfs244

macrumors newbie
Original poster
Aug 6, 2008
10
0
Wow really good suggestions and thanks for the quick response! I have filevault on my current machine and java off, but had no idea about the other things to check...glad I asked
 

Frosties

macrumors 6502a
Jun 12, 2009
982
116
Sweden
Wow really good suggestions and thanks for the quick response! I have filevault on my current machine and java off, but had no idea about the other things to check...glad I asked
My advice is the app store program 1password if you use hard and long passwords.

Please let your dns servers be those with fast and correct look up. For most people that is your local service providers dns servers. Skip the opendns servers.

Better yet don't change your internet settings from advice given by a user that has no clue about your network.
 

GGJstudios

macrumors Westmere
May 16, 2008
44,427
762
Please let your dns servers be those with fast and correct look up. For most people that is your local service providers dns servers. Skip the opendns servers.
Frequently, the DNS servers provided by local ISPs are not the fastest available. The OP didn't ask about speed, but security. For that reason, the OpenDNS servers are recommended, as they enhance security over many other DNS servers. If performance is the primary goal, as stated in the link I posted:
As an alternative, you can use namebench to find the fastest DNS servers available for your computer.
Better yet don't change your internet settings from advice given by a user that has no clue about your network.
It is not necessary for someone to know about your network to make an intelligent recommendation about DNS servers.
 

Frosties

macrumors 6502a
Jun 12, 2009
982
116
Sweden
Frequently, the DNS servers provided by local ISPs are not the fastest available. The OP didn't ask about speed, but security. For that reason, the OpenDNS servers are recommended, as they enhance security over many other DNS servers. As stated in the link I posted,

Yes, it's a statement not a fact. If you think your service provider have bad security when it comes to the backbone of internet. Namely the dns servers then leave that service provider. RIGHT NOW!


It is not necessary for someone to know about your network to make an intelligent recommendation about DNS servers.
Taking baseless advice from a post regarding something as important as dns servers is not good.

Anyway, you just hit a nerve. I have seen this pasted advice here before and it goes against basic network security. EOL
 

GGJstudios

macrumors Westmere
May 16, 2008
44,427
762
Taking baseless advice from a post regarding something as important as dns servers is not good.

Anyway, you just hit a nerve. I have seen this pasted advice here before and it goes against basic network security. EOL
If you took the time to click the links and read, you'd know the advice is not baseless and why OpenDNS servers are recommended. Which DNS servers you use has nothing to do with what network you are on. You have offered no facts to show why OpenDNS servers are not a wise choice. Simply claiming something in bold text doesn't make it valid.

Yes, it's a statement not a fact. If you think your service provider have bad security when it comes to the backbone of internet. Namely the dns servers then leave that service provider. RIGHT NOW!
Your post suggests you have a bit more to learn about the role DNS servers play and about the process of selecting them.
 

Frosties

macrumors 6502a
Jun 12, 2009
982
116
Sweden
If you took the time to click the links and read, you'd know the advice is not baseless and why OpenDNS servers are recommended. Which DNS servers you use has nothing to do with what network you are on. You have offered no facts to show why OpenDNS servers are not a wise choice. Simply claiming something in bold text doesn't make it valid.
My use of bold text was just made to differ from your text. Nothing more. I challenged your statement regarding dns security. Clicking on a link to a statement that is copied in a post is no better than reading it in a post directly. It's just the same statement over again. OpenDNS can be fine to use. But your statement that their dns servers are more secure is just a statement. Opendns servers are not better secured, than say sunets dns servers. Have opendns one of the seven keys to the internet?

Search the phrase "Key To The Internet" for more info.

And if a network had unsecure dns servers leave that network in total. Staying with a unsecure network is just stupid and shouldn't be given as advice.
 

GGJstudios

macrumors Westmere
May 16, 2008
44,427
762
My use of bold text was just made to differ from your text. Nothing more. I challenged your statement regarding dns security. Clicking on a link to a statement that is copied in a post is no better than reading it in a post directly.
Apparently, you still haven't read the post to see why OpenDNS does provide security that some other DNS servers don't. Since you don't appear inclined to click the links I've provide and read, I'll spell it out for you:

OpenDNS Community > Blog > Worried about Mac malware? Just set up OpenDNS.
OpenDNS — security and DNS provider of choice for 2% of all Internet users — is blocking the Flashback Trojan, or what’s being described as one of the single biggest Mac security incidents of all time. As OpenDNS does in cases of very large scale attacks like this, the protection is included in Premium DNS and completely free to users. People not yet using OpenDNS need only to set up the service on their wireless router, computer or device to secure their computers and devices from the attack.
But your statement that their dns servers are more secure is just a statement.
It's not just a statement. It's fact. Read above.
Opendns servers are not better secured, than say sunets dns servers.
I didn't attempt to survey all DNS servers in existence. OpenDNS servers are better than many and are well known. I never suggested that they are the most secure servers in existence or that there might not be other alternatives. They are better than many, and therefore merit a recommendation.
And if a network had unsecure dns servers leave that network in total. Staying with a unsecure network is just stupid and shouldn't be given as advice.
You don't need to leave an ISP just because its DNS servers aren't secure. You don't have to use the DNS servers offered by your ISP. You can use any DNS servers you choose. You should never leave your computer's security up to your ISP, anyway.
 

Mrbobb

macrumors 601
Aug 27, 2012
4,989
194
I probly wont encrypt anything, the world is not *that* interested in my life! :)

The stuff I put in the "cloud" maybe... just so that they don't know who to spam.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.