Spook Security Guides

If, like me, you worked for an NGO under constant surveillance by large governments and an under-assault investment bank, you’ve tended to become a little paranoid about security over the years.

The Spooks, the US NSA, actually has some excellent guides on securing systems, software, databases and hardware . Good stuff and very useful and practical.

I’m currently going over their recently released OSX Security Configuration guide redacted (pdf) and have to say it is quite impressive. Excellent stuff on the usual unix security and some excellent coverage of OSX specific stuff (beyond its excellent default security config) like FileVault and Keychain. Especially good if you’re a security whiz on Linux but need to know details on the differences with OSX.

Anyone else wish they’d designed Filevault to aim at specific folders on your home directory rather than the entire thing? Maybe in Tiger…