
10 steps to better secure your Mac laptop from physical data theft - naish
http://www.sophos.com/security/technical-papers/mac-data-theft.html
======
silentbicycle
First, the article is actually a PDF.
[http://www.sophos.com/security/technical-papers/mac-data-
the...](http://www.sophos.com/security/technical-papers/mac-data-theft.pdf)

Some of these are of pretty questionable utility in the case of physical data
theft -- if someone has already stolen your laptop, they can extract the hard
drive and read it directly. An automatic logout with password after a couple
minutes isn't going to help much.

The important ones are to encrypt the personal data filesystem (which alone
will cover almost everything but physical theft) and the swap file (which will
make sure passwords in memory aren't swapped to disk in the clear). Also, note
that encrypting the entire drive is counterproductive, as it would provide a
large corpus for a known plaintext attack (and probably make booting really
annoying).

Not that any of this is Mac-specific, of course.

