Security & Paranoia
|Access Protection||File Encryption||Firewall||Theft Deterrents||Password Managers||Steganography|
Apple - Mac OS X - Security
Electronic Privacy Information Center
Sports & Racing
Calculators & Math
Charts & Graphs
Hobbies & Crafts
iTunes & MP3
3D & Animation
Classic OS Updates
Calendars & Time
Disk & File
Files and folders dragged onto the Burn icon will be overwritten a user selected number of times with a user selected pattern, then renamed, then deleted. Both data and resource forks are deleted.
Simple-to-use Mac OS X application to store passwords or other notes securely. Encrypts with 320-bit Blowfish, includes random password generation, and a very clean interface. Uses the system's OpenSSL for encryption.
Data Guardian 1.6.2
Security and privacy are two of the most important issues in today's world; leaving passwords on sticky notes around your computer simply will not cut it anymore. Data Guardian is a secure database application with up to 448-bits of Blowfish encryption - regardless of how sensitive your data is. Create multiple databases in Data Guardian for a variety of purposes such as an address book, customer database, christmas shopping list, journal, password manager, or even notepad.
DoorStop X 2.2
Protects your Mac from outside attack
Easy-to-use interface means less chance of mistakes
Logs both allowed and denied access attempts
Enhances OS X's "built-in" firewall
Firewall Builder 3.0.4
Firewall Builder is a multi-platform firewall configuration and management tool. It consists of a GUI and set of policy compilers for various firewall platforms. Firewall Builder uses object-oriented approach, it helps administrator maintain a database of network objects and allows policy editing using simple drag-and-drop operations. Firewall Builder currently supports iptables, ipfilter, OpenBSD PF and Cisco PIX. Technical summary of features supported by the policy compilers for all platforms can be found in the section "Modules" (see menu on the left).
Being truly vendor-neutral, Firewall Builder can generate a configuration file for any supported target firewall platform from the same policy created in its GUI. This provides for both consistent policy management solution for heterogeneous environments and possible migration path.
Flying Buttress 1.4
As Apple's built-in Firewall preferences improves in both functionality and security, I will be aiming Flying Buttress more at users who need the advanced firewall configuration, logging, and IP sharing options found in Flying Buttress. There is no reason that a new or inexperienced user cannot use Flying Buttress, but Apple's own Firewall preferences will likely remain a simpler interface for configuring a basic firewall. However, if you need:
- Firewall filters that include qualifiers on host or network addresses
- Firewall filters that operate on other than TCP or UDP protocols
- Firewall filters that include the whole range of ipfw qualifiers, such as IP options, ICMP types or TCP flags
- Per-filter logging configuration, including the ability to log allowed connections and the option to not log certain types of denied connections
- NAT port forwarding or other custom NAT configuration
- Different filter configurations on different network interfaces.
- A persistant, searchable firewall log entry database with graphical log viewer
- Scriptable control of your firewall, such as via cron or other shell automation
- Access and ability to easily edit the raw firewall configuration text, including an integrated ipfw filter syntax checker.
- The ability to switch between different firewall configuration sets quickly and easily. ...then you should consider using Flying Buttress.
GlowWorm FW 1.5.2
GlowWorm FW Lite - can help you protect your privacy by enabling you to control your computer at the network level.
Through a simple system of Rules (see screenshot on the right) you can easily define the behavior that is acceptable on the basis of a particular application, host or ip address, port number, and any combination thereof, and what action to take if such an event occurs. A default set of rules is included to get you started.
GlowWorm FW Lite is a completely free download. A more sophisticated (non-free) version is planned, and feedback received regarding this free version will help guide development. Mac OS X 10.4 is required to use GlowWorm FW Lite.
What are Rules?
Rules are a means by which one can impose network restrictions upon the applications on one's computer. Each Rule specifies one of the actions: Allow, Deny, Ask. If a network event matches on an "Ask" rule, an authorization dialog window will appear, it will show you the details of the event (the application name, the remote IP address, port number, approximate geographic location, etc.) and based on that information you can make a decision about whether or not to allow it. By customizing the set of rules to strictly match the specifics of your computer use, you can have an extra level of security in place, which can alert you if an application starts doing something unexpected ("phoning home"), or a malicious program tries to contact another computer.
Mac GNU Privacy Guard (Mac GPG for short) is, after a fashion, the Mac OS X port of GnuPG, licensed under the GNU GPL. The aims of the project are to make GnuPG easy to install, develop a framework to make it easy for other developers to incorporate GnuPG functionality into their applications, write services to allow for the use of GnuPG functions in most Cocoa applications, and write a Mac GPG Keys type application so that you no longer have to go to the commandline to manage your keys. For those who don't know, GnuPG is a free OpenPGP client (PGP == Pretty Good Privacy). It can encrypt text (usually e-mail or other messages sent between people) and sign text to prove who wrote it. A further discussion of this can be found elsewhere.
GPGMail is a plug-in for Apple's Mail, providing a front-end to gpg for some operations. It allows you to read/write encrypted messages, as well as electronically signed messages.
GPGMail extends Apple's Mail application and allows you to read and send PGP authenticated and/or encrypted messages. You can use GPGMail for plain text and MIME messages, following RFC 3156.
GPGMail does not contain any encryption code: it is a client to gpg executable.
GPGMail is a complete hack, relying on Mail's private internal API. Use it at your own risks!
Gpg Tools 1.2.1
Gpg Tools is a Mac OS X graphical interface to the GNU Privacy Guard (GPG) utility. It provides approximately the functionality of the old PGPtools, and is freeware.
HenWen is a network security package for Mac OS X that makes it easy to configure and run Snort, a free Network Intrusion Detection System (NIDS). HenWen's goal is to simplify setting up and maintaining software that will scan network traffic for undesirable traffic a firewall may not block. Everything you need to have is bundled in; there is no compiling or command line use necessary.
iAlertU is the first of its kind alarm system for your Apple MacBook computer. Basically iAlertU is a car alarm for your Mac. iAlertU uses the built in sudden motion sensor (SMS) device to detect movement of your MacBook and triggers an audible and visual alarm. The alarm can also be triggered by keyboard and mouse/trackpad movement. The alarm is designed to continue sounding even after the MacBook screen has been closed. iAlertU is activated and deactivated using the infrared remote control inlcluded with every MacBook computer. User adjustable settings let you decide which type of alarm triggers you would like to use, the duration of the alarm, and motion sensor sensitivity. iAlertU also features functionality to utilize the built in iSight camera to photograph the would be thief.
IPNetRouterX is a powerful router, firewall, and network management utility including NAPT with inbound port mapping, a built-in DHCP Server, AirPort configuration tool, bandwidth accounting, and rate limiting.
Using IPNetRouterX you can share a network connection among multiple users, provide DHCP service, configure an AirPort software base station, allocate network bandwidth to match business priorities, audit network usage, and secure your LAN against undesirable traffic or network abuse.
IPNetRouterX includes the complete IP filtering engine from IPNetSentryX, extending its flexibility to the entire LAN.
IPNetSentryX is an advanced firewall intrusion detector that includes bandwidth allocation, bandwidth accounting, Ethernet bridging, AirPort configuration, automatic failover, and detailed logging. IPNetSentryX supplements and is fully compatible with Apple's own firewall in OSX while providing additional capability to solve network problems users may encounter.
Unlike most other Internet security products, IPNetSentryX offers basic protection without erecting barriers for the safe use of your Internet connection. There is no need to "punch holes" in a firewall for specific applications you may wish to run. Instead, IPNetSentryX silently and intelligently watches for suspicious behavior, and when triggered, invokes a solid filter which completely bans the potential intruder from your Macintosh. The advantage is you don't need a network expert to configure your firewall or debug compatibility conflicts.
Steganography encryption tool.
Without Anonymization, every computer in the internet communicates using a traceable Address. That means:
the website visited,
the internet service provider (ISP),
and any eavesdropper on the internet connection
can determine which websites the user of a specific computer visits. Even the information which the user calls up can be intercepted and seen if encryption is not used.
Info: Leaving a data trail online...
JAP uses a single static address which is shared by many JAP users. That way neither the visited website, nor an eavesdropper can determine which user visited which website.
How it works
Instead of connecting directly to a webserver, users take a detour, connecting with encryption through several intermediaries, so-called mixes.
Attention! The first release of JAP is downloadable free of charge and already protects your privacy against most observers like your ISP, your network operator, or your boss. However, this version does not yet achieve the full security and anonymity that we strive for. It does not protect you against an adversary who has the capability to observe all communication links on the Internet.
JuhOS X 1.0
JuhOS X is a simple and free utility to view invisible files, and to make them visible too!
KeePassX is an application for people with extremly high demands on secure personal data management. It has a light interface, is cross platform and published under the terms of the GNU General Public License.
KeePassX saves many different information e.g. user names, passwords, urls, attachments and comments in one single database. For a better management user-defined titles and icons can be specified for each single entry. Furthermore the entries are sorted in groups, which are customizable as well. The integrated search function allows to search in a single group or the complete database.
KeePassX offers a little utility for secure password generation. The password generator is very customizable, fast and easy to use. Especially someone who generates passwords frequently will appreciate this feature.
The complete database is always encrypted either with AES (alias Rijndael) or Twofish encryption algorithm using a 256 bit key. Therefore the saved information can be considered as quite safe. KeePassX uses a database format that is compatibel with KeePass Password Safe. This makes the use of that application even more favourable.
Store your files in encrypted, secure vaults. Backup your personal vaults onto your iPod. Your business vaults to the company server. All automatic, all secure.
LicenseKeeper stores and organizes important software license information, helping to prevent the loss of valuable software assets and making it accessible when needed most.
Automatic serial number scanning and software information detection greatly reduces cumbersome data entry. Attachments keep related email and documents safely archived along with license and registration records.
Little Snitch 2.2.2
Little Snitch is an application supervisor. It watches all running applications and brings up an alert panel when an application tries to establish a network connection. You can either allow the connection, deny it or store a permanent rule for similar future-connections.
Lockdown is a Mac security application built from the popular iAlertU. With a new interface, splash screen, and icon, Lockdown makes securing your Mac while you step away even easier than ever. You can customize its detection features by activating your computer's motion-sensors, keyboard-sensors, external device sensors, MagSafe sensors, and more to ensure that not even the slightest tap goes unnoticed.
Once your alarm has been set off, your computer will sound a loud alarm and prevent the system from being muted or put to sleep. Lockdown will take a snapshot of the offender using your computer's built in iSight and, if you've entered your e-mail address, e-mail the snapshot to the account of your choice.
MacEncrypt will allow you to encrypt files using the "Data Encryption Standard." Encrypted files can only be used if you know the password. Groups of files can also be encrypted into an encrypted archive. MacEncrypt can be placed on the desktop next to the trash can and files can simply be dropped on top of it to be encrypted.
Make-A-Pass generates secure, random passwords with the click of a button! This widget is highly configurable.
NetShade 2 brings the next level of online privacy and anonymity to the Mac platform. In addition to a large database of publicly available proxy servers, NetShade 2 now provides its own dedicated and fully anonymous proxy.
NetShade is an Internet security tool which makes your Web presence anonymous and secure.
Control your web routing through one straightforward console Instead of your web connection going directly from your machine to the website you're visiting, it is automatically routed through an Internet proxy server. NetShade lets you connect to the Internet in one of three ways:
Direct Connection: No anonymity, no proxy is used.
Public Proxy: NetShade selects a publicly-available proxy server from its daily-updated list. These servers are located around the world and provide good anonymity, but they are not within NetShade's control and therefore speed and reliability cannot be assured.
NetShade Proxy: NetShade connects through its own dedicated anonymous proxy server located in a Texas datacenter. The NetShade proxy server is a non-logging, fully anonymous web proxy supporting both HTTP and HTTPS. This option provides the best speed, reliability and anonymity. The NetShade proxy is available only to registered users.
Clear Cache, erase history with this easy to use Internet Track Eraser. Easy because it runs automatically when you quit from your browser or email. Fast because it runs in the background while you continue to browse. Cleaner because it will erase - not just delete - cache, history, and email trash so it can't be recovered. NetShred works with most web browsers and email programs.
NoobProof is a firewall configuration tool for Mac OS X 10.4 and 10.5. Very easy, just follow the 5 steps how-to in the application help. NoobProof is a frontend for ipfw. NoobProof is freeware.
Manage hundreds of passwords with one master key.
Integrated with Safari, OmniWeb, DEVONagent, Firefox, Camino, and Flock.
Automatic form filler outclasses the other AutoFill products.
OS X Keychain integration provides maximum security.
When using strong random passwords it is important to be able to access your information where ever you go. 1Password provides solutions for iPhone/iPod touch and Palm so you can take your data anywhere.
In addition to support for mobile devices, 1Password optionally allows you to store your data on the my1Password web service, enabling you to access your information from any modern web browser.
The Mac server account creation, permissions setting, and password generation tool.
1. Import Database Text
2. Name Concatenation
3. Generate Passwords
4. Duplicate Checking
5. Set Account Parameters
6. Export for Servers & Eudora Clients
Exports for Mac OS X Server, Macintosh Manager, Eudora client settings customization and distribution, WebSTAR FTP, WebSTAR Web, Master Spell, Master Key, and user-defined customized export
7. Create Folders
8. Migrate Account Folders
9. Set Permissions
PasswordPress helps you determine what your next password should be. However, PasswordPress only makes new passwords for you. It doesn't store passwords anyplace; it doesn't remember what password it gave you last. Nothing too fancy (plus, most operating systems have better means of storing passwords such as Mac OS X and its Keychain).
PasswordVault is a top-rated Password Manager which automates website logins and helps you organize and secure your passwords. It's very easy to use, but includes powerful features for advanced users and organizations.
- Logs into websites with just two clicks
- Auto-fills web forms on most web browsers
- Fights Phishing by only opening verified URLs
- Defeats Keyloggers by pasting data in directly
- Secures your data with strong 896-bit encryption
- Organizes your passwords for easy access
- Generates high-quality randomized passwords
- Stores software serials, notes, banking info, etc.
- Exports data for easy backup & synchronization
- Imports from most other password managers
- PasswordVault2Go runs off USB drives & iPods
- PasswordVault2Go auto-syncs to the desktop
- Versions for Windows, MacOS and Linux
PasswordWallet is a convenient, easy to use, secure place to store all your usernames, passwords, PINs, or combinations. It just doesn't get any easier than this!
- PasswordWallet has a tight user interface that allows you to use your passwords as quickly and as painlessly as possible.
- Our unique Auto-typing technology is more secure than copying your password to the clipboard.
- Use Auto-typing to enter multiple usernames and passwords across multiple web pages.
- For security, PasswordWallet uses the BlowFish encryption algorithm with 448-bit keys to protect your data. For safety, PasswordWallet can copy your password to the clipboard and clear it automatically after you paste.
- Keep your master password in the Mac OS X keychain.
Pastor is a tool to store all your passwords, website logins, program serial numbers, etc. RC4-encrypted and password-protected. With built-in password generator.
Permanent Eraser 2.3.4
When you normally delete your files in Mac OS X, the operating system is only forgetting where those particular files are placed, while the data still physically remains on the drive. Beginning with Mac OS 10.3, Apple enhanced its security by introducing the Secure Empty Trash feature, which follows the U.S. DoD pattern of overwriting data seven times.
Permanent Eraser provides an even stronger level of security by implementing the Gutmann Method. This utility overwrites your data thirty-five times, scrambles the original file name, and truncates the file size to nothing before Permanent Eraser finally unlinks it from the system. Once your data has been erased, it can no longer be read through traditional means.
PGP Desktop 9.10
PGP Desktop Home 9.7 provides individuals a simple, easy-to-use desktop encryption solution to protect confidential communications and digitally stored information. It is designed for individuals who want to secure private email, selected files, and AOL Instant Messenger (AIM) traffic.
What applications are included?
- PGP Whole Disk Encryption
- PGP Desktop Email
- PGP NetShare (Windows Only)
- PGP Zip
- PGP Virtual Disk
- PGP Shredder
- IM encryption, and more
PGP Desktop Professional 9.7 provides comprehensive data protection for individual desktops, allowing organizations to protect the sensitive business information of critical users without disrupting current business processes. This award-winning, easy-to-use solution secures email, files, virtual volumes, and even entire disks from a single desktop application.
Safe Place 2.2.4
Safe Place is a Macintosh application designed to securely store your passwords, credit card numbers, software activation codes, or any other information you want to keep handy and safe from prying eyes.
People use SecretBook to store all sorts of information. Passwords are just the start. Credit Card details, SSN numbers, Software Licenses, e-mail account details, product registration codes and serial numbers are all easily stored in SecretBook's flexible database. Most people use SecretBook for personal use, but businesses also use SecretBook for managing their customers passwords or for managing software licenses.
iShow Invisible 1.2
Shows and hides the invisible files via a repeating dialog box. After you have revealed the invisible files, simply move the Hide dialog box out of your way or press Command H to send it to the background. Any open folders should remain open when you change the visibility. This makes it easier if you have several folders open and want to view the invisible files.
ShredIt X 5.8.4
ShredIt X shreds everything - including files, folders, disk free space, files you've already deleted, hard drives, external hard drives, CDRWs and even floppy drives.
SimpleAuthority is a free Certification Authority (CA). It generates keys and certificates that provide cryptographic digital identities for a community of people and/or computer servers. These identities are designed to be used in other applications for security purposes within this community.
SimpleAuthority is designed to be very easy to use and does not require an external database or similar supporting components. It is built on The Legion of the Bouncy Castle cryptographic library.
SimpleAuthority can be used to generate keys and certificates for:
- Secure email - for digital signing and encryption of email
- VPN access - to provide a much higher level of security than username/password access
- Client SSL authentication - to authenticate a person to a Web Server, such as to restrict access to a subversion repository or other online content, and
- Server SSL authentication - to authenticate a Web Server to people within the community.
In 1998, Martin Roesch wrote an open source technology called Snort, which he termed a "lightweight" intrusion detection technology in comparison to commercially available systems. Today that moniker doesn't even begin to describe the capabilities that Snort brings to the table as the most widely deployed intrusion prevention technology worldwide. Over the years Snort has evolved into a mature, feature rich technology that has become the de facto standard in intrusion detection and prevention. Recent advances in both the rules language and detection capabilities offer the most flexible and accurate threat detection available, making Snort the "heavyweight" champion of intrusion prevention.
SplashID safely and securely stores all of your sensitive personal information in a secure, encrypted database that is quickly accessible on your handheld and desktop computer. SplashID organizes and protects all of your user names, passwords, credit cards, PINs, and more in one convenient location.
Does the world really need another password organizer? The answer is a resounding yes. Steel works much like other products in this category, allowing you to store and search personal information, but does so with a simplified, familiar iApp interface.
sunShield Pro 2.0.3L
sunShield Pro is a GUI that enables a user to configure ipfw, the interface to the packet filtering firewall that sits in the kernel. Although it is designed to be as simple as possible, giving access to (almost) full potential of ipfw2 on a single pane requires some knowledge about firewall rules.
sunShield Pro however now supports rules packs, sunShield EXchange files, that apply a bunch of rules to match a typical configuration, along wiht the templates for specific services.
Tor: An anonymous Internet communication system
Tor is a toolset for a wide range of organizations and people that want to improve their safety and security on the Internet. Using Tor can help you anonymize web browsing and publishing, instant messaging, IRC, SSH, and other applications that use the TCP protocol. Tor also provides a platform on which software developers can build new applications with built-in anonymity, safety, and privacy features.
Your traffic is safer when you use Tor, because communications are bounced around a distributed network of servers, called onion routers. Instead of taking a direct route from source to destination, data packets on the Tor network take a random pathway through several servers that cover your tracks so no observer at any single point can tell where the data came from or where it's going. This makes it hard for recipients, observers, and even the onion routers themselves to figure out who and where you are. Tor's technology aims to provide Internet users with protection against "traffic analysis," a form of network surveillance that threatens personal anonymity and privacy, confidential business activities and relationships, and state security.
Tresor is a file and folder encryption application for Macintosh. It combines high cryptographic security and ease of use. Integrated compression functions allow compression and encryption in a single pass, without any interim files. Filter functions allow you to automate complex encryption tasks without the use of risky scripts. Being developed outside the US, Tresor is available in all countries that allow cryptography.
Tresor encrypts the complete content of any file using IDEA block encryption. It takes a passphrase of arbitrary length and produces a 160-bit hash value using the Secure Hash Algorithm (SHA). It then takes 128 bits of this hash value, using them as the encryption key for IDEA. For decryption the same passphrase will be needed again.
Free open-source disk encryption software for Windows Vista/XP, Mac OS X, and Linux. Main Features:
- Creates a virtual encrypted disk within a file and mounts it as a real disk.
- Encrypts an entire partition or storage device such as USB flash drive or hard drive.
- Encrypts a partition or drive where Windows is installed (pre-boot authentication).
- Encryption is automatic, real-time (on-the-fly) and transparent.
- Provides two levels of plausible deniability, in case an adversary forces you to reveal the password:
1) Hidden volume (steganography) and hidden operating system.
2) No TrueCrypt volume can be identified (volumes cannot be distinguished from random data).
- Encryption algorithms: AES-256, Serpent, and Twofish. Mode of operation: XTS.
Because laptops are increasingly popular, and desktops are becoming smaller and more portable, computer theft has reached huge proportions worldwide: there were about 600,000 laptops stolen in the USA in the year 2004. According to a recent FBI report, 97% of all stolen computers are never recovered. Many people we know have had their Macs stolen, often in 'safe' situations. That's why we developed Undercover: a unique theft-recovery application designed from the ground up for Mac OS X.
VirusBarrier X6 10.6.15
Only VirusBarrier X6 provides comprehensive protection from malware and network threats. VirusBarrier X6 is the only antivirus program for Mac that includes full anti-malware protection together with firewall, network protection, anti-phishing, anti-spyware features and more.
Wallet is a lightweight flexible database application that lets users easily store and secure important pieces of personal information, such as software serial numbers, web passwords, and similar data. Information stored in Wallet is encrypted using 256-bit AES encryption for maximum security.
The iPhone version ($4) can sync with Wallet for Mac using MobileMe, or connect and sync with directly over WiFi, offering customers on the go access to their most critical information.
WaterRoof is an IPFW firewall frontend for Mac OS X with an easy interface and many options. Features include dynamic rules, bandwidth management, pre-defined rule sets and a wizard for easy configuration. You can also watch logs and statistics. Rules configurations and network options can be saved and optionally activated at boot time.
Web Confidential 3.8
Web Confidential uses an intuitive, easy-to-use cardfile metaphor which will enable even novice users to get up to speed in no time. Power users will find a large number of options to enable them to configure Web Confidential to meet their specific needs.
Web Confidential gives you access to your passwords from within your browser and from the Mac OS X Dock. When you need access to a user ID and password, a handy floating utility window shows all the information you might need about your password.
Web Confidential for Palm is a solution to keep your data secure while you travel with your Palm and need access to your confidential data.
Web Confidential for Windows completes the set of programs. Its file format is binary compatible with the Macintosh version.
Web Confidential for Palm is supplied with a Conduit for Mac or Windows, so that you can synchronize your data with your desktop computer.
XRay is a much-expanded version of the Finder's "Get Info" window. Select any item in the Finder and press Command-Shift-X, or simply drag any file, folder, application, or volume onto XRay's icon, and you'll get a information window. All enabled flags and fields can be edited; if necessary, XRay will ask for an Administrator password to change files you normally wouldn't be able to modify. You can also XRay a file from the Finder, using the included Contextual Menu, or from any XRay window by opening the built-in browser drawer.
Denotes Mac OS X Intel Native
Denotes Mac OS X Intel & PPC Native
Denotes Mac OS X PPC Native
Denotes Mac OS 8/9 PPC Native
Denotes Mac OS 680x0 Native
Denotes Non-OS Specific Code