Okay, someone had asked what I had done and I finally cobbled together some info lol
I didn’t fully harden it like you might see in some YouTube videos, I.e bought with cash, no internet/bluetooth/airdrop enabled, location devices off, no Apple account during set up. My spouse didn’t want me to do that lol.
I picked and chose some of the steps in this Naomi Brockwell video namely, though some I found in regular Google search.
Disabled any targeted advertising and diagnostics telemetry I could. Apparently to turn off personalized ads in recent Mac OS versions, you have to wait till first one pops up at a random time in Apple Store or something OR you can use the terminal to kill it before they happen. I think this was the one I ran: defaults write com.apple.AdLib allowApplePersonalizedAdvertising -bool false
Installed LuLu for outgoing firewall so we can monitor apps like Adobe to see when they request outgoing connections and what they are requesting. (Spouse loves Adobe, I lost that battle lol)
Installed Brave browser and made default over Safari
Installed Proton Mail web app since we share account for home/critical stuff
Installed BitWarden, although they still like using Apple Keychain for their personal passwords. Critical stuff and shared stuff goes in BitWarden so not isolated in Apple’s stupid Keychain lol. (Good luck accessing your life’s worth of passwords if you lose your Apple devices or they self-sabotage like spouses $$$$ iMac did one day during Mac OS update a few years ago…)
Okay, someone had asked what I had done and I finally cobbled together some info lol
I didn’t fully harden it like you might see in some YouTube videos, I.e bought with cash, no internet/bluetooth/airdrop enabled, location devices off, no Apple account during set up. My spouse didn’t want me to do that lol.
I picked and chose some of the steps in this Naomi Brockwell video namely, though some I found in regular Google search.
https://m.youtube.com/watch?v=1g0RzOGxe40&t=1669s&pp=ygUdTmFvbWkgYnJvY2t3ZWxsIHR2IGhhcmRlbiBtYWM%3D
These are some of the highlights:
Disabled Siri
Enabled FileVault
Time server: pool.ntp.org
Disabled any targeted advertising and diagnostics telemetry I could. Apparently to turn off personalized ads in recent Mac OS versions, you have to wait till first one pops up at a random time in Apple Store or something OR you can use the terminal to kill it before they happen. I think this was the one I ran: defaults write com.apple.AdLib allowApplePersonalizedAdvertising -bool false
Installed LuLu for outgoing firewall so we can monitor apps like Adobe to see when they request outgoing connections and what they are requesting. (Spouse loves Adobe, I lost that battle lol)
Installed Brave browser and made default over Safari
Installed Proton Mail web app since we share account for home/critical stuff
Installed BitWarden, although they still like using Apple Keychain for their personal passwords. Critical stuff and shared stuff goes in BitWarden so not isolated in Apple’s stupid Keychain lol. (Good luck accessing your life’s worth of passwords if you lose your Apple devices or they self-sabotage like spouses $$$$ iMac did one day during Mac OS update a few years ago…)