Apple has been pegged as the ultimate newb-proof computer system of today’s market. In all actuality, the machines this massive empire now produce and ship to hipsters and tennyboppers around America almost never made it to where they are today.

In the 90′s Windows slayed the computing market with the debut of Windows 95, reinventing the way operating systems handled user data. But with a great operating system came great responsibility. Few could foresee the advent of the mighty virus, at least on any scale it could effect change unto the babes out to pasture per se, the poor unsuspecting consumers of the Personal Computer systems running Windows.

This article is aout UNIX commands, but it is also a little bit about how UNIX differs from something like Windows. Hopefully it will shed some light as to why Windows is highly susceptible to outside forces while the Mac OS (operating system) is more keen to disruption from the inside instead.

UNIX was first developed in 1969 by AT&T and Bell Labs, the most common form of UNIX being Darwin upon which Apple’s OS is now based. Behind the stunning visual desktop pictures, sleek hardware designs and seamless distribution of downloadable software on the AppStore is an archaic but virtually impenetrable fortress. Its name is UNIX.

UNIX works by I/O, meaning input/output. You can see these inputs and outputs on your mac by going to Utilities->Console and Utilities->Activity Monitor. These two applications are highly recommended to sit on your quick-click bar called the dock. If you have about 25 items on your dock, including the defaults like Trash, Downloads, Finder, and a few others, your computer uses about 35 MB of RAM (random access memory), the sold-state flash style memory your computer needs to multitask easily. Most computers Apple produces come with about a gigabyte of RAM. Think of your Mac’s RAM as a readily deleted and constantly overwritten iPad. Though many developers, music producers, and people working with intense graphics applications prefer several gigs of RAM above the standard their computer comes with, even with a couple of gigs, you are more than ready to yield the power of UNIX. Here’s why.

The operating system of your computer is stored on its hard drive, a spinning disc with ones and zeros etched into its surface anytime something is ‘saved,’ written or altered on your machine. The power of a MacBook Pro with its nearly 1 terabyte of disc space, which is a virtual standard, and several gigabytes of RAM make it a Ferrari compared to the Pintos of our trendy tablet devices used so commonly by about everyone at some point in the developed world. So, if my Apple computer is fine already, why should I want to learn anything else about it? The answer is simple. UNIX controls the planet.

What I mean to say is that the security of UNIX is so solid that it is in essence its own little world. Your Apple computer masks a form of computing so indomitable only the user is liable to mess it up.

What’s a user? Is that me? Well, yes – sorta. The user is the main stance from which we engage in martial combat with our UNIX system and computer’s hardware and software. The main user is something you invariably assign with a name and password when you first set your new Apple machine. From here, we need to learn a little bit about Terminal.app, which is found alongside your Console and Activity Monitor (more on these later as well) found in your Utilities folder.

Opening Terminal.app, we see a lot of things, even though it doesn’t look like a lot at first.

[username]$

If you run a server on your machine like I do, you will see something like:

server:~ [myusername]$

This represents the main user who is currently logged into the computer. Type the following command into Terminal.app to see exactly who you are as a user:

whoami [press enter]

Displayed below should be your user name. This is also represented by a little house icon visible when you open your HD on your desktop. If you look to the left under ‘favorites,’ you should see the house I’m talking about. If you click on the icon and open it, you will see all the information stored under your user directory. What in the hell is a directory you ask? An easy way to put it is that a directory is a folder. But under your user, all folders including the user itself, has certain permissions for access. The only way to access your user, for now anyway, is by having entered a password which you have assigned.

When your computer writes something to the hard drive, it has to put it somewhere. The easiest way for this to be done is by creating a directory and then writing information that is then indexed inside this folder. Indexing is essentially a process your computer goes through to create a quickly accessible list of relatable information inside a directory. In fact, you have easy access to indexing through Apple’s Spotlight, the little magnifying glass visible in the upper righthand corner of your screen. If you click on it, you can search your computer – of course limited by your user access – for files related to characters you type in the box. Wow. This seems really boring. But you are at the edge of total control over your computer. Indexing is just one hint at the power at your Apple-tinged fingertips.

Apple machines running Mac OS aren’t really susceptible to viruses because of UNIX’s indexing capabilities. When data on your hard drive has been indexed through UNIX, every single bit is essentially separate from every other bit. It is a sort of built-in virus protection software. Here’s why. Viruses usually work by overwriting information stored on the drive disguising itself as functional data. Now instead of functioning properly, a piece of software infected with a virus is broken and does all sorts of nasty little things you as a user never intended when you installed the software. But UNIX isn’t harmed by viruses because of the presence of the user. With a user comes permissions.

When you install or update a piece of software onto a Windows machine, you might see a string of numbers representing the number of files being written to the drive. Usually not really files at all, these numbers can be in the millions, usually representing millions of bits of information being written to the drive. When you update something on the Windows machine, you’ve agreed to two terms: 1. The software has permission to be written. 2. The software has permission to be overwritten.

Overwriting? Why is this a big deal? When you give something permission to be overwritten, which you might almost everyday when updating things on your Windows machine, little bits of what once was there (on the drive) can and will now be replaced by new information from the update. And lo, the virus has a door unlike anything else – because you let it.

But I don’t want viruses and I don’t because I use UNIX, right? Pretty much. This is because every single bit of information stored on a UNIX device is separate from every other piece of data. So when you call on an application to run in a UNIX environment like Mac OS’s Darwin, the program has intensely restricted permissions to run what it was installed to be. It is as though every single piece of data written to your drive on a Mac is its own little hard drive. So how on god’s green earth can an Apple computer talk to millions of tiny hard drives? The process has to do with something called sandboxing.

Until an application has proved its worth against the insurmountable power of the user, it enters a virtual test environment called a sandbox. While the user stands in a sky rise building, the application under scrutiny trudges through a sandbox where every step it takes tests its endurance. If you’ve ever tried to run through sand with a rifle and combat boots to attack a ‘user’ per se, you know it can really sap the life out of you before you can even get close enough to your opponent to open fire.

The virtual environment of the sandbox requires a lot of things out of our soldiering applications before they are allowed to run on our OS. There are signatures that it needs to sign while trudging along, checks and balances, judges like hardware it must come up against, and even a jail for those deemed unworthy to proceed any further. If you look at the activity of your Console after opening an application, you might see a line or two about the sandbox.

Sandboxing also protects your machine from outside intruders when you use the internet so long as a browser’s security permissions are up to date, i.e. that you have the most current version of a browser for instance and that your computer says its okay to run. Mail applications work the same way. Checks happen in this virtual environment so quickly, you can’t even blink your eye fast enough before everything is all good with an app. So, let’s go back to the Terminal.app and start getting a little familiar with how we can see these little directories so safely organized on our computer, nothing could possibly go wrong ;D

Type the following command in Terminal.app:

ls [press enter]

This creates a list of directories and files contained in your user directory, the most secure part of your computer. Now type:

cd Desktop

Looking at your username on the machine, there should now be a little title ‘Desktop’ before it. This means you as the user are now in the Desktop directory of your computer. Now type ‘ls’ again and hit enter. This shows the contents of your Desktop. Note, this is technically ‘in’ your Desktop rather than ‘on’ it, the latter we might think is true when we think of the top of a desk and by the fact we can see little icons ‘on’ the screen. Really, even in this visual environment we commonly use to navigate through our machine, even the Desktop is sandboxed. The higher order of our desktop can be accessed through the Finder, which is an intensely complicated type of sandbox environment we commonly mistake for our Desktop.

Now from the Terminal.app, we have managed to enter the actual directory of our Desktop which is stored in the System Library on our machine. This indicates we are technically deeper in the system than we would be by just looking at the visual ‘Desktop’ with our pretty picture of the galaxy that comes standard with newer Apple computers. But isn’t there more? Now from Terminal.app, type:

ls -a [press enter]

Wow! What did this do? This just listed all files and directories once hidden – even from the user. the ‘-a’ command basically means all and indeed we can now see all files and directories in our Desktop. Say we are a bit nervous and don’t really want to be poking around in our Desktop anymore. Let’s go back up to the user directory where we can sit from the window of the sky rise. Type:

cd [press enter]

Whew! We’re back to the safe zone. This brings us back up to the previous directory, which is our user. If you use the ‘cd’ command to go further into the Desktop, you can get back to the user standpoint by typing:

cd .. [press enter]

This takes you back up to the top of your computer’s hierarchal structure which is, true for now, the user.

I was quite stunned when I saw all these hidden files by using the ‘ls -a’ command and figured I might as well see what’s been hidden by default from even me, the user. To enable the view of hidden files and directories in your OS’s visual environment, you can type the following:

defaults write com.apple.finder AppleShowAllFiles TRUE [press enter]

Since you’ve just changed the sandbox of the Finder, you need to kill it, i.e. bring the hurricane through to take out the sand so the water can bring some new fresh sand back in. Type:

killall Finder [press enter]

Oh my god! Haven’t I just destroyed my finder? Not at all. Finder starts itself back up as an automated process. This process is one way the computer keeps itself really safe so you can roam around freely in its environment without disturbing the locals with drunken computerness.

If at any point you get annoyed with seeing all these nonsensical file and folder names, you can always undo it by typing:

defaults write com.apple.finder AppleShowAllFiles FALSE [press enter]
killall Finder [press enter]

Okay, so what the hell does this really teach us about UNIX and how Apple works? In the last and somewhat advanced Terminal command, we’ve managed to modify a specific file called ‘com.apple.finder’ contained in your System Folder. Since our modern computers work with ones and zeros, we have to feed it some sort of logic it can understand. We fed it the ‘defaults,’ ‘write,’ ‘AppleShowAllFiles,’ and ‘TRUE (or FALSE)’ commands to modify permissions of something called ‘com.apple.finder.’ We also actually modified some text inside the com.apple.finder file written into your System. Since this is just an article on how to better understand why UNIX is a computing fortress, I would not suggest poking around in the file (if you manage to find it) in the visual environment until some independent research has been done. So, let’s move on. In Terminal.app, type:

mkdir test [press enter]

You’ve created (made) a directory (dir) called ‘test’ within your user directory. Now, let’s play inside our new directory and make a file from scratch. Type:

ls [press enter] {this helps us see that the directory is here}
cd test [press enter]

Now ‘test’ is visible before our username indicating that our user cleared the sandbox and has permission to alter the contents and present state of the directory. Now type:

pico new [press enter]

Pico is an archaic word processor of sorts with immense programing capabilities. It stands for ‘Pine Composer’ and was one of the first highly safeguarded pieces of software in existence. No one was allowed to alter its code and distribute it. No one. Thus anyone who wanted to have a new word processor in UNIX had to write one from the ground up. And it couldn’t look a thing like pico.

In pico, type something like “hello” or some strings of text like you would in Pages.app or Word. Now we need to save it. Press the following keys:

control+x followed by the ‘y’ key to verify you want to save it. You have been prompted to give pico permission to write your file. So, it follows up with what you want to name it – for real this time. When you see ‘File Name to Write:’ followed by the name ‘new’ at the bottom, you can go ahead and press enter at which time you will be brought back to your Terminal.app environment. Through pico, you can almost truly overwrite something in UNIX, but this is about the only way you can do so without writing zeros over your hard drive, something we will talk about now. Then, we will go back to our directory and file and see how much abuse we can get away with these.

One of the most beautiful insights into UNIX came to me when I had a bunch of files in my trash and went to empty it. There might have been 1,250 files or so and after having clicked the ‘okay’ button to allow a ‘secure empty of the trash,’ an hour later my trash was empty! What in the hell?! What is this secure empty nonsense and why did I have to wait so damn long for it to work? Meanwhile while the empty was going on, my hard drive was out of control, the fan was spinning like mad, and I thought the thing was going to burst into flames! There must be a bug, I thought.

Your Mac OS is installed on your computer at the head of the drive, starting at the smallest ring around the CD shaped object. After the Mac OS has been installed on that drive, it needs to consume the remaining free space ahead of it, i.e. unused disc space, for a process called ‘journaling.’ Every change made to System files is recorded in the journal environment. This process of journaling on the drive also helps data loss from power surges and corrupted files we may or may not have installed intentionally. The only bad thing about the Mac Extended Journaling format Apple’s OS defaults to is that it makes for great difficulty when trying to have multiple operating systems on the drive. When Mac journals your drive from the beginning, it makes UNIX the head of the show and only through some delicate tricks I’ll address in another article can you have two or more operating systems. But back to our sandboxed journaled UNIX fortress.

From Terminal.app, type: cd [press enter]. Now, let’s slay our newly made directory in battle. Type:

rmdir test [press enter]

What we’ve tried to do is destroy our newly made directory by using the ‘rmdir’ command. Buy alas, we’ve created a file inside of it, so we cannot be granted permission to do this. We tried to fight as a user from the sandbox in a sense. So let’s try sneaking into the palace and assassinating the king preventing the destruction of his kingdom. Type:

cd test [press enter]
ls [press enter] *to see the file we made, which is assumably called ‘new’
rm new [press enter]
ls [press enter]

Kapow! We slayed the entity stopping us from burning down the kingdom, the directory we called ‘test.’ Now, let’s burn it down! Type:

cd [press enter]
rmdir test [press enter]

Victory over the oppressors! We have conqured the king and his kingdom. The directory ‘test’ and the file ‘new’ are now wiped from the machine, never to be given a presence again. We can see that this is true by typing:

ls -a

And lo, test hath been slain! With these few commands we’ve learned, particularly ‘rmdir’ and ‘rm,’ we now wield a great deal of responsibility. These commands destroy data, overwriting them with zeros. They are gone. For good. But what is with this trash thing we came up against earlier? Why was it that with my old PowerPC I could simply empty the trash and not have any problems with the time it took for the stuff to go away? Secure emptying is a lot like what we did to our itty-bitty files, but now we need to understand how the computer behaves with the visual environment as opposed to the Terminal.app environment.

Let’s find a huge file we don’t want on our computer, place it in the trash, and go to Terminal.app. Now type the following VERY CAREFULLY, taking note to include all characters displayed as lowercase or uppercase. Again, this is a WARNING that this process is highly specified and potentially dangerous. But what it does is closes off the most ordinary access to a file by ‘deleting’ it very quickly. The following command is very useful if you want to delete things in your Trash very quickly and move on with your day. Later, we will clean up the mess of potentially recoverable data with another clever application in the Utilities. To delete things in the trash rather quickly, type:

sudo rm -Rf ~/.Trash/* [press enter, type your password, and press enter]

Kapow! The trash is empty. But again, with great power comes great responsibility. I would suggest research into the ‘sudo’ command and the potential it can bring. If you typed the Trash command as shown above and need to delete the Trash again but are worried about not typing it correctly, you can press the ‘up’ arrow key in Terminal.app to recall the commands you had entered previously.

Another very useful sudo command comes in handy when reindexing your hard drive. UNIX is very particular about how it calls up data. One of the easiest methods the accurate recall can happen is by a process called indexing. Your drive essentially creates a hierarchal structure upon which it relies to grab exactly what needs to be computed and when. Over time, your hard drive might have a thing or two that is out of place or no longer exists on the drive. Indexing or rather re-indexing the drive may help free up some of your CPU for other processes. First, rename your Macintosh HD to just HD. In Terminal.app, try the following command (which works from 10.6 and up with maybe a slight variation here and there):

sudo mdutil -E -i on /Volumes/HD/ [press enter] [type password]

This will erase the old index files stored on the disk and prepare the drive for the new indexing process which usually happens after a restart. If you look in the upper right hand corner of the screen, your spotlight should have a small dot expanding and contracting. Click it once and see how much time is required for the indexing to happen. Usually it doesn’t take that long but is known to from thirty minutes and up to several hours.

Though this has been an exhaustive article about UNIX, the world is now your oyster. But let’s get a few things straight. You are about the only force capable of corrupting the functionality of your UNIX machine, that is until someone has access to your username and password – at which point they could theoretically log on to your machine as you and appear to in fact be you. But what about all that old information we deleted from our incessant torrenting sessions, perhaps having kicked the habit and altogether desiring the ‘thirteenth’ step in their addiction-rehab program. To totally wipe any old data from your machine that has been deleted through our sudo trash commands and others not deemed ‘secure’ open:

Utilities->Disk Utilities.app, click on HD (or whatever HD has been named, beneath the higher hard drive icon in the list), click the ‘erase’ tab, and look for the ‘Erase Free Space…’ button. Now, this is a process recommended for a period of about half of one day or more, but scroll the small arrow over to the rightmost position. This will perform an erasure of the supposedly blank space on your drive making it totally blank by writing zeros. If you just have a few hours to spare, you can do a single pass erasure (fastest, leftmost arrow position) but this won’t guarantee that the FBI, when they kick down the door, won’t have a thing or two to base a case around your sorry ass.

Thanks for tuning in folks! I hope you’ve enjoyed this lengthy but potentially helpful article about how to better understand your Apple computer. Have a great day!

-Nathan H. Fox