macsocksproxy_20070929.jpg

When you’re on an untrusted or unencrypted network, everything from what you browse to the email and IM messages you send can potentially be snooped by a third party. Sure, some sites use https and you can use ssh to connect to a remote server, but what if you want to jack in and enjoy the relative comfort of knowing _all_ of your applications are communicating over a secure channel?

For that, you need a secure proxy. By setting up a SOCKS proxy, you can have your applications route all of their network communications through a secure connection to a network you trust. Gina at Lifehacker put together a quick guide for setting this up, and once configured in OS X’s System Preferences, most of the default apps like Safari will just start using your proxy and you’re good to go.

A lot of your favorite applications–ie. Firefox and Adium–need to be manually configured to use the proxy, however, as they don’t pull this information automatically from the system preferences. This is straightforward to do, but it means that every time you cruise over to the local coffee shop, you need to set up your proxy configuration in multiple places.

Albert Lee came up with a nice solution to this problem. An application profile manager called rooSwitch and some quick Actionscript is all you need to make a couple of command line scripts that will set up or tear down your proxy, as well as switching all of your application preferences.

If you save this script with a .command extension, then you can run it by double-clicking on the icon in the Finder like a regular application. When it runs, it will change the location, switch your profile, and start up the SSH tunnel. Enter your password and off you go!

I should mention that his script also introduced me to a useful mac command line utiliy called scselect. By typing scselect [locationname], you can switch your Mac’s location straight from the command line.

Safer Surfing on Untrusted Networks (Mac Edition) – Link
How to configure an SSH SOCKS proxy @Lifehacker – Link
rooSwitch – Link