DEV Community

Vicente G. Reyes
Vicente G. Reyes

Posted on • Updated on • Originally published at

Setting up my macOs development environment for 2022

By the third or fourth week of November was the only time I realized I was hacked. Tinkering on my mac’s logs and system files showed that the attackers started observing what I was doing between the last week of Febrary to the first week of March. Ill try to write all four exploits that the attackers did in a different blog post. In the meantime, this article details the custom “hack” I set on my mac for additional protection. This may or may not work for everyone. Duplicate at yer own risk.

Things I did:

  • Install XCode and CLI tools
  • Deactivate remote management sudo /System/Library/CoreServices/RemoteManagement/ -deactivate -stop
  • Remove Desktop Sharing sudo /System/Library/CoreServices/RemoteManagement/ -deactivate -configure -access -off
  • Remove Apple Remote Desktop Settings
sudo rm -rf /var/db/RemoteManagement ; \
sudo defaults delete /Library/Preferences/ ; \
defaults delete ~/Library/Preferences/ ; \
sudo rm -r /Library/Application\ Support/Apple/Remote\ Desktop/ ; \
rm -r ~/Library/Application\ Support/Remote\ Desktop/ ; \
rm -r ~/Library/Containers/
Enter fullscreen mode Exit fullscreen mode
  • Uninstall Google Update ~/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/ksinstall --nuke
  • Show mail attachments as icons defaults write DisableInlineAttachmentViewing -bool yes
  • Enable developer menu and web inspector in safari
defaults write IncludeInternalDebugMenu -bool true && \
defaults write IncludeDevelopMenu -bool true && \
defaults write WebKitDeveloperExtrasEnabledPreferenceKey -bool true && \
defaults write -bool true && \
defaults write -g WebKitDeveloperExtras -bool true
Enter fullscreen mode Exit fullscreen mode
  • Focus follows mouse on terminal defaults write FocusFollowsMouse -string YES
  • Use plain text in TextEdit as default defaults write RichText -int 0
  • Disable local backups sudo tmutil disable
User@user ~ % sudo tmutil disable
tmutil: disable requires Full Disk Access privileges.
To allow this operation, select Full Disk Access in the Privacy
tab of the Security & Privacy preference pane, and add Terminal
to the list of applications which are allowed Full Disk Access.
Enter fullscreen mode Exit fullscreen mode
  • Install CLI Tools xcode-select --install
  • Disable icon bounce on Dock
defaults write no-bouncing -bool false && \
killall Dock
Enter fullscreen mode Exit fullscreen mode
  • Enable Scroll Gestures
defaults write scroll-to-open -bool true && \
killall Dock
Enter fullscreen mode Exit fullscreen mode
  • Show Hidden Apps/Icons
defaults write showhidden -bool true && \
killall Dock
Enter fullscreen mode Exit fullscreen mode
  • Disable Sudden Motion Sensor sudo pmset -a sms 0
  • Show AFP, SMB, NFS, WebDAV etc
defaults write ShowMountedServersOnDesktop -bool true && \
killall Finder
Enter fullscreen mode Exit fullscreen mode
  • Show All File Extensions defaults write -g AppleShowAllExtensions -bool true
  • Show hidden files defaults write AppleShowAllFiles true
  • Show ~/Library folder chflags nohidden ~/Library
  • Save to Disk by Default(not iCloud) defaults write -g NSDocumentSaveNewDocumentsToCloud -bool false
  • Disable creation of .DS_Store and AppleDouble files defaults write DSDontWriteNetworkStores -bool true
  • Recursively delete .DS_Store Files find . -type f -name '.DS_Store' -ls -delete
  • Clear Font Cache for All users
sudo atsutil databases -removeUser && \
sudo atsutil server -shutdown && \
sudo atsutil server -ping
Enter fullscreen mode Exit fullscreen mode
  • Disable IR Receiver sudo defaults write /Library/Preferences/ DeviceEnabled -int 0
  • Disable sound effects on boot sudo nvram SystemAudioVolume=" "
  • Disable autoplay in quicktime defaults write MGPlayMovieOnOpen0
  • Disable bonjour service sudo defaults write /System/Library/LaunchDaemons/ ProgramArguments -array-add "-NoMulticastAdvertisements"
  • Enable screensaver password defaults write askForPassword -int 1
  • Install Homebrew /bin/bash -c "$(curl -fsSL []("
  • Install pyenv
  • Install nvm

No VSCode, right? I decided to use GitHub codespaces instead of coding in my Mac. I’ll most-likely write another article to talk about my GitHub codespaces set-up. Cheers!

Top comments (4)

waylonwalker profile image
Waylon Walker

I just starting using pyenv, feels great so far.

I recently put a bunch of work into my new machine setup, I have it down to this.

GET | bash
Enter fullscreen mode Exit fullscreen mode

This clones my dotfiles, installs ansible and runs the ansible playbook in my dotfiles repo. You can see the script in plain text

highcenburg profile image
Vicente G. Reyes

Thanks for the resources!

michaeltharrington profile image
Michael Tharrington

Thanks for the write up Vicente!

Really glad to see you've taken back control of your accounts and sorry that you had to go through all this. 🙌

highcenburg profile image
Vicente G. Reyes

Thank you to you and Ella for the comforting words! It really helped recover my confidence in going back online again!