macOS-Security-and-Privacy-Guide VS dotfiles

Hi friends, I followed this guide: https://github.com/drduh/macOS-Security-and-Privacy-Guide and some additional steps to protect my macbook from being accessed by unauthorized people. The key steps I did was a full disk encryption and a custom firmware password. This makes it extremely difficult to repurpose my macbook after for example a theft. The reason I want this is that I often study in university or sometimes work in public places, but I also work as a software developer with sensitive consumer data.

https://github.com/drduh/macOS-Security-and-Privacy-Guide/is...

turn on FileVault , turn on the firewall (built in). install Lulu firewall follow this guide and harden the system https://github.com/drduh/macOS-Security-and-Privacy-Guide

I'm looking for a guide to harden MacOS Ventura, preferably including little snitch/lulu blocklist suggestions for MacOS services. I'm aware of dr druh's guide (that currently doesn't seem to be updated for Ventura though) and isn't including a little snitch/lulu blocklist.

- macos, following https://github.com/drduh/macOS-Security-and-Privacy-Guide for hardening (I haven't compared this to other hardening guides, but doing something is better than nothing)

I remember seeing this, I have never followed it so I don't know what it's worth but it's seems quite comprehensive

Here's a somewhat dated example of such a setup: https://github.com/memco/dotfiles. Basically, you just need the install.sh if all you care about is macOS preferences, but you can also add in something like the brewfile so that you can also install your apps. My brewfile leverages MAS so that I can install stuff from the app store in addition to what's available via brew. I haven't automated app preferences, but macOS and apps are just a clone, `./install.sh && brew bundle --file Brewfile` away.