Setting up my macOs development environment for 2022

By the third or fourth week of November was the only time I realized I was hacked. Tinkering on my mac’s logs and system files showed that the attackers started observing what I was doing between the last week of Febrary to the first week of March. Ill try to write all four exploits that the attackers did in a different blog post. In the meantime, this article details the custom “hack” I set on my mac for additional protection. This may or may not work for everyone. Duplicate at yer own risk.

Things I did:

  • Install XCode and CLI tools
  • Deactivate remote management sudo /System/Library/CoreServices/RemoteManagement/ -deactivate -stop
  • Remove Desktop Sharing sudo /System/Library/CoreServices/RemoteManagement/ -deactivate -configure -access -off
  • Remove Apple Remote Desktop Settings
sudo rm -rf /var/db/RemoteManagement ; \
sudo defaults delete /Library/Preferences/ ; \
defaults delete ~/Library/Preferences/ ; \
sudo rm -r /Library/Application\ Support/Apple/Remote\ Desktop/ ; \
rm -r ~/Library/Application\ Support/Remote\ Desktop/ ; \
rm -r ~/Library/Containers/
  • Uninstall Google Update ~/Library/Google/GoogleSoftwareUpdate/GoogleSoftwareUpdate.bundle/Contents/Resources/ksinstall --nuke
  • Show mail attachments as icons defaults write DisableInlineAttachmentViewing -bool yes
  • Enable developer menu and web inspector in safari
defaults write IncludeInternalDebugMenu -bool true && \
defaults write IncludeDevelopMenu -bool true && \
defaults write WebKitDeveloperExtrasEnabledPreferenceKey -bool true && \
defaults write -bool true && \
defaults write -g WebKitDeveloperExtras -bool true
  • Focus follows mouse on terminal defaults write FocusFollowsMouse -string YES
  • Use plain text in TextEdit as default defaults write RichText -int 0
  • Disable local backups sudo tmutil disable
User@user ~ % sudo tmutil disable
tmutil: disable requires Full Disk Access privileges.
To allow this operation, select Full Disk Access in the Privacy
tab of the Security & Privacy preference pane, and add Terminal
to the list of applications which are allowed Full Disk Access.
  • Install CLI Tools xcode-select --install
  • Disable icon bounce on Dock
defaults write no-bouncing -bool false && \
killall Dock
  • Enable Scroll Gestures
defaults write scroll-to-open -bool true && \
killall Dock
  • Show Hidden Apps/Icons
defaults write showhidden -bool true && \
killall Dock
  • Disable Sudden Motion Sensor sudo pmset -a sms 0
  • Show AFP, SMB, NFS, WebDAV etc
defaults write ShowMountedServersOnDesktop -bool true && \
killall Finder
  • Show All File Extensions defaults write -g AppleShowAllExtensions -bool true
  • Show hidden files defaults write AppleShowAllFiles true
  • Show ~/Library folder chflags nohidden ~/Library
  • Save to Disk by Default(not iCloud) defaults write -g NSDocumentSaveNewDocumentsToCloud -bool false
  • Disable creation of .DS_Store and AppleDouble files defaults write DSDontWriteNetworkStores -bool true
  • Recursively delete .DS_Store Files find . -type f -name '.DS_Store' -ls -delete
  • Clear Font Cache for All users
sudo atsutil databases -removeUser && \
sudo atsutil server -shutdown && \
sudo atsutil server -ping
  • Disable IR Receiver sudo defaults write /Library/Preferences/ DeviceEnabled -int 0
  • Disable sound effects on boot sudo nvram SystemAudioVolume=" "
  • Disable autoplay in quicktime defaults write MGPlayMovieOnOpen0
  • Disable bonjour service sudo defaults write /System/Library/LaunchDaemons/ ProgramArguments -array-add "-NoMulticastAdvertisements"
  • Enable screensaver password defaults write askForPassword -int 1
  • Install Homebrew /bin/bash -c "$(curl -fsSL []("
  • Install pyenv
  • Install nvm

No VSCode, right? I decided to use GitHub codespaces instead of coding in my Mac. I’ll most-likely write another article to talk about my GitHub codespaces set-up. Cheers!