Archive

Archive for the ‘security’ Category

Macintosh Anti-Virus

January 17, 2010 1 comment

ImageA couple of weeks ago my one year subscription to Virusbarrier X5 expired. The software had been part of the MacUpdate December 2008 software bundle, and while I had been quite happy with ClamXav it seemed a waste not to use Virusbarrier. It’s worked fine for the year, even though it hasn’t detected a single thing. This isn’t a reflection on Virusbarrier’s ability to do it’s job, more that as a Mac user who observes safe internet use there wasn’t anything for it to detect. There are still very few risks in the wild for Mac users, and unless you make a habit of installing pirated software your chances of becoming infected are virtually zero. This could all change tomorrow, but for now the Mac remains a safe computing platform. Read more…

Categories: security, software

Removing Google Software Update

February 15, 2009 5 comments

Much has been written about how far Google intrudes into your online privacy. I notice this when I use my Gmail account and have small targeted advertising links at the top of the page. Occasionally they are useful links so I don’t mind the small loss of privacy. That’s all changed with the latest release of Google Earth and Picasa.

I recently mentioned Picasa for Mac as a fast photo viewer and intended to use it alongside Lightroom for browsing photo’s. Google earth has been updated to version 5 adding lots of interesting new features. Both of these apps tie in with the Google Software Updater which is a background task claiming to exist only to regularly check for software updates.

My objection here is a having a resource consuming process that is out of my control and providing a remote service with information I can’t see. Most Macintosh apps have an easily controlled update check that runs at a user configurable interval or on app startup. Even Apple’s Software Update can be turned off easily. Google give you no controll over the update app, and don’t even make it clear that the updater is being installed. Several sites including ArsTechnica and Wired have covered this story in detail so I won’t go into detail. It all comes down to Google’s attitude that ‘it’s in the EULA’ so they aren’t doing anything the user isn’t told about. And we all read EULA’s before installing software, don’t we? Read more…

Categories: internet, security, software Tags: , , , , ,

The Macintosh Virus issue

December 11, 2008 Leave a comment

Or should I say, the lack of Macintosh Virus issue. There’s still no serious threat in the wild, and anti-virus software vendors still warn we should be running anti-virus software on our Mac’s just incase there is a threat in the future. Macworld published an article this week looking at the recurring question, and concluded you don’t need anti-virus software on a Mac if you follow good practices.

virusbarrierx5I must confess that I am currently using VirusBarrier X5, as it was part of the current MacUpdate bundle. There was nothing wrong with Clamxav, but since I had the software I thought I might as well give it a try, if only to scan downloads destined for a Windows virtual machine. It works well, doesn’t appear to slow the computer down and has some neat features to speed up scanning. Would I pay for another years updates after this subscription expires? Probably not with the current lack of threats, but that may change as Mac’s continue to become more popular.

Categories: macintosh, security, software Tags: , , , , , ,

Security Update 2008-007 tested on hackintosh

October 11, 2008 Leave a comment

It’s been out for a couple of days, but since I spent most of them replacing a roof I’ve just got around to installing it. Security update 2008-007 addresses many issues in Mac OS and is a recommended update. It worked fine on my hackintosh when installed through Software Update and there’s no new kernel (still 9.5.0).

Image

Categories: hackintosh, macintosh, operating system, security, software Tags: , , ,

Gmail security advice

August 20, 2008 2 comments

ImageGoogle Mail has recently added the ability to use SSL to encrypt your browsers connection to the web client, and Webmonkey.com is recommending you turn it on. It appears that a Gmail account hacking tool is due for release in a couple of weeks that will make the process of hacking an email account a whole lot easier. It’s easy to enable SSL from the Gmail web setting page, so my advice to anyone using Gmail is to read the article and switch it on.

I’ve had a look at Mail on my Macs and iPod, and they use the SSL option by default. This only really applies if you use the Gmail web client, but since you never know when you might need to check your mail online it’s worth doing.

Categories: email, internet, security Tags: , ,

Protect yourself from phishing scams

August 7, 2008 Leave a comment

There’s some good advice on Macworld.com explaining how to provide protection against online phishing scams. It involves using the OpenDNS service, and a setup guide for macs is provide with many more available. All I can say is that it appears to work, and the small price of replacing an occasional ‘page not found’ message with one containing some ads seems fair.

Categories: internet, security Tags: , , , , , ,

Security Update 2008-005 released

August 1, 2008 Leave a comment

The latest Apple security update is now avaliable, and has installed fine on my hackintosh. There’s no major changes with this, and the kernel is still version 9.4. As usual be sure to make a backup before installing. For more information on what security fixes are included visit http://support.apple.com/kb/HT2647

Image

Categories: apple, operating system, security, software Tags: , , , , , , , ,

Virus protection for the iPhone: Why?

July 19, 2008 3 comments

There’s been a growing trend recently to question the behaviour of antivirus software vendors, who’s scaremongering tactics say you must buy their latest product or meet a certain silicon doom. The corporate antivirus market is a far calmer and sensible place, where the product must protect the machine and disrupt the user as little as possible. Contrast this with the domestic market where products have to add new features every year to persuade you to upgrade, and remind you those features are helping. Read more…

Categories: internet, iPod, macintosh, phone, security, software Tags: , , , , , , , , , ,

Serious OSX Security Vulnerabilty

June 29, 2008 Leave a comment

This one broke around a week ago but I’ve only just had the chance to try it out. And an OSX security flaw is big news so no harm in spreading the cure. The advisory at Washingtonpost.com concerns the Apple Remote Desktop Agent which runs as root and accepts applescript commands. Typing the following into terminal, you can copy and paste and it works fine.

osascript -e ‘tell app “ARDAgent” to do shell script “whoami”‘;

On my 10.5.3 installation this returns ‘root’, so the vulnerability can be used to do anything on the mac. The following code will change the file access permissions of ARDagent

osascript -e ‘tell app “ARDAgent” to do shell script “chmod 0555 /System/Library/CoreServices/RemoteManagement/ARDAgent.app/Contents/MacOS/ARDAgent”‘;

Again this can be copied and pasted into the terminal. Running the first commands again should now return your username rather than ‘root’.

Read the full article at the Washingtonpost.com

Categories: apple, macintosh, operating system, security, software Tags: , , , , , ,
Design a site like this with WordPress.com
Get started