Mac Security

Do you need anti-virus software?

This is the second of a four part series on Mac Security

I find it amusing that we learn about supposed Macintosh security problems from companies like Kapersky, Norton, Sophos and Intego. These are the companies (along with a few others) who sell antivirus software for the Mac.

In several cases, these same software companies have released proof-of-concept malware on the Internet to demonstrate how we “need” their products.

The dirty little secret about their software is that it cannot automatically protect you from the newest malware. These companies have to find the virus or exploit and then they have to write the code to block the problem. So, while their software can protect you from older malware, it does not protect you from today or tomorrow’s problem.

They must also rely on you to keep their software up-to-date and they have to depend on you not to exit a virus scan. If you’ve used antivirus software, you know that the software will always need to be updated when you are in a hurry and cannot wait around for it to download the newest update, install it, restart your computer, then run the virus scan. All too often users will circumvent this lengthy process because they are in a hurry.

Ask me how I know, since I don’t run Mac antivirus software. I have several applications that I must run in Windows, so I use Parallels to run them. I seem to encounter these issues every time I boot into Windows--and I routinely find myself disabling the antivirus software. I know I am un-protected when I do it, but then I never access the web, read email, or download files when I am using Windows on my Mac. Can I guarantee I won’t do the same things if I am relying on Mac antivirus software? I know I would occasionally slip!

Apple has built security software into Mac OS X 10.8 MountainLion. Because I keep my computer up-to-date, Apple has a mechanism to download and install new antivirus definitions in the background, at the deepest level, to keep my Mac protected. They don’t have to rely on the Internet to warn then of exploits. The best method of protection is obscurity. Apple protects my computer without any publicity. They do not rely on me to learn about a problem and then hunt for a solution. Their silent service is the kind of protection I like!

Bob adds: I haven't used anti-virus software since OS X was introduced more than ten years ago and have not been infected with malware or viruses. I don't like running anti-virus software. It always seems to intrude at just the wrong time, and it often intrudes for no good reason. And even the best ones (don't ask; I don't use any of 'em) use some of my precious RAM and processor power. So far I've had no regrets (and no viruses or malwares), but I reserve the right to change my tune someday. But unless or until something really bad gets loose in the wild, I'm perfectly happy with the protections afforded by OS X.

If you have installed anti-virus software that is hopelessly out-of-date, we can help you remove it. If you still want to run anti-virus, we can help guide you to the best product for your needs and get it installed properly. If you encounter something unexpected or strange and you need some help we are available. We offer trouble-shooting, technical support and training over at Bob LeVitus Consulting. Tutoring costs only $60.00 per hour. We have special software that allows us to see your computer and we can work on the things you want to learn. Give us a call at 408 627-7577. Or send an email to urgentrequest@boblevitus.com.

--Pat--and Bob
Comments

Is your Mac Secure?

Is Your Mac Secure?

This post will be the first of a series about Macintosh security. It is not meant to be exhaustive. My audience for this series is the beginning to intermediate Mac user.

Macintosh computer security has been a big news topic this spring. Look at sites such as Google News, Yahoo News or even your local newspaper. You will find several articles each week detailing supposed Mac failings.

How secure is your Mac? It’s generally well-protected if you follow a few rules.

FIRST, keep your Mac up-to-date. If your computer is capable of running the latest version of the operating system, install it! The current operating system is Mac OS 10.8, Mountain Lion. It has been out for almost a year. While there were a few (very few) problems the day it was released, those issues have long been fixed.

If your computer cannot run Mountain Lion, make sure it is running the latest OS it can. Apple is still providing updates for Mac OS X 10.7, Lion , but they are not putting as much effort into Lion as they are for Mountain Lion. All bets are off for support in Snow Leopard and Leopard.

I hear all sorts of reasons (excuses?) why Mac users have not upgraded. Some still want to use Appleworks or a graphic application such as older versions of PrintShop (note that The Print Shop 2 from The Software MacKiev Company works fine under Mountain Lion). Some have an older printer or scanner that may not work with newer operating systems. Others think there is too much to learn when they upgrade to a new OS. Those are poor excuses, and they leave your computer vulnerable.

SECOND, be choosy about where you visit and who you accept files from. I have seen a few instances of Mac malware on client computers. In every case, the Mac owner admitted they had frequented some “sketchy” places on the Internet. You are more likely to run into malware downloads on porn sites, on gambling sites and on file sharing sites. If you see an advertisement for software to check your computer for viruses and malware, DON’T CLICK THE LINK. If there is a link for a new version of Flash or Adobe Reader, DON’T CLICK THE LINK! If you get a message about a funny picture, DON’T CLICK THE LINK. Instead, go to Adobe, Facebook or Twitter by going directly to that site. Type adobe.com, facebook.com or twitter.com directly into the address bar. Don’t be fooled by links to Adob3, FacebOOk. or Tw1tter. While carefully checking the address might spot the irregularity, the URL difference may be even more subtle!

THIRD, be password-wise. In the earlier days of the Internet, a six letter password was thought to be secure. Times have changed! Today, in addition to password length, it is suggested that we include both upper and lower case letters, a number or two and, in a few cases, a special character such as a ! or # or & is required. Today you need to have several passwords--and they should not be the same everywhere.

Look into a program such as 1Password to help you remember and enter your passwords. It can work everywhere--on your Mac or Windows computer, on your iPhone or Android device, even on your iPad!

If you prefer not to use a password application, plan your password strategy. Think about having different passwords for different levels of security. Think about a series of related passwords. But, whatever you do, don’t put them in a file called Passwords on your desktop or as an entry in your address book!

FOURTH, Keep your Internet connection secure. Just like your computer, your Internet equipment has software updates and it should have passwords. My modem is from Cox. It doesn’t do anything but deliver an IP address to my router. Your setup may be quite different from mine. If there is an antenna on your modem, then it is both a modem and a router and it can give you a wireless network. That network should require a password for access to the Internet. There are several different methods of keeping that password safe. The oldest software to keep that password from being easily hacked is the WEP protocol. It is easily cracked and provides almost no security. is WAP. It is much more difficult to hack.

Your router will occasionally require a software update. These updates are critical since the are patches to make your network more secure. A really good router is Apples line of AirPort devices. Since Apple is in charge of those updates, they are very easy to install. They are a part of your system software and Apple will tell you when a new one is released and the update is easy to install.
If your router is from another manufacturer, it is up to you to seek out the updates. You won’t get any notice that they are needed and available. Even worse, they rely on your Internet browser to configure them. It seems as though each router model must be configured in a different way.

While Apple’s AirPort routers may be a bit more expensive to buy, you won’t need a consultant or technician to help you with installation. It generally takes an hour or more to configure and update a router. So, any money you save is quickly eaten up.
The last piece to the puzzle is your firewall. With a Mac, the firewall is a part of the computer’s operating system. So when you travel, your firewall travels with you. You configure your firewall through the System Preferences.

In closing let’s review that list. Keep your computer up-to-date, watch where you browse, and plan your passwords. These simple rules will help keep your Mac secure.

If you need some help with checking on your Mac’s security, we are available. We offer trouble-shooting, technical support and training over at Bob LeVitus Consulting. Tutoring costs only $60.00 per hour. We have special software that allows us to see your computer and we can work on the things you want to learn. Give us a call at 408 627-7577. Or send an email to urgentrequest@boblevitus.com.

--Pat
Comments

Security Checkup - Safari and Preview, Part 2

In the previous post I was talking about Safari’s security.

While I know that some of you are probably thinking that it is time to move to Firefox or Google Chrome, similar issues exist in those browsers and it could take far longer for those companies to fix the issue than it takes Apple.

So, how do you make Safari more secure? The first step is to open Safari’s Preferences:



You will then see this window. Note that the General pane is chosen:



It is very important to make sure that there is NOT an x in “Open “safe” files… at the bottom of the window. If you do not know where files that you have downloaded are stored, notice that they are probably being sent to the Downloads folder. That folder is a part of your Home folder:



Open that folder. Is it full of old files, ones that you didn’t even know you had? If it is, put away the things you want to save and clean out unneeded files by putting them in the trash and emptying it. Make a commitment to keep the downloads folder empty so that you will recognize files that you did not intend to download.

If files that are out-of-sight never get dealt with, then change your download folder to be your desktop and then remember that a cluttered desktop slows your computer down and makes it inefficient.

There is a whole pane in Safari Preferences devoted to security:



While your ultimate choices are up to you, I do want to know when Safari thinks I am entering a fraudulent web site. I haven't had it steer me wrong yet!

As for my location, that one is hard. I appreciate getting information about things around us when I do a search, but sometimes, I would rather be a bit more private, so the check here changes occasionally.

I am not bothered by Java and JavaScript, but I really dislike pop-up windows, so my checks don’t change here very often. As for cookies, if I didn’t go directly to your Web site, I don’t want your cookies!

The last one is particularly important to me. Sometimes the lack of security on a form on a secure Web site is an oversight on the part of the programmer, but if it is not a site I am very familiar with, this warning will cause me to take my business elsewhere. The non-secure form raises the issue of hacked sites. I may be too cautious, but I would rather be safe than sorry!

There is a lot to think about in computer security! If you need a hand, one of the services we offer at Dr. Mac Consulting is tutoring and issues like this make great learning opportunities. Tutorials cost only $60.00 per hour. We use special software to see your computer and we can show you secure your computer and lots more! Give us a call at Bob LeVitus Consulting. We can discuss your needs and help you formulate a plan that will give you the best “bang for your buck.” You can reach us by telephone at 408 627-7577. Or send an email to urgentrequest@boblevitus.com.

--Pat
Comments

Security Checkup - Safari and Preview, Part 1

As Macintosh users, malware, spyware and viruses are not things that we worry about every day. In fact we can become pretty lackadaisical in our security habits and sometimes even Apple seems to help us out.

Macintosh computers are shipped with a setting in Safari that should probably be changed. They are set so that “safe” files will open automatically. However, some of these “safe” files are not so safe.

“Safe” files include movies, pictures, sounds, PDF and text documents, and disk images and other archives.

While I will agree that on the Mac movies, pictures, sounds, and text documents are almost always “safe,” the other three are not nearly as “safe.” Let’s consider the others.

When your Mac was shipped, the default viewer for PDF documents was set to be Apple’s own Preview application. It is safe, but the other popular software to view PDF files, Adobe Reader, is not. There are lots of web sites that have links to and recommend Adobe Reader. Most of those sites are written by Windows users and for PC’s, there are few free Windows applications that can handle PDF chores.

On your Macintosh, Preview is a faster, better and safer application choice. If your computer is set to use Preview to view PDFs, the icon will look like this:




or this:



These are the “good” icons.

If your computer is set up to use Adobe Reader, it will look like this:



This is the “bad” icon. If your computer is set to use Adobe Reader, pdf icons will look like this. Unfortunately, there are a number of vulnerability issues associated with it. Even with frequent updates, Adobe Reader is still a problem.

Here is the way have Apple’s Preview open PDF files.

First, find a PDF file on your computer. To find such a file, open a new Finder window:



In that window, type .pdf in the search area and click the buttons for “This Mac” and “File Name.”



Click on a PDF file to select it.



The press Command - I on the keyboard or go to File > Get Info in the Finder.



You will then see a window similar to this. Notice the tiny “disclosure triangles” beside each item. If the “Open with” area is not displayed, click that tiny triangle to view the information.



Choose Preview. It could be at the top of the list, or it could be further down in the body of the list.



Now, press the “Change All…” button to make this choice the default.



From now on (or until sneaky Adobe Reader convinces you select it again) PDF files will open in Safari.

As for Disk Images, Wikipedia defines them this way:

A disk image is a single file or storage device containing the complete contents and structure representing a data storage medium or device, such as a hard drive, tape drives, floppy disk, CD/DVD/BD and key drive, although an image of an optical disc may be referred to as an optical disc image. A disk image is usually created by creating a complete sector-by-sector copy of the source medium and thereby perfectly replicating the structure and contents of a storage device.


So, put simply, a disk image looks like this.



When it is opened, it will look similar this on your desktop:



It will look like this in the Finder Sidebar:



Archived or Zipped files look similar to these:



Both Disk Image Files and archived files could be malicious. The vast majority are quite safe, but if you do not recognize the file or your cannot remember where it came from, it is safest to put the file in your trash can and empty it!

We are certainly not finished here, but this post is long enough. Stay Tuned for Security Checkup - Safari and Preview, Part 2. I am working on it NOW!

--Pat
Comments

Mac Defender, MacProtector - Just BAD stuff!

We Macintosh users have had it pretty easy since Mac OS X was released. Back in the days of Mac OS 9 and earlier, there were a number of malware and viruses that could attack our computers, but due to a combination of factors those problems have been very rare in recent years.

In the past few weeks, there has been some new attacks on the Mac. While none are viruses, an unethical individual has produced a program that purports to find a virus on your computer when you visit a web site. These web sites have been around for years on the PC and hopefully Windows users have learned to ignore them.

For Mac users, this is a new problem and, unfortunately, some are falling for this scam.

I have had this blog post on hold for several weeks as I have been looking for this malware so that I could show you how it works. (Un)fortunately I have not been able to find an example to show you.

Why?

Because although I spend lots of time on the web, I tend not to visit “those” kind of sites. And just what are those sites?

First of all, they tend to be a bit shady. Think of downloading illegal music files, pirated software and movies and of course, porn. People visit these sites to download “stuff.”

You may have visited a web site that contained an advertisement that can supposedly detect and remove Windows viruses and malware. If you clicked on the link, an .exe file was downloaded to your computer. Of course, Mac computers can’t work with .exe files, so you were pretty safe.

Now there are a few links to Mac files and this can be a problem.

In the next few posts, I will cover various things you can do to protect yourself and your Macintosh.

--Pat

Comments