Best Security Practices for Mac and F-Secure

Hi!

 

(sorry for the verrrry long post)


<DISCLAIMER>
    Somewhere in the last 12 months I have become increasingly paranoid! Whether the threat is real or imagined, I'm not too sure!
    
    To the best of my knowledge, I am not doing anything that anyone, ever would bother wasting their time on hacking my system or reading my emails.
    That being said, I guess I have a right to my privacy and paranoia, my tin-foil hats aren't hurting anyone! Also, I just don't want to have to
    worry about my data being corrupted, lost, infecting family and friends PCs and generally causing havoc. I don't really want to spend my time
    reinstalling and cleaning up my PC (Mac) after some **bleep** let some malware lose.
</DISCLAIMER>

I'm just throwing that disclaimer in, as I'm sure there are a few people (including my friends) who reckon my paranoia over data security has gone over the top. And now onto the main part of my post.

I'm running a late 2012 Mac Mini Server, and am in the process of setting it up. After many years of PC ownership and hundreds of backup disks lying around the place, I have decided that this time I will do it right.
I have configured the server with an SSD primary disk for OS and applications, and a 1TB magnetic secondary drive for data. I also have 2x1.5TB USB3 drives for external backups with TimeMachine, which I will cycle weekly,
and a remote Mac Mini hosted in a data center, which I will use for remote Time Machine backups. Currently the Mac has no data (not even an OS) so I have a blank canvas to work with.

Recently I have been considering security issues and I have been thinking a lot about how best to deal with these issues and I *think* F-Secure might be my best solution, but want to canvas the general population for more info.

N.B I plan on using strong passwords for SysAdmin and users, and not use the SysAdmin account for anything other than SysAdmin tasks

1. Web Browsing, Sandboxes and the general threat of webpages
It seems rather common knowledge that webpages can be malicious, though, to the best of my knowledge, pure HTML, javascript is unable to achieve much. Site redirects, cross site scripting and theft of personal data might be possible
but malware, trojans and viruses are unlikely. However, when Plugins come into the mix, Java/Flash/etc, that is a whole other story, after all the Defender trojan was spread via hacked Wordpress sites, if I remember correctly.
So the questions here:
    - What are the best practices for web surfing?
    - Can we run browsers in Sandboxes? Would this make a difference?
    - How real is the threat of malcious web pages when proper user security is used (strong passwords, seperation of accounts)
    - F-Secure appears to have protection built in for this - has anyone tried it and have feedback?
    
2. Email
Following on from the above question - I have read several recomendations that the preview pane in your mail reader be disabled, is this really necessary? What is the risk here? If the mail reader is not opening attachments
or downloading attachments and scripts automatically, I would have to manually execute these tasks to cause an issue correct?
    - Should HTML email be disabled entirely?
    - Can Mail Clients run in Sandboxes - rememebering that all apps in the Mac App Store run in Sandboxes.
    - Again, what are the general recomendations for safe guarding email? Is the F-Secure product a good solution?
    - My email is spread around the web for various reasons, and I tend to get a lot of spam, some of it easy to detect, some not so - the general recomendation to not open email from people you don't know is not always
    practical are faesible, will F-Secure sort the good from the bad here?

3. Importing old backups
I have, as I said, a lot of old backups and data that have been collected from many sources - some more repuatable that others. What is the best way to import this whilst minimizing my exposure? I am thinking a sacrifical laptop
running F-Secure might be a good way, scan the drive/disk, if F-Secure says its clean, go ahead and import the data. Is this overkill? Are there any other recommendations?

4. iOS devices
It seems the threat level here is lower, but not zero. There was the PDF bug that let a web page jailbreak your phone - combine that with the ssh server having a default password and your phone is wide open. Also a recent talk at
Black Hat talked about compromised chargers that could jailbreak your phone as well. What is thread level like on iPhone in web browsing and email - are there sandboxes in place in the mail and safari apps? the lack of plugins
for safari is also a good help i guess. I did receive the FedEx scam email, and as I was expecting a FedEx package opened it and followed the links on the iPhone - from what I understand this has no issue on iPhone - but it did
make me realise I can't always spot a good phishing attempt.

5. Lastly, general impresions of F-Secure - Ive read a few reviews, this one http://arstechnica.com/apple/2012/05/hands-on-with-five-antivirus-apps-for-the-mac/ complains that it slows the mac down badly - has anyone seen this,
the review is a little old, so its probaly fixed? Anything else that makes F-Secure better than the competition?

As I say, I think F-Secure might solve most of issues and calm my paranoia - what do people think? Is there anything I've forgotten that might be good to know when setting up my new mac to ensure the best security? I forgot
to mention, I am an avid user of 1Password, and won't even use their dropbox sync... yeah... paranoid!

cheers and thanks for the help
/SockThief

Comments

  • SimonSimon Posts: 2,653 Superuser

    Sorry, I'm not a Mac user, so this post isn't of any help, but welcome to the forum, and I am sure someone will be along soon to offer opinions / advice.  :)

  • Oh god - my Tin Foil hat fell off last night and more questions came to me in a dream!

     

    6. Keyloggers - I think this represents my greatest security fear, as it stands to possibly bypass any decent password protection. As I stated last post, I use 1Password, the issue here is that 1Password requires you to login with a master password - with a keylogger installed your master password becomes compromised - if you sync your password file outside of your own network, then you have the potential to lose all your passwords, and possibly not even know about it. Taking it one step further, 1Password (I haven't used 1Password 4 yet) does not allow me to split my passwords into groups, so I effectively had to synch all my passwords out, meaning it wouldnt just be common web logins etc that would be exposed. Is this a valid threat? is there an easy way to detect any keyloggers? Im not much of a Mac OS hacker, so not sure where the hooks for a keylogger would have to be made. Im guessing F-Secure is fairly reliable at detecting keyloggers ... or?

     

    7. The 1Password issue actually leads me to a side of Mac OS I feel is lacking. There doesn't seem to be any way to do two factor authentication on Mac.... I sometimes think it would be great to use a hardware token + password to login to my local mac, and possibly a One-Time-Password for my remote-mac. As it stands, if I get compromised (keylogger, insecure network, shoulder surfing etc) whilst logging into my remote mac, there is little to be done. Yes, I realise I can use SSH and public key authentication. However, looking at remote desktop solutions - VNC uses an 8 character max password and VNC is the basis of Mac Remote Desktop.... There is no brute force checks on VNC login, so getting past VNC seems rather trivial. Sure, after that you should have to get past the Mac OS login, but im guessing there are a few cases where I can leave a desktop session running and the login screen can be bypassed. In this case, extra login checks wont save me - the login protocol on whatever remote desktop system I use is the weak point. I am yet to find a decent solution to this, to be honest. VPN perhaps, although haven't found a reasonably priced VPN with mac support and One Time Password. A two factor login for the remote mac would be great though. Even if my password is compromised I still have a second layer to fall back on.

     

    There is protemac (http://www.protemac.com/LogonKey/) has anyone used this? I can't find a lot of info outside of protemac.. which is always a bad sign - a google search for "Protemac Logonkey Review" doesn't turn up any of the major Mac review sites...!

     

    P.S I realise this is not all strictly F-Secure related. I thought I would post here as I think F-Secure will solve most of my concerns and wanted to validate that thought. Also, I figured there would be some good Mac Security people hanging around - should I ask these questions in a more general security forum instead?

     

    /SockThief

  • RusliRusli Posts: 999 Adventurer

    Hi,

     

    What OS X are you currently using on your Mac Mini? 10.5,10.6, 10.7, 10.8?

     

    There is something which I need to know.

     

    On the command prompt,

     

    type w

     

    and see who is login to your computer.

     

     

     

    {{ Please do not use ProteMac products. }} - I strongly suggesting, do not use this products.

     

    try KeyLemon!!

     

    To secure your Mac, this is the methods to take:-

     

    http://nakedsecurity.sophos.com/2011/01/25/top-tips-for-os-x-security-part-1/

    http://nakedsecurity.sophos.com/2011/02/02/top-tips-for-mac-os-x-security-part-2/

    http://nakedsecurity.sophos.com/2011/02/21/top-tips-for-mac-os-x-security-part-3/

     

     

     

    As For detecting Mac keyloggers, maybe you can try these trial version to detect. http://macscan.securemac.com/

    and check to see if any of this spyware have been infected your Mac. http://macscan.securemac.com/spyware-list/

     

    Alternatively, you can try these for malware detections and it;s free:-http://www.freedrweb.com/drweb+mac+light/

    or http://www.avira.com/en/for-business-avira-mac-b2b or http://www.avast.com/free-antivirus-mac or http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx or paid software from intego.

    http://www.intego.com/

     

    As for the firewall, you can use:- http://www.obdev.at/products/littlesnitch/index.html or http://www.opendoor.com/doorstop/doorstop.html or commerical software http://www.intego.com/

     

    if you are currently using Mac OS X 10.7 or 10.8 you can use these programs for your Firewall. http://www.hanynet.com/icefloor/index.html

     

    And if you are technically incline Mac User, you can type and set firewall rules base on IPFW of PF command base to block

    specific ports.

     

    Check to see if someone did login to your root account.

     

    Disable all Sharing under the System Preference. Make sure All Sharing is turn off.

     

     

    If your mac is compromise, my advice to you is to backup all your important files and burn it to your DVD-R or DVD+R disc.

     

    Make sure you have a legit copy of Mac OS X Disc or Mac OS X thumbdrive. Some Apple products did comes with Recovery DISC when you first purchase the Mac.

     

    Format your Mac to Zero Out your harddisk. And Reinstall your Mac OS X again and iLife. Make sure you enable the Firewall. Block All incoming and Enable Stealth Mode.


    Disable all Sharing settings.

     

    Disable Adobe Flash (enable only if you need them) and Disable Java on all your Internet Browsers.

     

    Check to see if your Wifi Router have been hacked. Check to see if anyone did anything to your Apple Airport.

     

    There is a possibility that someone knows your Login account and hacked to your Mac Mini Server. And do a Remote Login SSH, Screen Sharing, VNC Remote Desktop. Or someone have install any third party Remote Desktop programs in your Mac Mini Server. Disable the Apple Remote  Desktop. That can harm your Mac.

     

    You need to check these things and disabled them under Sharing.

     

    Check your Logs files. If you find anything suspicious.

     

    Disconnect your USB Webcam. And if you are using Any Macs with webcam. Close it, so that no one can see you.

     

    Take note, there is possibility that the plist files have been compromise.

     

    Do not download or purchase application software from Apple Apps store blindly, Some of which contains Malware that Apple missed on detecting the software as malware. 

     

     

    See this link:-

    http://www.thesafemac.com/mmg-infected/

     

    http://www.us-cert.gov/ncas/tips/

     

    http://www.intego.com/mac-security-blog/how-to-securely-set-up-your-new-mac/

     

    http://reviews.cnet.com/8301-13727_7-10330725-263.html

     

    http://nakedsecurity.sophos.com/category/organisations/apple/

     

    http://support.apple.com/kb/HT1222

     

    http://www.dragonblogger.com/securing-your-mac-tips-to-make-your-mac-impenetrable-for-unwanted-events/

     

    http://www.av-comparatives.org/wp-content/uploads/2013/08/mac_review_2013_en.pdf

     

    Also I recommend that you view and check any related Mac Security infos via this F-Secure forum:-

     

    http://community.f-secure.com/t5/Home-Security/bd-p/Windows_Technology_Preview

     

    http://www.f-secure.com/static/doc/labs_global/Research/Threat_Report_H1_2013.pdf

     

    http://www.f-secure.com/weblog/

     

     

     

     

     

  • RusliRusli Posts: 999 Adventurer

    Hi SockThief,

     

    This is Protection for Windows Boot Camp only!

     

     

    Just to let you know that currently F-Secure Antivirus for Mac only detects Mac Malware only. It's not detecting Windows viruses.

     

    Of course! If you are using BootCamp on your Mac, you can use F-Secure Antivirus 2014 or F-Secure Internet Security 2014 on your Windows 7,8.

     

    There are other tools which you can use to check your PC windows for infections.

     

    Or alternatively, You can use,

     

    http://www.bitdefender.com/solutions/free.html

     

    http://www.avira.com/en/index

    http://www.avast.com/index

     

    http://www.malwarebytes.org/

    http://www.superantispyware.com/

     

    http://www.emsisoft.com/en/

     

    http://www.comodo.com

     

    You can also make use of AntiVirus rescue disk on your PC. (Not on a Mac)

     

    http://www.avira.com/en/download/product/avira-rescue-system

     

    Or Download the Kaspersky Rescue Disk here.

     

    http://www.kaspersky.com/virus-scanner

     

    Download the rescue disk and burn it to a CD-R To create a bootable Rescue Disk.

  • RusliRusli Posts: 999 Adventurer

    As I do have similar Mac security problems in the past.

     

    Yes! I do encounter that my Mac have been hacked into and someone is Remotely Controlling my Mac and PC.

     

     

    I have to help in a way to let you know, how to go about to securing your Mac.

     

    Just follow the guides and links that I gave you.

     

     

    And you can also make use of Linux Live Cd to run on your PC.

     

    For example like,

     

    http://getchrome.eu/download.php

     

    1. Internet Browser on a Mac, generally you need to disable Java and Adobe Flash. As these two are vulnerable.

        Only turn on when you need to use it. If you do not need it. Just turn off or disable the software.

       

        Sandbox, you can use Google Chrome.

     

        On Windows, I think IE 10 is sandbox. Or still you can use Google Chrome.

        There is a program for Windows to sandbox your browser. You can use Sandboxie.

        http://www.sandboxie.com/

     

        On Comodo Firewall, you can run the programs on Sandbox.

     

    2. Do not read unknown emails, move unknown emails to trash and delete it. Do not open it. It will keep coming to your email address.

     

    3. Backups, I think the best option to backup your files is via Thumbdrive or Burn it to a DVD or CD -R. You can use Time Machine. But, do not back up an infected files or programs. Or unknown programs.

     

    4.Don't Jailbreak your iPhone. Your warranty to Apple will be VOID.

     

    5. Flashbacks are generally detected at this time. But there are new variants.Not too worry, as most Antivirus did detect it.

    F-Secure Antivirus for Mac did detect Flashback malwares.

     

    6 & 7. I suggesting that you use Macscan to detect any keyloggers. Or Dr Web for Light Mac.

                  

               I do not recommend ProteMac.

     

    You can try KeyLemon, a Facial Recognition Software here:- https://www.keylemon.com/download-other-versions/

     

    Or google something like a FingerPrint Scanner for Mac.

     

    http://www.digitalpersona.com/Developer-Tools/Getting-Started-Kit/Eikon-USB-Reader-Developer-Kit/

     

    http://www.neurotechnology.com/supported-fingerprint-scanners-linux-mac-os-x.html

     

     

    And for More Advance type, mainly for Corporate Users. Using Smart Card as authentication.

     

    http://www.centrify.com/resources/mac-os-x-smart-card-integration-active-directory.asp 

    http://www.centrify.com/resources/mac-os-x-smart-card-architecture-authentication.asp

     

    Chrissy
  • BlackcatBlackcat Posts: 511

    @Rusli

     

    you obviously run your Mac in paranoid mode Smiley Tongue

  • RusliRusli Posts: 999 Adventurer

    Blackcat,

     

    Paranoia got to do with everything! Every OS are backdoor,,,

     

    Get Real! Security Awareness is just important like locking up the front and back door of your house! Or any place.

     

    I don't think that MAC OS X are secure by default. You need to secure it with your own wits!

     

    Regardless which OS you are using including Linux, you need a technical know how to secure it.

     

    Apple did not provide any uitilities to secure it's OS X.

     

    You have to depend on third party software to secure it.

     

     

     

    See article below:-

     

    http://news.cnet.com/8301-1009_3-57596313-83/newly-leaked-nsa-program-sees-nearly-everything-you-do/

     

     

  • FendyFendy Posts: 67

    Hi SockThief,

     

    Welcome to F-Secure Community! Let me try to answer your questions:

     

    1) Web Browsing, Sandboxes and the general threat of webpages
    - What are the best practices for web surfing?
    One of them is use either Chrome or Firefox.

     

    - Can we run browsers in Sandboxes? Would this make a difference?
    Yes you can, but this is a bit overkilled unless your computer is being used for a very secret project / or handles very sentitive data. The difference is it would be a bit harder for virus to get from the Sandbox into the real environment.

    - How real is the threat of malcious web pages when proper user security is used (strong passwords, seperation of accounts)
    Well, you still can't protect from a drive-by malware download.

    - F-Secure appears to have protection built in for this - has anyone tried it and have feedback?
    It's called Browsing Protection feature. Please refer more here:
    http://www.f-secure.com/en/web/labs_global/submit-samples/browsing-protection


    2. Email
    - Should HTML email be disabled entirely?
    To be honest, it is a bit overkill to completely disable HTML email.

    - Can Mail Clients run in Sandboxes - rememebering that all apps in the Mac App Store run in Sandboxes.
    Yes you can. Please try to Google it as I do not want to endorse any product :)

    - Again, what are the general recomendations for safe guarding email? Is the F-Secure product a good solution?
    For Mac, F-Secure has no protection for e-mail client yet.

    - My email is spread around the web for various reasons, and I tend to get a lot of spam, some of it easy to detect, some not so - the general recomendation to not open email from people you don't know is not always
    practical are faesible, will F-Secure sort the good from the bad here?
    As F-Secure has no protection for e-mail client yet, so we are not able to answer this.

    3. Importing old backups
    If you suspect that old backups might have virus, we recommend you to run a full scan. Otherwise, you do not have to do that because F-Secure real-time scanning will take care of the job if there is any virus try to run.

     

    4. iOS devices
    You might want to refer this question further to Apple support. Generally speaking, we do not recommend jailbreak as it open the door for malware to enter the device.

     

    5. There are many reasons why computer (both PC and Mac) gets slow after installing F-Secure. So it is very hard to tell the reason unless the users open up a ticket with us.

     

    6. Keyloggers
    Yes we do detect keyloggers.

     

     

    Generally speaking, Mac is much secure than Windows. For example, only 33 Mac malwares were detected for a period of Jan-Jun 2013. Please refer to our latest Threat Report from here:
    http://www.f-secure.com/static/doc/labs_global/Research/Threat_Report_H1_2013.pdf

    ---
    Best regards,
    Fendy

     

    Has somebody helped you? Say thanks by giving kudos. Has your issue been solved? Mark the post using "Accept As Solution" button to let others know.

    Blackcat
  • FendyFendy Posts: 67

    Hi Rusli,

     

    Yes you are correct.  F-Secure Antivirus for Mac has no Email Protection yet.

     

    ---
    Best regards,
    Fendy

     

  • RusliRusli Posts: 999 Adventurer

    Well Do I get kudos for that???!!!

     

    What I and Fendy said is more a less the same thing.

     

     

     

    Fendy,

     

    Base upon what I know, F-Secure only detects 1 variant of keylogger.

     

    I'm not so sure, it can detects all unknowns.

     

    Did it detect mostly these???

     

    http://macscan.securemac.com/spyware-list/

     

     

    I have informed the SAS Team about these things before years ago when I did the first release beta testing with F-Secure Antivirus for MAC.

     

    From what I gathered the F-Secure Threat Whitepaper says there are More Backdoor from MAC OS X.

     

     

  • Hi Everyone!

     

    Wow! I didn't think my paranoid rants would get this much feedback - I was prepared to abandon them and slink back to the basement!

     

    I am currently reading through and digesting all the info and formulating responses. Will get back to you soon

     

    /Sockthief

  • BlackcatBlackcat Posts: 511

    If paranoid is what you want, then Rusli is your man! Smiley Tongue Smiley Wink

  • SimonSimon Posts: 2,653 Superuser
    But don't tell him we told you. Smiley Very Happy
  • RusliRusli Posts: 999 Adventurer

    SockThief.

     

    Seriously, Mac have no security!

     

    This is not about paranoia. This is about reality!!!

     

    See:- http://www.f-secure.com/weblog/archives/00002513.html

     

    Look, at the file directories in Mac OS X. Isn't it look like Windows??

     

    How come there are increasing Malwares in Mac OS X?

     

    Even they hide their plist files, Malware still target it. Even they hide their plist directories. Malware still finds it with ease. 

     

    This is where the plist files becomes the target of things.

     

    They made the software functionality of features somewhat redundant.

     

    Every year, you have to upgrade the OS X and pay every releases. Where you can get it free with Linux or BSD distros.

     

    To toughen their OS X you would require additional software.

     

    Under the hood the firewall rules are simply basics.

     

    If you examine the firewall rules code, it just a few lines. 2 or 3 rules. It did not do much.

     

    Even the Bastille Linux Mr Jay Beale did mention that you need to do further than that in order to secure OS X!

     

    If you know how to configure and set the firewall rules you need to know the Unix command base.

     

    As you would already know, you need to know unix command base in order toughen up the system.

     

    You simply cannot use Unix base on Graphical User Interface like Windows. You have to tinker with it.


    I don't find the Gatekeeper of any use to toughen up their OS X. Even applying Macports you would require an Xcode to download.

     

    And mind you, you have to make use of the Xcode installation in full in order to make use of the security ports.

     

    If you do not have the foundation of Unix, it will be very difficult to grasp any knowledge of it.

     

    Regardless what Unix platform you are running. You still need the Unix command foundation to toughen up your computer.

     

    Base on my findings Apple did not provide any ports or additional utilities software from Apple to toughen up their OS X.

     

    Having relying on Apple Apps Store alone did not help.

     

     

     

    Their OS X is like 50-50 Unix or 60-40 or 30-70 Unix. It just like the first layering is Unix and on top of that Apple made their chops of other variants BSD and theirs to make their own OS.

     

    Well infact Apple have to pay licensing to BSD. Because they made use of their codes. Apple infact have to rely on BSD to update their software updates.

     

    Apple are very slow in software updates. Frankly, what I gathered that they did not update mostly of the unix packages until the next OS  X release!

     

    So, in security terms, your OS X is still vulnerable!

     

     

     

    When you install a software, and intend to uninstall it. Certain Application software have the capability to uninstall. But still it did not uninstall cleanly.

     

    That results in getting the LOLLIPOP spining ball. That causes the OS X to be unstable.

     

    I come across that the Apple Apps Store program can cause corruption to the OS X. Many Apple Users find out that these things do occur.

     

    Look at the apple forum. There are tons of problems and you have to rely on communities forums to solve the problems.

     

    They do not have a proper Tech Support. Which mostly most of their Tech Support are done Outsourcing telemarketing companies! It is not done by Apple.

     

    It is done by TeleMarketiing Companies who runs the show of doing tech supports. They use fakes English names, which not their real identities to man the show.

     

    I come across that it is done in India and the Philippines.

     

     

    I do not really like the idea of Apple Apps Store because the software are llke mobile phones apps. And they are like Google Chrome Apps Store.

     

    If you compare both aren't they the same thing. Comes from the same source of software developers.

     

    If Google Android Softwares contains malware, what make you think that the Apple Apps Store is a safe haven???

     

    They can get around with it to go undetected. They can encrypt and malware goes undetected!

     

    Checking for validity of malware for Apple Apps Store is done by humans. Of course you are bound to have mishaps.

     

    Anything slip by and goes undetected, boom! Malware hits you when you starts purchasing and download and install the software.

     

    You wouldn't know what slips by to you. When you do Little Snitch, you come to realise that many apps starts to Phone Home and do information gathering!

     

     

     

    NeXT computers OS is better off than current MAC OS X. They build the foundation of Software Companies to built programs  for the NeXT OS. You have Corel, Adobe, Autodesk, etc. These is a good software to work on your computers.

    Those are the days of NeXT computers. You have plethora of softwares. They are technologically advance and up to date!

     

    Now Apple did not keep their trend to keep these companies on developing for their OS X. To succeed you need these software companies to keep developing softwares for your Operating System.

     

    Some software developers companies just come and go. They did not get any revenues of profits in developing softwares for Apple.  So the continuation just goes abrupt and things did not tend to continue and move on.

     

    And you come to find out that the software which you have use did not have any more updates until the next OS X new release.

     

    Did not have any much option left to have with other software to run with your requirements.

     

    I give some example, there are software like the Flying Butress firewall. I come to find out that the software developer decide not to develop and support the latest version release of OS X. These are great fabulous software.

     

    Even Perian, you know Perian? They develop codecs software. And they abrupt and decide not to develope any software again.

     

    http://www.perian.org/

     

    Go the above site and read what they say.

     

    So there seems to be no continuation. So you won't get any software updates in the long run.

     

    So you have to rely on other software, that more or less have the same functionality which you get use to and come to find out that it did not have the same capabilities of the one that you use before.

     

    I find rather sad that Corel no longer develop software for Apple.

     

    When they do great software for the NeXT computers. They are professional done with their Word Perfect.

     

    I wonder why they did not develop software for the OS X and grow their business in these industries.

     

     

    So don't get me wrong with this one.

     

    One day you come to find these things out and come to agree with me on certain things.

     

    This is not rantings but the reality of things.

     

    Many people come to agree with what I said.

     

     

    Even the implementation of Xprotect did not help to safe guard the OS X. It is done by signatures base detection.

     

    The Xprotect did not have any heuristic capabilities to detect any unknown malwares.

     

    When Xprotect load in the signatures it will detect the malware and block it.

     

    Apple did not detect mostly of the unknown malwares. Apple will only releases the Xprotect signatures only when Malware strikes in the wild.

     

    That's where Antivirus comes to the picture.

     

     

    If only Apple did the correct things. And it can stop any of these issues like their old Macintosh OS. It can stay clear of any Malwares and attacks.

     

    Did you know that the old Macintosh OS are less viruses. And is much better than OS X.

     

    The old Macintosh OS is much secure than the current OS X. In terms of security.

     

     

    There are many things that I come to know about. By reading at the Apple forums. Many users are struggling with issues.

     

     

    So what I said got nothing to do with Paranoia.

     

    Is the way Apple do things which lead to Paranoia.

     

    If they get things right. In the long run they will survive.

     

    The OS X need a revamp and focus on security issues.

     

    I wouldn't like to listen to Hardcore Apple Fanbois.Who always denies every single things and think that OS X is like superior than others.

     

    To me it's like having David to Goliath things Which I find it rather baseless to discuss over the issues.

     

    The real thing is you need to know the facts.

     

     

    You know about the school case in the United States where school are spying kids via Apple Web Cams???

     

    So you call this secure OS??? That secure you???

     

    http://www.loopinsight.com/2010/02/18/school-officials-remotely-activate-macbook-web-cam-take-picture-of-kid/

     

    They install spyware in to the Macbooks and spy them in their home.

     

    Invading someone else privacy!!

      

    What about these things???

     

    http://en.wikipedia.org/wiki/DigiNotar

     

    http://en.wikipedia.org/wiki/PRISM_(surveillance_program)

     

    http://abcnews.go.com/topics/news/nsa-prism.htm

     

    https://www.schneier.com/essay-198.html

     

    Contradiction???

     

    I really don't know what to say...

     

     

     

    Chrissy
  • RusliRusli Posts: 999 Adventurer

    @Blackcat and Simon,

     

    You need Fact Findings.

     

    Not Fear Uncertainty and Doubts! Which lead to Paranoia.

     

     

    Man... I sound like I'm in  Panorama or 60 Minutes.

     

     

  • SimonSimon Posts: 2,653 Superuser
    I think there comes a point where concerns about security can take all the enjoyment out of using a home computer. Unless that's what you're into, of course. I just take standard precautionary measures, and without wishing to sound complacent, I haven't had a virus or any malware for years.
    Blackcat
  • RusliRusli Posts: 999 Adventurer

    If your computer slows down, it can be many factors.

     

    One of them is, there is a build up caches which you need to eradicate.

     

    There is a utility which you do this. It is called CCleaner. Download that to both your Windows and Mac. And do cache cleaning.

     

    For Windows

    http://www.piriform.com/ccleaner/download/standard

     

    For Mac

    http://www.piriform.com/mac/ccleaner

     

    Another posibilities is your computer might be taking too much CPU or Memory resources. Try to keep your program running to a minimum.

     

    Besides this, you need to check whether your computer have been infected by Viruses, Trojans or Malwares.

     

    You have to update your computer antivirus software hourly.

     

    And Do a full scan.

     

    If you are using F-Secure. Then you only need F-Secure to run.

     

    If you don't use F-Secure products.

     

    For Windows platform only.

    ------------------------------------

    You can use a free version, from Bitdefender Free Antivirus or Avira.

     

    Then you can make use of Malwarebytes and Superantispyware.

     

    See the previous link that I gave you.

     

    On a Mac

    --------------

    The same thing, you can only run one Antivirus from F-Secure.

     

    If you do not use F-Secure.

     

    You can use a free version antivirus from AVIRA or AVAST or Sophos.

     

    If you have wanted to know whether your computer have been infected by spyware you can use the trial version of Macscan for Mac.

     

    Another possibiities that your computer can slow down.

     

    Is someone have gain access to your computer via Remote  Desktop or Remote Login to do damaging tasks to your computer.

     

    You have to limit access to this problems before it get worst.

     

    So if you are using Windows, make sure you disable both Administrator and Guest account.

     

    Go to control panel, Administratives Tools, Computer Management, Local Users and Groups.

     

    Make sure that there is no one to Remote Login or Remote Assistant and Remote Desktop to your computer.

     

    You must disable this.

     

     

    On Mac, Make sure that Root and Guest accounts are disable.

     

    Make sure the Remote Login, Remote Deskop and Screen Sharing are disable.

     

    In fact your have to disable all Sharing under the System Sharing Preferences.

     

    Make sure you disable ALL SHARING.

     

     

    That goes the same to File Sharing, someone must have access to your computer to do P2P files sharing or Network File Shairng.

     

    Flush your DNS

    --------------------

     

    On Windows Command prompt.

     

    type ipconfig /flushdns

     

    On A Mac Command Prompt there two types.

     

    On Mac OS X 10.5

     

    lookupd -flushcache

     

    If you are using Snow Leopard 10.6

     

    you type

    sudo dscacheutil -flushcache

    On Mac OS X 10.7 and OS X 10.7

     

    type sudo killall -HUP mDNSResponder

     

     

     

     

    If you let anyone in to your computer via Remote Login and Remote Desktop, of course these jokers can read and control your computer.

     

    They will read your emails!

     

    So you have to limit this jokers from gain access to your computer.

     

    And make sure that no one install other third party remote desktop programs to your computer.

     

    Check the Task Manager on both Windows and Macs.

     

     

    Make sure that both on Windows and Mac you need to block all incoming connection.

     

    On a Mac you need to enable firewall and block incoming and enable stealth mode.

     

    On a Windows, Enable your firewall and Block All Incoming.

     

     

    If you think that your computer is not secure.  DO NOT MAKE ANY ONLINE TRANSACTION from APPLE APPS STORE or doing any ONLINE BANKING.

     

     

  • RusliRusli Posts: 999 Adventurer

    I too have jokers installing a backdoor remote desktop programs and remotely controlling my computer.

     

    If they did this to my computer.

     

    I tell you, I WILL NOT BUY A MAC COMPUTER ANYMORE!!!

     

    How the heck am I going to do any work done on my computer when there are so many disruption!

     

    These people only know how to put damages to my computer hardware!!!

     

    These people got nothing better things to do besides doing SURVILLENCE SPYING games on their VICTIMS!

     

    And I become one of their fallen PREY every single day!

     

    I been abuse by these jokers every single day. And I am not lying.

     

    And not knowing put my HEALTH ON TOLL!

     

    Why would I want to invest on a $4000 grand MAC when these idiots damaging my computer.

     

    If I cannot stand it anymore, I have to report the matter to the POLICE! Due to their illegal survillence activities!

     

    They did not realise of any wrong doings towards me and with other people who happen to be their fallen prey.

     

    They can even blame me for these. Not knowing of their wrong doings!

     

    I've got a MONKEY to deal with and even a BUFFALOS! And even POPEYE- ing!

     

    I even broke my leg  and bone. Did they realise this???

     

    How many years of agony dragging my leg all over the place. Until I am struggling to carry heavy things!

     

    They got eyes to see that there is a hole in one my flip-flop.

     

    How dare they blame me for these! I've been abuse their blaming game every single day!

  • BlackcatBlackcat Posts: 511

    @Rusli

     

    if you think you have been hacked why don't you back up your date, change your passwords and reformat the Mac?

  • RusliRusli Posts: 999 Adventurer

    Okay SockThief,

     

    Please see the article below and I hope you get a good picture from what i said earlier, it is being outsourcing by other telemarketing companies:-

     

    http://www.theregister.co.uk/2013/10/16/mac_cold_call_support_scam/

     

    Video Link:-

     

    http://www.youtube.com/watch?feature=player_embedded&v=8OJhkYdOcfw

     

    Mac fans: You don't need Windows to get ripped off in tech support scams Ah, I see you have the machine that goes 'ping!'

                        By                             John Leyden,
     
    "I'll just [tap, tap, runs a ping command] see if you have any antivirus protection. See, all the requests timed out. That is why your computer is working so slow."

    These were the words of "technician" caught on video trying to convince a Mac user to hand over some cash for his "help".

     

    Convincing PC users that they have a non-existent problem with their computers in order to coax them into handing over their hard-earned cash for useless remote diagnostic and cleanup services has been a popular scam for years.

    Victims are often encouraged to sign up to multi-year support contract costing hundreds of dollars for worthless services. But despite enforcement actions taken by consumer groups such as the Federal Trade Commission, there's no sign that these scams are slowing down.

    If anything they seem to be growing and diversifying.

    According to Malwarebytes post, a company called Speak Support, which offers “Mac® Techical Support” (sic) is one of the culprits. The researchers say the firm is misusing the ping command to convince a victim that he or she has no protective software installed.

    It achieves this by going to a site called protection.com that doesn’t respond to the ping utility. The site's owners have no connection at all with the attempted scam, and were merely chosen by the fraudsters because they had disabled its response to ping, security researchers at Malwarebytes discovered.

    However the resulting error message is used to persuade marks that they have a serious problem with their Apple Macs.

    Although Speak Support claims it is based in New Jersey, US, the registrant records for both speaksupport.com and an associated site (121usa.com) show that the firm is based in India, says Malwarebytes.

    Jerome Segura of Malwarebytes has put together a blog post explaining how the Mac support scam works in greater depth here.

    Malwarebytes' interaction with Speak Support is recorded (for quality-assurance purposes, as they say) in a video posted on YouTube (below). Isolated cases of tech support scams have been noted before, such as this example from 2011, but Malwarebytes has come up with the most detailed explanation of such a scheme in action we've seen recorded to date.

    We wanted to get Speak Support's response to these accusations but the firm has thus far failed to reply to our request to speak sent via its web form, despite promises to respond to queries within seven hours. We've had no joy in our attempt to reach its marketing team via a request through its official Twitter account either.

    A research paper - My PC has 32,539 errors: how telephone support scams really work - by David Harley of Eset, Martijn Grooten of Virus Bulletin, Steve Burn of Malwarebytes, and independent researcher Craig Johnston gives a comprehensive lowdown on how Windows users have been targeted by similar scams over the last five years or so.

    Over time, cold-calling support scams have evolved from "Microsoft told us you have a virus" gambits to more technically sophisticated hooks such as deliberate misinterpretation of output from system utilities such as Event Viewer as explained in the whitepaper (PDF, DNS hijack attack).

    A top-notch help and resource page from Malwarebytes on how to deal with technical support scams, the various tricks used in the short con and how victims can best extricate themselves from any mess can be found here).

     

  • I never thought I'd see responses coming in quicker than I could read or process....

     

    or the debate this is generating - the notion of security + mac is, at it turns out, a hotly contested issue.

     

    There are equal numbers on both sides it seems : those that consider mac a secure platform (Iäve seen writers from TUAW are included in this group) and those on the side that, no Mac is like any other platform and has its insecurity points.

     

    Funily enough, the opinions seem to be extremely polar - either its massively insecure or its a safe as they come!

     

    The middle road seems to be a good option - or is that a picket fence? Mac has a good basis in the Unix world to work from, and the (relatively speaking) smaller user base (though ever increasin) means that (up until now?) it has not been the first attack point. However, the reality is, it has its vulnerabilities and there are active threats. The question is how to best deal with the threats.

     

    I have not responded directly to any post, as I feel it best to read the conversation entirely and then comment/accept answers.

     

    However, I am enjoying the debate immensely.

     

    /SockThief

     

    incidentally I have only managed to reinstall the OS, nothing else yet - i ran out of time! So I stil have some time to decide!

  • RusliRusli Posts: 999 Adventurer

    Well, SockThief

     

    This is what you have to be wary about.

     

    http://news.cnet.com/8301-1009_3-57608139-83/apple-reasserts-claim-it-doesnt-want-to-spy-on-your-imessages/

     

    Apple reasserts claim it doesn't want to spy on your iMessages

    The company is moved to make a statement after a researcher presents a hack that could allow the company to read iMessages.

    Don Reisinger
      October 18, 2013 5:58 AM PDT
     

    Apple has said time and again in the wake of the NSA snooping scandal that it cannot read user iMessages. But new research has shown that it's theoretically possible.

    Security firm QuarksLab on Thursday issued a white paper describing a method by which a hacker or Apple itself could access iMessages. The white paper states that Apple could intercept messages between sender and recipient and make them believe that their communication is secure. In order to do so, however, Apple would need to disrupt the encryption between communications and effectively change how iMessages works.

    Back in June, Apple issued a statement on its site discussing its "commitment to customer privacy" in the wake of revelations about the National Security Agency. The company said at the time that iMessages are kept entirely secure.

    "Conversations which take place over iMessage and FaceTime are protected by end-to-end encryption so no one but the sender and receiver can see or read them," Apple wrote in June. "Apple cannot decrypt that data. Similarly, we do not store data related to customers' location, Map searches or Siri requests in any identifiable form."

    In a statement sent to All Things Digital in response to the new research, Apple spokeswoman Trudy Muller said that Apple would have to jump through hoops to achieve access to iMessages and that it has no desire to do so.

    "The research discussed theoretical vulnerabilities that would require Apple to re-engineer the iMessage system to exploit it, and Apple has no plans or intentions to do so," Muller told All Things Digital.

    CNET has contacted Apple for further comment and will update this story when we have more information.

     

This discussion has been closed.