FreakoutITGeek's Blog

Random IT postings from Freakz

Monthly Archives: May 2011

MacGuard & user permissions

Following on from my recent posting on MacDefender, I noticed the same site had an updated page relating to MacGuard ( for original article see Reed Corner Design [Thomas Reed] http://www.reedcorner.net/news.php/?p=204 )

From the article it appears that MacGuard relies on a similar tactic to install itself on OS X machines as MacDefender, i.e. by Safari automatically starting the installer if “Open ‘safe’ files after downloading” is still ticked in the Safari preferences (see the ‘MacDefender Info’ article in this blog for further details).

The big difference between MacDefender and MacGuard appears to be that if a user has administrator rights then the install will run and the application will install without any prompts. If the user only has user rights then the installer will fail.

In reality, I believe that most home users do not know if they are using their machine as a user or admin, so this could be a risk to home users. For companies that have properly trained IT staff then no one should have admin rights on a Mac unless they are IT staff, but smaller companies may be left at risk.

As usual it appears that the risk is from lack of user awareness, that users need to realise the importance of the different types of account and the risks involved. This issue is one of awareness is not just limited to OS X users but Windows users as I believe that most Windows users are sitting using their Admin accounts in a daily basis. I believe that the industry as a whole need to look at the issues of user account permissions more seriously in the future.

Advertisements

MacDefender info

I recently read an article on MacDefender ( Thomas Reed [ Reed Corner Design] http://www.reedcorner.net/news.php/?p=82 ) after someone I follow on Twitter posted the link.

The article is a well described explanation of how the creators of this ‘scareware’ have used a flaw in the Safari browser security to attempt to get users to install a fake Anti Virus software. It appears, from the article, that the people behind the ‘scareware’ are still using Windows OS screenshots to try and trick OS X users into installing the software but I’m sure that they will change these to OS X like screen shots in the near future.

As with most of the scare stories about malicious content for OS X, it appears that the software can only get on your machine if you give the software permission to install.

From what I have heard and read the simplest way to protect yourself from such attempts to compromise your OS X machine is to disable the setting in Safari that allows known ‘safe’ content to be run on download:

Open Safari
Choose Preferences from menu
Select General tab
untick “Open ‘safe’ files after downloading”.

I would like to state that at the point of writing it appears that the web pages that produce the scare page are reported to show a windows screen not an OS X screen, the software may be downloaded automatically and unpacked but the user still needs to provide authentication for the software to run. There are loads of things that users should realise are wrong and they should not be giving any software from an unknown and entrusted website permission to install software.

I do however understand that after all the scare stories in the press people panic and think they are doing the right thing. People follow instructions blindly when they are in a panicked state and the creators of this type of attack rely on this to get users to compromise the OS X security themselves.

I know of one person who was affected by this and has been a Mac user for many years, so I sympathise with anyone who was caught out.

My wife has had something similar appear on our Windows laptop and was smart enough to close it down or call me for assistance.

The people behind this ‘scareware’ try to trick Windows and OS X users into compromising the security of their own computers by frightening the user into installing the software for them. Protect yourself by thinking through your actions before you do anything.

Would you let a stranger in your house if they knocked on the door & said they had seen a burglar, would you? there’s no difference, stop and think before you act, ask for assistance from an IT support person if unsure.

Keep safe people.

Viruses and malicious content

There has been an increasing amount of press recently about malicious applications appearing for the Apple OS X operating system.

To be honest I don’t use any security software in the two OS X computers I use at home, which are connected to the home broadband Internet connection.

I would never consider doing the same for a Windows OS machine, before any PC is connected to the Internet I always advise to patch it to the latest service pack, install Norton Internet Security (or McAfee), download any updates to NIS using a machine that is already protected before connecting and running windows update.

I have seen a Windows OS machine become infected using a dial up connection in seconds with McAfee Installed from CD but not patched. The machine in question was being connected to pull down McAfee updates and Windows Updates so was open to attack.

By comparison I believe that the few risks found to target OS X machines require the users to provide authentication details before the software can be installed on these systems. I have yet to hear of a virus getting on an OS X machine through a security flaw on an Unpatched OS X machine, installing itself, spreading itself and the user not being aware of any of this happening.

I believe that the risk to OS X users from scareware such as MacDefender (which is just the Windows Defender, also known as fakeAV, setup so that it detects Safari browser) and the other scare mongering press stories, is so small as not to worth worrying about at the moment.

If you believe there is a risk then the solution is as simple as it is for Windows machines. Install a reputable security package like Norton Internet Security Dual ( which protects up to two OS X machines running OS X and windows under bootcamp or similar).

As the press try to create a false sense that OS X is at threat, more Anti-virus and security companies are jumping on the bandwagon to provide software for those that want it. I believe that Norton, McAfee, Sophos and other organisations currently provide some form of AV for OS X.

As I have stated, if you feel that there us a risk, protect yourself, otherwise OS X is safe from all the current threats as long as you don’t install software that you don’t know what it is, what it dies or where it came from.

Safe and secure on Windows & OS X

For a few years now I have had to use a secure USB device for storing files ( drivers, installs, etc) as it’s company policy and the PCs have security software to prevent anyone (even us in IT) from using non secure devices.

My main issue with this has been that we support both Windows and Apple systems so have had to use Integral Crypto devices for the PCs and non secure devices for the Apple OS X machines.

I always thought it was a poor situation and I’m sure I ranted about it at the time.

I have just found that Integral now not only now produce a Mac version of the Crypto but have recently launched a Crypto Dual device, which works on both Windows and OS X!!

The device also has some handy extra features, including a unique code etched into the device for easy identification (something that was really needed in the original versions), The ability to have all the devices in your organisation to have a company hardware ID set on the devices ( allows security software to identify the devices that the company have purchased and which ones users have purchased and brought in ) and lastly, it allows for an administrator account password to be set in addition to a user password, allowing IT departments to recover data when the user has forgotten their password, so long as they have not exceeded the 5 allowed attempts which I believe still results in the data being deleted.

I have done a bit of checking and the devices are all available in the UK from Insight prices are roughly (Inc VAT) for the 32 GB versions..
PC basic version: £127
Mac 140 version: £147
Dual version: £132

Alternatively for PC users I have seen the PC only version as PC World in the past. For Mac users the Apple store sells the Mac only versions (well the on-line store does at time of writing this)

The Security level may vary slightly between these versions so I would suggest checking the prices on Insight and the specifications on Integral.

If anyone from Integral is reading this feel free to contact me with full details or to give me a review model so I can give the Dual version a try!! Hey if you don’t ask you don’t get!! 😉

Update:

For those unfortunate enough to have a Windows PC at work and an Apple at home and have been given one of the Windows only versions (ie you are in a Windows only workplace but have a Mac at home), I have tested a solution to your Issue.

On my Apple iMac ( Intel Duo circa 2006) at home I have installed the free VirtualBox software from Oracle (was Sun) and installed Microsoft Windows 7 onto the virtual PC created by the software. By installing the VirtualBox add-on pack into Windows 7 you can set it to allow access to the Secure pen drive. This works like a dream and I can copy files off and onto the device without any issues.

I assume that Bootcamp, Parallels etc will do a similar job, but I can not test this as my iMac uses an external
monitor due to a damaged LCD panel / controller so I can’t use it for bootcamp and I don’t have parallels or it’s competitors.

I assume that this will only work with Intel Macs (ie I suspect that older PPC apple devices won’t be able to get it to work as they don’t have the Intel chipset)

Of anyone wants to know more feel free to contact me.

Disclaimer

Just to clarify, incase anyone reading this blog gets the wrong idea..

Anything I write in this blog about future IT development is based purely on rumour, conjecture and probably ( to be honest) misinformation, if not outright lies by others.

If I was aware of any real developments, which I’m not, I would probably be under some form of non disclosure agreement (industry standard stuff from what I can tell ), and would not be able to say anything without serious personal & professional risk.

I only post things here that are my own beliefs, hopes and dreams of what the future may hold, based on data posted on Twitter, published in newspapers and online, which I attempt to interpret into something more or less meaningful.

Hopefully some of my postings are of interest, but please don’t take them as anything more than works of fiction as no one can see into the future.

Take care all…

Looking to the future

As anyone that reads my blog is aware I’m a bit of an Apple Fanboy, so it’s no surprise that I regularly follow rumours on the proposed future Apple product developments, taking everything with a pinch of salt (as you have to with any rumours).

I have recently been looking on the Internet to see if there are any further rumours about the proposed (ie reported in the Scottish press) Apple Store in Braehead.

During my trawl, I found a page from the Paisley Daily Express that appeared to indicate that Apple are considering an Edinburgh store in Princess St?? I also found an older website that also had this suggestion (although it also suggested East Kilbride) and this has got me thinking..

Just to justify my comments for a second, I like the hidden parts of Edinburgh with it’s Indy record stores and quirky little shops (I miss the Chocolatier that used to be near the Scottish Parliament – cracking choice of hot chocolate), but there’s too much tourist tat and the parking is horrendous. East Kilbride is Ok, but it’s not got anything you can’t get in Glasgow and the old parts of the shopping centre are feeling very dated the last time I was there ( which was some time ago, so to be honest it may have improved?)

Going back to my original point, could there be places in Scotland that Apple could open stores, places like Edinburgh and East Kilbride that have tried to pull their shopping streets and shopping centres up from their bootstraps, but struggled because of the economy. Could Apple use their retail magic to turn these pumpkins into crystal coaches and bring other big names to cinderella’s ball like they did with Regents St, London?

On a Personally note, I would love Apple to open a store in the Glasgow Fort, partially because it’s on my doorstep, but also because it’s a great location and, since the rumour that Marks & Spencer’s were going to build a store there a few Xmas’ back, there hasn’t been much in the way of exciting new developments ( sorry I’m not interested in fashion clothing stores & the loss of Borders has ripped out the heart of the fort for me).

In my mind, there are a few things going in the fort’s favour, including late night shopping on the run up to Xmas and twice a year the fort opens early for the Next sale, which snakes round the closed stores as the coffee shops (Costa & Starbucks) and the food stalls provide the queuing shoppers with morning rolls & drinks. I’m sure that the centre management and security would happily accommodate the same for a store opening or several product launches.

Looking at the area around the fort, North and South Lanarkshire, who I believe use a lot of Apple products in their schools, would benefit from the store and the store would benefit from parents and teachers purchasing from the store. Areas of Glasgow, not already covered by the Buchanan Street store or the proposed Braehead store, would also benefit in a similar way.

Since it appears that M&S aren’t going to build the store rumoured at the fort, there is enough land for Apple to build a shiny new store right next to the M8 which would act like a beacon for style shoppers who have passed but not taken the opportunity to pop in.

Where will Apple wave it’s retail wand in Scotland next? Only they know, but I’m sure I’ll be there when they do, to get a launch day t-shirt! (ok so I didn’t go to the Aberdeen opening.. but you can’t have it all)

Update (26/04/13): I’ve just had a look on my WordPress stats and someone searched for “when does the apple store open in the fort in glasgow”, do they know something no one
else does, or is is just coincidence? I’m not aware of anyone else touting The Glasgow Fort as an Apple Store location so it’s interesting to spot this.. If you are the person who searched, thanks for reading and feel free to leave a comment or contact me on Twitter (see the Braehead Apple Store posts).

Safe and secure on Windows & OS X

For a few years now I have had to use a secure USB device for storing files ( drivers, installs, etc) as it’s company policy and the PCs have security software to prevent anyone (even us in IT) from using non secure devices.

My main issue with this has been that we support both Windows and Apple systems so have had to use Integral Crypto devices for the PCs and non secure devices for the Apple OS X machines.

I always thought it was a poor situation and I’m sure I ranted about it at the time.

I have just found that Integral now not only now produce a Mac version of the Crypto but have recently launched a Crypto Dual device, which works on both Windows and OS X!!

The device also has some handy extra features, including a unique code etched into the device for easy identification (something that was really needed in the original versions), The ability to have all the devices in your organisation to have a company hardware ID set on the devices ( allows security software to identify the devices that the company have purchased and which ones users have purchased and brought in ) and lastly, it allows for an administrator account password to be set in addition to a user password, allowing IT departments to recover data when the user has forgotten their password, so long as they have not exceeded the 5 allowed attempts which I believe still results in the data being deleted.

I have done a bit of checking and the devices are all available in the UK from Insight prices are roughly (Inc VAT) for the 32 GB versions..
PC basic version: £127
Mac 140 version: £147
Dual version: £132

The Security level may vary slightly between these versions so I would suggest checking the prices on Insight and the specifications on Integral.

If anyone from Integral is reading this feel free to contact me with full details or to give me a review model so I can give the Dual version a try!! Hey if you don’t ask you don’t get!! 🙂