|
![](MasterGraphics/35VWhiteSpacer.gif)
![](ServiceGraphics/SubThreatAssessment.gif)
Web-based threats, email
spoofs, keyloggers and spyware..... We all face threats from bogus sites, apps, spoofs, redirected comms and data breaches. Don't be a victim.
Apple has all but eliminated the threat of viruses, but that's not to say Mac
users can be complacent about security. Keep your current OS updated, know who you're
dealing with, and pay attention. Never download from an
unknown source.
The most significant threat to security is physical access to your computer or device.
Wireless spies and freeloaders can be a problem, but these are managed
by security protocols and proper passwords. This page is about
security on the Macintosh and what you should know to protect yourself.
|
![](ServiceGraphics/35VWhiteSpacer.gif)
![](ServiceGraphics/SubSecurityBasics.gif)
Keep a hand-written list
The day is certain to come when - for whatever reason - you can't get into your computer or gizmo. If you've stored a backup list of passwords on the device, they will disappear along with everything else unless/until data is restored from your backup. Best solution is writing down the myriad of passwords you use in a small notebook and keeping it somewhere safe.
Password requirements vary greatly between devices and web sites; device login passwords (or passcodes) may be as short as four characters, while many email and web sites may require 8 characters or more that must include upper/lower case, numbers and special characters. Since the login password is required frequently on a computer to install/delete files or modify settings, do yourself a favor by keeping it short if you have the option to do so.
Two-factor authentication
In many cases, this requirement is merely a way to get your phone number (verified by sharing a 'secret code' between devices). Each time you add a phone number, you can bet it will be sold to telemarketers, despite carefully worded privacy policies. An email address and password should be sufficient to keep others out of your accounts, especially when you consider the real threat to your security is from servers getting hacked rather than an individual account. Identity theft happens when mortgage companies, banks, service providers, online stores, the DMV and big companies get looted, as frequently occurs these days.
Enhanced security?
It's become such a problem that an entire industry has sprung up promising to "lock" your identity, secure your home's title, or protect you from various threats for a monthly fee. It's just a myth, since there's nothing they can do to secure the database of some utility or agency.
Best solution is to remain vigilant, pay attention to credit card and bank activity, carefully examine links before clicking, and avoid falling for scams. Most of the problems we deal with are the result of giving away information over the phone or thru some bogus email link.
|
![](ServiceGraphics/35VWhiteSpacer.gif)
![](ServiceGraphics/SubCounterfeitGoods.gif)
61-watt AC-Adapters (aka chargers) for 13" and smaller
MacBooks.
Fake
chargers on Amazon and eBay
Of the AC-Adapters shown above, only one is a genuine Apple
product. They all look identical, with embossed Apple logos, all the
official safety certifications, model numbers and copyright info. Some
include a coiled USB cable in Apple-like packaging.
There are three ways to tell them apart; one is weight,
another is measured output, and last is the only visible difference
between them, their printed labels. Bottom unit is the real thing.
Compared to the fake above it, font is different and printing isn't
quite right. This is the only visible tell when shopping online.
Counterfeit chargers are a waste of money. Less than proper output will cause heat and can damage
computer's charge port, battery and charging circuit. Those safety
certifications are meaningless, and that cable probably can't handle
rated output, either (20v/3A). Saving a few bucks on a bogus charger
can be costly.
Junk flash drives
Also flooding the market are bogus USB flash drives. Found
online and on store shelves (even store brands) these are especially
insidious by design. Flash drives pictured above all advertise as USB-3
- they're not - and 2TB capacity - no. They sell for $10-15 online,
about 1/10th the price of a legitimate drive.
When plugged in, some misrepresent their specs to match
advertised specs, if they work at all. A few may record files names only
without recording the actual files. Stick with name brands like PNY,
SanDisk, Samsung, etc.
|
![](ServiceGraphics/SubCleanup.gif)
Desktop clutter
Keep files on your desktop to a minimum.
Two good reasons for this are to conserve RAM, and because the desktop
- like the trash - has no further address in your Mac's directory and
is shared by all volumes and disks.
The Desktop should be treated as a
temporary landing spot for files until you decide
whether to keep 'em or not. If a file has served its purpose or is no
longer needed, trash it; otherwise move files into appropriate folders
within your drive (Documents, Pictures, Music, etc.).
First off, it may help to
populate the Finder's sidebar if you haven't already. Under Finder
menu, open Preferences and click the Sidebar tab:
Putting a check mark next
to the items shown above will put those items in all Finder window
sidebars for quick and easy access.
From the Desktop window,
drag/drop files to appropriate folder in sidebar according to file type
- photos into Pictures folder, music into Music, etc. Sorting files in
Finder window by Kind may make things easier:
Screen shot above shows
Desktop selected in sidebar. Contents are shown in list view (arrow),
sorted by Kind (red circle) and ascending (blue circle). All JPEG files
are selected, ready to drag into Pictures Folder where JPEGs belong.
It may also be helpful to
open a second Finder Window and relocate files by dragging them between
the two windows.
Tip:
While you're at it, open Finder's View menu and turn-on two helpful
options:
Show Status Bar, and Show
Path Bar.
Clear 'cruft' out of your browser
Safari, like all web browsers, has
preference settings to delete cookies, extensions and other junk that
accumulates over time (collectively known as cruft). Safari
also has a shortcut in Safari Menu: "Clear History..."
Select Clear History, then set to 'All
History'. This will get rid of ALL cookies, history and cruft with next
click. Other browsers have these functions under browser preferences
for deleting cookies and history. Also check for bogus extensions, especially "search" add ons that often produce
pop-up ads.
iPhone, iPad, iOS cleanup
Getting rid of trackers, cookies and crap on iOS devices is
a bit more complicated and much more opaque compared to computers.
Cleanup requires a number of steps; start by opening the Settings icon
in your iOS device:
In Settings, scroll down and tap Safari:
In Safari settings, scroll to very bottom and tap Advanced:
At very top of Advanced, tap Website Data:
Scroll to bottom again and tap Remove All Website Data:
Back in Safari settings, scroll to Clear History and Data to
delete that, too:
Doing this periodically will clear trackers and cruft from
your iPhone/iPad, reclaim space, and improve performance. Once you get
used to this process, you can execute fairly quick, thanks to commands
placed at top and bottom of lists.
But wait, there's more (sadly)
Back to the Settings icon on your iGizmo:
From Settings, open General:
Under General, go to iGizmo Storage:
Find "On My iPhone" or "On My iPad" under Storage - if
present on your device.
This item only appears if it contains data, and it
disappears if emptied:
Apple's iOS is locked-up tight, so there's no telling what
"On My iPhone" actually contains. Worse, if present, the list of
contents may not be accurate and is less than informative regarding
data stored there:
If you take screen shots, download PDFs or documents, go on
social media or use a web browser, something will be stored here (no
idea what). Using list above as an example, there's no telling what
might be in the two folders, what created them or why; clicking them
shows no additional info beyond a date. Same goes for named apps.
Firefox says it is empty despite "2 items" shown here. Likewise Pages.
Deleting everything in "On My iPhone" doesn't seem to affect
anything - photos don't disappear, docs remain where you'd expect to
find them.... so, what is this? Examine the contents of "On My iPhone"
if you want, but odds are these files are of no benefit - to you. The
fact that "On My iPhone" completely disappears when empty also lends a
creepy quality to its presence.
|
![](ServiceGraphics/35VWhiteSpacer.gif)
![](ServiceGraphics/SubRegardingViruses.gif)
By definition, a computer
virus must have three specific traits:
- It operates in the background without
user's knowledge
- It copies itself to every drive,
volume or disk it encounters
- It carries some sort of payload
Viruses have been largely eliminated on
the Mac by preventing the first two properties above; the third
property, payload, is a function of software in general, whether
useful, helpful - or malicious.
Malicious software - aka malware - comes in a wide variety, from phony
updates to bogus apps of all kinds. Types of fraudulent apps include
fake cloud backup, bogus online password management, maintenance
utilities, readers, viewers, players and assorted other "helpful" apps.
If you enlist the services of cloud backup, you'll be sending them all
your data, legitimate services and bogus ones alike. Same goes for
password management services that store your passwords. Do you know who
they are or where they're located? No password, encryption, VPN or
security measure can protect you from voluntarily engaging thieves or
downloading garbage.
"I think I've been hacked!"
No, you haven't been hacked. Banks get
hacked, Social network sites get hacked, Google, Yahoo (et al), credit
sites and retailers get hacked. People generally
don't get hacked, aside from an occasional celebrity or maybe an
acrimonious divorce. "Hacked" is one of those terms that sounds good,
but usually means scammed.
Know who you're dealing with.
Free, demo,
trial apps, bogus updates, PDF/Word readers, video viewers, and a slew
of Mac fix-up apps - including paid versions - are as close to viruses
as we get on the Macintosh platform. Don't go there.
If you limit downloads to Apple's App Store and only deal
with KNOWN sources by making certain the address in web browser is
legitimate, you'll have little to worry about. That's the short version
- more info and details follow.
(Also see our Rants page for more on security
concerns.)
|
![](ServiceGraphics/SubeMailAttachments.gif)
As a friend says, "you have to be smarter
than the tools you work with." Just because that email says it's from a
friend - doesn't mean it is.
- Use
adequate passwords and be ready to change those associated with
cloud functions, online banking, web mail, and internet accounts as
necessary. Record all those passwords in a safe place, too.
- Don't
click email links. Examine that address
carefully. Parking your cursor over a link for
a second or two will produce a small box exposing the link's true
address. You can always
avoid the link by using a bookmark or by typing the address yourself.
And there's always the phone.
- Never
respond with credit card numbers, passwords or personal info.
Never "login" thru an email link - legitimate sources should direct you
to their web site. It pays to be skeptical.
- Use
'Junk' filtering. Whether you use web mail or an email client,
all email apps have a "spam" function for weeding out the garbage we
all get. Use it. Something over 90% of all email is spam.
Looking at the address suffix - known as
its Country Code (ccTLD) - can be
enlightening, too. Be aware that it takes no effort at all to fake an
email, and trust nothing about an email's address or its contents.
Of course, if you rely on mail thru Yahoo or Google or other online
service, the security of your email (including your address book and
whatever else is attached to your account) is out of your hands and up
to the service provider. They get hacked on a regular basis, so don't
be surprised if it happens to you and suddenly everybody you know is
getting spam with your name on it.
Such security breaches occur all too often, and that's the risk you
take when using free online mail services. Your choices are to change
your email address or just wait until it blows over (which it
eventually will).
|
![](ServiceGraphics/35VWhiteSpacer.gif)
![](ServiceGraphics/SubTrojansViruses.gif)
If it comes
looking for you, you don't want it.
Real-world internet security concerns (regarding Macs)
revolve primarily around downloads that may be deceptive and/or
damaging if installed. This cannot happen without your active
participation and knowledge. If you see some unexpected message popup
while surfing the 'net, and it wants you to download, scan, update or
install something, don't do it.
Cancel/close and ignore the message.
In the case of email attachments, a virus
might well be attached to some email message you receive, but these are
typically incapable of doing any harm to a Macintosh. However, while it
cannot affect your Mac, if passed along to a Windows machine where its
code _can_ execute, it might attack the Windows user. Delete it.
Best advice is to simply be aware, be
suspicious of uninvited prompts, and don't click anything you're not
absolutely certain of. Clear your history and delete cookies
periodically (although you may have to hunt for some of 'em - see
below), open a new browser window if you like (File menu -> New
Window) and use your bookmarks or type-in the address you want to go
to. Cancel unexpected options and avoid anything even faintly
suspicious.
Here's what you need to know:
The term
"Malware" (short for malicious software) refers to a variety of
bad-nasty things floating around in cyberspace, including viruses,
spyware, Trojan horses, and a host of lesser types (in terms of
potential damage). Rule of thumb: If you need some app or software,
player, update or utility, go to the source and get it. DO NOT download anything that comes looking
for you!
Spyware
is a whole different animal. This category includes commercial programs
designed to track computer use and record keystrokes, but these are not
necessarily viruses. Popular with parents, security departments and
company bosses, spyware provides indisputable proof of computer use and
activity. That's the legitimate use of spyware: Parental control,
tracking company time and tracing activity. But - spyware can also be
used to steal passwords, banking and credit card info or other personal
data for purposes of theft.
Properly installed spyware requires physical access to machine for an
extended period of time, a few hours or more. Once in place,
professional spyware is - by design - difficult to detect. The cheap
and cheesy types are rather obvious.
A Trojan Horse - like the Greek myth -
requires your active participation to download and install before it
can do its thing. Therefore, it must trick you into bringing it onboard
by masquerading as something attractive or pretending to be something
it isn't. Here's an example, one of hundreds popping-up on the internet
these days:
Text is laughable - doubt if many who read this would fall
for it.
If you click OK, the next window will be a
"free download" of the Trojan disguised as an anti-virus app. If you
are gullible enough to download, you will then have to enter your admin
password to install it and you'll be warned that you're about to
install an app from the internet. Just close the window, quit browser
if you have to, or trash the file before installation and you'll be
fine.
Some of these Trojans will put up a
window listing a few files it claims are infected and should be
"scanned" immediately. We've seen many examples of this type over the
years, and most look very much like a genuine Mac application. (We
tracked one to Belize, by way of Germany, with a contact number in
Russia.) Fortunately, they're easily removed and
relatively harmless but always best avoided.
While the Microsoft Windows world has long been awash in viruses that
cannot infect the Mac, that doesn't mean Macs are 100% safe. The
Macintosh remains largely immune due to proactive prevention by Apple
at the core of your MacOS, but there are lots of
other threats out there besides viruses. Nothing
gets installed on a Mac unless a password is entered and installation
is approved. The only protection you really need is common sense.
|
![](ServiceGraphics/SubHackersFirewalls.gif)
The World Wide Web should be free, unregulated, uncensored
and untaxed - but it also needs to be approached with care. Dealing with the internet means you can assume you're being
tracked and you're quite likely to encounter something nasty along the
way.
If you have a network and internet connection, you must protect it. Use
a router with a firewall and secure password, especially since most
routers include wireless functions. Normally it's just a matter of
selecting the best available protocol and setting a password - never
use passwords that ship with devices, create your own - and remember to
write it down.
Connecting to networks out in the wild is another matter entirely.
Consider these to be wide-open and unsecured, and never transmit
anything sensitive over a foreign wifi network. There have been reports
of thieves setting up adjacent networks with names matching legitimate
ones; that "Starbucks" network might be Starbucks or it might be some
bozo out in the parking lot. This type of spoof can be difficult to
detect or verify.
You can also assume a lack of privacy anywhere, as virtually every app
you use is phoning home with your data, targeting ads or looking for
updates, whether on a computer, tablet or phone. GPS-equipped devices
attempt to map wireless access locations by sending coordinates and
network info. Computer and software makers collect and send data,
including OS, app versions, and machine specs. Any audio device may be
transmitting all it hears (with or without your permission); phone apps
are notorious for trampling on privacy. There are legitimate types of
data collection used to enhance product performance and provide
assistance, but the line between that and eavesdropping is disappearing.
Pay
attention to network activity
The key (on a Mac) is that nasty stuff, like all software,
requires passwords and permission to be installed. Once onboard tho, malware can collect
info, spy on activity, eavesdrop on communications and even reroute
network traffic. (Yes, that includes Macs.) It's not unusual to find
Koreans scanning your ports, cookies from countless unwanted sources,
or servers horning in on web locations; these are easily stopped in
their tracks. It's another matter to find something installed on a
System that is opening doors and collecting/sending data. Noticeable
effects may include slow internet operations, and it's something to
watch for. We recently removed no less than five different variants of
a malware app designed to hijack network communications on a single
machine. One of those apps dated back five years. But, credit where
credit is due: That particular machine had been used to explore the,
shall we say, "seedy" segments of cyberspace and malware was
voluntarily downloaded in the process.
Turn
on your OSX firewall
(System Prefs
> Security pane > Firewall tab - should be on by default), and do
not allow file sharing of any kind over the internet. Sharing thru your
own local area network (LAN) is fine; office networks are probably
managed by in-house IT staff. Torrent, movie and music sharing sites
are well-known for passing malware, so if you want some program or
music - hey - buy it! No sympathy here for those who install
BitTorrent, uTorrent, Limewire, Vuze and other such software.
Legitimate sources consider it theft to use such things, and so do we.
If
you need a 'viewer' or update, go to the source and get it
Adobe.com's Flash Player (deprecated with HTML-5) should be uninstalled.
VideoLAN has VLC for translating
WMV and MS file types, and QuickTime will open most A/V files. Odds are
you already have software that will do whatever you need. Avoid
anything that shows up uninvited while surfing the web, including video
players, warnings, "updates," or apps that claim to speed-up, clean or
fix your Mac. Some of the latter are malicious.
There's only one way to absolutely
guarantee total network security on any computer, and that's by
disconnecting from the internet altogether (airgap).
Short of literally pulling the plug on communications,
remain vigilant to intercept and identify potential leaks, control
access, use passwords and pay attention. Again, the #1 (and arguably
only) security tool most Mac users really need is common sense.
|
![](ServiceGraphics/SubPhysicalAccess.gif)
The biggest threat to any computer is having it fall into the wrong
hands, so restricting physical access is most important. And the threat
isn't just from theft or those with mischief in mind, it can be data
loss or damage done by accident, too.
Hand-in-hand with protecting
physical access is having a proper Admin account with a secure login
password. This is especially important for notebook computers and
portable devices that may go missing, and machines shared by two or
more people. Create a unique password, make it a good one, and write it
down somewhere safe to make sure you don't forget it. (You can give
yourself a hint, too, when you set it up.) No one else should have your
password; if you share a machine, setup an account and password for
each user.
You can require a password to wake from
screen saver/sleep to protect your computer if you step away for a
moment. Turn on your Firewall if it's not already on by default. And be
sure to disable automatic login at startup in the Security pane of
System Preferences under its General tab:
Options
here include requiring password to wake from sleep, disable auto login
(must be checked for password protection at login), automatic log-out
after a set time, and more. Recommended settings are shown.
Then there's the FileVault tab (shown
above): Here you can set a master password and encrypt everything on
your hard drive - NOT recommended. Encryption will slow ops a bit, and
if you lose the master password all is lost. FileVault is there with
industrial-strength encryption if you really want it, but you'd need a
_serious_ reason to make it worthwhile. FileVault is overkill for most
people; you are well protected by passwords without the hassle of
encryption.
|
![](ServiceGraphics/SubSpyware.gif)
Spyware is a
general category of programs designed to track computer usage. These
are not viruses per se, so anti-virus programs may not detect them as
such. And, because programs used as "parental controls" or for
additional security may contain keyloggers to record who did what and
when, keyloggers aren't exactly malware either. Even
some simple keyboard-shortcut utilities have keyloggers. Other types of spyware can record chat room and internet
activity, emails, logins and software use. Some
spyware apps are capable of using a computer's camera to take
snapshots, record video and/or send location info as well. This info may then be stored for later retrieval or sent via
WiFi. Such apps may be also used to recover lost or stolen notebooks.
If you are concerned that someone is
spying on you and your Mac for some nefarious purpose, consider what it
takes to put spyware on a Mac: First requirement is physical access
(discussed above). Login password for your admin account is also
necessary, and to properly install spyware so as to make it as
undetectable as possible can take a good deal of time, 3-4 hours or
more. So, if your machine hasn't left your possession, it isn't shared
or available to others for an extended length of time, and it has a
decent (secure) login password, you probably don't have anything to
worry about.
The same applies to iPhones, iPads, and
other such devices, with one important caveat that might make a
difference. When you sync these devices to iTunes on a computer, iTunes
automatically makes a full backup for you in case it's needed to
restore the device, and that backup remains (buried) on the computer
you synced your gizmo to - which, by rights (and by design) _should_ be
your own computer. But, if you synced to someone else's Mac or PC, they
have all that data, and that might be a problem.
Unfortunately, hunting down spyware
requires forensic processes and techniques that are beyond the scope of
this discussion, especially if the prospect of legal action is a
possibility. Installing anti-virus apps or "cleaning" utilities is just
asking for trouble and of no help. Best hope for putting your mind at
ease is to carefully consider time and access requirements for spyware
installation, continued access necessary to retrieve keylogger/spyware
records, and the likelihood of anyone going thru all that trouble to
spy on you. If you still think you have a problem, give us a call, make
an appointment, and we'll see what we can do. We won't help you spy on
someone else (if that's what you have in mind) but we can certainly
find out if you are - or have been - a target.
CIA and NSA
programs
Yes, thanks
to Wikileaks we now know the CIA has an Embedded Development Branch
(EDB), creators of a number of programs designed to infect the
Macintosh (and PCs). These programs, code named "Dark Matter", "SeaPea"
and "NightSkies" (collectively known as "Triton") have been active
since 2008 and were being updated to infect new OS versions as released
by Apple. We first ran into Dark Matter in 2011 on a brand-new Samsung
SSD purchased from Amazon. We had no idea what we'd found, only that
the drive had a small 64K EFI partition in an unknown format - embedded in
the drive's firmware - that could not be
opened, examined or erased.
As with Dark Matter, these things aren't hard to find and identify if
one knows what to look for and where to look. "Dark Mallet",
"DerStake", the "Sonic Screwdriver" project... the CIA's user manuals
for their spyware reads like any other user manual, all very
matter-of-fact and concise. Only thing missing is the end-user license
agreement (EULA).
Apple claims to have secured its OS against this sort of tampering, but
in the spy-versus-spy world of tech surveillance you can be sure
agencies have moved on to new and better things. Recall that the NSA is
recording _all_ comms and data in real time, turning devices into
spies. Rule of thumb: If they can do it, they
will.
|
![](ServiceGraphics/SubPrivacy.gif)
Short
version = there is no privacy. But, with more trouble than should be
necessary, you _can_ take out the trash and keep tracking to a minimum
while sometimes solving online problems. Here's how:
All
applications (programs) have their own preference settings under menu with app's name, in this case Apple's browser, Safari. Open
Preferences and choose the Privacy tab (image below). You can do that
right now if you want, just move your prefs window aside so you can
still see this one.
BTW:
Different web browsers have different layouts, and the options we're
looking for may be located someplace different than illustrated here.
You may have to do some extra drilling to clear history, check homepage
and toss cookies.
Using Safari here, other browsers should have same options
somewhere in prefs or tools.
Clicking "Remove All Website Data..." button clears all cookies.
The Privacy tab allows you to remove
cookies from sites and servers tracking you as well as those with legit
purposes, such as login cookies used by discussion groups, vendors and
auction sites. You'll just have to login again if you toss the good
ones with bad, but Safari can remember most logins if you want it to.
You can peruse cookies by clicking "Details..." button if you wish,
then delete 'em individually, too. You might think we're done, but - no.
Shortcut: Older versions of Safari had a reset for
removing much of the "cruft" that accumulates with web browsing, found
under the Safari menu as either "Reset Safari" (up to OS 10.9), "Clear
History and Website Data" (10.10), or simply "Clear History" (from OS
10.11 on):
Choosing
"Reset Safari" or "Clear History" produces options to delete all accumulated
internet cruft.
Options
checked above are a good compromise between keeping those things that might be helpful and trashing most of the
junk that isn't.
NOTE: Newer versions
have an "All History" option instead of what you see above - set to all
history and click the "Clear History" button.
So, we're done now, right? Not quite...
There are dozens of browsers out there -
Safari, Firefox, MS Exploder, and the new kid, Chrome (best avoided),
to name a few - all have different storage, tracking and "privacy"
schemes, different front ends, prefs and options with their own
agendas. Most other apps collect/send data and check for updates, too.
This is why you really can't expect true privacy, but you can certainly
keep traffic to a minimum.
|
|