Secure IT Foundation

Posts Tagged ‘Smug Mac

Once upon a time Apple Mac users were happy people, laughing at Windows users suffering with virus problems… As Macs became more popular, the malware and virus writers have turn more attention to the Apple operating system OSX. Now a fake Anti Virus program can run on a Mac without needing a password. This brings Mac security on a level par with Windows.

Perhaps as the Windows users have years of experience dealing with viruses and malware, the naivety and now abundance of Apple’s user base makes them ripe for the picking.

You can read the recent timeline of Apple’s security model failing here and then install the AV for Mac from Sophos for free before you get caught out. Don’t be a smug mac user, get protected and resign yourself to being no more secure than the Windows user next to you. Read the history of Mac viruses and find they pre-date Windows viruses by a few years!

The quicker Mac users accept the change then the quicker they can move on and begin to deal with the problem… Denial of a problem has always works so well with computers.

SecurityBrad

From experience we can safely say the biggest cause of hard drive failure is… YOU, the computer user!

Do you shut your computer off completely before you move it? Do you turn it off by using your operating system shutdown option? If  you answered no to either question and your hard drive fails then you now know why! Just held in the power button as you were fed up waiting for it to shutdown? Well a hard drive is a mechanical device and can be compared to an old fashioned record player. A needle moves over disks of metal reather than vinyl and is air cushioned these days but the principle is similar. Unless you shutdown the computer using the shutdown option then you are scratching the needle over your record by moving it. Same goes for holding in the power button to turn it off, this is like having a fancy automated record player which auto returns if you let it. Instead of waiting for the device to do its job, you are grabbing the needle and forcing it back into its housing violently.

The future for computers is to use Solid State Devices called SSDs which have no moving parts. Too expensive for most they are slowly becoming available. All laptops should have SSD storage over mechanical devices in our opinion. Both types suffer electronic failure but the user has to do some bad things to damage a SSD compared to hard drive!

SecurityBrad

‘Defence in depth’. That is what the commercial security world calls having multiple layers of security to protect you in case one fails.

Simply put, your home computer needs to have multiple layers of defences including an up to date browser like Firefox, have Anti Virus software that works, run Windows Update every month and update all your applications at least weekly, as a minimum. Sounds like hard work, no one interested in your computer? Don’t be a muppet!

If your computer is hacked then you could be storing child porn, terrorist training material, or your computer could be used to send spam. Assuming that you never entered any personal or financial information, else that would have been stolen as well, the worst case scenario is that your home gets raided as part of the war on terror and computers seized…

No one can guarantee perfect Internet computer security unless you unplug the Internet.

A recent hacking contest showed that ALL major browsers on the Internet can have security issues including Safari on Macs, iPhones, Windows 7,  and both Internet Explorer 8 and Firefox on any computer. So next time you click on a link sent to you, visit dubious websites, or download a file from the Internet, be sure of your defences and make sure they are deep!

SecurityBrad

A common question we get asked a lot, why have a firewall on each computer when the network is protected by the firewall in my router? Simple answer, it is a question of trust. If you follow secure computing advice like the Secure IT Foundation’s Home Computer Policy, then you will know that safe computing starts with not giving away trust. Why do you need to trust the other computers on your network just to read your emails and access the Internet. Even if you do share files with other people in your computer network then that is all your firewall should allow.

In case this seems like paranoia, then a new method of hacking has been developed which allows the bad guys to bypass your router’s firewall completely! You can read more about it on The Register. Suddenly your computer’s only defence is your software firewall that comes with your operating system. This includes Apple Mac OSX users, as your firewall may not be on by default. As long as it is properly configured to block all incoming requests, then you will be protected while the majority of computer users will be vulnerable. For once smugness is not the preserve of Mac users as the Windows firewall is not fully secure in its default configuration either!

SecurityBrad
www.securitybrad.com

There hasn’t been a major operating system update for some time then two come along together. Both Apple Mac’s Snow Leopard and Microsoft’s Windows 7 are available, so both PC and Mac users have to decide if they upgrade.

We have covered the correct decision process you should use when deciding if you should buy a new computer to get Windows 7 previously. The verdict was if your current secure computer is working fine with XP or Vista, then there is little benefit for the home user apart from eye candy. If your computer is slow now then adding 7 will not change much, software is no substitute for having fast hardware. Mac’s have an advantage here in that the hardware is known by Apple, and they will know the benefits of software changes better than Microsoft whose user could have a near infinite combination of hardware.

From testing and research though, neither operating system could be called ‘secure out the box’. Macs have the advantage of using non admin users on a daily basis, a practice that Windows 7 does not yet enforce, but can do perfectly well. Malware is mostly a Windows problem but Macs have their own malware these days, and the inclusion of very basic malware detection in Snow Leopard shows that it will only get worse according to Apple.

Both have fully functioning firewalls, and the default services offered over a network are mostly a sensible choice for either OS. However it is not all good. Both do suffer from default browsers with known security issues. Years ago the problem with PCs was their accessibility over a network to viruses and worms, but this vulnerability has been mostly closed.

The risk comes these days from the moment the home computer user starts to use their computer! You open a web page loaded with malware and your brand new operating system can be compromised. Even if both Snow Leopard and Windows 7 are using non admin users, poor security practice by the user can allow malware to run. There is nothing any operating system can do if the user enters the administrative password and installs an application which contains malware. The new malware detection in Snow Leopard only stops a couple of known viruses, so the virus writers will modify them not to be detected. Then begins the Mac Anti Virus arms race as seen with Windows.

Overall both operating systems offer a default level of security. Macs do offer a higher level of security out the box, but it still is far from a truly secured compared to the Secure Computer Standard. Windows 7 has a much higher security level than Windows XP out the box, but again it still is far from a truly secured compared to the Secure Computer Standard. Both 7 and Snow Leopard offer better user experiences than previous versions, so Mac users will upgrade and 7 will be adopted through people updating their hardware over time. The Secure IT Foundation’s conclusion is that Windows 7 and Snow Leopard are both not secure out the box, and both offer little in the way of user education.

Wouldn’t it be nice if you had to watch a safety video before you used the new operating system. Works well to give all air passengers a minimum level of safety knowledge for flight, perhaps its time computers came with a safety manual. Until then you can always read the Home Computer Policy

SB

October 22nd 2009 was the launch date of the new version of Windows, called exotically Windows 7. Unless you have never used a computer and are looking to buy your first one, then you will be used to using either Windows XP or Vista already. So the big question for home computer users is, should I buy a new computer with Windows 7 installed or buy Windows 7 and install on my current computer, else just keep using what I have?

We will answer this by running through the three different scenarios:

  1. Buying a new computer to get Windows 7
  2. Buying Windows 7 and installing it on my current computer
  3. Keep using my current computer with Windows Vista or XP

1. Buying a new computer to get Windows 7

Before you rush out and buy a new computer to get Windows 7, you should first ask yourself one very important question – Do you need a new computer at this moment? If the current computer over three years old and feels slow to you then you may have a valid reason for buying a new computer, regardless of the operating system. The old computer could then have its hard drives wiped securely, Windows or Linux installed and secured, and given to children, family or friends who currently do not have one. If you choose wisely then you will have a fast feeling computer with a fresh copy of Windows 7. As long as you remember that even a brand new computer with Windows 7 will need securing, then you are in for a good computing experience.

By using a non-administrator account for daily use, hardening Windows 7 and applications installed, then you are on the path to a secure a more secure computer. Windows 7 is mostly the same of Vista or XP under the hood, so there is no magic security added here to save you if you don’t, so all the rules for XP and Vista apply for Windows 7. You still need to use the Home Computer Policy!

2. Buying Windows 7 and installing it on my current computer

This scenario is the hardest to justify. Buying Windows 7 to install over Windows XP or Vista begs one question – What feature is it you think Windows 7 will add over your current operating system (Mac users may think they can nod off at this point, but you will have the same questions with the next version of OSX!). If your computer is working fine then you need to be sure of your reasons to justify the expense. While this blog is written on 7, and the Foundation agrees it is a good operating system compared to the bad days of Windows ME and 98, there is nothing it does that cannot be achieved with Windows XP or Vista. Unless there is a particular killer application or must have game that will only work on 7 produced in the future, the only reasons to buy it at the moment is you want to keep up with the Jones family or it looks pretty on screen.

Vista upgraders will find their computer works a bit quicker if the hardware was not up to standard for Vista when it was sold to you, else if your computer works fast on Vista then it is just a fast computer anyway, Windows 7 will not change that! Windows XP users may find 7 actually a bit slower due to increase of background stuff 7 does or you have an old graphics card and the new shiny desktop needs more power to run it. Do expect to change some of your hardware to get the most out of 7, if you currently use XP on a slow computer. You will need to backup XP before you install, as 7 can only upgrade an existing operating system if it is already using Vista.

3. Keep using my current computer with Windows Vista or XP

If your current computer over three years old and feels slow to you then you may have a valid reason for buying a new computer, regardless of the operating system, but if everything works as you want it already, doing nothing is a good option!

XP will be supported for at least a few more years, so a secured version of XP or Vista now will not benefit from having 7 in terms of security. There is no killer feature in Windows 7, just it works well and looks prettier, but style over content users will have chosen a Mac a long time ago. Don’t believe the hype, don’t expect Windows 7 to transform a dog of a computer into a stallion! Quick hardware makes computers run quickly, a good operating system is one that maximises the speed of the hardware available.

SecurityBrad

Smug security, or security by obscurity to give its proper security title, is a terrible thing. It lulls people into thinking they are secure because no one is currently attacking them. The reason no one is attacking them is that there is no money / fame / job in it as the item being secured is too obscure. It is cheap as no real security measures are needed, and will work until someone sees money / fame / job in it. Problem comes that the longer the time smugness is used as a security shield, the skills of the attackers improves while no real security work is going on to help stop problems in the future. Microsoft learnt this quickly and has made great improvements on security over the years at a considerable cost. Mac security has been security by obscurity… but now Macs are popular and a target.

So one of the most popular questions we get asked, is should I use Anti Virus software on a Mac? The answer is yes… but not to protect the computer from bad guys. It is protect the Mac from yourself. To get a virus on a Mac, you need to download software, run it and enter the administrative password (strangely similar to a Windows computer correctly hardened!). To get the software to run, you agreed for it to anything to your computer, hence you need Anti Virus software to protect your Mac from you! You cannot tell if software is good or bad, so let the professionals do it for you and run AV, for all our sakes.

SB



  • None
  • Coldwind: Couldn't agree more. I downloaded a piece of software just now, disabled the 'toolbar' 'offer' (which fortunately for me has become a reflex); but co
  • ModemJunki: I only discovered this today - I had updated the firmware to the latest out of habit, and I could STILL access my TrendNet cams on the local network w
  • PrentOS – a Simple Secure Computer « Secure IT Foundation: [...] September 2010 we said it was time for a brand new start to computing, well it is starting to take shape… [...]

Categories