Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suggestions for improved security Macbook Pro


  • Please log in to reply
11 replies to this topic

#1 MaryBet82

MaryBet82

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:34 AM

Posted 20 February 2015 - 07:16 PM

MacBook Pro OS 10.6.8 current on software updates

Currently using Firefox 35.0.1 w/ WOT, BetterPrivacy & NoScript

 

I've been disconnected from the internet since 2012 - have just reconnected. Bought my first mac in Aug 2010 after years of  trying to get Windows to work. I haven't done much w/ the computer since 2012 - so I've forgotten a lot of how to's.

 

I hadn't installed any antivirus between 2010-2012. I've been reading recent posts and it seems like there might be more threats to macs now than previously. My sister who has Win XP and a new Win 8.1 and I are currently having to share the occasional Word doc and I don't want to infect her computers. Both of her computers have antivirus programs installed [and currently driving her crazy].

 

I would appreciate some opinions as to whether I should install something like ClamXav or if a paid AV might offer more security.

 

Also - I have have used Firefox for years so I have never tried to use Safari. But every time they improve Firefox they change it and move things around so I can't find them. Plus I have to keep updating the security extensions. Would it be better security-wise to use Safari?

 


mac 10.6 on macbook pro
WinXP sp2 on Dell 380 w/ 512 MB RAM- currently dead in the water
WinXP tab ed sp 3 on Thinkpad X41 w/ 1.5 GB RAM - lemony flavored
Win2K Sp4 on Sony VAIO GXR600 w/ 512 MB RAM - currently blue screening

BC AdBot (Login to Remove)

 


#2 Buddyme2

Buddyme2

  • Members
  • 710 posts
  • OFFLINE
  •  
  • Local time:10:34 PM

Posted 21 February 2015 - 12:02 AM

Read What security steps should I take in the Mac Virus/Malware FAQ.

ClamXav if you really need an antivirus. Paid for AV are just a waste of money IMO.



#3 Twin B

Twin B

  • Members
  • 262 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:More Than a Mile High
  • Local time:12:34 AM

Posted 21 February 2015 - 01:06 AM

Agreed. 


I've learned blood is not thicker than money. 

 


#4 MaryBet82

MaryBet82
  • Topic Starter

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:34 AM

Posted 24 February 2015 - 08:26 PM

Thank you Buddyme2 and Twin B.

I read the link. Since my sister has to run AV on her Windows, I think I'll forego installing AV on my mac. If I understand correctly, there are no current, real world viral threats to macs. There are trojans and malware to which macs are vulnerable, but they require an installation process that requires using the admininstrative password. 

I think my browsing habits are pretty safe. I only got one virus all the years I was using Windows when I went to the wrong site to download a popular security program. I learned not to download software when I'm tired.

I'm not sure about never opening a file from an unknown source. Sometimes I download pdfs when I'm researching some topic and there are docx files on fanfic sites on Yahoo I've started opening because I can't remember how I used to download them. Since I'm not running AV on the MAC is there any difference to opening a file on Yahoo in the web browser or downloading and opening from the hard drive? I use Web of Trust so hopefully I don't wander onto bad sites, but if they are not 100% all the time I expect I could.

I also don't understand about changing one's DNS server. The one listed in my system preferences is my ATT Modem/Router. Why would I list OpenDNS or Google servers in my preferences?


mac 10.6 on macbook pro
WinXP sp2 on Dell 380 w/ 512 MB RAM- currently dead in the water
WinXP tab ed sp 3 on Thinkpad X41 w/ 1.5 GB RAM - lemony flavored
Win2K Sp4 on Sony VAIO GXR600 w/ 512 MB RAM - currently blue screening

#5 iangcarroll

iangcarroll

  • Members
  • 658 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Birmingham, MI
  • Local time:02:34 AM

Posted 24 February 2015 - 09:22 PM

I advise installing an AV based on the possibility of a future threat. There have been many OS X exploits, there was a privilege escalation bug last month. I'd suggest Avast for OS X as it's free and doesn't have any crap with it. 

 

With regards to your DNS server, generally it's safe to use the one that your ISP (internet provider) sets but some prefer setting it to Google/OpenDNS because it's either faster or they don't trust their ISP.

 

Safari provides no real security benefit over Firefox, really. It's your choice though.


Ian Carroll https://ian.sh • Certly Inc
 
Member of the Bleeping Computer A.I.I. early response team!


#6 GoCatGo

GoCatGo

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:11:34 PM

Posted 27 February 2015 - 09:44 PM

Unfortunately, Yahoo has been exposed as a common source of malware …



#7 h8zgray

h8zgray

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Columbus, OH
  • Local time:01:34 AM

Posted 01 March 2015 - 02:17 PM

Agreement with Buddyme2 in that currently Antivirus software on MAC OS X is still a very conditional recommendation. I was running Kaspersky Internet Security on my 2012 Mac Pro and recently uninstalled following the discovery that the software scans your traffic even when using SSL enabled (secure) websites. Even though there is a place to disable this behavior in the settings, I will choose to periodically manually scan my system for viruses and malware; one  recent application is AdAwareMedic to scan for malware, though admittedly, not sure if using the program opens one up to more threats.

 

I guess I got a little paranoid following the Superfish/Komodia issues with Lenovo, Steve Gibson had a good discussion in the most recent issue of the Security Now podcast on Twit.tv.

 

i guess the best advise to offer is to be careful where you download your shareware, watch out for email attachments, and do not run as an administrator, especially in a Windows environment. Best wishes.



#8 iangcarroll

iangcarroll

  • Members
  • 658 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Birmingham, MI
  • Local time:02:34 AM

Posted 01 March 2015 - 10:05 PM

Be aware that Kaspersky generates unique certificates for TLS/SSL interception. All of Kaspersky's scanning is done locally (although KSN might transmit some info) so there's no real problem.

Ian Carroll https://ian.sh • Certly Inc
 
Member of the Bleeping Computer A.I.I. early response team!


#9 MaryBet82

MaryBet82
  • Topic Starter

  • Members
  • 454 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:02:34 AM

Posted 24 March 2015 - 02:49 PM

Thank you to everyone for responding. I'm sorry to say the more I read about security issues the more confused I get. What exactly is a trusted or safe site? I use Web of Trust in Firefox which gives me little green icons as I go from site to site. I haven't had a red flag in forever. That is the only way I know a site is safe to visit, but WOT isn't 100% and it's not real time. I remember reputable, "safe" sites were being hacked at one point and bad stuff put on and something about "drive by's". I don't as a rule click on adverts, but I might click on an info link at some point. I used to depend on my AV to protect me from such threats - Avast had some feature I kept checked for that purpose.

 

I use McAfee site advisor before downloading and installing freeware, but I rarely do that on the mac and infrequently did on my windows machines. Norton also had an advisor site and I usually checked both. But I don't use them when I'm in the middle of researching some topic and just following links to get info.

 

On Windows I used to download pdfs and docx files and do individual viral scans before opening them but I don't currently have an AV on the mac, so I didn't see any difference in downloading them vs just reading them online. Especially since I can't just CTL+Delete them once downloaded. Downloading, scanning and getting rid of the ones I'm not interested in once I read them sure adds to the workload.

 

If I understand h8zgray correctly, some AV's could be a security risk themselves?


mac 10.6 on macbook pro
WinXP sp2 on Dell 380 w/ 512 MB RAM- currently dead in the water
WinXP tab ed sp 3 on Thinkpad X41 w/ 1.5 GB RAM - lemony flavored
Win2K Sp4 on Sony VAIO GXR600 w/ 512 MB RAM - currently blue screening

#10 dante12

dante12

  • Members
  • 194 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:34 AM

Posted 28 March 2015 - 08:01 AM

Be aware that Kaspersky generates unique certificates for TLS/SSL interception. All of Kaspersky's scanning is done locally (although KSN might transmit some info) so there's no real problem.

 

Please also read here

 

Man-in-the-Middle

 

I have no problem if any AV Solution scanning ssl traffic but I have a problem if replacing certificates with one of their own. It's a big security issue and is undermining the systems security policy.



#11 iangcarroll

iangcarroll

  • Members
  • 658 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Birmingham, MI
  • Local time:02:34 AM

Posted 28 March 2015 - 08:29 AM

Be aware that Kaspersky generates unique certificates for TLS/SSL interception. All of Kaspersky's scanning is done locally (although KSN might transmit some info) so there's no real problem.

 
Please also read here
 
Man-in-the-Middle
 
I have no problem if any AV Solution scanning ssl traffic but I have a problem if replacing certificates with one of their own. It's a big security issue and is undermining the systems security policy.

What you are describing is impossible. In order to monitor TLS traffic, you must replace the certificate.

Unfortunately it seems (seemed?) Avast doesn't do revocation checking. Not sure if Kaspersky has this problem, but if you generate a unique root per machine and check the certificate's validity and revocation status there are no security issues.

Ian Carroll https://ian.sh • Certly Inc
 
Member of the Bleeping Computer A.I.I. early response team!


#12 dante12

dante12

  • Members
  • 194 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:34 AM

Posted 28 March 2015 - 10:42 AM

 

Unfortunately it seems (seemed?) Avast doesn't do revocation checking.

 

 

That's it what I mean. Avast doesn't check the validity of the certificates  and replacing with it's own. I got the risk fallen into malicious sites because this action undermines functionality of other applications (like browsers) for example that also check malicious sites. The question should now be, why I should trust such software? 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users