Intego Security Alert: OSX.RSPlug.A Trojan Horse

A malicious Trojan Horse has been found on several pornography web sites, claiming to install a video codec necessary to view free pornographic videos. If users install this Trojan horse, it uses a sophisticated method to change the Mac’s DNS server (the server that is used to look up the correspondences between domain names and IP addresses for web sites and other Internet services). When this new, malicious, DNS server is active, it hijacks some web requests, leading users to phishing web sites (for sites such as Ebay, PayPal and some banks), or simply to web pages displaying ads for other pornographic web sites.

For full information, see this Intego Security Alert.

Leopard’s Firewall a Bust?

Mac OS X has long included a firewall, which is hard to find and confusing to configure. The new version of the firewall included in Leopard is even more perplexing, and, it turns out, not very effective. According to Heise Security:

“The Mac OS X Leopard firewall failed every test. It is not activated by default and, even when activated, it does not behave as expected.”

Discussing certain system services that are exposed to the outside world, in spite of the firewall, the article states that,

“an attacker could gain complete control over the system - with all the consequences this entails, right up to mass distribution via a worm.”

Intego was the first company to offer a personal firewall for Mac. Intego NetBarrier X4 not only offers solid protection - the Mac press has regularly given this program excellent reviews - but it is easy to use. Unlike Leopard’s built-in firewall, any Mac user can configure NetBarrier and get it working correctly, protecting their Mac from hackers, vandals and malware. Don’t worry if you don’t understand the Leopard firewall; NetBarrier X4 is the right solution for you.

Even Developers Need Security Updates

Mac developers may feel left out from time to time, since Apple’s Developer Tools don’t often get security updates. So it’s their turn today to update their software. Apple’s latest security update, APPLE-SA-2007-10-30 Xcode 2.5 Developer Tools, fixes both Mac OS X 10.4 and 10.5 versions of the developer tools. It corrects vulnerabilities in gdb and WebObjects. If you’re still using Xcode 2.5 Developer Tools, update this new version now, from Apple’s Developer website. (If you’ve already migrated to Xcode 3.0, you don’t need to worry about this update.)

The First Leopard System and Security Update

Sort of. The Login and Keychain Update 1.0 fixes some keychain-related problems:

• Logging in with an account originally created in Mac OS X 10.1 or earlier that has a password of 8 or more characters.
• Connecting to some 802.11b/g wireless networks.
• Changing the password of a FileVault-protected account.

More Comments about Time Machine

In Intego Personal Backup Compared to Apple’s Time Machine , we listed some reasons why Time Machine simply cannot replace the flexibility of Intego Personal Backup. Today, TidBITS author Joe Kissell discusses Time Machine showing just how problematic this feature can be. On his Mac, “Time Machine backs up tens of thousands of files, totaling hundreds of megabytes, every single hour”, and each hourly backup takes a half-hour.

It’s worth reading this article to better understand Time Machine’s limitations, and the headaches it can engender. With a more versatile backup solution, you’ll find backing up to be quicker, easier and more flexible.

Learn How to Master User Accounts in Leopard

User accounts are an integral part of Mac OS X, but for many people, they’re a source of confusion. No more, thanks to Kirk McElhearn’s straightforward explanations, which help you understand and manage all the accounts for people who use your Mac, even if the only person is you. You’ll learn how to create the right types of accounts for the different people who use your Mac, why you need at least two accounts, and what you can do with the many new options in Leopard’s parental controls. Kirk shows you how to set up a troubleshooting account to solve problems, use Fast User Switching, share files between users, manage login and startup items, and more. Kirk even reveals tricks for sharing music and photos among multiple users on your Mac using iTunes and iPhoto.

Buy this ebook from TidBITS for only $10.

Intego has partnered with TidBITS for this ebook, offering a 25% off coupon for Intego ContentBarrier X4 or Intego ContentBarrier DP. The author points out just how much more useful ContentBarrier is than the built-in parental controls. So if you buy this ebook, you’ll save more than its cost on a purchase of ContentBarrier.