Choosing a Mac Antivirus: Reasons 13 and 14

13 - Intego knows the enterprise

Intego has a great deal of experience working with multi-user installations, from ten to 100,000 seats. With a wide range of enterprise customers, Intego can help customers deploy its software easily, and its Remote Management Console allows network administrators to manage Intego software on any number of Macs locally or over the Internet or a VPN. Administrators can determine and apply security policies, and adjust settings to individual users and groups as required.

14 - Intego is the leader for Mac security software

Intego is not only number one in Mac security sales, but also in innovation and reactivity. Intego’s ten years of experience have shown that the best way to provide quality Mac products and support is to focus solely on Macs. Our experience is our biggest asset: when Mac security issues occur, our team of developers are the most reactive, and as new threats arise, we can offer Mac-specific solutions more quickly than any other company.

Apple Has Yet to Patch DNS Vulnerability

A couple of weeks ago, we wrote about a major flaw in the way the DNS system works, and how all the major vendors had concerted and patched DNS servers to protect against this vulnerability. Well, Rich Mogull, writing at TidBITS, points out that Apple has not yet issued a fix for this problem for Mac OS X, and especially for Mac OS X Server, for which such a patch is much more important. (Most users of Mac OS X client don’t do DNS lookups via their Macs, but rather via a server or their ISP’s DNS server.) Mogull says, “All users of Mac OS X Server who use it for recursive DNS must immediately switch to an alternative or risk being compromised and traffic being redirected.”

We have written in the past about how Apple is slow to issue security updates, especially for the open source software included in Mac OS X and Mac OS X Server. Let’s hope they get hopping on this one, since security researchers around the world agree that this is a serious bug.

Apple Searching for Security Engineer for iPhone

Are you a security specialist? Do you want to work in Cupertino? Are you psyched by the iPhone? Apple is looking for you. The company has posted a job description for an “iPhone security engineer”:

Apple’s CoreOS organization is looking for an exceptional individual to validate the security architecture for the iPhone. As an implementer of advanced technologies in OS X, you will have the opportunity to have a major impact on Apple’s embedded operating system products.

More iPhone Vulnerabilities Spotted; No Patches Yet

Computerworld is reporting that security researcher Aviv Raff has discovered three bugs with the iPhone’s Mail and Safari applications. Raff has reported these to Apple, but apparently Cupertino doesn’t agree that all three bugs are security issues. This bug involves malicious users sending spoofed URLs that iPhone users may click and open in Safari, thinking they are valid URLs for banks, PayPal, etc. The other Mail issue makes accounts more vulnerable to spam, but Raff said nothing more, not wanting to spill the beans so the bug could be exploited more readily. This bug has already been patched in Mail for Mac OS X.

Raff recommends that users not click on any links they receive in e-mails on the iPhone, and said that if they want to avoid spam, they should stop using Mail on the iPhone. This latter comment surprises us - spam is related to an e-mail account, not an e-mail program, so we are curious as to how a bug in Mail could lead to receiving more spam. But we’ll keep an open mind and wait and see what becomes of this. In the meantime, you have been warned.

Securing your iPhone’s Wireless Connections

While you can use the iPhone to make phone calls, and get Internet access via the telephone network (3G or EDGE), you can also use the device to connect to any wireless 802.11x network, just as you’d connect your laptop to a wifi network. Yet iPhone users may not realize that connecting to such networks, and transferring data with no protection, may be dangerous. Glenn Fleishmann, writing in Macworld, takes a look at what’s necessary to protect such connections. He discusses using a VPN (virtual private network), to ensure encrypted end-to-end data transfer, talks about WPA and WPA2 Enterprise security, and explains how to create an iPhone configuration profile. If you use the iPhone over a wireless network, check this article out: you may not need all your connections to be secure, but if you’re working with sensitive business data, the tips here may be essential to you.

Apple Issues iLife Security Update

Apple has released a series of updates for iLife applications, with individual updates for iMovie, iPhoto and iWeb, as well as a general update called iLife Support. This patch, according to Software Update, contains security fixes, and Software Update provides a URL to find out more about the security content of the update. As of this writing, however, the URL just redirects to a more general Apple Security Updates page, which does not list the iLife Support update. We’ll keep you posted when Apple publishes more information. In the meantime, you can use Software Update to get these patches.