The Mac Security Blog
Passware, a company that provides computer forensics tools, has released a product that can grab your password via a FireWire port in seconds. The company’s new forensic toolkit captures data from your Mac’s memory, analyzes it quickly, and reveals passwords for your user account, and for your keychain, if that password is different. And it can do this even if your Mac is asleep, and even if you have FileVault encryption activated.
However, there is an easy way to protect your Mac from this type of software. Turn off your Mac instead of putting it to sleep, and turn off Automatic Login, as we suggested in a recent Mac Security Tip.
Microsoft’s Malware Protection Center has posted an article about a new Mac backdoor called Olyx that they have “discovered” in a package also containing Windows malware. Intego spotted this backdoor some time ago, and added it to VirusBarrier’s malware definitions on June 30, as OSX Backdoor OSX/Olyx.A. There is little threat to this malware, as it is not found in the wild in any form that can be installed on Macs.
Intego regularly finds malware of this type, which is neither well designed, nor able to be easily installed on Macs. Intego’s Virus Monitoring Center adds this malware to its malware definitions, ensuring that Mac users are protected in case such malware does get added to effective payload, such as the MacDefender fake antivirus or other Trojan horses. We don’t publicize such malware by issuing security alerts, because the threat is not serious enough.
Apple has released security updates for iOS to fix a problem with certificate validation:
A certificate chain validation issue existed in the handling of X.509 certificates. An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS. Other attacks involving X.509 certificate validation may also be possible. This issue is addressed through improved validation of X.509 certificate chains.
The updates, iOS 4.3.5 for the iPhone (GSM), iPod touch and iPad, and iOS 4.2.10 for the CDMA (Verizon) iPhone, are available via iTunes. More information about the update is available here for iOS 4.3.5 and here for iOS 4.2.10.
When you first set up a new Mac, or when you do a clean installation of a new version of OS X, you create a user account, and that account is set, by default, to log in automatically at startup. This isn’t a problem when you’re at home, but if you use a laptop, and travel, this is a serious risk. This automatic login means that anyone who finds your Mac only needs to start it up to have access to your files.
You can change this, and tell OS X to display a login screen on boot. There are two ways to do this.
First, if you go to the Users & Groups pane of System Preferences, and click on Login Options, you’ll see a menu that lets you choose which user logs in automatically at startup, or you can choose Off from this menu to turn off automatic login.
The second way to change this is in the Security & Privacy preferences, again in System Preferences. If you click on the General tab, you’ll see an option to Disable Automatic Login.
Either way, turning off automatic login protects your data, and is only a slight encumbrance when you start up your Mac. You merely have to choose your user and enter your password to get to work. Think about making this change to protect your data from easily being grabbed by anyone who finds or steals your Mac.
Apple has issued updates to its iWork applications, Numbers and Pages, adding full support for Lion for all three applications (Keynote, Numbers and Pages), and adding two new themes to Keynote. In addition, there are there security fixes in the updates, two for Numbers, to deal with maliciously crafted Excel files, and one in Pages, to protect against maliciously crafted Word documents.
The updates are available via Software Update, or may be downloaded here. Full information about the security fixes in this update is available here.
With OS X Lion out, a lot of people will take advantage of the weekend to upgrade their Macs to the new operating system. But before running the upgrade, you should do the single most important thing to protect your files: back them up. Ideally, you should back up your entire startup disk, “cloning” it, making a full copy that you can boot from if you have any problems. To do this, you need an external hard disk, but you can get a good-sized one for around $100. And this is a device you should own, to back up your files regularly.
If you don’t have an external hard disk, you can back up your important files – those in your home folder – to DVDs, but it takes a bit longer. You can also back up to a network volume, if you have other computers on a network, or to an online server.
You can perform all of these tasks with Intego Personal Backup, which is part of the Internet Security suite. With Personal Backup, you can make bootable backups (clones), regular backups, and even synchronize folders across two Macs. You can back up to any kind of device that your Mac can read and write data to: hard disks, network volumes, DVDs and more.
So back up your files now, then install Lion and discover Apple’s great new operating system.