SecurityInformation
LittleSecrets for Mac OS X gives the Macintosh users the ability to store notes in an encrypted format that can only be accessed with the password assigned to the file. Upon launching the encrypted file the user is instructed to enter the password, only upon proper authentication is access granted to the file.
Think of LittleSecret as a note management system that allows for you to sort and create new notes all manageable from the programs interface. The user is allowed to create folders and sub-folders to sort the information even …
January 10, 2003 •
2 min read
SecurityInformation
Tresor is a file encryption tool for the Macintosh. It is simple to use, fast, and offers very high cryptographic security. It is available in native versions for 68k Macs and PowerMacs as well as in a FAT version and requires MacOS 7.0 minimum. Tresor is shareware. The registration fee is 20 Euro.
Tresor encrypts any file using the IDEA block encryption algorithm. Encryption uses self-selected passwords. For decryption, the same password that was used for encryption will be needed again.
IDEA (International Data Encryption Algorithm) uses data blocks of 64 bits …
December 8, 2002 •
2 min read
SecurityKeys Off is now at version 1.3.2, now fully compatible with MacOS 9 and includes version 1.5 of the BlackWatch screen saver.
Information
Blue Globe Software has been producing high quality shareware since 1991, and they expect to continue this trend for a long time to come. They have updated and patched previous versions of Keys Off to keep it up to date. Their Software has many features you can not find anywhere else for a very low price.
DOWNLOAD Shareware Version
You can use Keys Off by Shareware, to download version 1.3.2 click …
November 11, 2002 •
3 min read
SecurityResolution
The issue described below was addressed and take resolved by Apple July 12th 2002 by adding checksums to downloads. Update to current version of Mac OS X via the software updates or visit AppleCare Document 75304
Information
Anonymous writes “I have recently been forwarded a mail from a reliable source which highlights a possible security issue with Software Update. I have not tested it myself, but both the source of the mail and the person who forwarded it are reliable and have always helped me to keep up to date with a …
July 6, 2002 •
2 min read
SecurityMAC OS X Security to the general Macintosh user has never been much of an issue. Turn it on, use it, turn it off when you’re done. And even if you’ve got a DSL or other dedicated line, warnings related to hack attempts on open and dedicated networks lines never seemed to instill fear in a Mac user. Sure there are products like Norton Personal Firewall or NetBarrier 2.0, but these are for professionals right? Well, not really. But the truth is, for the general Macintosh user, the chances of …
June 5, 2002 •
7 min read
SecurityAbout Cisco VPN Client
The Cisco VPN (Virtual Private Network) Client establishes an encrypted tunnel between a local system and a Cisco VPN Concentrator. The tunnel provides confidentiality and integrity for the data in transit, allowing a user on the local system to securely connect to a corporate network via a public, possibly untrusted network.
Information
Cisco’s VPN Client for Mac OS X, Linux and Solaris contains a security vulnerability which results in administrative privileges via a exploit. The Virtual Private Network (VPN) client allows for the Non-Windows platform to function over a …
June 4, 2002 •
4 min read
SecurityThis is one section of an overall document. The overall publication covers the setup of a Mac OS X Server. This part is being made public to help others secure their machines.
This document outlines some security measures for the Mac OS X Server 1.0 – 1.2 platform. While Mac OS X Server (OSXS) is a fairly secure environment out of the box, these basic measures help create a more secure computing environment. They should be taken by all personnel running a Mac OSXS on the WSU campus network.
The measures outlined …
June 2, 2002 •
11 min read
SecurityInformation
BugScan is a Macintosh Virus File Scanner which allows users to determine if they have AutoStart 9805 Worm and SevenDust virus files on their hard drives. BugScan will detect all files for all strains of the AutoStart 9805 Worm plus all strains of the SevenDust virus current at 06/14/99, a number of Trojan Horse files that are currently circulating in the Mac world as well as some of the most recent virus files common to the Windows platform.
Views
Nifty program to keep around. MacAddict, MacWorld, and MacPool gave them the vote.
June 1, 2002 •
1 min read
SecurityPublished: 5.07.2002
Fixed: Mac OS X 10.1.4
Effected OS:
Mac OS X 10.1.3 and prior)
Information
The problems lies within the file /usr/sbin/sliplogin (sliplogin) bundled with versions of Mac OS X prior to 10.1.4 due to the permissions defined and a buffer overflow. The system can be taken control of if a non-administrative user were to overflow the program giving them permissions as a root user. This issue has been taken care of in 10.1.4 system security update, if you have not yet updated do so now.
A unix styled exploit for the Macintosh! This is …
May 7, 2002 •
2 min read
SecurityToday it was discovered in Mac OS X 10.1.4 (Not tested with prior versions yet) with multiple users
I have stumbled across a rather large security hole when AppleSharing between a Mac OS 9.2.2 box and a Mac OS X box running v.10.1.4.
If a Mac OS X 10.1.4 box contains multiple user or administrator accounts, their home directories as well as access to some shared folders with permissions for only one specific account can be broken into via AppleShare.
The trick is simple. This can be done on any administrator account on …
May 4, 2002 •
2 min read
SecurityInformation
SubRosa Vol 1-File Utilities is SubRosaSoft.com Ltd’s first line of privacy products which help Macintosh users secure themselves and their personal data. The suite of software to protect your files consist of the following; file and folder encryption, multi-pass shredder, and free decryptor. Each one of these programs make it easy enough for any Mac user to enforse digital security on the personal data that is stored on the computer.
SubRosa Encryptor
The SubRosa Encryptor allows you to take files or folders and convert them into a encrypted archive that you can …
May 1, 2002 •
4 min read
SecurityFixes
To fix Internet Explorer:
This is done by updating through the Software Update Pane/Control Panel.
Patch Microsoft Office Products: Patch is Here
More Information:Security Alert
Vulnerability: Run code attacker wants.
Severity Level: Microsoft suggests Critical
Affected Software:
Microsoft Internet Explorer 5.1 for Macintosh OS X
Microsoft Internet Explorer 5.1 for Macintosh OS 8 & 9
Microsoft Outlook Express 5.0.-5.0.3 for Macintosh
Microsoft Entourage v. X for Macintosh
Microsoft Entourage 2001 for Macintosh
Microsoft PowerPoint v. X for Macintosh
Microsoft PowerPoint 2001 for Macintosh
Microsoft PowerPoint 98 for Macintosh
Microsoft Excel v. X for Macintosh
Microsoft Excel …
April 9, 2002 •
4 min read
SecurityMac OS X is UNIX at the core this is very true as described in Apple’s print advertisement, besides sending all others to /dev/null this OS is also open to all the security issues behind the UNIX environment.
Many features that are offered in the UNIX enviornment can lead to security concerns. They’re not to be considered bugs or exploits, just features. Recently Max Grosse shared with SecureMac.com how a feature in sudo could be used to the advantage of hackers to create backdoors or execute malicius code.
The code Max created …
April 6, 2002 •
6 min read
SecurityMacs are Vulnerable, too
Due to the potential vulnerabilities of Mac OS X, Macintosh computer systems are more susceptible to security breaches and threats than ever before. Many Mac users falsely believe that they are immune to virus and hacker attacks. It’s true that Macs are generally affected less by intrusions than PCs, but that’s only because Macintosh makes up such a small percentage of the market. In reality, with the growing number of viruses in existence and the increasing number of hackers on the Internet, there isn’t a computer in …
April 6, 2002 •
5 min read
SecurityThe folks at BSD-H have found a flaw that offers anyone in the admin group the ability to achieve root access via sudo. For those of you new to Mac OS X and the whole Unix environment do not get frustrated, this article will enlighten you about sudo and what steps you need to talk to fix the security issue.
The Flaw
Dubbed ‘RootX’ when this exploit is compiled, the program communicates with a sudo feature to give root to any admin under Mac OS X. Sudo means ‘do this command as …
February 7, 2002 •
4 min read
SecurityStuffing Mac OS and Mac OS X with Nimda Worm
Nimda fills the Macintosh with .eml files if File Sharing is enabled.
Includes Samba.
WW32/Nimda@mm
PE_NIMDA.A
I-Worm.Nimda
W32/Nimda-A
Win32.Nimda.A
W32.Nimda.A@mm, simply known as Nimda is a mass-mailing worm/virus that spread itself via multiple methods. Nimda will send itself out by email and will search for network shares that are open and try to copy itself to vulnerable/unpatched Microsoft IIS web servers and other network connections (Samba/File Sharing).
Nimda is a Windows worm/virus. However, if your Macintosh is connected to the internet or network with File Sharing methods enabled you …
January 5, 2002 •
61 min read
SecurityPRODUCT: Macintosh Hacker’s Workshop (MHW) v1.1
Review by: James M. Buehring
RATING: 4.5 / 5
THE PRODUCT & DEVELOPER:
MWH, or “Macintosh Hackers Workshop” is the first of (hopefully) a long line of products from a security expert team from France named CODE511. The author, grungie, offers up the only graphical UNIX password cracker for OS X to date.
This is not a program for your novice user who is unfamiliar with password files or DES encryption. If “DES” and “passwd” draw a blank for you, skip over this product.
For those of you who could …
December 11, 2001 •
3 min read
SecuritySneak Preview of MacAnalysis for Mac OS X
“Exclusive Previews of MacAnalysis X!”
Lagoon Software’s MacAnalysis has become a manditory program for Macintosh users trying to secure their systems. MacAnalyis is a security auditing suite that runs on your Macintosh, test the security of a local or remote computer system.Read about MacAnalysis @ this SecureMac.com review
After many weeks of programming they are almost ready to start distribution of their Mac OS X version. SecureMac.com was given the program to take a look at – the program follows the same style setup from …
December 2, 2001 •
2 min read
SecurityMarketing your Macintosh Security Programs Online v1.0
Once you have the program created you need people to download, test, and update the software. This simple how to guide is to share with you realms of the Internet where you can reach all different markets, from the hackers, security experts to regular Macintosh users.
Your Web Site
Create a web site the goal is to keep it as clean and simple as possible. Make sure you have pages for the following:
Contact (e-mail address, website – bookmark it, mailing list)
Program (with description, screenshots, and examples)
Index …
November 10, 2001 •
3 min read
SecurityIntroduction
Sophos declares the following in their campaign for Sophos Anti-Virus for Mac
-Malware myth: Macs can’t get viruses.
-SophosLabs have detected over 1,000 threats for Mac OS.
Sophos Anti-Virus for Mac Home Edition runs in the background and scans files for threats whenever your Mac opens them. It comes with an uninstaller (Applications/Remove Sophos) in case you want to remove it after trying it on your system.
I’ll be going through this review step-by-step and cover all the features related to the Mac system, usability, configuration and overall experience. Feel free to follow my …
November 7, 2001 •
17 min read
