SecuritySymantecs’ Norton AntiVirus (NAV) 7 has become a trusted name amongst Macintosh users for virus protection over the past few years. SecureMac put this program through our five lock testing and the results came out rather interesting.
During installation we were greeted with a screen asking us what type of protection we wanted, none, moderate, most, and too much. After install we rebooted and started the application. The program is easy to follow with a nice classic navigation.
After installation it is recommended you run the LiveUpdate feature that will download the …
June 2, 2001 •
3 min read
SecurityInformation
All Apple Powerbook have the option of setting up a security control panel, making it so when you boot you must enter a password before it mounts the drive. Good security for a laptop!
Views
Good security for those LapTop Users. At lease this program can fool an idiot!
Insecurity
Security Breaches in the Password Security Control Panel: Owners of Powerbook have the option of using the Control Panel “Password Security”. With Password Security turned on the owner of the PowerBook can password-protect his/her computer. This involves a password dialog asking for a password …
June 2, 2001 •
4 min read
SecurityInformation
Easy, Foolproof protection. DiskLock sets up much faster than other security programs. Instead of having to select each file, you can choose entire folders with a single click. And DiskLock is virtually impossible to bypass–it loads before the system software, so unauthorized users can’t start up your system, even from a floppy disk.
IDE Drive Support: Supports IDE drives as well as Macintosh-standard SCSI drives
Multiple User Support: Set up as many users as you want, with an individual password and access levels for each.
DiskLock loads before the system software, so unauthorized …
June 2, 2001 •
2 min read
SecurityInformation
At Ease popularity has kind of died down. I remember schools using it but now they don’t seem to. It’s a product I never liked. Found it rather insecure. Millions of ways to hack around it.
Views
The New Version, Well You need to email me with information on it. I couldn’t find any on Apples website, so if you run it, Email me! I guess this product would be good for Jr High or Elementary schools.
Insecurity
At Ease Files + Hacks + Fixes:
Research Papers/Instructions:
Open Other peoples files is a email submitted from …
June 2, 2001 •
2 min read
SecurityEmail encryption problems should be solved in Sonata
by Dennis Sellers, dsellers@maccentral.com
June 15, 1999, 9:45 am ET
If you’re using a free Mac email application, you inherently have a lack of secure encryption as Andrew Jung, a computer science student at Camosun College (Victoria BC, Canada), recently discovered. Jung was using Outlook Express 4.5 on the family iMac when he came upon what he described a “disturbing bug.”
Jung attempted to use the “Change Current User” menu item of Outlook Express to access his personal email account (three separate email accounts were on …
June 2, 2001 •
4 min read
SecurityInformation
NetBus is a remote administration tool for the Windows Operating system. When this program was first released it was known as a ‘hacker tool’ where a user can gain remote access to a computer with the program installed. This program is like the CDC Back Orifice application commonly known as BO2K.
Virus protection vendors categorized this program as a trojan horse but many insist it is a legit remote administration tool. NetBus is on SecureMac.com so Macintosh users will know their computer CAN NOT be infected by this program. However a …
June 2, 2001 •
1 min read
SecurityPassword weakness in Internet Config in MacOS
What is Internet Config?
From Internet Config FAQ: “The Internet Configuration System was designed to make your life easier by reducing the number of times which you need to enter your Internet preferences into the various preferences dialogs of all your Internet applications.
For example, currently you need to enter your Email address into many common
Macintosh Internet applications, for example Eudora, NewsWatcher and Anarchie.
The goal of the system was to get each of these applications to get this information
from one common place and to give you …
June 2, 2001 •
6 min read
SecurityInformation
Euroda is a widely supported Email client for both Macs and PC’s. Pro Version supports multiple accounts and personalities.
Views
Eudora has grown a lot from user suggestions. They have a nice BETA SITE where you can beta test their PRO version.
Download Versions
Download new Beta Version of Eudora PRO
Download FREE Eudora Light Version or Purchase PRO Version
More Info
QUALCOMM can be reached by email, website or call them directly at 1 800 238 3672
Insecurity
This mail client has been pretty secure. There has been a little exploit known that will show a password for …
June 2, 2001 •
2 min read
SecurityInformation
Let me clarify something for all of you. BackOrifice, NetBus – Those are PC trojans. They will not break your macintosh. The tools described are to control a PC infected with BackOrifice from a MACINTOSH. Yes a Mac. Don’t fear Macs don’t have registries and other fun things.
Views
Some people actually use BackOrifice for their Windows computers for Free, control of the remote the computer. In nature Back Orifice is a trojan. It will let a user connect to it remotely and do odd things. Like have access to files, screenshots, …
June 2, 2001 •
1 min read
SecurityConnections and Protections
Cable and DSL Connections and Security Measures
What type of connection do I have?
Two new remote access technologies are rapidly growing – cable modems and Digital Subscriber Line (DSL) modems/routers. Cable Modems are a shared media. This means that you share a common wire with other people in your neighborhood (see figure one). As more people gain access, the more traffic that is generated over that single wire. Both telco and cable companies are constantly working to increase the amount of bandwidth and service area available to their customers. …
June 2, 2001 •
6 min read
SecurityInformation
John Copeland, a professor at Georgia Tech, noticed his computer sending packets when he was not conducting any traffic. This Mac Attack effects computers running MacOS 9 with a internet or network connection. A FAQ Page has been setup to help you understand the situation.
FIX
After a lot of complaints from MacOS 9 Owners, Apple released a correct solution for the denial of service problems. Open Transport 2.6 is the fix, Only for Mac OS 9; Mac OS 8.6 for PowerMacintosh G4, iBook, and iMac (Slot-loading) computers. Apple says addresses DHCP …
June 2, 2001 •
2 min read
SecurityGrouchySmurf is the first public release of an ICMP broadcast attack for the MacOS. Last night the application was released by Freaks Macintosh Archives a hacker related website for the macintosh community. They wrote a review/press release on the application to hype it. Now it is online and available for download. The ICMP broadcast attack will be explained in details further in this document.
Were not going to try to hide the bad uses of this program. This review is to inform you of the new software released and what damages …
June 2, 2001 •
4 min read
SecurityInformation
Do you know that every single postscript file that you print on a Macintosh using the Print To File function actually secretly puts your email address in the file? Pretty scary, isn’t it?
Problem
Apple LaserWriter driver embeds the user email address within the postscript.
Product Effected:
All postscript file printed via print to file in MacOS.
(Tested on 8.6 and 9.0)
Download
You can download Strip A Post from:
(Strip A Post is a nice little utility that removes that piece of personal information from those postscript files)
SecureMac – 1.0 version
Jake Luck Homepage
Closing Notes
The Author Jake Luck …
June 2, 2001 •
1 min read
SecurityMac OS X Single User Mode Root Access – CodeSamurai
Forward
There’s always the constant battle between user-friendliness and security. Apple has known about this vulnerability for some time now; and back in the days of OpenStep, a patch to that OS was released to fix this problem. Now is the era of Mac OS X, and even though that old OpenStep patch won’t work for OS X, Apple could still easily release a similar patch, or better yet, a permanent fix that will be forever installed by default.
It is argued that …
June 2, 2001 •
5 min read
SecurityMacintosh OS X Security – Third Lesson
MAC OS X Now that we’ve covered the basics of computer security in general and an overview of Mac OS X security specifically, it is time to get a bit more in depth. Because some UNIX gurus and elite hackers now know Mac OS X better than most early-adopting Mac fans, caution needs to be taken above and beyond what has already been covered. This is because of the advanced capabilities of the new OS and the open source condition of many of the …
June 2, 2001 •
5 min read
SecurityMacintosh OS X Security – Second Lesson – Chevell
MAC OS X The early adopters have been using OSX 10.0 for the better part of two weeks now. Early adopters, while not all the UNIX gurus and application developers Apple targeted the release for, are zealous, ambitious and daring- perhaps too much so.
As I stated in my previous Mac OS X Security overview, Mac OS X is a completely new operating system to most Mac users. Its UNIX under pinnings are foreign to the point-and-click community. The interface is certainly foreign …
June 2, 2001 •
6 min read
SecurityIssue:
Netscape Navigator/Communicator stores passwords in plain text
remote: no
local: yes
published: September 12, 2000
vulnerable:
Netscape Navigator/Communicator 4.x (and all versions?)
Security Issue:
There’s been a lot of security advisories and such about cookies security, but since the mac security is often very different from other operating systems, this is worth of mention.
The problem is in fact very simple, Netscape stores saved passwords as cookies in a file called MagicCookie that can be found in the netscape user folder (different for each user created.) in the Preferences folder of the system folder (System Folder: Preferences: Netscape: …
June 2, 2001 •
1 min read
SecuritySecurity Auditing Tools for the Macintosh
In today’s media you only hear about hackers rummaging through data stealing important information. You hear about how your security becomes more and more insecure. All these hackers are hitting websites, stealing passwords and credit card numbers. Yes, it’s true a lot of this doesn’t pertain to the MacOS. It’s the Windows and UNIX servers being hacked. Yet it does happen. Administrators don’t take the right precautions to ensure their customers are secure. The customer is thought to be dumb. It is believed that not …
June 2, 2001 •
3 min read
SecurityInformation
Keystroke loggers are common amongst hackers all around the world. Keystroke loggers do exactly what it says, it is a small program that logs to a file everything that you type and the person who installed the logger can retrieve the log whenever he/she wants. Hackers use the software to gain information like logins/passwords or any other useful data.
TypeRecorder 1.5 is a shareware control panel created by Rampell Software. The software itself is marketed as a tool that would be useful in the case your system crashes, power outages or …
June 2, 2001 •
3 min read
SecurityCable Modem and Macs Security Information
Security Aspect: Macs and Cable Modems
An issue has surfaced which has been ignored and avoided for a long time. In the past, people thought of Macintosh computers as being so secure that you didn’t even need to talk about security. Since the early 90’s, there have been a few web sites dedicated to Macintosh security or hacking, all of which have surfaced, dissolved and expired.
Picture your network. You’re on one line, and your computer is only listening to its own traffic. But computers aren’t smart, …
June 2, 2001 •
6 min read