Windows More Secure Than OS X

 Security  No Responses »
Aug 092011
 

Here’s another person that wants to debate, without putting anything on the table to debate with.  His argument, since Black Hat says that Windows is More Secure Than OS X, it must be so.

Well, here is my reply.

Reality obviously disagrees with you.  First of all, you show absolutely no evidence to back up your article.  A link to Black Hat doesn’t cover it.  Quite Simply, an article written over an year ago, easily counters your opinion piece ( http://www.schollnick.net/wordpress/2010/04/the-mac-os-isnt-really-virus-proof/ ).

Second, even so, the Black Hat article was discussing MOSX SERVER, not the MOSX Client.  Even so, the claim applies to either Leopard or Snow Leopard, and not the current MOSX Lion.

Why have we not seen any real world evidence of Virii infections on the Mac?  We have seen plenty of Trojans, but no real cases of virii reproducing in the wild, and automatically infecting systems.  Trojans are an issue due to user education, and users being gullible, it doesn’t match which platform there will always been trojan success stories due to this simple fact.

But the simple fact is that whoever can successfully make a virius that can will reproduce and infection other systems automatically on the Mac will be famous.  If not the person, than the virus itself.

Remember the “I Love You”, and Melissa Viruses?  What about the Morris Worm, that brought down the internet…. Heck, I will even ignore the Active X worms, virus, and trojans…The fact is that the underpinings of Mac OS X is basically BSD Unix.  Compare that to Windows, fairly, and you will see a marked difference in security design.

Does it make MOSX invulnerable to Viruses and other nasties, absolutely not.  But it does give MOSX an edge, and a more stable environment to base it’s security model on.  After all, BSD Unix’s development history goes back to 1977…   And I think we can also agree that the Unix security model is a fairly robust, and stable security model.

The number of vulnerabilities really is meaningless, since they will count a vulnerability multiple times, in different software packages…  Even after the vulnerability is patched.  Even so, they are potential vulnerabilities, what you really would need to measure is actual infections or computer break ins.

After all, I will counter Black Hat, and raise you a Trend Micro’s David Perry:

For a few days in late January, the Netsky.p worm was infecting about 2,500 PCs a day. Meanwhile the MySQL bot infected approximately 100 systems a minute (albeit not necessarily desktop PCs). As David Perry, global director of education for security software provider Trend Micro, puts it, “an unprotected [Windows] computer will become owned by a bot within 14 minutes.” [http://www.pcworld.com/article/119624/caught_a_virus.html]

Yes, it’s historical, but it makes the point.  Why is one of the first things we have to do to secure a Windows box is either install the Microsoft Defender Suite, or install some other antivirus package? Why is it, that we don’t have to do that on the Macintosh?  The fact is, an unprotected Windows box  will be infected by something.  It is not a matter of how, it is a matter of when.  Even protected Windows systems get infected by Zero-Day exploits. It happens.  It may eventually happen on the Mac as well.  But, at this point, without using a trojan, there is no evidence of a virus being able to reliably infect a Macintosh running Snow Leopard or Lion.

This doesn’t mean that Microsoft hasn’t improved Windows, it has, but the basic security model for Windows is not yet as robust as on the Mac.

 Posted by Benjamin at 6:21 am  Tagged with: , , ,

Mac malware ‘explosion’ missing in action

 Macintosh  No Responses »
Jul 242011
 

The appearance of the MacDefender trojan back in May provoked a lot of back-and-forth between various tech writers (including your humble correspondent). Was this a sign that the good times were ending? That the Mac platform would come under ever-fiercer attack from malware authors? That soon we’d all be running resource-sucking virus scanners and a-fearing every link we clicked?

Well, in a word: no. It wasn’t. And I’ve got some science to prove it.

Mac malware ‘explosion’ missing in action

 Posted by Benjamin at 3:13 pm  Tagged with:

Avast 6 Anti-Virus Download for Free

 Computers, Software, Tech Support, Virus Related  No Responses »
Mar 042011
 

Avast anti-virus is one of the most trusted free anti-virus that is available in the market. Other few security softwares that come to mind are AVG. Avast 6 is the latest version of anti-virus. It is available for Free Download.The Avast 6 includes scan engine which is lighter and takes…

via Avast 6 Anti-Virus Download for Free.

 Posted by Benjamin at 5:57 am  Tagged with: , , ,

Free Mac anti-virus – Sophos Anti-Virus for Mac

 Computers, Macintosh, Tech Support, Virus Related  No Responses »
Nov 022010
 

Sophos is now offering free copies of it’s anti-virus software, to Macintosh users…

Technical Specifications are as follows:

  • Mac with Intel or PowerPC processor
  • 256 MB of memory
  • 150 MB of available disk space
  • Mac with OSX 10.4 (Tiger), 10.5 (Leopard) or 10.6 (Snow Leopard)
  • Supports All Apple Mac hardware including iMac, MacBook, MacBook Pro and the new MacBook Air

The set-up process is simple:

  1. Visit the website cited above.
  2. Click on the download button.
  3. Accept the terms of the EULA license during the installation.

After that is complete, you can use the tool for as long as you like.

According to Sophos, this is the same version as the Enterprise edition, just with a different “home” license.

Take a look here…

 Posted by Benjamin at 8:53 am  Tagged with: , , , , , , , ,

Uninstalling Norton Antivirus & related Security Products

 Computers, Tech Support, Virus Related, Windows  No Responses »
Sep 212010
 

One major issue that I have seen is that Norton Antivirus & Security Products don’t always uninstall cleanly. Often, in the past, they have left the computer unable to connect properly to the internet, or having odd symptoms…

What I have found is using the custom Norton Uninstall Utility, works cleanly, and is often faster then using the Add/Remove Programs control panel.

The removal tool will remove the following software products from your computer.

  • Norton AntiSpam 2004 – 2005
  • Norton Antivirus 2003 – 2007.2
  • Norton Ghost 2003, 9.0, and 10.0
  • Norton GoBack 3.1 – 4.2
  • Norton Internet Security 2003 – 2007.2
  • Norton Password Manager
  • Norton Personal Firewall 2003 – 2006
  • Norton SystemWorks 2003 – 2007
  • Norton Confidential Online 2007
  • Norton Internet Security 2007 Add-on Pack
  • Norton Save and Restore 1.0 – 2.0
  • Norton 360

Follow these directions to download the Norton Removal Tool and run it to remove the above programs. Click on the following link to download the Norton removal tool

ftp://ftp.symantec.com/public/english_us_canada/removal_tools/Norton_Removal_Tool.exe

  • Click Save and save the file to your desktop
  • Close all Norton Application windows you may have open, and double-click on Norton_Removal_Tool.exe to start the removal tool. Windows Vista users will have to right-click on the file and select “Run as Administrator”
  • After the removal tool finishes, you should be prompted to restart your computer. Once the computer restarts, your Norton product should be uninstalled.

 

 Posted by Benjamin at 7:16 pm  Tagged with: , ,

Google: Fake antivirus is 15 percent of all malwareKn

 Computers, Tech Support, Virus Related, Windows  No Responses »
Apr 282010
 

According to a Google study, 15% of all malware consists of fake anti-virus (or Rogue Antivirus) software.  What does that mean to the average user, probably nothing, but are you sure that Antivirus warning you just received is really from your antivirus software?

Practically, this means that you need to be more aware of your antivirus software:

  • Know the name of your antivirus software
  • Make sure that your subscription is up to date, and that updates are occuring for both the Antivirus “engine” and the “definitions” file.  The Engine is the software itself, the definitions are what identify a virus to the engine.  So if your subscription expires you may still see engine updates, but your “play book” will be out of date and your software won’t recognize newer viruses.
  • If you receive a virus warning, make sure that pop up window refers to your antivirus software.  For example, if you run Sophos’s antivirus product, and you see a warning from “Windows 2010 Antivirus Defense”, chances are it’s a fake warning.  (Please note, you may also have “Windows Defender” running, that’s a anti-malware package from Windows).
  • If you see a valid warning, close all your applications, especially web browsers.  Don’t download anything, and run your antivirus software with a full scan…  If it detects anything attempt to clean it.
  • If you become infected, try running the Security Tango.
  • Why all this work?

    More recent fake AV sites have evolved to use complex JavaScript to mimic the look and feel of the Windows user interface,” the report continues. “In some cases, the fake AV detects even the operating system version running on the target machine and adjusts its interface to match.”

Fake antivirus is easy money for scammers, Provos said.

“Once it is installed on the user system, it’s difficult to uninstall, you can’t run Windows updates anymore or install other antivirus products, and you must install the [operating] system,” rending it unusable until it is cleaned up, he said.

Provos said when encountering a fake antivirus message, Web surfers should close the browser and restart the program. People who are duped by the scam may have to get professional help in cleaning up the computer, he said. They should also monitor their credit card accounts because scammers can use the credit card information for identity fraud.

  • Check the reputation of the antivirus packages that you are running, there are smaller companies that make antivirus packages that are not dependable.  Consider using AVG, Avast!, eTrust, and Panda Software’s Antivirus 201x for Antivirus.  For Antimalware, SuperAntispyware, Malwarebytes, and Windows Defender.  If your software is not on this list, please check reviews on cnet.com, or another trusted source.

Check out Google: Fake antivirus is 15 percent of all malware

 Posted by Benjamin at 8:09 am  Tagged with: , , , , , , , , ,

Browser Cookies, Myths and Facts

 Add comments
 
Table of contents

When it comes to browser cookies, most users have a lot of misconceptions about what they do. Here’s a closer look at exactly what a browser cookie is, what it isn’t, and what it’s really used for.

What Are Cookies Anyway?

Cookies are nothing more than tiny bits of text stored on your PC by your web browser, containing information set by web sites such as your session token, user preferences, or anything else that the web site needs to keep track of you from one request to the next. Once the web site has asked your browser to set the cookie, the next time your browser opens a new request to the server—clicking a link to a page, adding an item to your cart, or even loading an image—your browser will send that cookie back to the web site that set the cookie.

Cookies exist because the web is stateless… Each request from your browser is completely separate from the next one, so the server needs a way to keep track of what request belongs to what visitor. By storing a small bit of information in a cookie, the web site can determine that your page view belongs to your user account.

There are two “categories” of cookies: either first-party or third-party cookies.  First-party cookies are those cookies that belong to sites you actually visited in your browser, while third-party cookies, also known as tracking cookies, are generated from a Javascript include on the page—generally from third-party advertising web sites.

Myth: Cookies Spy On You and Track Everything You Are Doing

As we’ve already learned, the contents of cookies are set by the web site that you visited, so unless you’ve given your information to a web site, there’s no way that cookies are going to contain personal information unless you’ve given that information to the site already.

Most cookies just store an identifier, or what is is known as a session token, but sometimes they contain your login credentials, usually encrypted or hashed in some format—but since cookies are only sent back to the same site that originated them, even if cookies contained personal information, it is not going to be shared with every site you visit.

Myth: Cookies Are Viruses or Spyware and Create Spam and Popups

Cookies are nothing more than text files and could not be executed even if you track down the hidden folder they are usually located in, but a surprising amount of people believe that cookies contain viruses or spyware. The reason for this, other than misconceptions fueled by clueless TV writers, is probably because most anti-spyware applications catch tracking cookies when you do a scan. Why? Cookies can be used by advertising web sites to track the sites you visit (assuming the sites are using the same advertising network—see more below), so most anti-spyware applications help you remove them.

The other myth is that cookies are responsible for spam and create pop-up advertisements. While it’s true that an advertiser can use cookies to track which pop-up ads you’ve seen, the cookies have nothing to do with the advertisement in the first place.

Fact: Spyware and Viruses Can Read Your Cookies, but So What?

Another common misconception is that cookies are bad because if you have a virus or spyware infection, they can read your cookies to find out more information about you. This concept is not only overly paranoid, but completely illogical to boot—if your PC is already infected with a virus, you’ve got a lot more to worry about than a virus “reading” your cookies, since it has complete control over your computer, and your information at that point. You’re better off spending your energy learning about the best ways to keep your PC secure.

Fact: Cookies Are Required for Logging Into Most Sites

The vast majority of web sites require cookies to be enabled in order to create an account and keep yourself logged in, so if you disable cookies in your browser, a large portion of the web is going to be broken. There are some exceptions, of course—you’ll probably notice that many shopping web sites embed the session token into the URL, but it’s not something that most sites are going to implement. These cookies are considered first-party cookies, because they are set by the web site you purposely visited.

Fact: Cookies are Used by Advertisers to Track Sites You Visit

Because cookies are always sent back to the site that originated them, an advertiser’s cookie will be sent back to them from every web site you visit that is also using that same advertiser. This allows the advertiser to track the sites you visit, and send targeted advertising based on the types of sites that you visit.

This does not mean that advertisers can read the cookies from the web site you are visiting—they can only read their own cookies, but because the advertising Javascript is embedded in the page, they will know the URL you are visiting. These cookies are considered third-party cookies, because they are not set by the actual page you are visiting, and they can generally be blocked without causing any serious problems.

If this type of tracking keeps you up at night, consider that an advertiser can already track the sites you visit based a combination of your IP address, browser version, location, and any number of other factors—so getting rid of the tracking cookies only eliminates a small piece of the puzzle when it comes to tracking your behavior online. There are also only a few advertisers big enough to really track you across the majority of web sites—and one has to assume Google already knows everything else you’re doing online.

Fact: Deleting or Blocking Cookies Can Cause More Annoying Ads

If you’ve ever visited a web site that sometimes, but not always, prevents you from reading the article until you click through an interstitial advertisement that takes over the entire page—you might wonder what logic dictates who sees the ads and when.

Here’s how it works: interstitial ads pay web sites very lucrative rates to allow them to take over the entire page, but since most web site owners know that they are annoying, they are usually rate-limited so they aren’t seen too often by the same person. Once you’ve seen the ad a single time, the advertiser sets a cookie on your PC to make certain that you don’t see the same annoying ad again for a while. If you are deleting your cookies on a regular basis, you’re probably also seeing a lot more of these interstitial ads than everybody else. That is, of course, if you don’t have an adblocker installed.

Fact: Disabling Cookies Doesn’t Matter If You Have Flash Enabled

As we’ve already pointed out in our guide to browsing without leaving a trace, even if you are blocking cookies in your browser, advertisers are using Flash cookies to keep track of what you’re browsing online. In fact, more than half of the most popular web sites are using Flash tracking cookies—and even using your browser in private mode won’t (currently) stop them from tracking you this way.

Still Want to Block Cookies? Try Blocking Third Party Cookies Only

If you are still worried about cookies for privacy reasons, you can set up your browser to only accept first-party cookies, so you’ll still be able to log in to all the web sites that you visit. For Firefox, just head into the Options panel, switch to the Privacy tab, and uncheck the Accept third-party cookies box. If that causes you any problems, you can keep the option checked, but change the “Keep until” setting to remove the cookies once you close Firefox. Other browsers have similar settings; just head into the options to find them.

 Posted by Benjamin at 5:27 pm  Tagged with: , , , , , , , , , ,

Macintosh Dashboard may bring the first real OS X Virus…

 Computers, Macintosh, Tech Support, Virus Related  No Responses »
Feb 112010
 

First, Breathe…  Yes, take a few deep breathes….

You see, we’re all doomed…  Yes, indeedy, doomed I say.  After all, the Macintosh Dashboard is the vector which all viruses will be created with in mind…  And Windows viruses will disappear due to the popularity of the Dashboard vector….  (SLAP)…  Sorry, I needed that, I was channeling my inner Mossberg…

Dashboard from Tiger may bring the first real OS X Virus…

This should be on the front page or somewhere when users can see it…

WARNING: Only visit this website if you want to see the simulation of a malicious dashboard widget! Accessing this website will only download a widget that is 100% SAFE but simulates a malicious widget!  Going to this website downloads a Dashboard widget automatically, but heres the catch. It can’t be removed.

See, if this was going to happen, it already would have.  This clip is from a 2005 posting over at Macrumors…

The original dashboard wasn’t very clear on how to remove a widget from the dashboard’s inventory.  You could remove it from being active, but not from the inventory of your widgets…

The truth is that with the newer dashboards, that was mostly been cleared up.  But here’s the secret, if you want to delete something from the dashboard inventory, there are two places to check…

~/library/widgets     and       /library/widgets

Remove the widget in question from there and restart dashboard, and your widget will be gone…

via Dashboard from Tiger may bring the first real OS X Virus… – Mac Forums.

 Posted by Benjamin at 7:25 am  Tagged with: , , , , ,
Page 1 of 3 1 2 3
© 2011 The Matrix Data BankSuffusion theme by Sayontan Sinha