On Dec 8, 2008, at 9:12 AM, Anne Keller-Smith wrote:
> > Hi Great Ones, > > Do we worry about viruses on Macs? I know the problem is practically > non-existent, but still. > What do you all do? Bruce said almost exactly one year ago: > As for security, there has been, to date ONE known exploit in the > wild for OS X. This after 6 years on the market, and it's not > widespread at all. Don't click on random porn spam links in web > forums and install the software they want you to, and you're fine :-) > > There are no viruses for OS X, so AV is useless on our platform. The > most common excuse for running AV software on a Mac is "...so I don't > accidentally infect a friends PC." > > That would be like "accidentally" having an affair with the neighbors > wife...passing a PC virus from a Mac to a PC requires a deliberate > effort. > > Besides, if the PC in question doesn't have AV software installed, > it's already a cesspool of digital germiness already. > > If you HAVE to run AV software (to appease fascist IT staff, for > instance: "Every computer must run antivirus software NO EXCEPTIONS") > go get ClamXAV <http://www.clamxav.com/>, at least then you're not > being ripped off. > > On a more philosophic note, the Mac is NOT immune to hackers, > viruses, phishing, spyware, etc: most threats these days do require > affirmative action by the user. > > However, OS X greatly minimizes our exposure, vis-a-vis Windows, by > more clearly separating administrative functions from user ones, by > having an OS that was designed as a multi-user system form the > beginning, and by turning off nearly every service by default. > > The only thing you really need to do to pretty thoroughly secure an > OSX system out-of-the-box is to go into Safari's preferences, and un- > checking "Open "safe" files after downloading". > > This is a hole I really wish Apple would close. They've almost shut > it by limiting the "safe" content, but all the exploits so far for OS > X real and theoretical, have utilized such 'safe' files as trojan > horses to get into the OS. > > Some people advocate utilizing two users, one for all administrative > tasks, one for day-to-day use, logging in as the admin user only to > install updates, software, etc. > > This is a king of 'belts and suspenders' approach to security. Not > bad, and generally good advice, but I'll be honest and say it's > advice I don't follow. > > I am careful to make backups, so worst case, something happens, > fixing it is a nuke&pave away. > > There ARE hacks out there for OS X; there are hacks out there for ANY > OS, and if you're specifically targeted by a sufficiently equipped > opponent, your system WILL be compromised. > > You're also more likely to be hit by lightning; because if you're > sufficiently valuable to be targeted like this, you already know > this, and your IT staff SHOULD have taken the appropriate precautions. > > But for the paranoid and curious, here's how to secure your Mac to > NSA-grade levels : > > for 10.3: <http://www.nsa.gov/snac/downloads_macX.cfm> > for 10.4: <http://www.nsa.gov/snac/downloads_macOSX10_4Server.cfm? > MenuID=scg10.3.1.1> > > See also the Security section on Apple's IT PRo site: > > <http://www.apple.com/itpro/solutions.html> > > Fundamentally, however, 99% of all Mac OS X users out there are > perfectly safe. And I posted the following a couple of months ago: > Basically: > > Keep up to date with the security updates > > Uncheck the open safe files if using Safari > > If you use Firefox, check the first three options on the security > preference section to: > > Warn me when sites try to install add-ons > Tell me if the site I'm visiting is a suspected attack site > Tell me if the site I'm visiting is a suspected forgery > > and believe the warnings. > > AS Bruce said, don't pay for an antivirus for the Mac. Trust Bruce > on ClamXav if you have to install one. The last one I installed was > Disinfectant in system 6 (mostly for the About Disinfectant screen) > which was broken by System 7, iirc. > > Everything following are PEBKAC (Problem Exists Between Keyboard > and Chair) "virus" infections. > > NEVER click the link in an email from a bank, credit card, paypal, > any other financial institution or even a domain registrar where > they say you have to update information. If you think there MAY be > a chance that it is legit, type your bank (or other institution's) > address in you browser bar and go there directly. Do not click on > the link in the email that takes you to http://countrywide.secure- > netbanker.8759.com.cn/251005/account-update/. FWIW, I have had 1 > (ONE) legitimate notice like this since 1994. > > NEVER install "updates" that a random site says you need. Mac users > are pretty immune to the software that they try and install, but > there is one pron site that tries to install malware on Macs via > this method. > > Also, be nice to your windows using friends. Never forward an email > with attachments unless you know EXACTLY what it is and you have > verified it. It may be a cute dancing bunny screen saver, but it > probably is also trying to install windows malware at the same time. > One add on. Make sure you are using Firefox ver 3. Firefox 2 uses an older interface to the anti malware/phishing site index and will not support that feature with the next upgrade at request of Google. Hope that helps, Len --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed Low End Mac's G3-5 List, a group for those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs. The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette guide is at http://www.lowendmac.com/lists/netiquette.shtml To post to this group, send email to g3-5-list@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/g3-5-list?hl=en Low End Mac RSS feed at feed://lowendmac.com/feed.xml -~----------~----~----~----~------~----~------~--~---