This Week's Sponsor:

DEVONTHINK

Store, Organize, and Work the Smart Way

Posts tagged with "security"

Backblaze Launches Location Service to Find Stolen Computers

Backblaze is the fiery backup service well known for their series of custom red-hot storage pods used to encapsulate all of your sensitive data, and today they’re launching a new location service designed to help you recover a lost or stolen computer. Locate My Computer aids in the recovery of a computer by reporting the IP address, the ISP the computer is on, the time the computer was last online, and by showing the computer’s location on a map. Mapping updates may take a while (after I enabled Locate My Computer for the first time I received a notice that it may take up to four hours), but time and IP address related information is updated frequently. Blackblaze also provides links to various IP services to help track down the exact location (possibly even the house address) of the stolen machine.

Locate My Computer is available immediately and is free to all Backblaze customers. Mapping is enabled for new users; users with existing accounts can “Turn On” mapping. To turn mapping on or off, sign-in and visit the Locate My Computer page. (Please click “Check for Updates” from your menu icon to ensure you are using the latest version.)

The update is free to all Backblaze customers. To enable the new feature, simply install the latest Backblaze update over your previous installation before turning the service on.

[via Backblaze]

Ars Investigates Recent Mac Malware

Ars Investigates Recent Mac Malware

MAC Defender has changed everything,” one Apple Store Genius, who requested to remain anonymous (we’ll call him Lenny) told Ars. “We probably get 3 or 4 people with this per day. Most of them only got as far as installing the program and haven’t entered their credit card details.”

Lenny went on. “This always sparks a debate at the bar on whether antivirus software is necessary on the Mac. This is difficult, as the store sells several antivirus products implying that Apple supports the idea, but as many customers point out, the sales guys aren’t shy in making the claims for Mac OS X’s security. Internally, Apple’s [IT] department mandates the use of Norton Antivirus on company machines.

Following the controversy that sparkled after the large diffusion of MAC Defender (covered here) that rose (again) the inevitable question as to whether being scared of malware on a Mac is nothing but crying wolf, Ars Technica takes a step back and tries to analyze the situation interviewing Apple employees, Geniuses, and various representatives of antivirus / security companies. Whilst it’s kind of obvious that antivirus makers will always recommend their products because you have to keep your machine secure, the takeaway from support specialists is interesting: there’s no need to panic, but people are undoubtedly coming over asking for help with this recent malware.

Of course, the peculiar nature of Mac Defender (it’s a “scanning software” that asks for your credit card details, and it’s downloaded through a malicious script from certain websites and Google Image Search) raises another issue: users are installing the software by manually going through an installer and giving it their passwords – this shouldn’t happen. Anyone who’s a little skilled in computing should know that stuff you didn’t want to download shouldn’t be granted permission to run in the first place. And MAC Defender comes as a whole installer. On the other hand, I don’t think it’s really about crying wolf (though some people like to run overly sensationalistic headlines), as much as it’s about the fact that this malware ultimately exists. Fact.

Ars has an interesting read, and our friends at TUAW have a pretty handy guide detailing the removal of MAC Defender. The best tip, however, is still the same: don’t execute programs and documents you don’t know.

Permalink

Skype Bug Leaves Mac Users Vulnerable to Exploit: Updated

Those running Skype on OS X are vulnerable to an exploit that allows attackers to gain root access on target machines. Through an instant message, attackers could deliver a malicious payload that would give them remote access via a shell. The severity of the issue has already been addressed by the Skype team, and should be fixed in a future update. In the meantime, a proof of concept reveals the need for caution with recent OS X security warnings and concerns.

Read more

New “MacDefender” Malware Targets Mac Users

According to several discussion threads posted on Apple Support Communities, a new malware called MacDefender.app is quickly spreading among Mac users using the Safari browser to visit certain websites, especially Google Images. The application, disguised as a virus scanning tool and completely unrelated with the official MacDefender software, gets installed automatically without a user’s consent upon opening a webpage, although it’s not clear what kind of websites allow this kind of installation, and whether MacDefender “phones home” once running on a Mac to download additional pieces of code (like most malwares on Windows do). Some users are reporting they found the app installed on their Macs after visiting webpages linked on Google Images, some say it’s only happening with the Safari desktop browser, others claim the app can’t be removed with a simple drag & drop to the system’s Trash as, once installed, the process will beging running automatically on OS X. Again, it’s not clear what kind of malware MacDefender.app is and the proportion of this “spreading” across Mac OS X machines, but the number of threads on Apple Support Communities seems to suggest at least hundreds of people have experienced the issue in these past few days. Read more

Square Set To Add Encryption To Next Generation Of Card Readers

Yesterday Square revealed that it had received from financial services superpower, Visa, strategic investment of an unspecified size. However in a lower key announcement it also revealed that this summer they will be releasing a new card reader that uses encryption on the read head.

You may recall the little squabble a few months back where VeriFone and Square traded blows over whether the Square card reader was secure enough. VeriFone claimed it wasn’t and that Square should recall all their readers because thieves could easily skim credit card information using the device. Jack Dorsey, CEO of Square, hit back at VeriFone saying it was “not a fair or accurate claim and [that] it overlooks all of the protections already built into your credit card.”

Yet despite all that, Square will soon be addressing those “concerns” that VeriFone had, and release a card reader that employs encryption. The Square COO, Keith Rabois, notes that they are adopting Visa’s newly released (yesterday) mobile application best practices. He says that the “adoption of best practices will help increase trust in innovative payment solutions” although equally stresses that Square currently complies with all industry standards. TechCrunch rightly highlights that it is clearly no coincidence that Square’s endorsement of Visa’s best practices came on the same day as their funding announcement.

TechCrunch inquired as to whether users would have to replace their current readers but Rabois declined to comment specifically but he did continue to affirm Square’s previous rejection of VeriFone’s demand to recall the Square readers. Rabois also noted that encryption will not be the only new feature of the third iteration of readers coming this summer.

[Via TechCrunch]

Researchers Discover iPhone File That Keeps Track Of Your Moves

Security researchers Alasdair Allan and Pete Warden have discovered a file in Apple’s iOS local backup system that keeps track of your entire location history, in format perfectly readable by a computer. The file, by default stored unencrypted in the iOS database that can be backed up to a computer using iTunes, keeps track of “everywhere you go” by triangulating the 3G signal against the nearest cell towers, and offers a way to private detectives or people who might get their hands on your device / computer to have access to your moves in the past. The researchers have also created an open-source app called iPhoneTracker that recognizes the file from your local iOS backup, parses the results and displays your most-visited locations on a map. The screenshot above, for instance, was taken using my iPhone’s unencrypted backup.

As the researchers note on iPhoneTracker’s webpage, it is unclear why Apple is doing this. Cellphone network providers have been allegedly tracking users’ location for years through their towers, but they never stored the location info locally on a device, nor did they provide a way to back up this information on a computer and parse it. Allan and Warden (who’s a former Apple employee) speculate this might be functional to new location features Apple is working on for future versions of iOS; the location tracking was apparently introduced with iOS 4 last year, and data collected so far might come in handy for the company to build an online location-based social service for iPhone and iPad users. The file, however, was only discovered in the past weeks, and the researchers claim it’s present both on iPhones and iPad 3G units.

Apple has made it possible for almost anybody – a jealous spouse, a private detective – with access to your phone or computer to get detailed information about where you’ve been,” said Pete Warden, one of the researchers.

Warden and Allan point out that the file is moved onto new devices when an old one is replaced: “Apple might have new features in mind that require a history of your location, but that’s our specualtion. The fact that [the file] is transferred across [to a new iPhone or iPad] when you migrate is evidence that the data-gathering isn’t accidental.” But they said it does not seem to be transmitted to Apple itself.

Apple declined to comment, but it’s very clear that the file is created and stored locally without an explicit user’s agreement. As noted by the researchers and other security / privacy experts polled by the Guardian, Apple is storing both location data and timestamps in a readable format that can be accessed from a stolen (possibly also jailbroken) device or a computer. I have tried the iPhoneTracker application personally, and while it really works with unencrypted backups generated using iTunes, choosing to encrypt a backup breaks iPhoneTracker’s functionality – thus granting users an additional level of security. The file, however, is still there – Apple doesn’t offer a way to avoid tracking of your moves.

The discovery of this location-tracking file in the iOS backup system is worrying as it raises question on Apple’s user privacy policy, and the reason why such data is collected without a user’s consent. Apple has been rumored to working on new location features for iOS 5, so the location info might be a solid data foundation for the company to build a new social location service. You can download iPhoneTracker here and try for yourself. Read more

Apple Releases Safari 5.0.5 and Security Update 2011-002

Together with iOS 4.3.2, Apple also released a security update and a new version of Safari. The updates are available now in Software Update and on Apple’s website. Safari 5.0.5 “includes the latest security updates”, and it’s recommended for all users.

Security Update 2011-002 is recommended for all users and improves the security of Mac OS X. Previous security updates have been incorporated into this security update.

Apple Releases Safari 5.0.4

Alongside iOS 4.3, Apple also released Safari 5.0.4. The update contains stability and security fixes, as well as improved performances with image reflections and transitions.

This update contains improvements to stability, compatibility, accessibility and security, including the following:

Improved stability for webpages with multiple instances of plug-in content

Improved compatibility with webpages with image reflections and transition effects

A fix for an issue that could cause some webpages to print with incorrect layouts

A fix for an issue that could cause content to display incorrectly on webpages with plug-ins

A fix for an issue that could cause a Screen Saver to appear while video is playing in Safari

Improved compatibility with VoiceOver on webpages with text input areas and lists with selectable items

Improved stability when using VoiceOver

For detailed information on the security content of this update, please visit this site: http://support.apple.com/kb/HT1222

Safari 5.0.4 is available now in Software Update or on Apple’s website.