Go Back   Rangefinderforum.com > Cameras / Gear / Photography > Rangefinder Forum > Image Processing: Darkroom / Lightroom / Film > Hardware / Computers / Drives / etc

Hardware / Computers / Drives / etc This is the place to discuss the hardware to keep your digital pics more than just memories.

Reply
 
Thread Tools Search this Thread Display Modes

New Ransom malware CAN NOT get data back
Old 11-09-2015   #1
CameraQuest
Head Bartender
 
CameraQuest is offline
Join Date: Mar 2005
Location: over the hills from Malibu
Posts: 5,334
New Ransom malware CAN NOT get data back

due to a coding error, new Power Worm ransom ware can not retrieve your data
so you pay and still don't get data back !

http://www.bbc.com/news/technology-34765484

for anyone not aware of it
malwarebytes.com is awesome getting rid of malware
- but it may not work on ransomware

Stephen
  Reply With Quote

Old 11-10-2015   #2
willie_901
Registered User
 
willie_901's Avatar
 
willie_901 is offline
Join Date: Dec 2005
Posts: 4,503
This is powerful motivation to invest the time, effort and money to implement a rigorous data back up system.
__________________
"Perspective is governed by where you stand – object size and the angle of view included in the picture is determined by focal length." H.S. Newcombe

williamchuttonjr.com
  Reply With Quote

Old 11-10-2015   #3
mabelsound
Registered User
 
mabelsound's Avatar
 
mabelsound is offline
Join Date: Mar 2008
Location: Upstate NY
Age: 47
Posts: 6,171
Yeah, everyone should have physical backups at home and backups in the cloud! I recommend backblaze, $5/month and it works great.
__________________
flickr insta twitter
  Reply With Quote

Old 11-10-2015   #4
Scapevision
90% Film
 
Scapevision is offline
Join Date: Jul 2014
Location: Toronto
Posts: 327
I have a separate computer for all work related things that isn't connected to the internet.
__________________
Flickr
scapevision.ca
Instagram
  Reply With Quote

Old 11-10-2015   #5
ColSebastianMoran
Registered User
 
ColSebastianMoran's Avatar
 
ColSebastianMoran is offline
Join Date: Sep 2010
Posts: 1,583
Quote:
Originally Posted by CameraQuest View Post
due to a coding error, new Power Worm ransom ware can not retrieve your data
so you pay and still don't get data back !

http://www.bbc.com/news/technology-34765484

for anyone not aware of it
malwarebytes.com is awesome getting rid of malware
- but it may not work on ransomware

Stephen
The Head Bartender is right on the mark here.

Here are my recommendations:
- Remove FLASH and Java from your systems. New vulnerabilities appear continuously.
- OK, we need FLASH for many photo sites; run FLASH only in Google Chrome which is a somewhat protected environment. Chrome will update it automatically.
- If you use an Android phone, seriously consider changing; Google and partners have to figure out how to update these timely
- Install all security updates on all devices immediately as their appear. Automatic updating is a good idea.
- Use a strong unique password at every site and login
- Use a password manager program to make this practical
- Don't click on links in emails. Ransom-ware is often distributed in an urgent-looking email, e.g. "Click here or you'll be fined $1000 for a toll booth violation."
__________________
Col. Sebastian Moran, ret. (not really)

In Classifieds Now: Won't anyone buy my Olympus mju-ii?
More photos, descriptions of for sale items on this Flickr album
Make offer soon, or it goes on eBay!
Use this link to leave feedback for me.

Named "Best heavy-game shooter in the Eastern Empire." Clubs: Anglo-Indian, Tankerville, and Bagatelle Card Club.
Sony E/FE, Nikon dSLR, and iPhone digital. Misc film.
Birds, portraits, events, family. Mindfulness, reflection, creativity, and stance.
  Reply With Quote

Old 11-10-2015   #6
Samouraï
Registered User
 
Samouraï's Avatar
 
Samouraï is offline
Join Date: Jun 2011
Posts: 480
Quote:
Originally Posted by ColSebastianMoran View Post
The Head Bartender is right on the mark here.

Here are my recommendations:
- Remove FLASH and Java from your systems. New vulnerabilities appear continuously.
- OK, we need FLASH for many photo sites; run FLASH only in Google Chrome which is a somewhat protected environment. Chrome will update it automatically.
- If you use an Android phone, seriously consider changing; Google and partners have to figure out how to update these timely
- Install all security updates on all devices immediately as their appear. Automatic updating is a good idea.
- Use a strong unique password at every site and login
- Use a password manager program to make this practical
- Don't click on links in emails. Ransom-ware is often distributed in an urgent-looking email, e.g. "Click here or you'll be fined $1000 for a toll booth violation."
Thanks for the advice, those are all great points. I currently have a BlackBerry Passport, and have been considering the BlackBerry Priv. I'm on the fence as I really haven't been a fan of Android as an OS in the past.
  Reply With Quote

Old 11-10-2015   #7
mabelsound
Registered User
 
mabelsound's Avatar
 
mabelsound is offline
Join Date: Mar 2008
Location: Upstate NY
Age: 47
Posts: 6,171
Agreed on all counts, though I'm not well informed about the phone thing. It is true that OSX and Linux are less vulnerable to attacks than windows, at least for now. Flash is horrible, and I don't know why Adobe is still in that business.

A password manager is a great thing. I recommend 1password, and it will work on your phone too.
__________________
flickr insta twitter
  Reply With Quote

Old 11-10-2015   #8
btgc
Registered User
 
btgc's Avatar
 
btgc is offline
Join Date: Jul 2007
Posts: 4,755
I don't have Flash or Java on private computers. When site requires Flash I skip it. Youtube is example flash isn't mandatory. Sites not moving on from flash will end up same way.

Regarding backups - when I connect external disk it can get infested as well. How to do backups safely?

I imagine there should be a gate between PC and backup device/site. Share your techniques.
__________________
MyFlickr
  Reply With Quote

Old 11-11-2015   #9
willie_901
Registered User
 
willie_901's Avatar
 
willie_901 is offline
Join Date: Dec 2005
Posts: 4,503
Quote:
Originally Posted by btgc View Post
I don't have Flash or Java on private computers. When site requires Flash I skip it. Youtube is example flash isn't mandatory. Sites not moving on from flash will end up same way.

Regarding backups - when I connect external disk it can get infested as well. How to do backups safely?

I imagine there should be a gate between PC and backup device/site. Share your techniques.
Yes, Flash is evil on several levels and Java is security sieve. The former is not worth fixing and the latter may be unfixable.

With regard to ransomware the backup strategy would start with a working system. A few ransomeware variants do encrypt external drives, but these are rare. Whenever new irreplaceable files were added, an external drive would be physically connected and an incremental backup would occur. It is possible to have sleeping ransomware that would wake up when an external drive was detected. I am not aware of any examples of this.

For very important irreplaceable files (such as images), performing automated, incremental backups to the Cloud is a useful defense. I am not aware of ransomeware that affects Cloud storage. By the way, if you have you own, private internet hosting site, you can set up a private Cloud back up system. It is more convenient to use places such as DropBox, iCloud, GoogleDrive Amazon Cloud Drive - just to name a few. Some people feel these sources are untrustworthy.
__________________
"Perspective is governed by where you stand – object size and the angle of view included in the picture is determined by focal length." H.S. Newcombe

williamchuttonjr.com
  Reply With Quote

Old 11-11-2015   #10
BillBingham2
Registered User
 
BillBingham2's Avatar
 
BillBingham2 is offline
Join Date: Jun 2005
Location: Ames, Iowa, USA
Posts: 5,237
With the cost of external drives and the space they provide on a wacky relationship (costs come down, space goes up) there is no excuse for anyone.

Also USB 3.0 rocks with respect to speed of moving data.

An alternative approach is to try VM Box as an approach for basic dinking around browsing. I'm setting up a Virtual Machine with the basics, making a copy (my baseline) and then when I poke around on the net I use the VM. If I get hit with bad-stuff (e.g. MalWare, RansomWare) I just delete the VM, copy another, and go back to what I was doing. VM Box works on Mac, Window, and Linux. There is a hint that you might be able to run Mac VMs on a Mac in the future (for the rest of us.....).

Backup often, backup to differnt media (different drives) and have fun!

B2 (;->
  Reply With Quote

Old 11-11-2015   #11
btgc
Registered User
 
btgc's Avatar
 
btgc is offline
Join Date: Jul 2007
Posts: 4,755
Quote:
Originally Posted by willie_901 View Post
I am not aware of ransomeware that affects Cloud storage.
That asks for some comments. If local program can read and write cloud storage then it's possible to replace files there with encrypted files.

If cloud storage isn't affected then in some sense it looks like a call to move from local storage to cloud. Who looses and who benefits from this? You figure yourself.
__________________
MyFlickr
  Reply With Quote

Old 11-11-2015   #12
BillBingham2
Registered User
 
BillBingham2's Avatar
 
BillBingham2 is offline
Join Date: Jun 2005
Location: Ames, Iowa, USA
Posts: 5,237
Quote:
Originally Posted by btgc View Post
.....I imagine there should be a gate between PC and backup device/site. Share your techniques.
I have three different aspects that I use.

First is based on a CD/DVD RW Drive USB 2.0 drive that I got from Wallyworld online for about $25 USD. It works on my macs as well as my windows boxes. One night a month, I put a new DVD into the drive and drag all the folders that hold data to the blank DVD. I have copies of the programs I use also on DVD that are stored in an ammo box down in the basement.

Then I have two USB 3.0 removable hard drives that I drag my files to every couple of days in a round-robin sort of thing.

The third is on my families Macs, I have Time Capsule working on a 2TB drive attached to the router.

I used to use tapes and CDs but the size of DVDs has made life a lot easier.

Another thing is when you system is feeling slooow look at what is going on. What tasks are running in the background that could be encrypting your files. Encryption takes cycles that slow your computer's responce down. Check the task manager, all processes and such places, sort my CPU load, Memory used, and look for something that doesn't feel right. If you think you have something take a picture of what you see (with your phone) and pull the power on the system, just shut it down hard and quick. Then on a different computer try to see what is up. Don't power up your computer that you think is infected until you know the risks.

What I have done for my Windows based systems is build a small flash drive that I can boot each from incase I need to do some scanning. While you can have encryption at the BIOS level, I don't know about any RansomWare doing that. If you boot from a clean drive you should be able to inspect what your main drive was doing. I think I can do the same thing on my Mac, but haven't tried yet.

Hope this helps you guys/gals think about options that would work for you.

B2 (->
  Reply With Quote

Old 11-12-2015   #13
willie_901
Registered User
 
willie_901's Avatar
 
willie_901 is offline
Join Date: Dec 2005
Posts: 4,503
Quote:
Originally Posted by btgc View Post
That asks for some comments. If local program can read and write cloud storage then it's possible to replace files there with encrypted files.

If cloud storage isn't affected then in some sense it looks like a call to move from local storage to cloud. Who looses and who benefits from this? You figure yourself.
Just because more complicated ransomware hasn't appeared in the wild doesn't meant it never will. So your point is valid. At the same time I think about these things in terms of risk reduction. If criminals make money using a simple tool they are not motivated to develop a more complicated tool. Right now a small percentage of people a backup their data at all and a minuscule percentage use the Cloud for regular backups.

I wouldn't describe using remote data backup as a "a call". I would use the term risk reduction strategy. You benefit since your irreplaceable data is less likely to be ransomed.

I describe a completely different option for ransomware protection in a following post.
__________________
"Perspective is governed by where you stand – object size and the angle of view included in the picture is determined by focal length." H.S. Newcombe

williamchuttonjr.com
  Reply With Quote

Update: Whitelisting
Old 11-12-2015   #14
willie_901
Registered User
 
willie_901's Avatar
 
willie_901 is offline
Join Date: Dec 2005
Posts: 4,503
Update: Whitelisting

A somewhat inconvenient, but very effective, means to dramatically reduce risk exposure to ransomeware is whitelisting.

Whitelisting is software that only permits execution of code (i.e. privileges, etc ) to a list of specific executables. All other executable calls will be ignored or blocked.

This is the exact opposite to the strategy of blacklisting where a list of malicious executables is maintained to block calls. Most antivirus software is based on blacklisting

The advantage of whitelisting is one does not have to continuously discover and then update the list of blocked executables. The disadvantage is one must add new programs or other valid functions to the list.

In OS X a whitelist can be created in the System Preferences Parental Controls Pane. It is annoying to add every new App (except for those purchased in the App store) to the whitelist. On the other hand, except for a Safari-based social engineering Java script ransomeware scheme (one had to click on a fake FBI Warning), so far ransomeware is unknown on OS X. Fortunately simply doing a Safari Reset removed the problem. That is, nothing was encrypted.

In Windows there are third-party whitelist solutions. Large corporations use these products. In this case the whitelist is implemented and controlled over the company's network. This means the only way for criminals to implement ransomeware is via social engineering (deception of IT employees or IT contractors who have whitelist privileges). Consumer whitelist solutions are available, but I don't know anything about them.

I am told Windows 10 has a Windows Device Guard function that implements whitelisting. I don't know any details. Unfortunately, while Vista had a User Account Control function, it was hacked after a few months.
__________________
"Perspective is governed by where you stand – object size and the angle of view included in the picture is determined by focal length." H.S. Newcombe

williamchuttonjr.com
  Reply With Quote

Old 11-12-2015   #15
Rob-F
It's Only a Hobby
 
Rob-F's Avatar
 
Rob-F is offline
Join Date: Mar 2007
Location: The Show Me state
Posts: 4,721
Quote:
Originally Posted by ColSebastianMoran View Post
The Head Bartender is right on the mark here.

Here are my recommendations:
- Remove FLASH and Java from your systems. New vulnerabilities appear continuously.
- OK, we need FLASH for many photo sites; run FLASH only in Google Chrome which is a somewhat protected environment. Chrome will update it automatically.
Isn't FLASH what YouTube uses? Or have I got that wrong? Gee, I would feel really deprived without YouTube! I like to watch and listen to the violinists--especially Sarah Chang!
__________________
May the light be with you.
  Reply With Quote

Old 11-12-2015   #16
MaxElmar
Registered User
 
MaxElmar's Avatar
 
MaxElmar is offline
Join Date: Aug 2008
Location: Central New Jersey
Posts: 499
Java (not Java Script) is required for older versions of Adobe CS, is it not? But not for Adobe CC, as far as I can tell. Flash can be manually controlled by the "Click to Flash" plugin in Safari if you don't want to use Chrome.

And Willie - thanks for the tip on using Parental Controls as a whitelist utility! Great idea.
__________________
Chris L.

Still Photographically Uncool
  Reply With Quote

Old 11-12-2015   #17
photomoof
Fischli & Weiss Sculpture
 
photomoof's Avatar
 
photomoof is offline
Join Date: Mar 2008
Posts: 786
Quote:
Originally Posted by MaxElmar View Post
Java (not Java Script) is required for older versions of Adobe CS, is it not? But not for Adobe CC, as far as I can tell.

And Willie - thanks for the tip on using Parental Controls as a whitelist utility! Great idea.
Yes, each time I install a new OS, CS complains about missing Java.

Quote:
Originally Posted by Rob-F View Post
Isn't FLASH what YouTube uses? Or have I got that wrong? Gee, I would feel really deprived without YouTube! I like to watch and listen to the violinists--especially Sarah Chang!
Youtube has moved to HTML 5, mostly because of Apple. They simply could not afford to lock out all Apple users.
  Reply With Quote

Old 11-12-2015   #18
Rob-F
It's Only a Hobby
 
Rob-F's Avatar
 
Rob-F is offline
Join Date: Mar 2007
Location: The Show Me state
Posts: 4,721
Quote:
Originally Posted by photomoof View Post
Yes, each time I install a new OS, CS complains about missing Java.



Youtube has moved to HTML 5, mostly because of Apple. They simply could not afford to lock out all Apple users.
Good to know, thanks. I'm thinking maybe this thread should become a sticky. I know I need to take more precautions against losing my images. I am using Apple Time Machine. I would like to learn to use my external hard drives in some systematic way to have better backup. I've been pretty haphazard about it.

I'm also feeling the need for a new brand of hard drive. I've had two western Digitals conk out on me. Any suggestions for a high-reliability brand?
__________________
May the light be with you.
  Reply With Quote

Old 11-12-2015   #19
YYV_146
Registered User
 
YYV_146's Avatar
 
YYV_146 is offline
Join Date: Nov 2012
Location: Durham, NC
Age: 30
Posts: 1,296
Quote:
Originally Posted by ColSebastianMoran View Post
The Head Bartender is right on the mark here.

Here are my recommendations:
- Remove FLASH and Java from your systems. New vulnerabilities appear continuously.
- OK, we need FLASH for many photo sites; run FLASH only in Google Chrome which is a somewhat protected environment. Chrome will update it automatically.
- If you use an Android phone, seriously consider changing; Google and partners have to figure out how to update these timely
- Install all security updates on all devices immediately as their appear. Automatic updating is a good idea.
- Use a strong unique password at every site and login
- Use a password manager program to make this practical
- Don't click on links in emails. Ransom-ware is often distributed in an urgent-looking email, e.g. "Click here or you'll be fined $1000 for a toll booth violation."
Agree on everything here. For Android, consider looking into the Google Nexus line. They are (at the least) on par with Apple in terms of security.

Using a Mac does not absolve you of duty to purchase (and update) antivirus. ~10 years ago Macs were generally secure enough on their own. This is not the case as of 2015.

Using Chrome (on any device) is a good idea in general. Their Sandbox is fairly competent and should be a good first line of defense.

For Android phones, don't install anything that looks suspicious. Even if an app comes from the Play Store, take ~10 second to review the permission requests before installing. A music player has no reason to be peeking in your contacts list.


...and some other (perhaps more technical things):

If you have a windows 8/10 laptop with an SSD, considering encrypting your main drive. HDDs do tend to slow a bit with device-level encryption.

If you have an Apple laptop, make sure your OS is no further than 1-2 generations behind the latest. Running Snow Leopard in 2015 is a bad, bad idea.

Use a secondary email address for mailing lists and general sign-ups. Make sure this has a password that's not shared with your online bank account, etc.

Flash is actually not *too* bad in this age. Efficiency-wise it's a hog, but the true proverbial fault point is Java. Java needs to burn in hell. Don't install it if your work doesn't absolutely depend on it. Java has year-old, glaring security issues yet to be patched. Malware loves them.
__________________
Victor is too lazy for DSLRs

Sony A7rII Kolari mod

Noctilux ASPH, 35lux FLE, 50 APO ASPH, 75 APO cron, 21lux, Sony/Minolta 135mm STF

500px
  Reply With Quote

Old 11-12-2015   #20
YYV_146
Registered User
 
YYV_146's Avatar
 
YYV_146 is offline
Join Date: Nov 2012
Location: Durham, NC
Age: 30
Posts: 1,296
Quote:
Originally Posted by Rob-F View Post
Good to know, thanks. I'm thinking maybe this thread should become a sticky. I know I need to take more precautions against losing my images. I am using Apple Time Machine. I would like to learn to use my external hard drives in some systematic way to have better backup. I've been pretty haphazard about it.

I'm also feeling the need for a new brand of hard drive. I've had two western Digitals conk out on me. Any suggestions for a high-reliability brand?
For the most part drive failure is quite random. A business-class drive might give you higher life expectancy, but even those might break after a few months (or even weeks, if you're super-unlucky). It has been said that on average, one of Google's server drives breaks every second. So instead of shelling out for so-called premium HDDs, I would simply double-backup anything.

If you have a ton of photos (>2-3T), a RAID 5 solution will save space and money, but those solutions tend to be relatively expensive at smaller sizes.
__________________
Victor is too lazy for DSLRs

Sony A7rII Kolari mod

Noctilux ASPH, 35lux FLE, 50 APO ASPH, 75 APO cron, 21lux, Sony/Minolta 135mm STF

500px
  Reply With Quote

Old 11-12-2015   #21
Rob-F
It's Only a Hobby
 
Rob-F's Avatar
 
Rob-F is offline
Join Date: Mar 2007
Location: The Show Me state
Posts: 4,721
Quote:
Originally Posted by YYV_146 View Post

Using a Mac does not absolve you of duty to purchase (and update) antivirus. ~10 years ago Macs were generally secure enough on their own. This is not the case as of 2015.

Using Chrome (on any device) is a good idea in general. Their Sandbox is fairly competent and should be a good first line of defense.

If you have an Apple laptop, make sure your OS is no further than 1-2 generations behind the latest. Running Snow Leopard in 2015 is a bad, bad idea.
Oops! I have been believing Apple about not needing antivirus (although it has been a while since I last asked them). I wonder if Apple may by now even be selling an antivirus for its own machines?

Oops #2: I'm running Snow Leopard. I have been reluctant to upgrade because I know than past some point of upgrade the OS will no longer support my Aperture 3. I will NEVER give up Aperture 3. And yeah, I have LR. Feh. But I think I can upgrade to about two versions later than Snow Leopard before I get in trouble, and apparently I should.

Question: Am I understanding that Snow Leopard is more vulnerable to viruses than later versions?

Question: Can I run Chrome on m iMac and my Macbook? And Chrome is less vulnerable?

Guess I've been asleep at the switch while the threat has been growing.
__________________
May the light be with you.
  Reply With Quote

Old 11-12-2015   #22
Ezzie
E. D. Russell Roberts
 
Ezzie's Avatar
 
Ezzie is offline
Join Date: Sep 2009
Location: Norway
Posts: 2,719
Snow Leopard is very vulnerable. It has been several years since Apple stopped supporting it. In other words it hasn't had a security update in ages. We had an old Macbook that the girls used for browsing, and it was ridden with malware. Upgraded to the latest possible, and still supported OSX version (in our case Mountain Lion) and all gone.

Also, if you were to want to install an antivirus program, none support Snow Leopard, most require Lion or later.
__________________
Eirik

RF: Leica M4-2 | Royal 35-M | Polaroid 110A/600SE hybrid
VF: DIY 4x5 | DIY 6x17 | Voigtländer Vito CL | Foth Derby | Welta Weltix | Smena Symbol | Lomo'Instax
SLR: Canon EF | Pentacon SIX | Pentax SP1000 | Pentax SV
TLR: Rolleiflex 2.8E3 | DUO TLR
CSC: Fuji X-E1
Pinhole: 6x17 Vermeer | ONDU 6x6 | DIY 4x5 | DIY 6x24

My Flickr
Silver Halides - Pictures in B&W
  Reply With Quote

Old 11-12-2015   #23
Rob-F
It's Only a Hobby
 
Rob-F's Avatar
 
Rob-F is offline
Join Date: Mar 2007
Location: The Show Me state
Posts: 4,721
". . . and all gone." You mean it was the malware that was gone?

I am going to download the lion or Mountain lion version this weekend! (which is the later one?)
__________________
May the light be with you.
  Reply With Quote

Old 11-12-2015   #24
f16sunshine
Moderator
 
f16sunshine's Avatar
 
f16sunshine is offline
Join Date: Apr 2009
Location: Seattle
Age: 49
Posts: 5,582
I have one machine running 10.5.8 in order to use NikonScan4. It's been a while since I booted it up.
Thanks to all this conversation, I'll keep it off the home network and internet .

Good luck everyone!
__________________
Andy
  Reply With Quote

Old 11-12-2015   #25
btgc
Registered User
 
btgc's Avatar
 
btgc is offline
Join Date: Jul 2007
Posts: 4,755
Quote:
Originally Posted by willie_901 View Post
Whitelisting is software that only permits execution of code (i.e. privileges, etc ) to a list of specific executables. All other executable calls will be ignored or blocked.
This were new to me, thanks. But then if I were on dark side I'd figure out how to make my piece of code to pretend being a system process as they are too many to whitelist them manually or read whitelist and pretend being one of whites, or to include myself in whitelist.

I realize some of the tasks are hard or near impossible but that's how evil works. Leave a hole and it will find its path.

Still remember the night after moving when I plugged PC (XP, pre-SP3) which had been used only with dial-up to VPN into open network - it even couldn't proceed until login as it got busted.
__________________
MyFlickr
  Reply With Quote

Old 11-13-2015   #26
willie_901
Registered User
 
willie_901's Avatar
 
willie_901 is offline
Join Date: Dec 2005
Posts: 4,503
Quote:
Originally Posted by Rob-F View Post
Oops! I have been believing Apple about not needing antivirus (although it has been a while since I last asked them). I wonder if Apple may by now even be selling an antivirus for its own machines?

Oops #2: I'm running Snow Leopard. I have been reluctant to upgrade because I know than past some point of upgrade the OS will no longer support my Aperture 3. I will NEVER give up Aperture 3. And yeah, I have LR. Feh. But I think I can upgrade to about two versions later than Snow Leopard before I get in trouble, and apparently I should.

Question: Am I understanding that Snow Leopard is more vulnerable to viruses than later versions?

Question: Can I run Chrome on m iMac and my Macbook? And Chrome is less vulnerable?
.
Practically all (if not all) third-party OS X ant-virus software does more harm than good. All the IT security pros I know do not use third-party security software with OS X.

In fact Apple does sell anti-virus software as it is built into OS X. And (so far) upgrades are free unless you need a new computer to run the most secure version of OS X. A simple Google search will reveal ways to maximize OS X security. Apple provides materials on the Support section of its site.

One basic method is to have OS X two accounts. One is essentially empty and is the only account with administrator privileges. The other account is where you do all your work. This makes it extremely difficult for malware to obtain root privileges. It is inconvenient though as you have to log into the administrator account to perform certain tasks. Less risk usually means less convenience.

Upgrading any OS is inconvenient as one has to adjust to the differences. Yosemite assumes you will take advantage of a free iCloud account. Of course it is possible to opt out of all iCloud access. I suggest you read some of the countless Yosemite upgrade guides out there.


With regard to Snow Leopard, it is more vulnerable. Aperture 3 should run on 10.9 or greater.

Chrome runs well on OS X. Irrespective of what browser you us (or even if run use Windows, OS X or Linux) the most common threats involve social engineering as opposed to hacks. This assumes you have taken reasonable precautions such as updating the OS and running anti-virus Apps on Windows (except maybe Windows 10?).
__________________
"Perspective is governed by where you stand – object size and the angle of view included in the picture is determined by focal length." H.S. Newcombe

williamchuttonjr.com
  Reply With Quote

Old 11-13-2015   #27
willie_901
Registered User
 
willie_901's Avatar
 
willie_901 is offline
Join Date: Dec 2005
Posts: 4,503
Quote:
Originally Posted by btgc View Post
But then if I were on dark side I'd figure out how to make my piece of code to pretend being a system process as they are too many to whitelist them manually or read whitelist and pretend being one of whites, or to include myself in whitelist.
You are missing the fundamental principle that risk can never be zero (0.0% probability).

The only thing one can do is reduce the risk as much as possible. Reducing the risk by orders of magnitude is the best one can do.

Do you actually think 99.99% of private individuals connected to the internet (who are not committing criminal acts) have information that justifies the sort of effort you describe?

When asked how come he robbed banks, the notorious Willie Sutton famously replied, "Because that's where the money is". Criminals who devlop state-of-the art solutions follow the money.
__________________
"Perspective is governed by where you stand – object size and the angle of view included in the picture is determined by focal length." H.S. Newcombe

williamchuttonjr.com
  Reply With Quote

Old 11-13-2015   #28
YYV_146
Registered User
 
YYV_146's Avatar
 
YYV_146 is offline
Join Date: Nov 2012
Location: Durham, NC
Age: 30
Posts: 1,296
Quote:
Originally Posted by Rob-F View Post
Oops! I have been believing Apple about not needing antivirus (although it has been a while since I last asked them). I wonder if Apple may by now even be selling an antivirus for its own machines?

Oops #2: I'm running Snow Leopard. I have been reluctant to upgrade because I know than past some point of upgrade the OS will no longer support my Aperture 3. I will NEVER give up Aperture 3. And yeah, I have LR. Feh. But I think I can upgrade to about two versions later than Snow Leopard before I get in trouble, and apparently I should.

Question: Am I understanding that Snow Leopard is more vulnerable to viruses than later versions?

Question: Can I run Chrome on m iMac and my Macbook? And Chrome is less vulnerable?

Guess I've been asleep at the switch while the threat has been growing.
As others have pointed out, Snow Leopard is significantly more vulnerable than, say, Mavericks or Yosemite. I don't think any security updates have been provided since 2014.

As for antivirus, there is debate on this. But I would not say that Norton or AVG is "bad" for your Mac. Perhaps the better advice is to use antivirus if your OS isn't the latest (Yosemite).

Chrome can be run. This is again a point of debate, but many will agree that Chrome has the best browser security in the business currently. Do expect a bit of a slowdown, though, since Chrome is not optimized for OS X in the way that Safari is.
__________________
Victor is too lazy for DSLRs

Sony A7rII Kolari mod

Noctilux ASPH, 35lux FLE, 50 APO ASPH, 75 APO cron, 21lux, Sony/Minolta 135mm STF

500px
  Reply With Quote

Old 11-13-2015   #29
photomoof
Fischli & Weiss Sculpture
 
photomoof's Avatar
 
photomoof is offline
Join Date: Mar 2008
Posts: 786
Quote:
Originally Posted by willie_901 View Post
One basic method is to have OS X two accounts. One is essentially empty and is the only account with administrator privileges. The other account is where you do all your work. This makes it extremely difficult for malware to obtain root privileges. It is inconvenient though as you have to log into the administrator account to perform certain tasks. Less risk usually means less convenience.
I have not tried that, but how does it affect things like Time Machine or installing software, I assume all software would have to be installed from the admin account?

Time machine requires admin passwords to change from manual to auto for instance. Passwords are required to change security on opening apps, that sort of thing.
  Reply With Quote

Old 11-13-2015   #30
btgc
Registered User
 
btgc's Avatar
 
btgc is offline
Join Date: Jul 2007
Posts: 4,755
Quote:
Originally Posted by willie_901 View Post
You are missing the fundamental principle that risk can never be zero (0.0% probability).
....
Criminals who devlop state-of-the art solutions follow the money.
I had exactly same thought, about percents. Staying at home during storm also just minimizes risk as one can die from household accidents, too.

Latter point comes down to math - some steal govt secrets and sell them, some rob banks and some collect pennies for giving back access to personal data. If penny picker realizes good part of people are feeling safe on cloud, it acts. It depends how big part of users are in cloud.
__________________
MyFlickr
  Reply With Quote

Old 11-14-2015   #31
willie_901
Registered User
 
willie_901's Avatar
 
willie_901 is offline
Join Date: Dec 2005
Posts: 4,503
Quote:
Originally Posted by photomoof View Post
I have not tried that, but how does it affect things like Time Machine or installing software, I assume all software would have to be installed from the admin account?

Time machine requires admin passwords to change from manual to auto for instance. Passwords are required to change security on opening apps, that sort of thing.
For almost all tasks that require administrator privileges in a non-administrator account a pop-up window appears asking for the administrator account name and password. This is the primary inconvenience/risk reduction trade off. The pop up windows cover almost all tasks except for control settings (mainly Parental Controls - which includes whitelisting), changing file/directory permissions and account creation or deletion.

I suggest you visit Apple's Support site and read the details before making this change.

Obviously an easily guessed administrator account username/password combination must be avoided. One can view countless WWW web cams because they ship with the a default account name/password such as admin/admin or administrator/administrator. This used to be true for many routers as well, but thankfully is rare theses days.
__________________
"Perspective is governed by where you stand – object size and the angle of view included in the picture is determined by focal length." H.S. Newcombe

williamchuttonjr.com
  Reply With Quote
Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off



All times are GMT -8. The time now is 12:28.


vBulletin skin developed by: eXtremepixels
Powered by vBulletin® Version 3.6.8
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.

All content on this site is Copyright Protected and owned by its respective owner. You may link to content on this site but you may not reproduce any of it in whole or part without written consent from its owner.