PGP Encryption Clamps Down Mac Data
PGP Corporation announced Monday it has added pre-boot authentication to the PGP Whole Disk Encryption for Mac OS X systems deployed in enterprise environments. This latest release, version 9.9, adds pre-boot authentication to the company's data encryption technology for Intel-based Mac OS X systems Tiger and Leopard, providing protection for data on desktops, laptops and removable media.
published on Monday, the 9. June 2008, macnewsworld
Apple releases Mac OS X Leopard Security Guide
Wormfan writes with "From ZDNet's brief mention of and a link to "Apple's release of a ~250 page PDF of security best-practices and tips to protect Mac OS X Leopard clients. The guide is aimed at experienced users, Apple says, familiar with the Terminal application and its command-line interface."Read more of this story at Slashdot.
published on Tuesday, the 3. June 2008, apple-slashdot
iPhone Trojan Sign of Things to Come?
climber writes "Just days after the first scareware for OSX, researchers are pondering the problems of an iPhone exploit that could lead to larger issues. The Trojan pulls legitimate apps off the phone if you try to remove it, but it only infects iPhones that have 'been modified or opened through a security hole in the system.' Though this worm is more of an annoyance than anything else, it could be a proof of concept for a more serious attack. 'The fear is hackers may be experimenting and gathering research that will increase the dangers of a more malicious attack in the near future. It is clear at least one writer -- the author of this piece at Web Worker Daily -- thinks that the iPhone should be left on the dresser in the morning. She offers several reasons that the device isn't a good corporate tool.'"Read more of this story at Slashdot.
published on Wednesday, the 16. January 2008, apple-slashdot
First Scareware For the Mac
I Don't Believe in Imaginary Property sends us news from F-Secure of what they claim is the first rogue cleaning tool for the Mac. MacSweeper is a Mac version of Cleanator, hosted from a colo somewhere in the Ukraine. The article points out that the company's About page is lifted verbatim from Symantec's site. With the Mac's market share closing in on double digits, perhaps it's not surprising to see the platform targeted with crapware as PCs have been for years. The F-Secure author adds as a footnote that a journalist said to him something you don't hear every day: "I visited the macsweeper.com website. I know I probably shouldn't have but I used a Windows PC so I knew I wouldn't get infected."Read more of this story at Slashdot.
published on Tuesday, the 15. January 2008, apple-slashdot
Army Buys Macs to Beef Up Security
agent_blue writes "The Army is integrating Macs into their IT network to thwart hack attempts. The Mac platform, they argue, is more secure because there are fewer attacks against OSX than Windows-based systems. 'Military procurement has long been driven by cost and availability of additional software--two measures where Macintosh computers have typically come up short against Windows-based PCs. Then there have been subtle but important barriers: For instance, Macintosh computers have long been incompatible with a security keycard-reading system known as Common Access Cards system, or CAC, which is heavily used by the military. The Army's Apple program, created [in 2005], is working to change that.'"Read more of this story at Slashdot.
published on Friday, the 21. December 2007, apple-slashdot
Apple lax in keeping Mac OS secure?
Apple is falling behind in keeping Mac OS X as secure as it should be, according to InformationWeek. The author's latest article cites several sources as evidence, such as a recent Internet Security Threat Report by Symantec, which notes that it now takes an average of 66 days for Apple to patch a vulnerability; conversely, Microsoft is averaging ...
published on Monday, the 2. April 2007, macintosh-news-network
Experts: OS X still safe but ?does it matter??
Between the Month of Apple Bugs, the ‘Hacking a MacBook in 60 seconds’ controversy and Bill Gates’ Newsweek interview where he claimed “security guys break the Mac every single day,” one could be forgiven for thinking that maybe Macs are insecure and unsafe. But InformationWeek’s Sharon Gaudin interviewed a number of security experts and all agree [...]
published on Saturday, the 31. March 2007, apple-blog
Top 12 Operating Systems Vulnerability Survey
markmcb writes "Have you ever wondered how vulnerable your computer is from the first bit you write to the hard drive all the way until you have a fully patched system? If so, Matthew Vea has posted a concise summary of security strengths and shortcomings for twelve of the major operating systems of 2006/2007. In his summary, Matt tests each OS with widely available tools like nmap and Nessus, and notes responses at install, pre-patch, and post-patch times for each system. After the tedious job is done, he produces results that will make both the Apple and Windows communities cringe with regards to security. From the article: 'As far as straight-out-of-box conditions go, both Microsoft's Windows and Apple's OS X are ripe with remotely accessible vulnerabilities ... The UNIX and Linux variants present a much more robust exterior to the outside. Even when the pre-configured server binaries are enabled, each [Linux] system generally maintained its integrity against remote attacks.'"
published on Thursday, the 29. March 2007, apple-slashdot
EnCryptlet 1.1.4
• Saves resource fork Info • Uses AES-256-CBC encryption through OpenSSL • Gives encrypted files a custom icon • Easy to use • Uses batch-processing • Encrypts both files and folders • Includes a droplet that securely deletes files using 'srm' Wish List: • opaque (bulleted) password field
published on Sunday, the 25. March 2007, scriptbuilders
MacBook Wi-Fi Hijack Details Finally Released
Wick3d Gam3s writes "Hacker David Maynor attempted to put the strange tale of the Macbook Wifi hack to rest, and offered an apology for mistakes made. All this and a live demo of the takeover exploit was made at a Black Hat DC event yesterday. Maynor promised to release e-mail exchanges, crash/panic logs and exploit code in an effort to clear his tarnished name. Said Maynor: 'I screwed up a bit [at last year's Black Hat in Las Vegas]. I probably shouldn't have used an Apple machine in the video demo and I definitely should not have discussed it a journalist ahead of time ... I made mistakes, I screwed up. You can blame me for a lot of things but don't say we didn't find this and give all the information to Apple.'"
published on Friday, the 2. March 2007, apple-slashdot