Subscribe: Internet Security for Your Macintosh and iPhone: A Blog for the Rest of Us
Added By: Feedage Forager Feedage Grade B rated
apple  blog  firewall  internet security  internet  iphone  leopard  mac  new  products  security  snow leopard  snow   
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: Internet Security for Your Macintosh and iPhone: A Blog for the Rest of Us

Internet Security for Your Macintosh and iPhone: A Blog for the Rest of Us

Welcome to the blog that accompanies “Internet Security for Your Macintosh and iPhone: A Guide for the Rest of Us” as well as Open Door Networks’ other security products.


Of Lions and iClouds

Wed, 20 Jul 2011 07:02:34 -0700

(image) Apple is now shipping Lion (Mac OS X 10.7). Apple is not yet shipping iCloud. Both have major ramifications on your Internet security, but only one is really ready. How do we here at Open Door Networks best continue to help you secure your Macs, and other devices, on the Internet?

It’s a question we’ve been grappling with for a while now. And here’s the answer we came up with: address what needs to be addressed now now, and what’s doesn’t need to be addressed now later.

In particular: Lion made enough changes to the internal Mac OS X security architecture to prevent users of our DoorStop X Firewall, version 2.3, from being able to change any settings in many cases. The firewall keeps working, and you remain protected, but you can’t change anything. If you go to run the DoorStop X application, you may well get an error.

So we needed to address the DoorStop X Firewall on Lion now, and we did. Version 2.4 is available today as a free upgrade to all 2.3 users. More details on that to follow in subsequent blog and Twitter posts.

The rest of our DoorStop X Security Suite continues to work fine on Lion, as far as our testing has shown. Much of that Suite, including the Firewall, the Who’s There? Firewall Advisor and the book “Internet Security for Your Macintosh and iPhone” presents detailed advice on securing your Apple devices on the Internet. Big new pieces of that securing relate to Lion and iCloud. But we just don’t know (and probably couldn’t say even if we did) enough about iCloud to provide the needed advice. And we certainly didn’t want to delay the release of the DoorStop X Firewall update for Lion until we did.

So we’re not going to provide specific Lion and iCloud advice yet in these Suite components. But, as part of the plan we (and much of the rest of the world) have been implementing over the past decade, that’s why we added this blog and our Twitter stream to the Suite. That’s where we’ll provide near-real-time information and advice on Lion and iCloud as that information and advice becomes available, at least for the time being.

So that’s the plan. DoorStop X Firewall version 2.4 update for Lion now. Information and advice on Lion and iCloud through this blog and the Twitter stream now, and in the future. And more to come later.

Media Files:


Thu, 16 Jun 2011 12:41:37 -0700

(image) Apple last week announced iCloud, a major new effort which “stores your content and wirelessly pushes it to all your devices.” Since “your content” is stored on Apple’s Internet-based servers and “wirelessly pushed” over the Internet to all your devices, it should be pretty clear that iCloud will have major implications on all of our Internet security.

That much is clear. All the rest is, well, pretty iCloudy right now. Most of the details and components of iCloud are not yet available. And even when they are, it will take a fairly in-depth analysis to figure out their ramifications, both in general and on a device-by-device basis. We hope to begin engaging in that analysis in the near future.

For the time being, it seems safe to say that most of the Internet issues involved with iCloud will relate more to privacy than to security: any of “your content” stored in the cloud will be more at risk of becoming public than previously. Your music may not be such a big deal, or maybe even your photos. But your calendar and contact list, not to mention various documents such as spreadsheets, may be of much greater concern from a privacy perspective. Hopefully Apple (and third-parties as they adopt iCloud technologies) will provide ways of “opting out” of the cloud when desired, and will carefully encrypt and protect the cloud data.

One of the bigger iCloud issues, from both a security and privacy perspective, actually already exists today: remote backups. Apple says that iCloud will back up “all sorts of important stuff on your iOS device” daily, and even lists what much of that stuff is (Purchased music, apps, and books; Photos and video in the Camera Roll; Device settings; App data; Home screen and app organization; Text and MMS messages; Ringtones).

There’s no mention of iCloud-based backup for your Mac-based “stuff” however, which hopefully will at least be an option, perhaps through Time Machine. In both cases, this type of remote backup is highly desirable, but again only with various “opt out” options, and with good encryption.

I guess we’ll have to wait and see with all of this. For now, please stay tuned to this blog, and, for more immediate developments, our associated Twitter stream, for up-to-date iCloud reports and forecasts.

Media Files:

Looking at Lion

Thu, 7 Apr 2011 08:56:20 -0700

(image) We’ve been evaluating recent developer seeds of Mac OS X Lion from a security perspective and to make sure that our DoorStop X Security Suite (as well our popular Art Authority for Mac app) run well there. Details of Lion seeds are confidential, so we can’t say much, but we’ve been finding out some interesting stuff.

From a public perspective, some relevant things that Apple has said about Lion and security include:

• AirDrop, which will let you easily share files wirelessly, is bound to have some interesting security ramifications.
• FileVault will let you encrypt your whole disk, and wipe out all your data from your Mac instantly (is that a good thing?)
• Lion Server is included with Lion, the first time Apple has included the Server with the desktop version of the OS. iPad file sharing support is one of its new features.
• Sandboxing and Privilege Separation prevent compromised apps from affecting your overall system (and assumedly go beyond what’s currently in OS X 10.6 Snow Leopard in this regard).
• And of course: the Mac App Store is built in.

Media Files:

Excellent iOS security article

Tue, 17 Aug 2010 11:34:06 -0700

(image) This week’s TidBITs includes an excellent article by Rich Mogull entitled “Apple's iOS Security Challenges and Advantages.” The article is an overview of the advantages and disadvantages the iPhone, iPad and iPod touch OS has in the now-significant field of mobile device security.

The article begins by pointing out that, unlike with the Mac, Apple has the most popular device in the field, and thus the one that’s most likely to be attacked. “Security by obscurity” is certainly not an option (nor is it in the Mac’s case either, although the Mac’s security environment is somewhat more forgiving).

Key iOS security “challenges” that the article lists include:

• Apple is historically slow to issue security patches
• Apple patches flaws on different, related platforms at different times (leaving the later platforms even more exposed)
• The jailbreaking community unintentionally provides attackers with significant security flaws
• The sandboxing of some built-in apps, in particular Safari, is imperfect (as the most recent jailbreak hack showed).

Key iOS security advantages include:

• Much easier to patch than any previous mobile OS
• Very hard in general to hack, due to the locked down nature of the hardware and software
• Part of a closed system, with all apps vetted (and potentially removed) by Apple
• Public pressure to keep the system secure, due to its high media profile.

The article’s overall conclusion?

Apple's iOS devices are in a strong position. The fundamental security of the platform is well designed, even if there is room for improvement. The skill level required to create significant exploits for the platform is much higher than that needed to attack the Mac...

And finally, an important opinion, which we agree with here, despite selling security software ourselves:

Although there have been some calls to open up the platform to additional security software... I'd rather see Apple continue to tighten down the screws and rely more on a closed system, faster patching rate, and more sandboxing.

Media Files:

Is it marketing or spyware?

Tue, 1 Jun 2010 14:36:25 -0700

(image) Mac security company Intego today published a “high risk” security memo entitled “OSX/OpinionSpy Spyware Installed by Freely Distributed Mac Applications.” The memo claims that the spyware “performs a number of malicious actions, from scanning files to recording user activity, as well as sending information about this activity to remote servers and opening a backdoor on infected Macs.” The spyware is “installed by a number of applications and screen savers that are distributed on sites such as MacUpdate, VersionTracker and Softpedia.”

As seems to always be the case with any Intego release of this sort, there are the usual nay-sayers, such as a commenter on the Macworld blog saying: “Every half year the same story. Intego finds some viruses or spyware.” Followed by counter-comments such as “Is it so impossible to believe that actual malware could exist?”

Certainly an interesting, and oft-repeated set of discussions. An additional twist in this set is that the issue seems to have been known about for almost three months now, as can be seen from discussions about the actual culprit on MacUpdate. So Intego’s highlighting of it now does raise some questions. OTOH, what would they have had to gain by waiting this long to bring the issue to light? Did their marketing department just get around to it?

Beyond Intego’s marketing practices, questions also remain about the actual alleged spyware itself. For instance, as claimed by Intego’s preliminary list of affected applications, there is only one app other than those put out by the initial culprit (a screensaver company) that is “infected.” What’s that all about? And what was the real goal of the culprit in the first place? Stay tuned, in particular to our Twitter stream, for details as they become available.

Media Files:

Just say NO to Flash

Tue, 2 Mar 2010 13:58:47 -0800

(image) You may have been hearing recently about how Steve Jobs has criticized Adobe’s Flash software and refused to include it with the iPhone. Lots of reasons have been given, and some of them may even be true. But, from our perspective here, we’ve been preaching against Flash simply from a security perspective for a couple years now, with at least six entries in this blog alone.

It seems we’re getting a lot of company lately. Not only has Steve allegedly called it “a buggy Mac crasher” (with “buggy” being the cause of most of the security vulnerabilities in the world), but now TUAW has joined the chorus: of the features I used most often was "Disable Plugins" -- which was really another way of saying "Disable Flash," and I do that these days in Safari using ClickToFlash.

They’re even channeling security guru (and big-time Mac hacker) Charlie Miller:

When it comes to browser security, Charlie Miller says that it's all about Flash. More specifically, avoiding Flash.... “The main thing is not to install Flash!”

For years one of our mantras here (and in the book) has been “Just say NO to FTP.” Well now it’s also “Just say NO to Flash.”

Media Files:

Internet security for your iPad?

Tue, 23 Feb 2010 16:01:50 -0800

(image) Just as we got done renaming the book and this blog to “Internet Security for Your Macintosh and iPhone,” along comes the iPad. Don’t worry, the name is not going to change again, but the issue remains: what about Internet security for your iPad?

Of course no one really knows what an iPad is. Even as long-time Mac and iPhone developers, we certainly haven’t seen one. But it looks very likely that, from a security perspective, an iPad will be pretty much a very big, way cool iPhone. Which is to say, there will be only a very limited set of security issues, mainly around its use in larger organizations (see TidBIT’s recent “Prepare Your Enterprise for the iPad” article on this subject). For most of the rest of us, we should be able to feel just as good about iPad security as we do about iPhone security. And that’s pretty darn good!

See the book for all the details, but basically Apple has done an excellent job of limiting the iPhone’s exposure to items that plague Internet-connected computers (especially of the Windows variety, but even Macs to a lesser extent). Through application sandboxing and other iPhone OS techniques, it looks like there will be very little to worry about from an Internet security perspective on the iPad. But we should all of course wait and see to be sure.

And while you’re waiting, please check out our latest application, available concurrently on both the Mac and iPhone platforms. Art Authority is a major new addition to our “Envi” line of iPhone products, which in turn are based on our Mac Envision Web-image browser.

And of course stay tuned for the iPad version of that too :)

Media Files:

iPhone worm validates book advice

Tue, 10 Nov 2009 14:38:14 -0800

(image) The first reported iPhone “worm” has validated a key piece of advice from the updated version of “Internet Security for Your Macintosh and iPhone” (a part of our new DoorStop 2.3 security product line). The worm only attacks jail-broken phones with SSH installed and the default password unchanged. As such, it’s unlikely to affect many people, but may be an indication of things to come.

The main point for readers of this blog is simply what we stated in the book:

Jailbreaking is the worst thing you can do for iPhone security. DON’T DO IT!

Clear enough, we hope. (If you use an iPhone and don’t know what jail-breaking is, you should have the book!)

Media Files:

Microsoft touts virus statistics

Mon, 2 Nov 2009 12:09:18 -0800

(image) When the score is something like 236,000 to 7, you can expect the side that’s winning to really brag about the score. But, when it comes to viruses, it’s usually the 7 that’s considered winning. So why is Microsoft touting the fact that it’s the 236,000? Good question.

In a recent Microsoft Malware Protection Center blog entry, Microsoft provides all sorts of interesting details about data that has come back from their recently introduced Microsoft Security Essentials product. The fact that Microsoft felt it had to ship this free product that it claims “provides real-time protection for your home PC that guards against viruses, spyware, and other malicious software” is telling in-and-of itself. The data that comes back from the product makes it pretty clear why the product is needed:

• 1.5 million downloads of the software in the first week
• 500,000+ machines with infections (over 1/3 of all machines!)
• 4 million distinct “detections” of malware (8 per infected machine)
• 6 different “threat families” with over 10,000 infections in each of three countries (U.S., Brazil and China)
• Half of the threats detected on Windows XP, 1/3 on Vista and still 1/6 on Windows 7.

What does all this data mean, besides that there are an absurd number of viruses on all Windows platforms, and why is Microsoft bragging about it? Good questions. We’re pretty sure it means you should Get a Mac!

Media Files:

Facebook virus is a sign of the times

Thu, 29 Oct 2009 14:04:32 -0700

(image) A new Facebook “virus” combines a number of security threats together, some of which apply to Mac users and some of which don’t. As reported by USA Today and many other publications, there are actually two different but similar attacks. Here’s how they work:

(1) Previously-compromised Windows machines, acting in botnets, send out massive waves of phishing emails that look like they came from Facebook. (Yes, it is quite a vicious circle these days, with compromised Windows machines leading to more and more attacks and compromised Windows machines. Thanks a lot Microsoft!)
(2) The phishing emails convince naive Facebook users (nearly a tautology) to go to a fake site that looks like the real Facebook pages. Users enter their Facebook password, thus giving the attacker full access to their real Facebook account. Mac users are just as vulnerable to phishing attacks of this sort as anyone else. (Just as much as Microsoft, Facebook is also responsible for the success of these attacks, since they actually encourage their users to click on links in emails that appear to be from them).
(3) The fake site then also instructs the user to install and run a trojan horse that will sit in their machine and look to steal their banking information. This very evil trojan horse is currently a Windows-only application (but a similar one in theory could run on the Mac).

Social networking sites like Facebook and Twitter are become more popular, and more and more novice users are signing up. Combine these facts with the more established companies like Microsoft and Apple really focusing on security, and you can see why these types of attacks are becoming more and more a sign of the times.

Media Files:

They’re here

Mon, 26 Oct 2009 07:14:22 -0700

(image) They’re here, as promised! As of today, we’re shipping a major set of upgrades to our DoorStop line of Macintosh Internet security products. As you can imagine, we’ve got a lot to talk about, and don’t entirely know where to begin.

Beginning at the beginning, we’re upgrading all the products to version 2.3. From the full DoorStop X Security Suite, to its individual components (DoorStop X Firewall, Who’s There? Firewall Advisor, ISFYM eBook), to this blog.

Version 2.3 focuses on the two biggest events in the Macintosh world since the previous major release (almost two years ago!): Snow Leopard and the iPhone. All 2.3 products specifically support Snow Leopard (10.6) in two different ways: (1) they run and are fully compatible with that OS, and (2) their built-in information and advice, including the eBook, have been fully updated for Snow Leopard.

All products also support the iPhone (and iPod touch) in sense (2). That is, they provide iPhone-focused information and advice about keeping you, your Mac, and your iPhone secure on the Internet. In fact the eBook, and even this blog, have been renamed to include “and iPhone” in their title. The book integrates the iPhone throughout, and also adds a full new chapter on iPhone-specific Internet security issues.

There’s lots more to talk about too. For instance we’re adding a Twitter stream to the product line, for cases where even this blog isn’t real-time enough. As with all the products, its focus will be on securing you, your Mac and your iPhone on the Internet. We’ll certainly be talking a lot more about that here soon. For now please just check it out and start to “follow” us there if you’d like.

Other specific features are being added to each of the products as well. All-in-all, we’re very happy with the new releases, and hope you will be too. There are of course free, fully functional 30-day evaluation versions available on our Web site, and special upgrade pricing for anyone who purchased any of the products this year.

Finally, there are some currently unannounced surprises to come too (what would an announced surprise be anyway?). Think iPhone apps :) So if you don’t have any other reason to stay tuned to this blog (and to follow the Twitter stream), there’s a good one for you.

Talk to you again soon.

Media Files:

DoorStop update status update

Thu, 15 Oct 2009 12:31:28 -0700

(image) We’ve been receiving some questions about the status of the new DoorStop X security products we mentioned previously. So we wanted to provide a quick update update:

The updates to version 2.3 planned for this month are totally on schedule. Since October 31 is a Saturday, and Halloween to boot, we are shooting for having the products out no later than the 30th. And hopefully even before then.

As promised, the updates will include full support for Snow Leopard, including information and advice about new Snow Leopard security features and issues. Plus there will be a few added surprises too :) So stay tuned.

Media Files:

Operation Phish Phry

Thu, 8 Oct 2009 10:31:44 -0700

(image) The FBI has arrested or charged up to 100 people in connection with their “Operation Phish Phry.” The suspects, in the U.S. and Egypt, are accused of a massive phishing scheme against customers of the Bank of America and Wells Fargo. Today’s Washington Post has a good article on the operation.

An interesting fact quoted by the article is this:

“Some 49,084 unique phishing Web sites were set up in June, the second largest number recorded in a single month, according to the Anti-Phishing Working Group, a industry consortium.”

Be afraid. And very very careful.

Media Files:

Verizon offers Mac security suite

Tue, 6 Oct 2009 08:31:00 -0700

(image) At the same time as Intego is offering its new security bundle, nationwide ISP Verizon has introduced a version of its Internet Security Suite for Macs. Previously available only for Windows machines, the Suite includes anti-virus, personal firewall and parental control components. The company’s associated Online Backup & Sharing Service is also now available for Mac users.

The company clearly sees a marketing opportunity for Mac users, saying "Mac users are an important and growing segment of the broadband community, and Verizon is becoming more and more focused on providing them with services that enhance their online experiences.” Verizon charges $6 per month for the Internet Security Suite (for up to 3 machines), which is free for 30 days to new customers.

The introduction of the Suite has resulted in ongoing discussions, including an excellent Information Week article entitled “Is Mac Security Software Necessary?”

Although such security offerings mean more competition for us Mac-specific Internet security vendors, they’re clearly a good thing for the Macintosh community as a whole.

Media Files:

Interesting security bundle launched

Fri, 2 Oct 2009 14:02:07 -0700

(image) Mac security vendor Intego has announced the availability of a very interesting bundle of Mac security products. Bundles like this have been popular among Mac software vendors recently, but this is the first one devoted to Macintosh security.

The Mac Security Bundle, available through October 31, contains 12 security applications for $50, 90% off the price of the programs individually. Only two of the programs (Virus Barrier X5 and Net Barrier X5, a personal firewall) seem to be specific to Internet security; the others are more general computer security or privacy applications. All the applications support Snow Leopard (Mac OS X 10.6).

Alas no one from Intego contacted anyone here at Open Door to see if we wanted to participate. In particular, the bundle seems to be lacking any sort of comprehensive documentation, like our book. The bundle is an interesting option nonetheless. Our DoorStop X Security Suite is also, in and of itself, a great mini-bundle for those specifically focused on Macintosh Internet security. It does compete with two of Intego’s main products, so they can’t be blamed too much for not contacting us.

And of course we too also have good Snow Leopard stuff coming real soon now :)

Media Files:

The Snow Leopard built-in firewall

Mon, 31 Aug 2009 07:49:58 -0700

(image) Almost two years ago now, one of our most significant blog entries was entitled “The Leopard built-in firewall.” Referencing what many others were saying, it provided details of the many serious problems with the new OS’s new firewall model.

At the time we said “Long term, [the new firewall model] has potential. Short term, it just hasn’t worked well at all.” A quick security update addressed some of the Leopard firewall’s fundamental problems, but many of them have remained.

Snow Leopard’s firewall changes, like many of its other changes, are a “fine-tuning” attempt to implement more of that potential. And they do seem to represent minor improvements. We’ve put up a Web page on our site with screenshots detailing some of the changes:

• It’s now obvious how to turn the firewall on and off
• You can "Automatically allow signed software to receive incoming connections" (or not, which is a safer option -- more on this later)
• You can block almost all incoming connections, even to built-in services like File Sharing. There’s still no way to block certain services that Apple considers essential (which probably are in many, but not all circumstances).

These three new options add important flexibility. Removed was the option to turn on and off logging, which seems to now be always on. There’s no real need to ever turn it off, so this simplification is a good one. More important, the log now includes one critical item we’ve flagged as missing for two years: the destination port on access attempts. The firewall still, however, does not seem to log all access attempts, so the log is only slightly more useful than before.

All-in-all, Snow Leopard’s built-in firewall is a definite improvement on Leopard’s, just as Snow Leopard in general seems to be an improvement on Leopard itself. But it still has a long way to go before it realizes its full potential.

Media Files:

Snow Leopard product announcements

Fri, 28 Aug 2009 07:05:32 -0700

(image) In concert with Apple’s shipping of Snow Leopard today, Open Door has made a set of announcements regarding our security products and Snow Leopard. In summary:

• All the current products in our DoorStop X Security Suite have been tested and work with the Golden Master version of Snow Leopard.
• These products do not yet have information and advice specific to Snow Leopard.
• New releases of the products, with Snow Leopard-specific tuning and other new features, are planned for the October timeframe. Upgrades to these products will be free for anyone purchasing them from now on.
• This blog is the place to turn for Snow Leopard Internet security advice until (and even after) those new releases are available. For instance, Snow Leopard’s built-in firewall is significantly different from, and general improves upon, Leopard’s. Stay tuned.
• Additional details are available on our Web site

Media Files:

Snow Leopard this Friday

Mon, 24 Aug 2009 14:33:47 -0700

(image) Beating their own September goal, Apple announced that Snow Leopard (Mac OS X 10.6) will be available this Friday, August 28. As detailed previously, Snow Leopard is mainly a set of refinements to Mac OS X 10.5, Leopard.

A few quick items as far as security:

• By Friday, Open Door Networks plans to have a statement on our Web site as to how our current DoorStop X security products work with Snow Leopard (hint: they do) and as to future plans for those products.
• Snow Leopard does have a security Web page, but it’s mostly old stuff from Leopard. The main exception is a statement that “The 64-bit applications in Snow Leopard are even more secure from hackers and malware than the 32-bit versions. That's because 64-bit applications can use more advanced security techniques to fend off malicious code.” The detail page further elucidates this statement with “First, 64-bit applications can keep their data out of harm's way thanks to a more secure function argument-passing mechanism and the use of hardware-based execute disable for heap memory. In addition, memory on the system heap is marked using strengthened checksums, helping to prevent attacks that rely on corrupting memory.” Sounds good anyway. These will certainly be items to explore in the near future.
• Although not on the security page, the new Safari 4, included with Snow Leopard, has a number of security features. An interesting one: Apple specifically alludes to, but does not call out by name, addressing the many security issues associated with the Flash plug-in, when it says: “It turns out that the number one cause of crashes in Mac OS X is browser plug-ins. So Apple engineers redesigned Safari to make plug-ins run separately.”

Media Files:

iPhone flaw detailed one day, fixed the next

Fri, 31 Jul 2009 11:37:17 -0700

(image) At the Black Hat security conference in Las Vegas, the previously-mentioned serious iPhone vulnerability was detailed by researchers yesterday, and fixed today by Apple via a new version of the iPhone OS (3.0.1). Pretty impressive on both ends.

Unless some serious problem is found with the update, updating right away seems like a really good idea, since now that details of the flaw are out, enterprising hackers out there will no doubt soon be trying to take advantage of it.

Media Files:,_fixed_the_next_files/iphone_1.jpg

Comic security

Thu, 9 Jul 2009 10:24:51 -0700

(image) The July 7 PC and Pixel comic is dead-on (so to speak) with its point about how physical security is so much more important than all the complex, software-based measures that we take to protect our computers from Internet attacks. Its message directly mirrors chapter 3, “Physical Security” from the book.

“PC, I think you must increase the security on your computer and stuff...”

“Don’t worry, I’ve just changed my encrypted password along with a new firewall, yesterday.”

“Actually I was thinking of a better deadbolt.” [picture of a busted-in door and a living room in shambles]

Media Files: