Some Suggestions for Guarding Against Malware on Macs
I had intended to wrap up the look at some useful utilities last time, but recent reports of malware aimed at OS X had me looking at problems and solutions in the first few days of June.
I have written before about malware and I repeat, There are no viruses for OS X. Other threats do exist,like phishing, identity theft and Trojans. All require help from the user to do their work.
A number of online sources reported that certain screensaver files would download spyware during the installation. Once installed it would ask the user to take part in a survey and asked for password details. That would end things for me.
Passwords open doors; and the doors opened here reportedly allowed some serious data to be accessed. According to MacOS XHints, we can check by running Activity Monitor and searching for "PremierOpinion". In the unlikely event that it is there, look for the PremierOpinion folder in Utilities, trash it, empty Trash and restart. [Later entries on that MacOS XHints item suggested that this may not be an effective solution - but then you have to get this in the first place. Little Snitch (see below) is also quoted as a useful means of defense. ]
As the initial source of the warning was a security company, Intego, and they are pushing their Virus Barrier software, this threat may not be totally credible. One download site named in a MacWorld article, wrote, "The only application leading to the installation of the spyware . . . is a converter - 'MishInc FLV To Mp3.'"
Nonetheless, some users may be concerned and will think about protection. As these threats require user cooperation, the first line of defense is not to enter passwords unless sure. We must also be careful about what we download, and from where.
Firewalls stop incoming attempts, but many applications send data out: usually for proper purposes and to known destinations. I check using an application called Little Snitch. Intego also had Net Barrier, but this has now been incorporated into its virus suite.
Settings may be easily changed: blocked access may be unblocked, once-only can be changed to forever. In use, the most inconvenience is at my office where proxy settings appear to change the connections, so there are warnings more often. These can also be tuned out for the safe links.
The latest scan found a number of examples of malware, most of which were attached to email and already isolated in Junk mail: almost 50 in a single day. A lesson here: empty Junk mail before a scan. Others were attachments that were easily deleted. It is not a good idea to use the Quarantine feature for email as mailbox integrity is important. I tracked them down individually. All were .EXE files and not a danger for OS X users.
Not one of the malware files found would affect the Mac, and in any case they would need me and my password to work. The main dangers for Macs are from phishing and Trojans, which need user assistance to do their work.
For further information, e-mail to