Category: Systèmes d’exploitation

Macintosh users–keeping your computer secure

Article

Apple users: Try these five tips for better Mac security | Naked Security

My Comments

Just lately, I have heard over the dinner table that a few Apple Macintosh computer users have been facing issues with malware and other software with questionable behaviour. Some of these attacks were mainly “overlay attacks” that worked with the user’s Web experience.

What previously used to happen was that Windows computers were the target for viruses, worms, Trojans and similar malware due to them having a stronger installed base compared to the Apple Macintosh platform. This caused some people to switch to the Apple Macintosh platform because of less malware threats occurring on that platform.

But even in 1989 when I was made aware of the virus issue, the awareness about viruses and similar malware was targeted across all personal-computing platforms that were in operation through that year i.e. the MS-DOS-based IBM PC, the Macintosh, the Commodore Amiga and the Apple II amongst others. At that time, there was awareness about keeping a “clean” system and keeping control over how you shared your files.

Similarly, we started to see the arrival of signature-driven anti-virus programs that could scan hard disks or removable “floppy disks” for viruses. Some of these initially scanned the boot sector but moved towards checking files for these viruses. They became a very important part of every computer user’s software toolkit as the virus activity increased. But through the 1990s as the Internet came on the scene, the malware activity was more focused on the MS-DOS / Windows platform with Apple Macintosh users not having as much of that activity. At that time, the MS-DOS / Windows platform was effectively the computing platform for most personal and business computing applications including gaming with the Macintosh being used by creative types due to its inherent prowess with multimedia.

This lead to a sense of complacency concerning secure computing for the Macintosh platform on both Apple’s and their users’ part. Microsoft took proper steps in updating and patching the Windows computing platform since 2001 with the arrival of Windows XP and hardening that platform with the arrival of Windows Vista and 7. Similarly, Windows users jumped over to the Macintosh platform for their home computing because they saw Windows as being slow and virus-ridden; and also due to the arrival of Apple’s iPod and iPhone products.

Lately, the Apple Macintosh has become the target for various malware campaigns including “write-once run-anyone” attacks based on Adobe Flash and Java software platforms. This is due to the increased new-found popularity that the Macintosh has acquired and, in another context, activities involving the Internet, networks or removeable media are still being seen as vectors where the Mac can share Windows-targeted malware.

Upgrade to Mavericks if you can

To stay secure, Apple Macintosh users need to upgrade to the 10.9.2 Mavericks version of MacOS X, with this version being equipped with various security improvements in a similar way to what Microsoft did with Windows 7. This can be done with newer Macintosh computers and for free with Macs running Lion or Mountain Lion versions.

Keep the operating system and software up-to-date

As well, as part of proper computer housekeeping, it is important to keep the Mac “lock-step” with the latest operating-system updates. Here, you can use the Apple-Menu / System Preferences / App Store option to have the Mac check for and download the updates from Apple by itself; or go to the Apple-Menu / Software Update menu to cause it to check for updates. The latter option can be of use with a MacBook that is used “on-the-road” and you are able to check in at a Wi-Fi hotspot or other Wi-Fi network.

Similarly, keep Adobe Flash and Oracle Java up-to-date by using options in the Apple-Menu / System Preferences menu to check for automatic or manual updating for these programs. If any other “write-once run-anywhere” software-development platforms show up on the Macintosh platform, treat these like you would with Adobe Flash – they can become a path for distributing malware that “hits across all platforms”.

This also applies to the application software and utilities you also run on your Mac and, here, you go to whatever software-option menu there is to check for software updates or cause automatic software updating to occur.

Don’t enable Java if you don’t need it.

As for Java which appeals as a “write once run anywhere” coding system, don’t enable it unless you are intending to run a known trusted program that uses this language or are developing Java software. OS X Mavericks comes with this deactivated by default but you can deactivate this in your Web-browser option menus.

Take advantage of full-disk encryption if you have confidential data

Another practice you could use for all computer platforms is to take advantage of full-disk encryption. Most operating systems provide this as a function that you can use with MacOS X providing it “across the board” for recent iterations in the form of FileVault. Similarly, a commercial or open-source third-party full-disk-encryption tool can do the job better than what the operating system provides.

These tools encrypt and decrypt on an “on-the-fly” basis and mainly protect the local volumes on the computer with some business-tier USB memory keys providing a similar full-disk encryption for their own volumes.

Use a good anti-malware or desktop security program for the Macintosh

Check for and use a good anti-malware program for the Mac platform like Kaspersky, Sophos, AVG or ClamXav . As well, keep the anti-malware program that you run on automatic update in order to keep them ahead of the malware game.

It is also worth noting that the good programs in this field can also keep the Macintosh from being a conduit for spreading Windows-based malware around the Windows platform. This is whether the files are passed through email, message-based file transfers, network-hosted / Internet-hosted file sharing points or removeable media.

Another sign of a good anti-malware program is the ability for it to scan your computer’s primary storage (RAM and paging files) to protect against malware that works on data being held in this space. This is because most data normially encrypted on a secondary storage or in transit is kept “in the clear” in the RAM and is vulnerable to RAM-scraping malware.

Keep stock of what is installed on your Mac

Another way malware gets on to computers is when you load software “in a hurry”. Typically what can happen with some freeware tools is that they can “push” browser extensions and toolbars or utilities of doubtful provenance on to a computer. This can lead to it underperforming or malware creeping in and taking over the system.

If you download from the Mac App Store or similar download locations, check for the app’s reputation by looking at comments, star-ratings and the like. This is something I have raised previously in relation to app stores for mobile-computing platforms along with the newer App stores that are opening up for regular computers and dedicated-purpose devices.

With your browsers and other applications, keep tabs on what plugins, extensions, toolbars and other add-on modules are running and if you notice something being awry about the module since you installed, don’t hesitate to remove it. A good article on this topic concerning uninstalling applications on the Mac is this one on MacRumors.com which highlights that dragging an application bundle to the Trash may not be the only method available.

Conclusion

The main issue here is that the Apple Macintosh is a computing platform vulnerable to malware and will become more so as it be becomes more popular as a mainstream computing platform. So you would need to continue with proper computer-housekeeping practices to keep your Mac from these threats.

Send to Kindle

The classes of computers to be blurred–is this the trend?

Article

A dual Windows-Android machine: PC industry savior or non-starter? | Mobile – CNET News

My Comments

Sony VAIO Duo 11 slider-convertible tablet

A computer that slides to become a tablet or laptop

Previously, a computer with a screen greater than 11”, having a physical QWERTY keyboard and running a desktop operating system like Windows, MacOS X or Linux was a separate class of computer from something that had a smaller screen, no physical keyboard and running a mobile operating system.

Now we are starting to see these classes become blurred by the arrival of 7” and 10” tablets running Windows 8.1 on Intel x86 microarchitecture, along with a plethora of ultra-portable laptops with integrated physical keyboards that convert to tablets whether by folding the keyboard under the screen or detaching the keyboard. This is now augmented with a new trend where computers can boot between Windows 8.1 and Android or run both operating systems concurrently; and Android is being ported to work on the classic Intel microarchitecture.

HP Envy X2 Detachable-Keyboard Hybrid Tablet

The HP X2 family – showcasing the trend for a detachable-keyboard tablet computer

What is happening for both consumers and business users is that they will find it hard to determine which kind of computer is exactly the right one for them to use for their needs. Operating systems and baseline hardware configurations may lose their position as a factor for determining a computer’s suitability to a particular task.

Rather I see factors like the screen size which typically affects the computer’s size and form factor; the graphics or audio chipsets; the existence of a physical keyboard and its actual size; as well as the unit’s connectivity, primary RAM and secondary-storage capacity along with the presence and runtime of an integrated battery being what determines the computer’s suitability for particular tasks and operating conditions that a user may put it to.

Sony VAIO Fit 15e on dining table

The 15″ mainstream laptop will still earn its keep as an option for one’s “digital hub”

For example, if you are creating a lot of documents and other textual content, a full-sized physical keyboard would be considered important. Similarly the size of the screen along with the computer’s form factor and the battery integrated in the computer would also affect its portability and suitability to certain tasks.

In a lot of cases, you may end up with multiple devices where each device suits a particular task or activity. For example a 7”-8” tablet that you can stuff in to a coat pocket may come in to its own when you want something that has material you refer to when you are on the road. This is while you keep a 10”-14” ultraportable computer for when you are “doing a bit more” like taking notes or creating content “on the road”; or you may keep a 15”-17” laptop or a larger-screen desktop computer as your “main digital hub”.

Desktops of a sessile nature like traditional 3-piece desktops and “all-in-one” desktops will typically end up just for applications where the computer is used in one place only. Whereas the “adaptive all-in-one” computers of the Sony VAIO Tap 20 ilk, along with 15”-17” high-end laptops will end up for those situations where the computer will be shifted as required.

What will become of this is to look at particular features and the size and form-factor of a computer to rate its suitability for a task you are targeting it at rather than thinking that one computer would suit all your needs.

Send to Kindle

Want to check on what is being printed using Windows 8.1

Modern User Interface - Device Charm menu when print job is in progress

Modern User Interface – Device Charm menu when print job is in progress

Those of you who have moved to Windows 8 and 8.1 may have found it difficult to know what’s printing when you send out a print job to your printer. Here, you may be used to the “Devices And Printers” window since Windows Vista where you could click on the printer icon to check what print jobs are being printed at a given time.

Here this routine has been simplified in Windows 8 and is available in both the Desktop and the Modern UI views as a consolidated list. This is easier for those of you who have two or more printers like a laser printer that you run as a “printing press” alongside a baseline inkjet printer for ordinary document printing.

Modern User Interface (Metro User Interface)

  1. Bring forward Charms (hidden task-specific option buttons) on right side.
    Touchscreen users simply swipe from the top right-hand corner while mouse users move the pointer in to the top right-hand corner.
  2. Click or touch Devices.
    The “Check Printing Status” text lights up when a print job is pending or in progress
  3. Click “Check Printing Status” to view the jobs list
Right click on Printer icon in Desktop notification area to bring up these options when a print job is in progress

Right click on Printer icon in Desktop notification area to bring up these options when a print job is in progress

Traditional Desktop User Interface

  1. Right click Printer icon in Notifications area in Taskbar
  2. Click on Printer icon
  3. Click on Open All Active Printers for all jobs sent to all printers
  4. Click “name of printer” to show this printer
  5. Desktop UI users can also follow the Modern UI steps as another way to bring up the pending print jobs.

Microsoft could improve on this by having the Devices Charm change colour when a print job is in progress or change to a different colour when something needs attention.

Send to Kindle

A rush to release software can leave gaping holes for bugs and exploits

Article

iOS 7.0.2 Is Here, And It Fixes The iPhone’s Major Security Hole | Gizmodo

My Comments

The recent release of the iOS 7 operating system, like with the iOS 6 operating system with its Apple Maps product, has shown something that is very real with the way computer software and hardware has been developed.

In the case of the iOS 7 operating system, there was a gap concerning the lockout system which required the user to key in a PIN number in to their iOS device but someone could bypass that requirement easily. Apple had released the iOS 7.0.2 update just lately to fix this bug that was missed through the development process for this operating system. This operating system and the devices it runs on are at an increased risk of this behaviour because Apple keeps the marketing hype high as possible for as long as possible because they see it as the consumer-facing mobile operating system for most people.

Similarly various functions in Windows 8 weren’t as polished as most of us would like them to be so we are expecting great things out of Windows 8.1 with some improved “polish” to these functions.

As well, the Apple Maps program which was to oust Google’s Maps from the iPhone and iPad was rushed and there have been issues where there has been misnavigation going on with this program.

This happens more so with anything that affects popular consumer-facing devices and programs. Here, the software developers are put under pressure by the vendor’s marketing team to get the operating system update, firmware or other programs released as soon as possible so that the product can be marketed and sold while the hype surrounding it is still alive. Then the vendor has to wait for the bug reports to come in, whether via their support channels or the technology press, so that these can be fixed and released as part of a point update.

I often deem a software version number of x.x.x, preferable with a middle number greater than 1, such as 8.1.1 or 7.1.2 as being a “mature” version of the software in question. This is because bugs including security exploits and performance weaknesses have been identified and rectified since the original release of the program.

As for iOS devices, I would recommend that those of you who are running iOS 6 to run iOS 7.0.2 or hold off upgrading until a higher version number, preferable a 7.1 number appears.

Send to Kindle

Formatting external hard drives to native file systems may allow them to work optimumly

Article

Using external drives to save space on your Mac? Format them first. | MacFixIt – CNET Reviews

My Comments

External hard disk

A typical external hard disk

This article highlighted the benefits of formatting external hard disks that are to be connected to an Apple Macintosh as HFS+ file-system disks. This advice hails well for formatting an external hard disk to an operating system’s native file-system such as NTFS for Windows or ext3 for Linux. This is because most of the external hard disks come preformatted to FAT32 more as an interchangeable file system that can be used on Windows, Macintosh and UNIX/Linux.

In the context of an external hard disk that you attach to a network-attached storage device for extra capacity, it may be worth looking through the instruction manual for your NAS or router to find the optimum file system. Some of the NAS units may work with ext3 or NTFS as the file system whereas most, including the routers with NAS functionality will stay with FAT32.

But this situation would apply to external hard disks that are primarily connected to the host computer all of the time rather than the “portable” hard disks that are likely to be moved between different computers and file systems. It wouldn’t hold well with thumb-drives and memory cards that you would expect to move between various computer devices including specific-purpose devices because most of these devices would only know the common FAT32 file-system.

This advice is best applied with an external hard disk that you have just purchased rather than one that contains all of your data because a format routine can wipe all of the data that exists on the hard disk.

Send to Kindle

What has happened about the faulty firmware issue for the PS3

Article

Sony releases PS3 firmware update to fix last week’s fiasco | Tech Culture – CNET News

Instructions – From the horse’s mouth

Sony PlayStation

Manually updating your PS3 with the firmware

Safe Mode on PS3

My Comments

Sony PS3 games console

Sony PS3 games console – latest firmware should be 4.46

Previously, when Sony rolled out version 4.45 of the PlayStation 3 operating software, this update had caused many PS3s not to boot properly for interactive use. The situation had been described where the consoles were effectively “bricked” and Sony had to immediately pull the update from their PS3 software-update servers.

Now they have released version 4.46 of this firmware and made it available also as a manual-update file so you can recover a PS3 that had suffered this fate. When this situation had occurred with the PS3, the version-4.45 software went in to an “endless-loop” during startup thus not reaching the standard “XMB” start menu.

Fortunately, Sony had set up a “safe mode” for the PS3 in a similar way to what Microsoft, Apple and others have offered as a diagnostic startup option for their regular-computer operating systems. Here, this places the equipment in a known state with minimum software and hardware overhead that allows one to perform diagnostic or recovery work on faulty equipment.

In this case, you can load the firmware from a USB memory key and Sony have provided instructions on how to go about this, such as which folder to position the firmware file on the USB memory key. Here, you would need to use your desktop or laptop computer to download the firmware file to the USB memory key in the known location (\PS3\UPDATE).

Here they also detailed how to place the PS3 in to the aforementioned “safe mode” so you can load the firmware from the USB memory key. As well, you would have to connect the game controller to the PS3 via a USB cable while it is in this mode and be sure to select the “System Update” option on the menu that pops up to start this update without destroying your data and settings.

As well, I would suggest that you check that the version of the firmware on your PS3 is indeed 4.46 or newer in order to make sure that your console is behaving in a reliable manner.

An issue that could be raised regarding field-updatable firmware especially for consumer-electronics devices is providing a fail-safe update process with a rollback mechanism. This is more of an issue when there are situations like bugs that missed the quality-control process; failed download / install processes or, at worst, malware written in to field-updated firmware.

Here, the previous firmware could be kept in a separate section of flash memory or secondary storage, as well as the ability for the device to start in to safe mode thus providing the option for software rollback if the software didn’t start to the normal user interface.  Similarly, the standard user interface could be used as a way to facilitate this kind of software rollback, which can come in handy with bugs that creep up during normal operation. This is similar to what has been achieved with most desktop operating systems like Microsoft Windows, where the operating system creates “system restore points” at the start of software install or update processes and is able to roll back to these points if the install or update becomes dysfunctional.

What we are starting to see is that devices like games consoles, smart TVs and printers are becoming as sophisticated as regular computers and entering a point where the same kind of irregularities could creep up on them.

Send to Kindle

What to do if the App Store gives your Mac the Dreaded Beach Ball

Article

Tackle a hung App Store update in OS X | MacFixIt – CNET Reviews

My Comments

You have that Macintosh computer running with Apple’s App Store as your preferred download spot for programs. But you notice that the Mac is not being its usual self while you are running an App Store update or download. It starts to show that dreaded “beach ball” for ever during the update process while nothing is happening. This means that the App Store client application is hanging and effectively slowing down the rest of your system.

The main problem that can lead to this typically are about the App Store working with corrupted files in its folders as what happens with any computer programs. This encompasses where the installation packages are held after they are downloaded as well as any temporary files that the App Store creates. The folders will exist on the “Macintosh HD” secondary storage location which is the main storage location for all of your Mac’s programs and data.

Here, when you notice this behaviour, you would have to “force-quit” the App Store application. Either this is done by selecting “Force Quit” from the Apple menu or pressing CommandOptionEsc on the keyboard. You could also “force quit” from the Dock by using Option-Right-Click on the unresponsive application’s icon. After you have done this, the Mac should be more stable by now.

Dealing with the corrupted data

Installation package folder

Then you would have to use Finder to clear out the App Store Updates folder which is at Macintosh HD/Library/Updates. This is where the software update or download packages are held by the App Store before being installed. Once you clear this folder out, it means that the App Store application can draw down fresh “known-to-be-good” install packages from the iTunes App Store.

Temporary and “work” files created by the App Store

Another location that you may have to clear out are the App Store Caches. These represent the temporary files that the App Store application creates as it goes about its work.

Here, you run Terminal and type in: “open $TMPDIR../C” to expose the “cache” folders where data that the App Store needs for speedy operation exists. In this window, look for folders that begin with “com.apple.appstore” and remove these folders.

You also go back to Terminal and type in “open $TMPDIR../T” to expose the temporary-file folders. Here, you look for the folders that begin with “com.apple.appstore” and remove them.

The App Store will take longer to start as it re-builds the cache and temporary files with the fresh “known-to-be-good” data.

Permissions fix for the system resources

This is another area that could house corrupt data and could generally affect your Mac’s stability. It is because the information about the permissions required by the applications to use system resources is kept as data on the Macintosh HD.

Here, you use the Disk Utility to do this task. You select the Macintosh HD in this program’s sidebar and click “Repair Permissions” in the “First Aid” tab to start it repairing any corrupt system-permissions data.

Tips to avoid this problem

If you are using a Wi-Fi wireless LAN connection or a mobile-broadband connection, and you intend to do a lengthy App Store update, make sure that you are getting a consistently strong signal from the wireless network. This is because a poor or inconsistent wireless signal could lead to an increased risk of failed downloads.

As well, it may be a good idea to have your MacBook connected to external power while you are doing a lengthy update. This avoids the risk of a failed download occurring because the battery is on the way out.

Here, you could confine the App Store software updates to your home or workplace so you can be sure of a smooth update scenario.

Send to Kindle

Using a NAS to hold operating-system updates

The current situation

Netgear ReadyNAS

A network-attached storage can come in handy for storing software updates rather than downloading them frequently

Operating system and application developers are now being required to provide updates for their products during the product’s service life and beyond. This is to provide for a computing environment that is performs in an efficient, secure, reliable and optimum manner. The updates may be released at regular intervals such as on a monthly basis or in response to a situation such as the discovery of a bug or security exploit.

New devices

A common situation that happens with most regular and mobile computing devices when a user takes delivery of them is that the user downloads a large data package to bring it up to date. This may be done many times if multiple units running the same platform are purchased.

Many devices

Similarly, a household may have multiple units running the same operating environment and they have to keep these up to date. The typical example of this may be a family with two or three children who are at secondary school. Here, they may have two or three computers for the children to use as well as one computer per adult. This could be brought about with the older child being given a more powerful computer as they enter senior high school or another computer given to the younger children as they start their secondary school.

But the same bandwidth would be used again and again to update each and every device. This may not be a problem for a couple with one device per adult but would be a problem when you are thinking of environments with more than two devices which is fast becoming the norm.

Using a network-attached storage to locally cache updates

Somehow the network-attached storage devices need to be able to support the ability to locally hold updates and patches for operating systems and applications used in computers on a home or small-business network.

The practice is performed frequently with large-business computer setups because of the number of computers being managed in these setups. But it could be practiced with home and small-business setups using a simplified interface. This could be based on the use of a local-storage application for regular or mobile client operating environments which supports this kind of local updating.

A local client application to manage system-update needs

Here, the local-client software could register which operating environment the host computer runs and what eligible applications are on the system so as to prepare an “update manifest” or “shopping list” for the computer. The “shopping list” would be based on the core name of the software, no matter whether different computers are running different variants of the software, such as home laptops running Windows 7 Home Premium while a work-home laptop runs Windows 7 Professional. This manifest would be updated if new applications are installed, existing applications are removed or changed to different editions or the operating system is upgraded to a different version or edition.

A local software manifest held by the NAS

This manifest is then uploaded to the NAS which runs a server application to regularly check the software developers’ update sites for the latest versions and updates for the programs that exist on the “shopping list”. There could be a “commonality” check that assesses whether particular updates and patches apply across older and newer versions of the same software, which can be true for some Windows patches that apply from Windows XP to Windows 7 with the same code.

At regular intervals, the NAS checks for the updates and downloads them as required. Here, it could be feasible to implement logic the check the updates and patches for malware especially as this update path can be an exploit vector. Then the computers that exist on the network check for new software updates and patches at the NAS.

Software requirements

Such a concept could be implemented at the client with most regular and mobile operating systems and could be implemented on network-attached storage devices that work to a platform that allows software addition.

It would also require software developers who develop the operating systems and application software to provide a level of support for update checking by intermediate devices. Initially this could require setups that are particular to a particular developer being installed on the client device and the NAS, but this could move towards one software update solution across many developers.

A change of mindset

What needs to happen is a change of mindset regarding software distribution in the home and small business. Here, the use of local network storage for software updates doesn’t just suit the big business with more than 50 computers in its fleet.

It could suit the household with two or more children in secondary school or a household with many young adults. Similarly a shop that is growing steadily and acquiring a second POS terminal or a medical practice that is setting up for two or more doctors practising concurrently may want this same ability out of their server or NAS.

Conclusion

The NAS shouldn’t just be considered as a storage device but as a way of saving bandwidth when deploying updates in to a household or small business who has multiple computers on the same platform.

Send to Kindle

Your new MacBook Air or MacBook Pro being thirsty on the battery? Check for software updates

Article

Apple releases fix for increased power consumption in new MBP and MBA | ZDNet

From the horse’s mouth

Apple – Software Download (direct)

My Comments

You may have just bought the Retina-based MacBook Pro or a Macintosh laptop over the past year but have noticed that you always have to run it on AC power rather than on battery. In some cases, you may have noticed that the fan in the computer is running more than it should.

This has been discovered by Apple as a firmware bug and they have prepared a software update to rectify this problem. This bug is allowing the CPU in the MacBook to run harder than it really needs to, thus allowing it to draw on more power and yield more heat. The software update also improves operating-system compatibility with certain USB devices which may also help with the stability of the system.

This software update is available at Apple’s Website or through the Software Updates panel in MacOS X Lion. Infact, if you have just bought a Mac laptop, I would recommend that you visit the Software Updates option and deploy this and other important updates to your Mac.

Send to Kindle

Now you can have your Leopard-based Apple Macintosh secure from the current threats

Article

Apple issues Leopard update with Flashback removal tool – Engadget

Downloads

Apple

Java security update (targets Flashback Trojan)

Adobe Flash security update

Adobe

Latest Flash Player update

My Comments

Owning an older Macintosh computer that is running MacOS X Leopard but isn’t powerful enough to be upgraded to Snow Leopard or Lion? Or you haven’t upgraded your Mac to Snow Leopard or Lion due to keeping a LocalTalk peripheral in service using that link.

You may fear that this situation may make you vulnerable to the recent security scares involving Trojan-Horse programs written in cross-platform code that is targeting the Macintosh platform. Now Apple has remedied that problem by releasing two patches targeting this version of MacOS X.

The Java security update checks for and removes the Flashback Trojan from your Mac, but also disables Safari’s Java plug-in. If you need to use Java in Safari, you would need to visit the Preferences menu by going to Safari>Preferences or pressing [Command] and [,], then clicking the “Enable Java” option.

The Adobe Flash update will disable the out-of-date version of Adobe Flash Player end encourage you to visit Adobe’s Website in order to download the latest version of the software. Here, you make sure that you are downloading for MacOS X 10.4 – 10.5 to get the latest version for your MacOS X Leopard computer.

Send to Kindle