Data security Archive

Google Chrome can now detect loaded downloads

Article

Chrome update to raise alarms over deceptive download bundles | The Register

From the horse’s mouth

Google

That’s not the download you’re looking for …. – Blog post

My Comments

I have helped a few people out with removing browser toolbars and other software from their computers that they didn’t necessarily invite in the first place. What typically happens is that a person looks for software to do a particular task such as a lightweight game, native front-end for an online service, video-codec pack, an “essential” CD-burning tool or an open-source Web browser, but they work through a very confusing install procedure that has them invite software like TubeDimmer to their computers if they aren’t careful.

A lot of this unwanted software ruins the browsing experience by “cluttering” the screen with extra advertisements and data or redirects genuine links to advertising sites hawking questionable products. As well, they are more likely to “bog” the computer down by stealing processor time and RAM memory space.

Mozilla has become aware of the problem with Firefox courtesy of their bug-reporting mechanism and found that it wasn’t about proper software bugs but improper bundling practices. They had found that these bundles were infringing their copyrights and trademarks that they had with the software, especially the open-source concept.

Google has answered this problem at the search phase of the operation by identifying whether a download site is paying to advertise courtesy of its Adwords keyword-driven advertising service and provided a way to highlight that the software is not the official software site. This is typically because a download site may bundle multiple programs in to the install package rather than just having the program you are after.

They are even going to “expose” the detection software to Mozilla and others to allow them to integrate the detection functionality in their “regular-computer” browsers or desktop-security software by virtue of their Safe Browsing application-programming interface.

This may be a step in the right direction towards dealing with “loaded downloads” but desktop security programs could work further by identifying installation packages that have more than what is bargained for.

Send to Kindle

Public-access computers now being seen as a security threat

Article

The danger of using PCs in hotel business centres | HOT For Security

Data thieves want to track what you type at hotel business centers | Engadget

My Comments

A very common part of the Internet landscape is the availability of public-access computers that are connected to the Internet. These were made available in schools, universities and libraries but then ended up as being part of cafes, bars and the like, including hotel business centres.

But there had to be a level of control over what software ended up on these computers so that they don’t become a conduit for mailware. Even before the Internet, there was the issue of people bringing in software on floppy disks and these were known to be a conduit for viruses. For example, the computer systems that I used at the TAFE college where I studied my computer course were connected to a network but these were set up to boot from the network where the IT department had control over the software that was made available. In some cases, the boot sequence required the computer’s local hard disk to be “swept clean” of data and the locally-required software image to be reinstalled on that hard disk.

A common reality with public-access computers nowadays is that they operate all the time the business is open, surviving the day without being rebooted. In some cases, it becomes feasible to install software on them thus allowing any “Tom, Dick and Harry” to install software off removeable media or the Internet. As well, there is a culture amongst a lot of organisations who run these computers where no-one cares about what goes on with them, usually due to technically-inept or overworked customer-service staff or IT support staff who are distant from the venues.

This has lead to situations like keylogger malware being planted on these machines because users enter personally-identifiable information in to these computers to complete transactions or communicate with others.

What can we do

If you can, use your own computer equipment to perform your sensitive communications or transactions. If you have to use a public-access computer, make sure that the machine you intend to use implements a “wipe-clean-and-install” arrangement where the local hard disks are “wiped clean” and the software reinstated from a known image after every usage session.

What venues can do

Encourage the staff to keep an eye on the public-access computers and respond to issues that the users may have with the systems. As well, they keep an eye out for any physical tampering with these systems such as installation of hardware keyloggers or similar devices.

Another issue worth considering is deploying system-management software that can either restore from a known disk image when the computer is restarted (Faronics DeepFreeze), lock down the computer (Anfibia Deskman) or provide a simple “Web kiosk” environment (Webconverger). These can limit the effect that malware can have on the public-access computers.

At least, they could keep the computers running operating systems, application software and desktop-security software that is kept updated with the latest security patches. In a lot of cases, the software could be set up with “blind updating” where the updates are downloaded and installed automatically. As well, making sure that the computers are restarted on a regular basis to be sure of updates being properly installed and can increase the effectiveness of “wipe-clean” system management software.

General comments

Personally I see the public-access computers becoming the Internet equivalent of the public pay phone – something that we are making less use of and people who use these devices regularly are seen as social pariahs. This is although they become a stop-gap measure for computing tasks when we deal with laptops or smartphones that are out of battery for example.

Send to Kindle

AVM hardens consumer router security with latest FritzOS version

Article (German Language / Deutsche Sprache)

AVM kündigt FritzOS 6.20 mit neuen Sicherheitsfunktionen für Ende Juli an | ZDNet.de

From the horse’s mouth

AVM

Press Release (English / Deutsch)

My Comments

 

AVM FRITZ!Box 3490 - Press photo courtesy AVM

AVM Fritzbox 3490 to be able to update itself like your Windows or Mac computer

Previously I had covered AVM being the first consumer router manufacturer offering automatic firmware updates for their router products. Here, this firmware, known as FritzOS 6.20 will have this feature and be rolled across most of their product lineup.

But it will also have the ability to notify users of newer firmware being available along with identifying ports that are open and who logged on or off the management user interface.

What AVM have done is reacted to an industry-wide issue with consumer and small-business routers running old unpatched firmware, typically the software that is “out-of-the-box”. This is often found to be a security risk due to software exploits or vulnerable configuration setups not being rectified even though manufacturers do rectify this through newer firmware updates which the customer has to download and deploy.

A step in the right direction for idiot-proof home network security

As well, they are throwing in enhanced Wi-Fi hotspot, VPN endpoint setup functionality and Web based access to shared storage in to this firmware. It is becoming a sign that firmware integrated in an Internet gateway device is being treated by the device manufacturers as an operating system along the same lines as what you would run on a computer, tablet or smartphone. This means having a continual upgrade program to rectify any bugs or vulnerabilities, allowing for hands-off or one-touch software deployment and even adding functionality in a device’s life.

Send to Kindle

Malicious USB charging stations–how to protect your mobile devices

AC USB charger

It may come to a point where a USB charging device offered by a stranger may be treated with distrust

I have seen some recent press coverage generated especially by the security-software industry about the concept of USB-based charging devices stealing data from smartphones and tablets that normally charge from these devices. This issue was brought to public attention at the start of the World Cup 2014 where the fear that an increased number of travellers pouring in to Brazil for the soccer may be a breeding ground for threats to the safety of personal and business data kept on mobile devices owned by these visitors.

The devices that are being considered of concern are “walk-up” charging facilities installed in commonly-accessible places or made available for everyone to use. The concern was brought about with a laboratory experiment involving a small “homebrew” computer circuit connected to an iPhone running iOS 6 and this computer discovering the data on that device. They said that this device could be concealed in a box the size of a “wall-wart” or built in physically or logically to a “walk-up” charging facility. Here, the device could gain access to your data on an iPhone or iPad running iOS 6 or earlier because those earlier iterations of the iOS operating system don’t indicate in a user-facing manner what kind of host device you are connecting your mobile device to.

USB symbol that indicates that your Android device is connected to a computer device

USB symbol that indicates that your Android device is connected to a computer device

Android user are luckier because all of the iterations of that operating system indicate whether your mobile device is being plugged in to a computer device rather than a power-supply device and tell you how they are presenting themselves to the host device i.e. a “Media Transport Protocol” device, a “Picture Transport Protocol” device or a “Mass Storage” device.  You have the ability to determine how your device presents itself by tapping on the “Connected as” message in the Notification Screen which will show the possible modes. As well, you will see the USB trident symbol in the Notification Bar at all times while the connection is active.

The “Media Transport Protocol” mode primarily exists to allow the host access to the media content on your device and may be exploited by entertainment setups like home AV devices, in-vehicle infotainment setups and airline in-flight entertainment screens for playback via the device’s screen and speakers or headphones. On the other hand, the “Picture Transport Protocol” mode allows access to the pictures and videos in the default folders on your device and is exploited by PictBridge-capable printers and printing kiosks for “walk-up” printing of digital pictures. As well, the “Mass Storage” device mode presents your device to the host as a USB “memory key”.

USB device type notification on Android

USB device type notification on Android

iOS users can protect themselves by bringing their iPhones, iPads and iPod Touches up to date with the latest version of that operating system. Here, iOS 7 and newer versions will pop up a dialog box asking whether the user trusts the computer device that they are plugging in to and if they don’t assent, the Apple connection port just becomes a power-and-audio port rather than a power-audio-data port.

Device types supported on your Android device

Device types supported on your Android device

Other suggestions to deal with this issue include properly shutting down your mobile device when letting it charge up at a public charging facility or someone else’s computer, or charging it from an AC charger or external battery pack that you own and bring with you. Even ideas like being frugal with the way you use your mobile gadgets in order to “spin out” their battery runtime like cutting back on multimedia or gaming, or turning off functions like Wi-Fi and Bluetooth unless you actually are using them have been put forward.

New iOS 7 dialog box that identifies if the other device is a computing device

New iOS 7 dialog box that identifies if the other device is a computing device

The main issue here is keeping your mobile devices on the latest version of their operating system and paying attention to situations where your mobile device identifies that what is ostensibly a charging device is infact a computer device and the host device doesn’t come clear on its functionality.

Personally, it could become the time for the USB specification and other host-peripheral connection specifications to be revised to factor in “privilege levels” and trust ecosystems when it comes to device connectivity. This could mean that a connection may only be a “battery charging / power delivery” connection unless a level of trust is established between both devices as regards their functionality and it could even just lead to a removal of the “plug-and-play” features of these systems.

Send to Kindle

You can get Kaspersky desktop security for free if you bank with Barclays

Article – From the horse’s mouth

Barclays Bank

Special offer for Barclays Bank online customers

My Comments

Kaspersky Internet Security 2014 - press image courtesy Kaspersky LabsIn 2009, I had reviewed a copy of Kaspersky Internet security and had found that it was the start of things to come for a capable desktop-security program. Then I had read some comparisons of various desktop security programs and found that this same program was doing its job without trading off performance unlike the Norton software where I have heard complaints about sluggish performance. Lately, I have even recommended this program as a desktop-security solution for people who have asked me about their home-computer security needs.

Barclays, a well-known UK bank who had been the victim of a “distraction-burglary” hacking scam, has now offered a partnership deal with their online-banking customers by offering free copies of this software. This also applies to those of us who have continued a subscription with Kaspersky for the software and the subscription is up for renewal.

What I like of this is that Barclays have led the field by a partnership with a desktop security software vendor to protect their customers from the varying forms of malware that can compromise the sanctity of their customer’s banking and personal data.

Send to Kindle

AVM Fritzbox 7490 to be the first router to offer automatic firmware updating

Article (German language / Deutsch Sprache)

Automatische Updates für Fritzbox-Router | PC Welt

From the horse’s mouth

AVM

Software update page

My Comments

AVM FRITZ!Box 3490 - Press photo courtesy AVM

AVM Fritzbox 3490 to be able to update itself like your Windows or Mac computer

One of the big holes in data security that has been recently identified is the typical Internet gateway device sold to most households and small businesses as the “edge” between their home network and Internet connection.

This hole has been identified because most of the devices, especially those sold through most retail, value-added reseller and most service-provider channels, work simply on the firmware installed in them when they left the factory. As we all know, a lot of this firmware can be full of bugs and software exploits that place the home network and the computer equipment on it at risk of security breaches.

Most regular and mobile computer equipment and some set-top boxes benefit from a continual update process with the ability to have the critical updates delivered by the software vendor automatically without any user intervention. But this doesn’t hold true for the typical consumer router, which requires the customer to install updated firmware manually. In a lot of cases, the user may either have to run a firmware-installation tool on their regular computer or download a special firmware-package file from the manufacturer’s Website and subsequently upload the firmware to the device via its Web-based management interface.

A few devices may allow you to deploy updated firmware by causing the device to download and install the latest firmware from the manufacturer’s Web site by clicking on an “Update” button. These devices make the job easier but you have to regularly visit that user interface to check for new updates and start the update process.

These tasks can be considered very difficult for anyone to do unless they have had a lot of computer experience and expertise and is something commonly performed by the computer expert in the family or community.

AVM, a German company who makes premium-grade routers and networking gear for consumers and small business, have answered this need with the latest firmware for the Fritzbox 7490 Internet gateway device. This firmware offers automatic updating for firmware patches to enhance the device’s security.and reliability.

You would have to visit the AVM site to download and install the latest firmware in to the Fritzbox 7490 but this would be the last time you would need to do this because the Fritzbox could simply “look after itself” when it comes to the updates. There is a question remaining about whether AVM will roll this feature out to other Fritzbox routers and network devices so as to keep them secure.

At least AVM are setting a good example for all Internet-gateway-device manufacturers and resellers to follow by putting up the idea of self-updating equipment in to the consciousness. This could even extend to other devices like smart TV and devices that constitute the “Internet Of Everything” as we think of the smart home.

Send to Kindle

The French have fielded another alternative to TrueCrypt

Article (French language / Langue Française)

VeraCrypt, une alternative française à TrueCrypt | Le Monde Informatique

From the horse’s mouth

Idrix

VeraCrypt product page

My Comments

TrueCrypt is a source-available encryption engine used primarily in Windows 7 and 8 as part of the BitLocker volume encryption function that the operating systems offer. Lately, further maintenance of this encryption engine had ceased with accusations of the likes of NSA putting pressure on the developers to cease maintaining it.

A few other third-party encryption engines have surfaced from Europe such as the VeraCrypt engine from France and a fork of this engine constructed in Switzerland. This is in response to Europeans having a distrust for “big government” having access to personal data due to being burnt by the Hitler, Mussolini and Franco regimes in the West and the Communist governments in Russia and the East.

Idrix has worked on the French VeraCrypt project which is pitched as being easy to use for small business, non-profit organisations and individual users. Like all encryption software, it doesn’t support the ability to “trans-crypt” i.e. convert an encrypted volume over to another encryption mechanism.

It will be initially issued for the Windows regular-computer platform but a port is being expected soon for the MacOS X (Apple Macintosh) and Linux platforms. As well, it is being made available for free and as open-source software.

But what I see of this is an attempt for European companies to “break through” the US stranglehold that can accompany the computer software scene and for European culture and norms to be respected in this field.

Send to Kindle

Chinese spies now charged with cyber espionage

Articles

IT-focused News

FBI Issues Wanted Posters For Five Chinese Army Officers | Gizmodo

DOJ’s charges against China reframe security, surveillance debate | PC World

US authorities name five Chinese military hackers wanted for espionage | The Register (UK)

General News

US Charges China With Cyber-Spying On American Firms | NBC News

Previous coverage on this topic

Symantec Symposium 2012 – My Observations From This Event

The issue of cybercrime now reaches the national level

My Comments

I have heard and will cite previous coverage about the issue of nation states engaging in cyber espionage against other nation states and businesses within these other nation states. For example, I attended the Symantec Symposium in 2012 and listened to the keynote speech by a guest speaker from the Australian Federal Police and he mentioned about organised crime and nation states engaging in the cyber-espionage or sabotage. He even said that it isn’t just servers or regular computers that were at risk but mobile devices like smartphones, point-of-sale / point-of-payment equipment and other dedicated-purpose computing devices being also at risk.

Subsequently, I watched the ABC Four Corners “Hacked” broadcast which covered the issue of cybercrime reaching a national level. This telecast covered key points including a small business who manufactured electronic equipment for defence purposes that fell victim to a Chinese cyber attack along with the theft of blueprints for ASIO’s new offices,

The recent indictment of Chinese military officers by the US government, along with FBI serving “wanted notices” on these officers has underscored the issue of nation states being involved in cyber espionage. It highlights the theft of intellectual property that private companies or government departments hold close to their heart for economic or strategic advantage.

It was even looked at in the context of the National Security Authority debate regarding cyber surveillance by that government department of Uncle Sam’s especially when there was the leaks that were put out by Edward Snowden, The US President Barack Obama even wanted to establish a global discussion regarding the cyber hacking and surveillance.

It got to the point where Mark Zwillinger, the Department Of Justice lawyer ran this line:The only computers these days that are safe from Chinese government hackers are computers that are turned off, unplugged, and thrown in the back seat of your car. Personally I would take this further by saying that the only computers these days safe from the Chinese government hackers are those that are turned off fully, unplugged and securely locked in the boot (trunk) of a sedan (saloon) or similar car.

As well, it would have us “wake up and smell the bacon” when it comes to nation states, especially those that don’t respect human rights, engaging in cyber warfare.

Send to Kindle

Desktop security moves from virus-hunting to more tasks according to Symantec

Article

“Antivirus is dead” says maker of Norton AntiVirus | PC World

Antivirus Is Dead — Long Live Antivirus | Krebs On Security

My Comments

What did anti-virus software do?

McAfee LiveSafe desktop security program

A typical desktop-security program in action

Previously, an anti-virus program was regularly vetting software against a known signature-based list of virus software or, in some cases, Trojan-Horse software. Better programs of this class also implemented “heuristics-based” detection that observed software behaviour for known virus-like characteristics.

The software authors beihind the anti-virus programs were playing cat-and-mouse with the malware authors who are trying to get their rotten software on to our computers. For example, malware authors use “crypting” services to hide their software from the gateway software, typically through the use of obfuscation.

What have the anti-virus software programs evolved to?

These have evolved to robust “desktop security” software suites that perform many different security functions for the computers they are protecting.

Firstly they work with your email client software to vet your incoming email for spam and phishing emails. This will typically work with client-based email setups like Outlook, Apple Mail, Windows Live Mail and others rather than Webmail setups like GMail or Hotmail.

As well, they implement a desktop firewall that  verifies traffic coming to and from the Internet and home network so that malware can’t easily “report to sender” to fulfill its task.

They also implement a wider malware-checking mandate such as catching out rootkits, adware and spyware. Sometimes this is done on a “software reputation” mechanism or observing for particular behaviour traits.

Another function is to implement a “reputation check” for the websites that you visit. This checks whether a Website is a host for questionable software or implementing other questionable practices. This may also be included with a desktop content-filtering function which filters against pornography, hatred and other undesireable content.

They also work as a privacy watchdog by monitoring Websites or social-media services for improper activity that threatens your privacy or that of your child or other vulnerable person.

But, wait, there’s more!

Some of these programs offer extra functionality in the form of a password vault which looks after the passwords for the Websites and other resources you visit.

They may offer a client-server VPN so you can use the Web from other networks like your friends’ and relatives homes or public networks in a secure manner. Similarly, they offer a secure file-storage option, whether on the cloud or on your local machine.

Different levels of functionality available

Most desktop security suites pitched at the home or small-business user tend to be sold with client-focused manageability where you set their parameters to manage that particular client computer. If you have multiple computers, you have to manually replicate that same setup across those computers. As well, they are priced either “per machine” or in a licence-pack that covers up to five or, in some cases, ten machines. You may be lucky to have the software provided as a site-licence that covers equipment owned by a particular household.

Conversely, desktop-security software that is targeted at the big business or at some small businesses is set up for management of multiple machines from one logical point. This includes the ability to deploy the same software across multiple machines yet have the same standards preserved across the multiple machines. They are typically priced in licence-packs that encompass many machines or may also offer a site-licence deal which covers all equipment kept at a particular location or by a particular organisation.

Send to Kindle

Macintosh users–keeping your computer secure

Article

Apple users: Try these five tips for better Mac security | Naked Security

My Comments

Just lately, I have heard over the dinner table that a few Apple Macintosh computer users have been facing issues with malware and other software with questionable behaviour. Some of these attacks were mainly “overlay attacks” that worked with the user’s Web experience.

What previously used to happen was that Windows computers were the target for viruses, worms, Trojans and similar malware due to them having a stronger installed base compared to the Apple Macintosh platform. This caused some people to switch to the Apple Macintosh platform because of less malware threats occurring on that platform.

But even in 1989 when I was made aware of the virus issue, the awareness about viruses and similar malware was targeted across all personal-computing platforms that were in operation through that year i.e. the MS-DOS-based IBM PC, the Macintosh, the Commodore Amiga and the Apple II amongst others. At that time, there was awareness about keeping a “clean” system and keeping control over how you shared your files.

Similarly, we started to see the arrival of signature-driven anti-virus programs that could scan hard disks or removable “floppy disks” for viruses. Some of these initially scanned the boot sector but moved towards checking files for these viruses. They became a very important part of every computer user’s software toolkit as the virus activity increased. But through the 1990s as the Internet came on the scene, the malware activity was more focused on the MS-DOS / Windows platform with Apple Macintosh users not having as much of that activity. At that time, the MS-DOS / Windows platform was effectively the computing platform for most personal and business computing applications including gaming with the Macintosh being used by creative types due to its inherent prowess with multimedia.

This lead to a sense of complacency concerning secure computing for the Macintosh platform on both Apple’s and their users’ part. Microsoft took proper steps in updating and patching the Windows computing platform since 2001 with the arrival of Windows XP and hardening that platform with the arrival of Windows Vista and 7. Similarly, Windows users jumped over to the Macintosh platform for their home computing because they saw Windows as being slow and virus-ridden; and also due to the arrival of Apple’s iPod and iPhone products.

Lately, the Apple Macintosh has become the target for various malware campaigns including “write-once run-anyone” attacks based on Adobe Flash and Java software platforms. This is due to the increased new-found popularity that the Macintosh has acquired and, in another context, activities involving the Internet, networks or removeable media are still being seen as vectors where the Mac can share Windows-targeted malware.

Upgrade to Mavericks if you can

To stay secure, Apple Macintosh users need to upgrade to the 10.9.2 Mavericks version of MacOS X, with this version being equipped with various security improvements in a similar way to what Microsoft did with Windows 7. This can be done with newer Macintosh computers and for free with Macs running Lion or Mountain Lion versions.

Keep the operating system and software up-to-date

As well, as part of proper computer housekeeping, it is important to keep the Mac “lock-step” with the latest operating-system updates. Here, you can use the Apple-Menu / System Preferences / App Store option to have the Mac check for and download the updates from Apple by itself; or go to the Apple-Menu / Software Update menu to cause it to check for updates. The latter option can be of use with a MacBook that is used “on-the-road” and you are able to check in at a Wi-Fi hotspot or other Wi-Fi network.

Similarly, keep Adobe Flash and Oracle Java up-to-date by using options in the Apple-Menu / System Preferences menu to check for automatic or manual updating for these programs. If any other “write-once run-anywhere” software-development platforms show up on the Macintosh platform, treat these like you would with Adobe Flash – they can become a path for distributing malware that “hits across all platforms”.

This also applies to the application software and utilities you also run on your Mac and, here, you go to whatever software-option menu there is to check for software updates or cause automatic software updating to occur.

Don’t enable Java if you don’t need it.

As for Java which appeals as a “write once run anywhere” coding system, don’t enable it unless you are intending to run a known trusted program that uses this language or are developing Java software. OS X Mavericks comes with this deactivated by default but you can deactivate this in your Web-browser option menus.

Take advantage of full-disk encryption if you have confidential data

Another practice you could use for all computer platforms is to take advantage of full-disk encryption. Most operating systems provide this as a function that you can use with MacOS X providing it “across the board” for recent iterations in the form of FileVault. Similarly, a commercial or open-source third-party full-disk-encryption tool can do the job better than what the operating system provides.

These tools encrypt and decrypt on an “on-the-fly” basis and mainly protect the local volumes on the computer with some business-tier USB memory keys providing a similar full-disk encryption for their own volumes.

Use a good anti-malware or desktop security program for the Macintosh

Check for and use a good anti-malware program for the Mac platform like Kaspersky, Sophos, AVG or ClamXav . As well, keep the anti-malware program that you run on automatic update in order to keep them ahead of the malware game.

It is also worth noting that the good programs in this field can also keep the Macintosh from being a conduit for spreading Windows-based malware around the Windows platform. This is whether the files are passed through email, message-based file transfers, network-hosted / Internet-hosted file sharing points or removeable media.

Another sign of a good anti-malware program is the ability for it to scan your computer’s primary storage (RAM and paging files) to protect against malware that works on data being held in this space. This is because most data normially encrypted on a secondary storage or in transit is kept “in the clear” in the RAM and is vulnerable to RAM-scraping malware.

Keep stock of what is installed on your Mac

Another way malware gets on to computers is when you load software “in a hurry”. Typically what can happen with some freeware tools is that they can “push” browser extensions and toolbars or utilities of doubtful provenance on to a computer. This can lead to it underperforming or malware creeping in and taking over the system.

If you download from the Mac App Store or similar download locations, check for the app’s reputation by looking at comments, star-ratings and the like. This is something I have raised previously in relation to app stores for mobile-computing platforms along with the newer App stores that are opening up for regular computers and dedicated-purpose devices.

With your browsers and other applications, keep tabs on what plugins, extensions, toolbars and other add-on modules are running and if you notice something being awry about the module since you installed, don’t hesitate to remove it. A good article on this topic concerning uninstalling applications on the Mac is this one on MacRumors.com which highlights that dragging an application bundle to the Trash may not be the only method available.

Conclusion

The main issue here is that the Apple Macintosh is a computing platform vulnerable to malware and will become more so as it be becomes more popular as a mainstream computing platform. So you would need to continue with proper computer-housekeeping practices to keep your Mac from these threats.

Send to Kindle