The Mac Experience in Business & Home: Help, Tips, Discussion & Radio Show Notes

Are Macintoshes just a “little” more secure? Here’s a good article on an opening discovered in the last week in Mac OS X 10.4’s security, a vulnerability in the interaction between Quicktime, Java and a Macintosh web browser, including Firefox and Safari. It enables a malicious programmer to potentially control a Macintosh OS X 10.4 system by simply directing the visitor to a specially coded website. As of the writing of this note, Apple has not yet published a security update in response to this discovery.

Thanks to Rod who e-mailed us with a question tonight from his .Mac account.

“Is there anti spyware for Mac’s availble? I have a 1.67GHz G4 17″Powerbook. The firewall in the Mac OS X 10.4.6 is turned on. Any other suggestions for mac security would be appreciated. ”

While anti-spyware isn’t yet needed for your Mac, there’s plenty you can do to secure your Mac. To start, if you’re using Apple Mail, and have a $99/year .Mac account like Rod, securing your e-mail from potential prying eyes at public wireless access points, and elsewhere, is fairly straight-forward.

Many of us enjoy the easy and convenient use of PayPal, an online payment service most often used in tandem with the electronic marketplace eBay. But like flies to sugar, online theives are drawn to the cash that PayPal’s electronic banks hold. They use fake emails crafted to look like something you would receive from PayPal to get your personal information. The term for emails like these is “phishing” emails. There are some dirty folk out there on the internet, but luckily they are easy to spot if you know where to look.

Here’s a typical example of a PayPal “phish”.

The Chicago Sun Times had an intereseting story about the “Spam King.” Since my wife is from Austin, Minnesota, home of the George A. Hormel Company, any headline that includes the word Spam always catches my attention.

Anyway, the Sun Time story notes that Sanford Wallace and his company, Smartbot.net, have been fined $4 million by the Federal Trade Commission for installing spyware, altering browser settings and inundating users with those nasty pop-up ads.

Talk about your poetic justice. The feds notified Wallace of the ruling by sending him a thousand emails with subject lines such as, “Are we still on for tonight?”, “Here’s that link I was telling you about,” and “News about a mutual friend of ours.”

Thought your Mac was immune to a computer virus? Think again. A recent article in the Sydney Morning Herald reported that two Mac users were the victims of the what security experts call the first-ever virus for Mac OS X.

The Mac’s vulnerability could also increase as Apple transitions to a product line that uses microprocessors made by Intel, security experts said.

Read the entire article at Macs Becoming Virus Targets .

The Web can be a scarey place, especially for kids. As a repsonsible parent, you want to do all you can to protect them from the unsavory sites. One of the first things that you can do is to activate Parental Controls in Safari.

The first step is to create a separate account for your child (or children). Next, turn on parental controls by choosing System Preferences, clicking on the Accounts icon, and selecting your kid’s account. In account preferences click on the Parental Controls tab and click on the checkbox next to Safari.

I try to use a unique password for different websites. Sometimes I have trouble remembering them all. Fortunately, I don’t have to. I can use Keychain to remember them for me. And if I really need to know a password, I can use Keychain Access to look it up!

Start by opening Keychain Access. You’ll find it by looking in your Applications folder, then inside the Utilities folder. Use the search field in the upper-right corner to find a website. Double-click on the result to open a dialog box and turn on the Show Password checkbox. You may be prompted to type in your administrative password.

http://www.adiumx.com/

Recommended to me by Todd Dailey, wonderful human being that he is, during a discussion about encryption. Adium allows you to log into multiple services at once (ie: AIM *and* .Mac), use tabbed windows, and what brought me to Adium, is it’s most excellent encryption (OTR, or “Off the record” messaging).

Oh, the graphics are really cute, too.

A top OTR link is here, if you’d like more info on it:

http://www.cypherpunks.ca/otr/

1. Open iChat
2. Go to the pull down menu titled iChat
3. Select Preferences
4. Select the Accounts icon
5. Select the Security tab (the middle one, between Account Information and Server Settings)
6. Click the Enable button next to the message about encryption status
7. You’re set! Be sure the people with whom you’re IMing also have setup their security.

Note that these instructions assume you’re using .Mac.

There’s a well-considered response to the latest hype about flaws in Mac OS X’s security located here:

http://www.internet-nexus.com/