secure your mac · icloud sync • files/folders between mac(s) and icloud disk - desktop and...
TRANSCRIPT
Secure Your Mac
Princeton Macintosh Users Group June 12, 2018
Mike Inskeep Gentle Computer Helpers
https://www.gentlehelpers.com mike [at] gentlehelpers [dot] com
610-742-3927
Gentle Computer Helpers6/12/2018
Secure Your Mac
About Mike
• Supported Macs for 25 years: - Director of Microcomputer Support,
Penn’s School of Arts & Sciences - Technology Teacher and Coordinator,
Friends School Haverford - Independent Macintosh consultant
since 1999
• Interested in data security and privacy.
Gentle Computer Helpers6/12/2018
Secure Your Mac
New Attacks
• VPNfilter router attack
• Flash attack embedded in Office doc
• Sophisticated Mac backdoors
• Apps access data (contacts, location)
• ISPs monitoring, using our data
• Malicious Chrome extensions
Gentle Computer Helpers6/12/2018
Secure Your Mac
New Resources
• Apple moves on security & privacy
• Mesh routers
• Anti-malware tools
• Public DNS services
Gentle Computer Helpers6/12/2018
Secure Your Mac
Basic Approach to Security
(How to limit our vulnerability)
1. Prepare for worst-case scenarios
2. Create layers of security
- How we set up hardware, apps, settings
- Change procedures
3. Slow down, attend in risky situations
Gentle Computer Helpers6/12/2018
Secure Your Mac
Worst-Case Scenarios
• Data lost or corrupted
• Mac stops working
- Mechanical failure
- Software update
• Mac lost or stolen
• House burns down
• Identity stolen
Gentle Computer Helpers6/12/2018
Secure Your Mac
Redundant Data Storage
• Protect against mechanical failure
• Revert updates or upgrades
• Recover from malware infection
• Restore damaged, lost items
• Restore previous version of item
Gentle Computer Helpers6/12/2018
Secure Your Mac
iCloud Sync
• Files/folders between Mac(s) and iCloud disk - Desktop and Documents - Files for iCloud enabled applications - Photos via iCloud Library or Photo
Stream - Music via Apple Music
• Contacts, Calendars, Reminders, Notes, Safari Bookmarks
• Keychain secrets
Gentle Computer Helpers6/12/2018
Secure Your Mac
iCloud Sync Characteristics
• Duplicates data
• Accessible via icloud.com
• Syncs between Macs, iPhones, iPads
• Sync goes both ways
• No versioning
Gentle Computer Helpers6/12/2018
Secure Your Mac
iCloud Sync +/-
• Can access data if:
- Mac lost or stolen
- Mac failure or malfunction
• Doesn’t:
- Protect against data corruption
- Allow restore of previous version
- Rollback upgrade
Gentle Computer Helpers6/12/2018
Secure Your Mac
Clone
• A disk whose content duplicates the master
• Does not retain previous versions
• Could start Mac from it and continue working if the internal hard drive failed
• SuperDuper! or Carbon Copy Cloner
Gentle Computer Helpers6/12/2018
Secure Your Mac
Good Backup Characteristics
• Automatic, requiring little or no action
• Robust, reliable
• Not always connected (ransomware encrypts connected drives)
• Multiple targets, including off-site
Gentle Computer Helpers6/12/2018
Secure Your Mac
Time Machine Backup
• Integrated into macOS
• Retains versioned copies of what is stored on the internal drive
• Supports multiple drives
• Connected USB or Thunderbolt drives
Gentle Computer Helpers6/12/2018
Secure Your Mac
External USB
• Get a Toshiba portable drive
• Size: ~ 3 times storage used
> About this Mac > Storage
• Set as encrypted Time Machine destination
> System Preferences > Time Machine
Gentle Computer Helpers6/12/2018
Secure Your Mac
Encrypting Backup Drives
• Using Finder in macOS 10.13 to encrypt a disk will convert it to APFS which is *incompatible* with Time Machine.
• Unplug the drive and plug it back in. It should offer you the option to encrypt it.
• If it doesn’t, go Time Machine preference pane:
1. > System Preferences > Time Machine
2. [Select Disk] > (click disk) > [Remove Disk]
3. (click disk) > [x] Encrypt > [Use Disk]
Gentle Computer Helpers6/12/2018
Secure Your Mac
Why Buy Toshiba?
• Though inexpensive, many Seagate drives do not support encryption.
• WDC drives are less reliable.
• HGST drives are most reliable and most expensive.
• Toshiba drives are nearly as reliable and are more reasonably priced.
Gentle Computer Helpers6/12/2018
Secure Your Mac
Time Machine +/-
Advantages:
• Reliable
• Apple-supported
Disadvantages:
• If you have a laptop, you must plug in the external drive
• Doesn’t protect against theft, fire
Gentle Computer Helpers6/12/2018
Secure Your Mac
Backblaze
Personal Backup Plan
• $5/month. $50/year. $95/2 years.
• Versions of files stored up to 30 days.
• Unlimited storage, transfer speed.
• Will send USB drive with data and refund the cost if return in 30 days.
‣ Use a private encryption key.
‣ Enable 2 factor authentication.
• Good choice for laptop (no need to plug in)
Gentle Computer Helpers6/12/2018
Secure Your Mac
USB Drive + Backblaze
• Set up USB drive as an encrypted Time Machine backup destination.
• Subscribe to Backblaze to also backup over the Internet.
• After macOS update or upgrade, disconnect the USB drive until you’re confident that everything is working smoothly.
• If not, you can use it to restore to the previous version of macOS.
Gentle Computer Helpers6/12/2018
Secure Your Mac
Backup Maintenance
• Regularly test restore (weekly?).
• Run Disk Utility First Aid on backup volume from time to time (monthly?). This will take many hours.
Gentle Computer Helpers6/12/2018
Secure Your Mac
Backup References
• Superduper! https://shirt-pocket.com
• Carbon Copy Cloner https://shirt-pocket.com
• Time Machine: https://support.apple.com/en-us/HT201250
• Backblaze: https://www.backblaze.com
Gentle Computer Helpers6/12/2018
Secure Your Mac
Worst-Case Scenarios
• Data lost or corrupted
• Mac stops working
- Mechanical failure
- Software update
• Mac lost or stolen
• House burns down
• Identity stolen
Gentle Computer Helpers6/12/2018
Secure Your Mac
Protect Your Identity
Secure the methods of verifying your ID:
• strong, unique passwords
• unique usernames if possible
• 2 factor authentication (2FA)
• provide untrue answers to security ?’s
• strong password, 2FA on associated email
• PIN on recovery phone account
Gentle Computer Helpers6/12/2018
Secure Your Mac
Too Much to Remember!
• Paper address book
• Digital password manager
Gentle Computer Helpers6/12/2018
Secure Your Mac
My Wife
Gentle Computer Helpers6/12/2018
Secure Your Mac
Her Password Manager
Gentle Computer Helpers6/12/2018
Secure Your Mac
Her Credentials
• User Names similar to: m1ddleage
• Passwords similar to: s1LlibR0unee
• Security Questions similar to: - First Car? a blue unaSSembledVW
sedan
Gentle Computer Helpers6/12/2018
Secure Your Mac
What’s Good
• Unique passwords for each site.
• Passwords not words with numbers and/or special characters before or after.
• Password of moderate length (~12 chars)
• Security question answer long (26 chars)
Gentle Computer Helpers6/12/2018
Secure Your Mac
What Could Be BetterPasswords • Longer • Random characters • More special characters • Easier to enter
Security question answers • Unrelated to the question • Or even better -> random characters
Could be lost or stolen • Easily read by others • No back up
Gentle Computer Helpers6/12/2018
Secure Your Mac
Password Manager App• Can generate truly random passwords,
user names, answers, etc.
• Can save passwords of any length.
• Built-in web browser.
• Can copy and paste in passwords.
• Automatically backs up and syncs with other devices.
• Can’t be read or used without master password.
Gentle Computer Helpers6/12/2018
Secure Your Mac
1Password Convenience
• Stores passwords, credit cards, etc.
• You must remember only 1 password
• Generates secure passwords
• Syncs Apple, Android devices
Gentle Computer Helpers6/12/2018
Secure Your Mac
1Password Security
• Passwords hidden from observers
• Secure (encrypted) vaults, transmission
• Easy to change weak passwords
• Security alerts for sites, services used
• Data automatically backed up
• Long track record with no breach
Gentle Computer Helpers6/12/2018
Secure Your Mac
Stand-Alone Mac App
• One-time purchase with free updates. Major upgrades cost.
• Mac App Store version can sync primary vault to iCloud drive; any vault to DropBox or 1Password.com
• Agilebits Store version can sync to Dropbox or 1Password.com
Gentle Computer Helpers6/12/2018
Secure Your Mac
1Password Subscription Features
• Annual fee
• All apps (all platforms; includes upgrades)
• 1password.com sync
• Web access to data on 1password.com
• Individual and shared vaults of passwords with the family plan.
• Recover deleted or changed passwords.
Gentle Computer Helpers6/12/2018
Secure Your Mac
1Password References
• 1Password website: https://1password.com
• Available in the Mac App Store at: https://itunes.apple.com/us/app/1password-7/id1333542190?mt=12
Gentle Computer Helpers6/12/2018
Secure Your Mac
Enable 2 Factor Authentication
• Requires a 1-time code in addition to user name and password to sign in.
• Sent to cell phone or trusted device.
• List of websites that support 2FA:
https://twofactorauth.org
Gentle Computer Helpers6/12/2018
Secure Your Mac
Basic Approach to Security
How to limit our vulnerability
1. Prepare for worst-case scenarios
2. Create layers of security
- How we set up hardware, apps, settings
- Change procedures
3. Slow down, attend in risky situations
Gentle Computer Helpers6/12/2018
Secure Your Mac
Layers of Digital Security
1. Network
2. Physical Access to Mac
3. macOS
4. Applications (especially email, browsers)
5. Internet services
6. Data storage
Gentle Computer Helpers6/12/2018
Secure Your Mac
Minimize Attack Surface (Doors)
• Keep hardware, software up-to-date.
• Enable only what you need or want.
• Remove or disable what you don’t.
• Limit permissions
Gentle Computer Helpers6/12/2018
Secure Your Mac
Strong Authentication (Lock Doors)
• Passcodes, Passwords
• Information used to verify your identity (security questions, birthday)
• Trust token (device/app for 2FA)
• Trusted communication channel to reset
Gentle Computer Helpers6/12/2018
Secure Your Mac
Layers of Digital Security
1. Network
2. Physical Access to Mac
3. macOS
4. Applications (especially email, browsers)
5. Authentication for Internet services
6. Data storage
Gentle Computer Helpers6/12/2018
Secure Your Mac
Layer 1 - Network Hardware
1) Factory reset your router or gateway.
2) Replace modem, router every 3-4 years.
3) Disable Wi-Fi on gateway, install your own router.
Gentle Computer Helpers6/12/2018
Secure Your Mac
Gateway Login• Determine gateway IP address
- > System Preferences > Network
192.168.1.x -> 192.168.1.1
10.0.1.x -> 10.0.1.1
• Launch browser, enter address [return]
• Login (check label on gateway) or:
- User name probably: admin
- Password probably: password
Gentle Computer Helpers6/12/2018
Secure Your Mac
Change Gateway Set Up
- Change login user name, password
- Disable remote administration
- Automatically update firmware
Gentle Computer Helpers6/12/2018
Secure Your Mac
Gentle Computer Helpers6/12/2018
Secure Your Mac
Gentle Computer Helpers6/12/2018
Secure Your Mac
What is DNS?
• The domain name system matches domains (e.g. www.apple.com) with their numerical IP address (17.142.160.59).
• When you type in a domain, the request is transmitted from server to server until it reaches the authoritative endpoint for the domain.
Gentle Computer Helpers6/12/2018
Secure Your Mac
Problems
• Queries are sent in the clear so intermediaries can see where traffic going (but not its content).
• Responses can be “poisoned” - replaced with ones supplied by attacker (https largely prevents).
• Many domains host malicious webpages.
Gentle Computer Helpers6/12/2018
Secure Your Mac
Advantages of Quad9
• Non-profit organization founded by IBM, Packet Clearing House and the Global Cyber Alliance
• Provides free services to minimize exposure and risk
• Aggregated info shared with partners to alert them to, help them mitigate risks
• DNS blocklist: blocks millions of identified malicious addresses
Gentle Computer Helpers6/12/2018
Secure Your Mac
Layer 1 - Network Settings
• Change router DNS Server to:
- 9.9.9.9
- 149.112.112.112
Gentle Computer Helpers6/12/2018
Secure Your Mac
Configure Your Mac’s DNS
For laptop for use Quad9 on other networks:
1. > System Preferences
2. Network > Advanced > DNS tab
3. Click [+] under DNS Servers. Enter DNS server IP address 9.9.9.9
4. Repeat for: 149.112.112.112
5. Click [OK] then [Apply]
Gentle Computer Helpers6/12/2018
Secure Your Mac
Use DoT with Quad9
• If you’re adventurous, try enabling DNS-over-TLS with the Quad9 DNS service for even greater security:
https://medium.com/nlnetlabs/privacy-using-dns-over-tls-with-the-new-quad9-dns-service-1ff2d2b687c5
Gentle Computer Helpers6/12/2018
Secure Your Mac
For More Info on DNS Services
• “Cloudflare and Quad9 Aim to Improve DNS” by Glenn Fleishman, published April 20, 2018 in Tidbits:
https://tidbits.com/2018/04/20/cloudflare-and-quad9-aim-to-improve-dns
Gentle Computer Helpers6/12/2018
Secure Your Mac
Install Your Own Router
• Apple discontinued Airport Wi-Fi routers
• Search for online reviews
• Automatic firmware updates
• Wired connections faster, more secure
• Good customer support
Gentle Computer Helpers6/12/2018
Secure Your Mac
Wi-Fi Router Options
• Check out:
- Eero (easy set up, small units, fast performance, best customer service, but expensive)
- Netgear Orbi (largest coverage, fastest, big units, 4 ethernet ports, USB, so-so support)
- Google WiFi (easy set up, slower, cheap, linked to Google account)
Gentle Computer Helpers6/12/2018
Secure Your Mac
Mac Network Settings
> System Preferences > Network
Gentle Computer Helpers6/12/2018
Secure Your Mac
WiFi Settings - Remove Unsecured
Gentle Computer Helpers6/12/2018
Secure Your Mac
Disable Proxies
Gentle Computer Helpers6/12/2018
Secure Your Mac
Disable Sharing
> System Preferences > Sharing
Gentle Computer Helpers6/12/2018
Secure Your Mac
Turn on Firewall
Gentle Computer Helpers6/12/2018
Secure Your Mac
Control App Network Access
Gentle Computer Helpers6/12/2018
Secure Your Mac
Show Bluetooth in Menu Bar > System Preferences > Bluetooth
Gentle Computer Helpers6/12/2018
Secure Your Mac
Subscribe to VPN
• Protects against Man-in-the Middle attack
- Rogue WiFi access points
- ISP monitoring
For reviews, see:
• https://thatoneprivacysite.net
• https://www.pcmag.com/article2/0,2817,2403388,00.asp
Gentle Computer Helpers6/12/2018
Secure Your Mac
Change Networking Practices
• Turn off Wifi, Bluetooth when not using
• When traveling with MacBook:
- Log out and Sleep or Shutdown
Gentle Computer Helpers6/12/2018
Secure Your Mac
In Public OK
• Compose or edit content
• View media (written, audio, video)
• Surf websites to read or view
➡ Check the SSID you connect to
Gentle Computer Helpers6/12/2018
Secure Your Mac
Unless VPN Is On, Do NOT
• Sign into accounts
• Make purchases
• Check email
• Send or receive texts
• Use iPhone, iPad cellular service instead
• But guard your iDevice passcode!
Gentle Computer Helpers6/12/2018
Secure Your Mac
Layers of Digital Security
1. Network
2. Physical Access to Mac
3. macOS
4. Applications (especially email, browsers)
5. Authentication for Internet services
6. Data storage
Gentle Computer Helpers6/12/2018
Secure Your Mac
Layer 2 - Physical Security
• Don’t plug in untrusted devices.
• Shutdown when might lose possession.
• Install DoNotDisturb to detect physical access of laptop:
https://objective-see.com/products/dnd.html
Gentle Computer Helpers6/12/2018
Secure Your Mac
BadUSB
• Reprograms embedded firmware.
• USB device can act as keyboard that surreptitiously types malicious commands.
• USB device can act as network card to connect to malicious sites impersonating Google, Facebook, banks.
• Works with almost all USB devices.
Gentle Computer Helpers6/12/2018
Secure Your Mac
Layer 2 - Lockdown Access
macOS 10.13 supports Native Encryption so:
• Set Firmware Password
• Turn on FileVault full disk encryption
=> Especially on a laptop
Gentle Computer Helpers6/12/2018
Secure Your Mac
Set Firmware Password
1. Restart, hold ⌘ R to enter Recovery
2. Utilities > Firmware Password Utility
3. [Turn on Firmware Password]
4. Enter password [Set Password]
5. Store the password in a safe place*
6. Test by restarting and holding ⌘ R
* Lose firmware password, and you may have to take your Mac to Apple Store
Gentle Computer Helpers6/12/2018
Secure Your Mac
Turn on FileVault Encryption
1. > System Preferences
2. Security & Privacy > FileVault tab
3. Click
4. Enter administrator name, password
5. Click [Turn on FileVault]
6. If other user accounts, click [Enable User] to allow them to unlock the disk.
7. Choose to use iCloud account or create a local recovery key in case you forget the password
Gentle Computer Helpers6/12/2018
Secure Your Mac
Gentle Computer Helpers6/12/2018
Secure Your Mac
Gentle Computer Helpers6/12/2018
Secure Your Mac
Gentle Computer Helpers6/12/2018
Secure Your Mac
For More Information
• Set Firmware Password
https://support.apple.com/en-us/HT204455
• Turn on FileVault full disk encryption
https://support.apple.com/en-us/HT204837
Gentle Computer Helpers6/12/2018
Secure Your Mac
Layers of Digital Security
1. Network
2. Physical Access to Mac
3. macOS
4. Applications (especially email, browsers)
5. Authentication for Internet services
6. Data storage
Gentle Computer Helpers6/12/2018
Secure Your Mac
Layer 3 - macOS
• Apply macOS updates immediately.
• Upgrade macOS upgrades by 10.14.1.
• Work in standard user accounts.
• Set strong account passwords.
Gentle Computer Helpers6/12/2018
Secure Your Mac
macOS Updates
• e.g. 10.13.4 -> 10.13.5
• Interim release that fixes bugs, patches security vulnerabilities
• Apply update as soon as available
• Malicious individuals sometimes attack vulnerabilities within hours
• Back up first!
Gentle Computer Helpers6/12/2018
Secure Your Mac
macOS Upgrades
• Free.
• Often add new features or functions, e.g. fundamental security improvements
• Many wait for the 10.x.1 bug fix
• Search for others’ experience upgrading
• Check for compatibility with applications
• Upgrade to most recent version of the OS your hardware supports
Gentle Computer Helpers6/12/2018
Secure Your Mac
Backup First!
So you can revert if necessary!
1. Click in menu at top right of screen.
2. Drag to Back Up Now.
3. When completed, turn off back ups. > System Prefs > Time Machine Uncheck Back Up Automatically
4. Update/Upgrade.
5. When confident everything working, resume automatic backups.
Gentle Computer Helpers6/12/2018
Secure Your Mac
Can’t Secure Vintage Macs
It is not possible to protect Macs which can’t install the current version of macOS from known attacks.
Gentle Computer Helpers6/12/2018
Secure Your Mac
Apple Security Updates
https://support.apple.com/en-us/HT201222
“Available for: macOS High Sierra 10.13.4” means:
• Vulnerability found in 10.13.4
• Fixed only if you update to 10.13.5
Gentle Computer Helpers6/12/2018
Secure Your Mac
Work in Standard Accounts
> System Preferences > Users & Groups
1. Create single dedicated administrator account
- Non-standard name, e.g. “Diverges Snapshot”
- Strong password (same as Apple ID ok)
- Won’t ordinarily login to this account
Gentle Computer Helpers6/12/2018
Secure Your Mac
Demote Working Account
2. Restart Mac.
3. Log into new admin account.
4. > System Preferences > Users & Groups
5. Select working account.
6. Uncheck “Allow user to administer this computer”.
Gentle Computer Helpers6/12/2018
Secure Your Mac
Gentle Computer Helpers6/12/2018
Secure Your Mac
Standard Account(s)
• Demote all regularly used accounts to standard accounts.
• Remove out-dated Login Items.
• Set strong passwords.
Gentle Computer Helpers6/12/2018
Secure Your Mac
Layers of Digital Security
1. Network
2. Physical Access to Mac
3. macOS
4. Applications (especially email, browsers)
5. Authentication for Internet services
6. Data storage
Gentle Computer Helpers6/12/2018
Secure Your Mac
Layer 4 - Applications
Each application is a door into your Mac!
• Vet before installing (read reviews!)
• Pay for good applications
• Apply updates as soon as available
• Remove unused
Gentle Computer Helpers6/12/2018
Secure Your Mac
Where to Get Applications
1. Mac App Store
2. Secure (https://) developer webpage
3. Reputable retailer (Amazon, B&H Photo)
4. Highly rated eBay vendor
Gentle Computer Helpers6/12/2018
Secure Your Mac
Read App Reviews Before You Buy
Search the Internet: • “app name” or “type of app” iOS review • Look for reviews in MacWorld, Mac|Life,
CNet, Lifehacker, PC Magazine, etc.
iTunes reviews • Read bad and good
Gentle Computer Helpers6/12/2018
Secure Your Mac
Allow Apps from App Store
Gentle Computer Helpers6/12/2018
Secure Your Mac
Check App Privacy, Settings
• If a new app asks to access contacts or other data, decline if you don’t need it.
• Once new app installed, check settings: Settings > Privacy > Location Services Settings > Privacy > Each built-in app Settings > [new app name]
Gentle Computer Helpers6/12/2018
Secure Your Mac
Update Settings
Gentle Computer Helpers6/12/2018
Secure Your Mac
Check New App Network Access
Gentle Computer Helpers6/12/2018
Secure Your Mac
Malicious Webpages
• Malicious javascripts that serve malware
• Download sites with pirated software keys, installers
• Fake installers for legitimate software on hijacked site
• Piggy-back installers that install malware with legitimate applications
• Initiate tech support scams
Gentle Computer Helpers6/12/2018
Secure Your Mac
How to Protect Yourself
• *Uninstall Flash*!
• Use Safari for sites you sign into
• Use Firefox for searching, reading
• Install extensions to block ads, trackers
• Don’t let sites install extensions!
• Webpages can’t know Mac is infected!
Gentle Computer Helpers6/12/2018
Secure Your Mac
Uninstall Flash
Remove this buggy and insecure extension!
For instructions:
https://helpx.adobe.com/flash-player/kb/uninstall-flash-player-mac-os.html
Gentle Computer Helpers6/12/2018
Secure Your Mac
Secure Browsing
• Safari - use only to: - Log into sites to view/edit sensitive data. - Make purchases - Bookmark sites - No searching, no browsing
Gentle Computer Helpers6/12/2018
Secure Your Mac
Secure Browsing (2)
• Chrome
- Log into sites that don’t work properly in Safari.
- If you *must* view flash content
- Turn Flash (built into Chrome) off in content settings when not needing it.
- For privacy, turn off advanced security settings.
Gentle Computer Helpers6/12/2018
Secure Your Mac
Chrome Advanced Settings
Gentle Computer Helpers6/12/2018
Secure Your Mac
Chrome Security
• Cookies: Keep local data only until you quit your browser.
• Flash: Block sites from running Flash.
Gentle Computer Helpers6/12/2018
Secure Your Mac
Chrome Content Settings
Gentle Computer Helpers6/12/2018
Secure Your Mac
Regular Browsing
• Firefox (default) with security extensions: - uBlock Origin to block ads - Ghostery (share nothing, block all) to
block ads and trackers - Random Agent Spoofer (set Profile to:
“Changes every 5 minutes to random Windows browser”)
Gentle Computer Helpers6/12/2018
Secure Your Mac
Monitor URL Bar
• Make sure the address shown matches your intended destination.
• Padlock indicates a secure connection. Only sign in, make purchases when displayed:
Gentle Computer Helpers6/12/2018
Secure Your Mac
Tech Support Scam
“A webpage cannot, by browser design, know that a user is infected and should never be using a flood of alerts with threatening messages to communicate with users.”
Najmeh Miramirkhani, Oleksii Starov and Nick Nikiforakis Dial One for Scam: A Large-Scale Analysis of Technical Support Scams
https://www.securitee.org/files/tss_ndss2017.pdf
Gentle Computer Helpers6/12/2018
Secure Your Mac
How to Contact Apple Support
• Call AppleCare: 800-275-2273
• Visit: https://support.apple.com/
• Do *NOT* call a number on a webpage for “Apple Support”!
• Do *NOT* trust a search on “Apple support”!
Gentle Computer Helpers6/12/2018
Secure Your Mac
Login Credentials
• Don’t use Facebook or Google credentials (username, password) to log into other accounts.
• Use a strong unique password
• Consider using a dedicated email address for important accounts (e.g. Apple ID)
Gentle Computer Helpers6/12/2018
Secure Your Mac
Surge of Phishing Emails
• With attachments: fake installers, Word documents, PDFs
• With links to malicious webpages
• With malicious javascript
Gentle Computer Helpers6/12/2018
Secure Your Mac
Layer 4 - Applications - Email
• Use Mail app not website or Outlook
• Examine emails with links, attachments
• Ignore unrequested links, attachments
• Confirm sender, actual link destination
Gentle Computer Helpers6/12/2018
Secure Your Mac
Use Mail Application
• Viewing on webmail using browser could execute embedded javascript
• Microsoft Outlook creates HTML email
Gentle Computer Helpers6/12/2018
Secure Your Mac
Email Attachments
• Slow down, pay attention.
• Confirm sender: - hover over name - click on the down arrow to the right
• If unrequested, ask in new note if sender intended to include.
• Use Quicklook to preview attachments.
• Drag Word attachments to Pages to view.
Gentle Computer Helpers6/12/2018
Secure Your Mac
Confirm Link URLs
Confirm link address by hovering over the link with the cursor:
Gentle Computer Helpers6/12/2018
Secure Your Mac
Use QuickLook for Attachments
Gentle Computer Helpers6/12/2018
Secure Your Mac
Nigelthorn Malware
Source: https://blog.radware.com/security/2018/05/nigelthorn-malware-abuses-chrome-extensions/
Gentle Computer Helpers6/12/2018
Secure Your Mac
Fake YouTube Page
Source: https://blog.radware.com/security/2018/05/nigelthorn-malware-abuses-chrome-extensions/
Gentle Computer Helpers6/12/2018
Secure Your Mac
Recent Mac Malware• Ransomware: Findzip
• Google docs phishing attack
• MitM proxy server: OSX/Dok
• Credential thief: MacDownloader
• Backdoors:
- Fruitfly/Quimitchin targets biomedical centers
- EmPyre and VBA distributed via Word macro
- XagentOSX/Komplex advanced cyber-espionage
- OSX/Pirrit injects adware from hidden account
Gentle Computer Helpers6/12/2018
Secure Your Mac
Malware Activities• Inject annoying adware
• Steal Google account contacts, email, calendars, documents
• Get user names, passwords from keychain
• Encrypt data for ransom
• Monitor communications, Internet activities
• Backdoors gain complete control of Mac
Gentle Computer Helpers6/12/2018
Secure Your Mac
Malware Techniques
• Check against VirusTotal, then “pack” until not detected (using e.g. UPX)
• Encrypt using integrated key
• Sign with stolen Apple developer certificate
• Access OAuth (Google’s authentication system) bypassing 2FA
Gentle Computer Helpers6/12/2018
Secure Your Mac
Anti-Virus Failure
• Traditional AV can’t detect new malware
• Invasive: hooks deep into macOS
• Large attack surface
• 6/2017 Google’s Project Zero found 25 high-severity bugs in Symantec/Norton (others found in Kaspersky, McAfee, Eset, Comodo, Trend Micro, etc)
Gentle Computer Helpers6/12/2018
Secure Your Mac
Objective-See Security Tools
Do Not Disturb
alerts you if someone opens your laptop
KnockKnock
identifies applications which are executed when your computer restarts, you log in, or you launch a browser and compares against malicious applications catalogued at Virus Total
Gentle Computer Helpers6/12/2018
Secure Your Mac
Objective-See Security Tools
BlockBlock (beta)
monitors for new persistently installed applications, allowing you to block them
RansomWhere?
monitors for file encryption, allowing you to generically stop ransomware
OverSight
alerts you when your Mac’s mic or webcam is accessed or activated
Gentle Computer Helpers6/12/2018
Secure Your Mac
Objective-See Security Tools
• They are free, but I encourage you to make a contribution to support their development and on-going support.
• Get more information, download them, and contribute at:
https://objective-see.com/
Gentle Computer Helpers6/12/2018
Secure Your Mac
Malwarebytes
• Malwarebytes for Mac (free)
- scans for viruses, spyware, malware infections
- premium version has roots deep in macOS so makes you more vulnerable if it is compromised
https://www.malwarebytes.com/mac/
Gentle Computer Helpers6/12/2018
Secure Your Mac
Other Alternatives
• F-Secure Xfence creates rules that control what macOS applications can access (originally developed by Jonathan Zdziarski who now works for Apple on security)
• Little Snitch monitors and controls applications’ network activity
Gentle Computer Helpers6/12/2018
Secure Your Mac
Have I Been Pwned
• Check if your account has been compromised in a data breach:
https://haveibeenpwned.com/
Gentle Computer Helpers6/12/2018
Secure Your Mac
Basic Approach to Security
1. Prepare for worst-case scenarios
- Backup (best: onsite and off-site)
- Strong methods to verify identity
2. Create layers of security
3. Slow down, attend in risky situations
- Web browsing
Gentle Computer Helpers6/12/2018
Secure Your Mac
Layers of Digital Security
1. Network
2. Physical Access to Mac
3. macOS
4. Applications (especially email, browsers)
5. Authentication (verifying identity)
6. Data storage