Posted by Luke | Posted on 18-06-2009
Category : Security, apple
Tags: apple, Java, Security
Apple have finally pushed out a software update for the vulnerabilities that were present in the last version of Java on the Mac. Apple was aware of these vulnerabilities for about 5 months. It is highly recommended that all you mac users download the update to ensure the security of your systems.
You can find the update as usual under the software update section of system preferences.
I explained all about this in one of my earlier posts, you can read about it here Java Vulnerabilities – is this putting our Mac at risk?
Posted by Luke | Posted on 12-06-2009
Category : Security
Tags: Computer, Encryption, Networking, Security, Wireless, WPA
Before wireless networking became a prominent technology in our homes we really didn’t have the need to worry about someone getting access to our home networks. In order to get access they would have to be at your home with a cable to plug into your router. But we have come a long way and with wireless networks fast becoming an easy and fast way to set up a home network and share your internet connection there are a few things you can do with a few clicks to ensure you’re wireless network is secure.
The first essential thing that you need to do when running a wireless network at your home is to ensure it is secured with a password. Due to the way wireless works you can’t stop the signals at the boundary of your property, this means that your neighbors, someone sitting at the bus stop down the road or in the car at the front of your property, if they have a wireless enabled device such as a laptop or smart phone have full access to your internet and private data.
For this reason the easiest thing you can do to protect yourself is to password protect your network. This can be done by accessing the wireless routers configuration panel, it will give you a number of options such as WEP & WPA, WEP is a good way to secure your network but is an older technology and because of they way it uses ’static’ methods of encryption or in other words the same encryption keys all the time it is therefore easy to be hacked into by somebody who has the know how and a bit of time. Therefore you are doing yourself a favor by setting up your system using WPA at the very beginning. This is a newer standard of encryption and lets you use a passphrase or password to enter into all of your devices, the router and devices then constantly update the type of encryption they are using so that makes it much harder for the bad guys to hack. For further information about the differences between the types of encryption check out this link > WEP or WPA?
This is just one step, but you can go even further than this without much more effort and it will ensure you’re doing all you can to protect your network. This next step involves changing the name and password for the router itself. Lets take the brand Netgear as an example, when you plug in your new router it it will have a default name for itself and usually it is something associated with the brand i.e your router may be named “Netgear…” this will be displayed as the network name. The reason this is significant is due to the fact that routers have their own generic administrator names and passwords so if a hacker knows what brand of router you are using, chances are that most people don’t bother changing the generic user names and passwords that are used to access the routers configuration settings and hey presto the bad guys have access to your network.
This brings me to my next point: after changing the routers default name (you may choose to use a name such as ‘Lukes Network’ for example) you then need to go into your routers settings and change the user name and password. A lot of the time they will use something like username- admin, password- password as the default. Simply by changing this you are infinitely increasing the security of your network.
In return for these few simple changes you have the peace of mind in knowing that not only your neighbors won’t be able to mooch off your download limit, but that all of the important and private information and documents stored on your home network and home computers will be protected from nosy hackers.
Posted by Luke | Posted on 06-06-2009
Category : Internet/Tech, Security
Tags: internet, Java, Macintosh, Security
It is not very often that you hear about security vulnerabilities that affect the Macintosh operating system, in fact the ’security’ of running OS X is proudly flaunted by Apple, and for the most part it makes working in the OS X environment a pretty worry free experience. However as Apple’s market share increases and the Mac becomes a more prominent operating system it is only reasonable to assume that it may become more of a target for those bad guys out in cyber world who are writing all these nasty viruses and malicious software.
It was while listening to one of my favourite podcasts – MacBreak Weekly (can be found at twit.tv), that I came to hear about this vulnerability which all revolves around Java. Now for us lowly computer users Java is not something that we actively use, its an architecture or software which lives on your computer and allows you to access all that cool content on the internet. If you have ever played online games, used web based chat then you have inadvertently used Java.
The issue of concern for people running a Mac is that there is a flaw within Java, this flaw basically allows a remote person or malicious tool to gain access to your computers code (all the bits and bytes that run behind the glossy dock and shiny windows that we use everyday). And the more worrying thing is that if you were to come across a site that did take advantage of this vulnerability, it would get into your computer all without your knowledge.
So at this time the recommended fix for this to protect yourself from any potential exploits is to turn off Java in your internet browsers settings/preferences area. The other good thing at this point in time is that there are no known web sites or Java ‘applets’ that actually take advantage of this flaw, however having said this once the bad guys are aware there is a problem it wouldn’t take someone long to put a script together.
What bugs me more about this is that Apple have known about this flaw in Java for 5 months now, yet just a few days ago a Software Update was released and guess what…flaw not fixed…I would’ve thought that with five months up their sleeves that would’ve been plenty of time to get a fix underway.
Moral of this story, don’t be complacent on the internet Mac users. We all get a little lax when it comes to security as we usually take for granted that there are no real risks out there in the wild that is the internet. Hopefully now that this flaw has been made public by the security company Intego Security (the ones that came across it) it will prompt Apple to push out an update so we can once again be happy knowing that we are safe to browse the internet once again.
