Friday, January 10, 2014

Apple slowing security updates for previous versions of OS X

Source:
http://nakedsecurity.sophos.com/2014/01/09/82-of-enterprise-mac-users-not-getting-security-updates/
http://support.apple.com/kb/ht1222

Recently, Apple released the newest version of their operating system (OS), OS X 10.9 Mavericks, for free to all users that were at least on OS X 10.6 (and had compatible hardware).  This was a pretty bold move on Apple's part to just stop charging for the Operating System itself, and was welcomed by users across the tech spectrum, especially since most key Apple software was now also being released for free.

Months later, it seems that Apple really really really wants everyone to be using Mavericks, and they're doing so by putting all their focus on Mavericks at the expense of their older versions of the OS.  According to Apple's security release schedule (apple.com), there has been a lack of security updates directed at the older OSes.  Mavericks itself came with a bundle of security patches for some of the core parts of OS X, such as some minor unix utilities which needed bug fixes and some Apple software that wasn't working quite as expected. 

Security patches and bug fixes are normal for operating systems, and it's not uncommon for all OSes to have a slew of security patches out each month.  Apple typically prefers to release them in larger bundles as opposed to individualized fixes, though in the past they have released "hot fixes" to address major issues.  But for Apple to be turning away from their previous OSes so quickly, it seems like a real push to get users onto Mavericks as soon as possible and keep them there.

So is your Mac less secure if it doesn't have Mavericks?  Absolutely.  Many of the patches are for some fairly critical vulnerabilities, and while the virus and malware scene for Mac still hasn't taken off in over a decade, that doesn't mean they don't exist.  The best security practice you can have for your Mac right now would be to keep it up to date with software updates from Apple, including Mavericks.

Mavericks is free!  The upgrade is very simple, requiring a bit of time to download the software.  If your computer is Mavericks compatible (wikipedia.org), you most definitely should upgrade.  We strongly recommend backing up all your important documents before trying to perform the upgrade.  If you need assistance with upgrading your Mac, or have questions, please stop in or contact the Help Desk, and we'll be more than glad to assist!  Contact information at the end of this post.

A final note on OS X Security -- while OS X is not free of vulnerabilities, there still is not a strong case for using an anti-virus on your Mac at this time.  Most of the anti-virus systems currently available are just sub-par, often eating up a lot of the Mac's power looking for viruses and malware that just likely aren't going to hit your machine.  Apple has and keeps its own anti-malware service running in the background on your Mac; it isn't something you can interact with, but it is updated and worked on by Apple. 

Help Desk Contact Info:
Twitter:@PLUHelpDesk
Phone: 253-535-7525
email: helpdesk@plu.edu

Friday, January 3, 2014

Router Backdoors found in tons of router models...but not a big deal for most people

Source(s):
http://arstechnica.com/security/2014/01/backdoor-in-wireless-dsl-routers-lets-attacker-reset-router-get-admin/
https://github.com/elvanderb/TCP-32764/blob/master/README.md  (List of known affected routers)

Summary:

For the non-technically inclined, let's define a few terms for this article/post.  A backdoor, in computing terms, specifically refers to a means to control a device remotely via a hidden access.  You can think of it like a secret way into a device in order to control it; these backdoors often have very little or no verification, and will accept any command sent to them without question. 

The discoverer of the backdoor, , was focusing on trying to get back into his own router, which he forgot the password to.  In doing so, he found some really strange activity on his router, which upon further investigation revealed the backdoor.  Being a bit of a programmer, he explored the backdoor as best he could and was able to map out many of the controls it allowed.  He published his results in a rather humorous powerpoint presentation (1.9 MB ppt download, some not safe for work language), and many other users tested his program and found quite a few other routers that had the same backdoor.

So, is your own router at risk and should you worry? 

Yes, and No.  

See, the backdoor is pretty specific, and it looks to require that you actually be on the network to pull it off.  Even if you were able to plug the backdoor (which you can't really), the likelihood of someone using this method to gain access to your router is pretty low.  The second link has a list of known affected routers; if you use one of these for your business, there may be some cause for concern, but again, this is a fairly isolated method of attacking a router.

What this does bring up are some interesting questions as to why such a backdoor exists; all routers have a physical switch on them to allow a factory restore, so end users have no use for such an interface, and technicians would likely use this as well instead of using the rather esoteric interface.  This is definitely an issue which warrants further discussion and investigation, but most home users should be able to continue using their routers as they have been without additional worry.