Bournemouth — Sep 20th 2016

The first post-holidays meeting was attended by fifteen members who were rewarded by Tony handing out complimentary USB sticks, with strict orders to read the contents, before commencing his talk on Malware. (Sticks are for all members so there will be a further opportunity at the next meeting).

Malware, which may include Viruses, Trojans, Worms, Bots, Adware etc. takes the form of a program placed on your computer covertly. It usually tries to remain invisible and may seek to spread itself to other computers. The writer's motive is nearly always money, perhaps by identity theft, or insertion of Adware.

In pre-internet days, programs were loaded via physical media, e.g. Floppy disc, and used on a computer that only ran one program at a time with no internet connection. Now though it is easy to download software from the internet from questionable sources which can result in your Mac running illicit programs in the background without you knowing.

So the challenge is one of trust. For software from the App Store, the developer digitally signs and seals his code, which is checked on your Mac to ensure the code hasn't been tampered with. This is achieved by Public Key Cryptography (which Tony bravely went on to explain)

Downloads from the internet are quarantined. When you attempt to run them, Gatekeeper checks the developer identity and XProtect checks for viruses. Tony then demonstrated the warning messages that may arise from these checks.

When software is loaded from other sources, e.g. Disc or USB stick, Gatekeeper is bypassed, so it is for the user to verify the source. We were assured that the AUGW USB stick could be trusted.

Plug-ins are another potential infiltration route, so Safari runs in a 'Sandbox' to limit the scope of for disruption from contaminated versions of plug-ins such as Flash or Java. We were advised to use these as little as possible and to make sure that they are kept up to date.

Tony also stressed the importance of applying Apple security updates promptly, especially since the act of publishing the fix gives the malware authors a pointer to the vulnerability they are fixing, so those computers that haven't been updated become even more vulnerable.

After a discussion on various related security issues, a tea break was called followed by the usual Q&A session.

The further reading links in the presentation were:
https://support.apple.com/en-us/HT202491
and
https://support.apple.com/en-gb/HT201940

Comments

Page 1
Page 1