Fareham — Nov 12th 2016

Twelve members attended this meeting to hear Tony Still give us a very interesting and absorbing talk about the possible threats that could attack OSX and iOS.

Malware, which may include Viruses, Trojans, Worms, Bots, Adware etc. takes the form of a program placed on your computer covertly. It usually tries to remain invisible and may seek to spread itself to other computers. The writer's motive is nearly always money, perhaps by identity theft, or insertion of Adware.

In pre-internet days, programs were loaded via physical media, e.g. Floppy disc, and used on a computer that only ran one program at a time with no internet connection. Now though it is easy to download software from the internet from questionable sources which can result in your Mac running illicit programs in the background without you knowing (iOS devices can only download from Apple's App Store).

So the challenge is one of trust. For software from the App Store, the developer digitally signs and seals his code, which is checked on your Mac or iOS device to ensure the code hasn't been tampered with. Downloads from the internet are quarantined. When you attempt to run them, Gatekeeper checks the developer's identity and XProtect checks for viruses.

On iOS, most of these checks are performed by the App Store so an iOS device only does the equivalent of checking the digital signature. There have been isolated examples of malware getting into the iOS App Store so you still need to be alert for suspicious programs.

When software is loaded onto a Mac from other sources, e.g. Disc or USB stick, Gatekeeper is bypassed, so it is for the user to verify the source.

Browser plug-ins are another potential infiltration route so these should only be obtained from their originators. Flash and Java are often the route for attacks so we were advised to use these as little as possible and to make sure that they are kept up to date.

Tony also stressed the importance of applying Apple security updates promptly, especially since the act of publishing the fix gives the malware authors a pointer to the vulnerability they are fixing, so those computers that haven't been updated become even more vulnerable.

Tony provided two apple links for further reading as follows:

https://support.apple.com/en-us/HT202491

https://support.apple.com/en-gb/HT201940

The next meeting will be on Saturday 10th December, starting at 10.30am as usual.


Comments

Page 1
Page 1