All posts in Security

Security Alert: New Trojan Horse on Mac OS X Spread Through Social Networks

It’s not often that you hear of a virus for the Mac, but according to a Secure Mac security bulletin, a new trojan virus has been detected on the Mac. The bulletin notes that the virus is spread through social networking websites like Facebook and is disguised as a video.

The trojan called “trojan.osx.boonana.a” has been wreaking havoc on both Windows and Mac platforms.

Secure Mac says, “When a user clicks the infected link, the trojan initially runs as a Java applet, which downloads other files to the computer, including an installer, which launches automatically. When run, the installer modifies system files to bypass the need for passwords, allowing outside access to all files on the system. Additionally, the trojan sets itself to run invisibly in the background at startup, and periodically checks in with command and control servers to report information on the infected system. While running, the trojan horse hijacks user accounts to spread itself further via spam messages. Users have reported the trojan is spreading through e-mail as well as social media sites.”

This is a cross-platform virus due to the Java code that can be executed on both Windows and Mac operating systems. Secure Mac gives us some tips for protecting your computer from this virus. The first tip is to turn off Java execution in your web browser. You can do this in Safari by navigating to Safari > Preferences > Security Tab and unchecking the “Enable Java” checkbox.

Additional tips from Secure Mac includes:

1. Watch where you surf. By sticking with safe, well-known websites, you will be less likely to visit a site that will attempt to infect you with a trojan horse. Be especially careful when surfing to links included in messages on social media sites, even if they come from a friend.
2. Watch what you download. Download files only from trusted sources and safe sites.

3. Use security features in OS X. Turn on the built-in Firewall, and consider security software, especially when a computer is shared by multiple users.

If you believe your Mac is infected with this virus, you can download and run the free removal tool from Mac Scan on the Secure Mac website. You can also read more about this virus on that website.


Follow this article’s author, Cory Bohon on Twitter.




FaceTime for Mac Has Huge Security Hole

Okay, okay, it’s a beta and we all know betas tend to have glitches big and small. Users poke, prod, and discover issues and the results of our testing trickles back to the software developers who squash bugs for a living. That’s the drill, but this seems a biggie to let slip out the door.

We clearly anticipate this one getting fixed really, really quickly. Via Mac Rumors we find that FaceTime for Mac displays your account information once you’re logged in. What kind of account information? you ask. How about your date of birth as well as your security question and its answer? How about that on display?

face time for mac kid

Now, granted, someone has to have physical access to your computer to see this information, but looking over your shoulder in a coffee shop isn’t that hard to pull off. And with this information, they can change your password and lock you out of your own account while they run rampant. Apparently, you can even reset your password in FaceTime without being first prompted to enter the original password.

What’s that? You say you’ll just log out of FaceTime when you’re done? Not so fast there, kids. FaceTime for Mac Beta is just so darned helpful that it remembers the last accessed account and autopopulates the information when you (or someone else) signs on. So you don’t even need to have FaceTime open to let anyone who gets their hands on your machine have full rein of anything you use your Apple ID for, like iTunes and the App Store.

Ain’t it grand being an early adopter?


Apple Event Invite Points to Top Secret Security Technology

Since Apple announced their event set for this upcoming Wednesday, the interwebz have been all abuzz with rumors surrounding what may be unveiled. With the iPhone and the iPad having stolen the spotlight from Apple’s laptop and desktop computers over the past year, it’s high time that Macs once again got their due. Lucky for us, it appears from the event’s name–Back to the Mac–that’s exactly what Cupertino has in mind.

But what form will Apple’s efforts take?

Some say that we’ll see a revamped 11.6 inch version of the MacBook Air and refreshes of iWork and iLife. Others feel that the artwork that came with the Back to the Mac announcement heralds the arrival of the latest update to Apple’s kitty-powered operating system.

Sorry, but being the experts that we are, we can tell you that the outlook for all of the above-mentioned products is bleak. Sure, OS X is due for a refresh, but it won’t happen this Wednesday. A smaller MacBook Air? Really? Didn’t Steve Jobs already tell us that netbooks aren’t good at doing anything? iLife and iWork? Honestly, do you think that’s what Apple plans to unleash on holiday shoppers this year?


No friends, the Mac has sat on the sidelines for far too long for Apple to bother with something as quaint as a product refresh or upgrade. It’s time to innovate. It’s time to change the personal computing landscape. Ignore the rumors and look past the hype.

It’s time for something completely different.

By analyzing the artwork associated with Apple’s Back to the Mac event and talking to a number of our sources working out of the the company’s Cupertino design facility, Mac|Life has pieced together what’s coming. Ladies and gentlemen, get ready for A-LIoN, or if you will, Apple’s “Automated Laser Intervention Nexus” system.

That’s right: The company that gave birth to the personal computer revolution and changed the face of the music industry is thinking different once again. This time around, Apple’s putting military-grade laser technology in the hands of the consumer.

It goes without saying, of course, that this changes everything.

According to Mac|Life sources well-versed on the matter, A-LIoN is the result of Apple’s long-standing relationship with a number of government agencies, including NASA and the U.S. Army. By incrementally reducing the size and number of ports on their computers, while at the same time increasing the heft and capacity of their laptop batteries, Apple’s hardware engineers have figured out how to jam a complex laser-based computer anti-theft and personal protection system into the the full spectrum of Mac hardware.

How does it work? We thought you’d never ask.

Utilizing the space allotted by an outer shell uncluttered by banal features such as dedicated microphone jacks or additional USB ports, Apple has equipped their latest desktop and portable computers with enough lasers emitters to ensure a 360 degree sphere of death-ray-based protection for both the computer user and their beloved device.

To ensure that users would never be forced to choose between sheer firepower and the iconic clean lines of Apple’s industrial design, the Cupertino-based tech company leveraged their exclusive rights to an alloy purchased from Liquidmetal Technologies earlier this year, developing a energy-permeable metallic membrane that A-LIoN’s lasers are able to fire through without the need for emitter apertures which would ruin the Mac’s otherwise perfect unibody design. Knowing this, the message behind the Back to the Mac artwork becomes clear: the power and fury of a lion hidden away by the beauty of brushed steel.


As with all Apple products, A-LIoN couldn’t be easier to use. Thanks to the technology’s simple user-interface, dealing with even the most terrifying of crimes is an exercise in simplicity. By using either a Magic Mouse or a multi-touch track pad, all a Mac user need do is simply swipe in the direction of an assailant and A-LIoN will unleash a devastating laser attack.

Even when you’re away from your Mac, A-LIoN has you covered. Using the same facial recognition technology already integrated into Aperture and iPhoto, A-LIoN can tell friend from foe. This allows authorized computer users to enjoy their computing experience in perfect safety, while keeping undesirables at bay, first with a warning shot, and then should they not move away from your Mac, continuing on to slice them up like so much lunch meat.

Needless to say, we’re utterly stoked.


Follow this article’s author, Seamus Bellamy on Twitter.



Twitter Fixes Security Hole, Adds Two New Features

Twitter is recovering after an attack on the social networking site earlier today. According to TechCrunch, the site suffered an attack whereby users could tweet some JavaScript code that could in turn cause pop-ups anytime someone moused over a maliciously crafted tweet.

Fortunately, Twitter was able to get the attack stopped before more users became victim to this exploit. This attack only affected the web-based version of Twitter, as users accessing Twitter through a client like the official Twitter client were not susceptible.

TechCrunch is also reporting that Twitter rolled out two new features today to their new Twitter interface (for those lucky enough to have access at this time). The first new feature gives you the ability to reply to all users contained in a tweet when replying to a tweet. The second addition is an auto-complete feature when typing a username into a tweet. Simply type the @ symbol followed by the first few letters of a username and Twitter will suggest users to you in a pop-up list, allowing you to select one.

Unfortunately, the new Twitter interface isn’t being rolled out to everyone at once, but if you are one of the lucky few that uses the web interface, these changes will be welcomed.


Follow this article’s author, Cory Bohon on Twitter.




Holiday Inn to trial iPhone as revolutionary hotel room key

Some people might envisage it as part of the perfect hotel experience – travelling from reception to bed without even needing to stop and check-in.

Hotel group Holiday Inn is due to begin testing technology which will allow guests to use their iPhone as their room key.

The hotel chain, which is owned by InterContinental Hotels Group (IHG), says that, because many of its guests are already smartphone customers, they would enjoy the freedom of avoiding the front desk when they arrive.

Speaking to USA Today, IHG executive Bryson Koehler says: ‘The holy grail item for us is to simplify the room-key hand-off moment at the hotel.’

‘The proliferation of smartphones is growing in such a way that we have to look at what people are already bringing with them to make their stay more enjoyable.

‘We don’t need to burden people with additional items; it just clutters up their lives.

‘The beauty of the smart phone is that they’ve already got it.’

Holiday Inns in Houston and Chicago will run the trial for three months from July, before looking at feedback from guests on whether the initiative has been successful.
Guests who wish to participate in the scheme need to give the hotel their smartphone number and download an ‘Open Ways’ app. Before their arrival they will receive a text and a sound code which can be used to unlock their hotel room door.
However, some critics have questioned the security of the new system, saying that the new application could lead to thieves finding their way into guests’ hotel rooms.

Source: Daily mail