An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Previous Thread
Next Thread
Print Thread
Page 2 of 2 1 2
Re: Sophos, anyone using?
kevs #33059 02/11/15 01:09 AM
Joined: Dec 2009
kevs Offline OP
OP Offline

Joined: Dec 2009
PS I created a great 14 digit password years ago with all the good combos. Not easy to memorize but I did. Turns out, I read an article the other week, that says if you just create a 21 word password, all lower case, something like

going to the market is good

that is even a much stronger password than a 14 digit with all the upper lower sybols etc! That said the one I made according to many site could not be cracked in a billion years.

Re: Sophos, anyone using?
kevs #33061 02/11/15 12:07 PM
Joined: Aug 2009
Likes: 14
Offline

Joined: Aug 2009
Likes: 14
I assume it'd be even stronger without the spaces. I seem to recall that Tacit or one of the moderators mentioned that some time ago but with a bit more background. It's good that you bring it up again.

I wonder if anyone remembers the original conversation/link.

Last edited by ryck; 02/11/15 12:09 PM.

ryck

"What Were Once Vices Are Now Habits" The Doobie Brothers

iMac (Retina 5K, 27", 2020), 3.8 GHz 8 Core Intel Core i7, 8GB RAM, 2667 MHz DDR4
OS Ventura 13.6.3
Canon Pixma TR 8520 Printer
Epson Perfection V500 Photo Scanner c/w VueScan software
TM on 1TB LaCie USB-C
Re: Sophos, anyone using?
kevs #33064 02/11/15 10:37 PM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
A lot of legitimate sites do end up getting hacked and spreading malware. Not just porn sites, though they're frequent targets because they have large user bases, but any site that has server vulnerabilities.

You can see Google's diagnostic report on a site by surfing to this URL:

http://google.com/safebrowsing/diagnostic?site=example.com/

and replacing "example.com" in the URL with the site you want to check.


Photo gallery, all about me, and more: www.xeromag.com/franklin.html
Re: Sophos, anyone using?
tacit #33066 02/12/15 01:27 AM
Joined: Dec 2009
kevs Offline OP
OP Offline

Joined: Dec 2009
Ryck, there is a Stanford study link, I can dig it out if you want.

Tacit, you recommend little snitch? Worth $35, for each machine?

Also how does it work, I go to a website and even without downloading anything I'm at risk? Don't understand.

Last edited by kevs; 02/12/15 01:28 AM.
Re: Sophos, anyone using?
kevs #33067 02/12/15 05:11 AM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
I personally haven't used Little Snitch, so I can't comment on it.

As far as how it works, basically it goes something like this:

Hackers create malware. Common malware that's distributed via hacked Web sites includes information stealing Trojans like Kuluoz or computer-encrypting malware like Kryptik. They'll upload it to a server they control hosted in paces like Russia or China.

The next step is they hack into a legitimate Web site. They might use automated tools to look for insecure WordPress installs, do brute-force password guessing attempts on popular sites, or even tailor an attack to a specific site if it gets a lot of traffic. In one high-profile case, hackers found a flaw in the servers of a Web hosting company called iPower Web that gave them access to more than 200,000 Web sites all in one go.

Once they're in, they'll put hostile code in the Web site's pages. This hostile code will look for and attempt to exploit vulnerabilities in your Web browser. If you're using an unpatched, outdated Web browser--older versions of Internet Explorer, say--or a browser running an outdated plugin like an old version of Adobe Flash, the malicious code will download the malware, silently and without you doing anything.

The important key here is if you're running an insecure browser, you will be infected without you doing anything but visiting the site. You do not need to click on or download anything. The malware will be sent to your computer silently and without your intervention or awareness.

I'm not aware of any Mac malware that spreads this way currently making the rounds. It's very common on Windows, however. That's why if you use Windows, it's important to update your computer and all your browser plugins religiously. Adobe just patched two security holes in Flash that were being actively exploited in this way.


Photo gallery, all about me, and more: www.xeromag.com/franklin.html
Re: Sophos, anyone using?
kevs #33070 02/12/15 01:25 PM
Joined: Aug 2009
Offline

Joined: Aug 2009
Originally Posted By: kevs
Tacit, you recommend little snitch? Worth $35, for each machine?


The key feature of LS is that it is a sort of "reverse firewall", it monitors traffic leaving your computer. So in the event that something is running on your computer that you don't WANT to be communicating with someone else, (legit apps sending metadata or personal information, malware on your computer connecting to a malware server to download instructions or additional malware etc) it will pop up a warning.

It's not foolproof. There are a very small subset of apps that are known to work around it, but they are very small and specific exceptions to the rule. BBEdit told me there was an update available, and I was quite certain I had not granted it permission in LS to call out. I checked my settings, and it was NOT in my exceptions list. Some googling around found that they use a specific deliberate technique in newer versions to bypass little snitch to verify your license key and check for updates. (they are most likely doing their communications through some other authorized app, such as using applescript to ask safari to download page source, without opening a window, etc, stealthily "sneaking out" on safari's exception)

If you download and install free software frequently, it may be a good investment. "Free" software often comes with a hidden price, most commonly in the form of them uploading metadata about you to someone that is paying them for the data. I personally don't like ANY of my software connecting out without my express permission.


I work for the Department of Redundancy Department
Re: Sophos, anyone using?
Virtual1 #33082 02/13/15 05:11 AM
Joined: Dec 2009
kevs Offline OP
OP Offline

Joined: Dec 2009
Thanks Tacit,
Virtual, did not understand all of that. LS helps prevent my stuff from going out? over my head a bit. You use LS? seems a bit pricey...? Sophos is free!

Re: Sophos, anyone using?
kevs #33085 02/13/15 02:09 PM
Joined: Aug 2009
Offline

Joined: Aug 2009
Originally Posted By: kevs
Thanks Tacit,
Virtual, did not understand all of that. LS helps prevent my stuff from going out? over my head a bit. You use LS? seems a bit pricey...? Sophos is free!


Yes, LS is for OUTGOING traffic, NOT incoming. It's usually best known for not allowing your software to "phone home".


I work for the Department of Redundancy Department
Re: Sophos, anyone using?
kevs #33086 02/13/15 02:13 PM
Joined: Aug 2009
Likes: 1
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 1
Malware made to steal users’ data is dead in the water without a way to get the loot out of infected computers. That exit is watched by Little Snitch, which dutifully reports to you every attempt to leave your ‘house’ with data collected there. It does so by telling you the URL of the website requesting permission to leave with your data. You then have the option to deny that request, or to allow it once or in perpetuity. (All decisions can be revisited and changed in LS’s master list.)

The problem for the average user is to distinguish the 'good' URLs necessary for website functionality from those which are not not (including potentially 'bad' URLs). In case of URLs merely consisting of IP addresses there isn't even a name to tip you off. LS can provide more info, but this is often about as cryptic for the average user. If you deny a particular connection, the website may no longer work. The ones that don’t matter can be denied. However, testing many such connections to see just one website can become a pain, even if you only have to do it once. Given the increasing number of websites making multiple requests for data exit permission, answering LS’s queries may be tedious enough for most users to simply allow all such requests, or to quit the exercise altogether and turn LS off.

So yes, LS is very effective, but requires considerable user input and vigilance. And as to pricing of services, you get what you pay for…


alternaut moderator
Re: Sophos, anyone using?
kevs #33088 02/13/15 02:29 PM
Joined: Aug 2009
Likes: 14
Offline

Joined: Aug 2009
Likes: 14
Originally Posted By: kevs
Ryck, there is a Stanford study link, I can dig it out if you want.

Thanks very much for the offer but it's not necessary.


ryck

"What Were Once Vices Are Now Habits" The Doobie Brothers

iMac (Retina 5K, 27", 2020), 3.8 GHz 8 Core Intel Core i7, 8GB RAM, 2667 MHz DDR4
OS Ventura 13.6.3
Canon Pixma TR 8520 Printer
Epson Perfection V500 Photo Scanner c/w VueScan software
TM on 1TB LaCie USB-C
Re: Sophos, anyone using?
alternaut #33091 02/13/15 06:34 PM
Joined: Dec 2009
kevs Offline OP
OP Offline

Joined: Dec 2009
Still don't get LS things, need real laymans explanation... It protects me from myself? It does not protect me from bad sites?

Re: Sophos, anyone using?
kevs #33106 02/14/15 04:53 PM
Joined: Aug 2009
Likes: 1
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 1
Little Snitch is like a doorman telling you who wants to leave the premises with information from your computer. It’s up to you to make the call who can and who can’t. The protection LS offers is not automatic, but subject to your choices.


alternaut moderator
Re: Sophos, anyone using?
kevs #33132 02/17/15 07:43 PM
Joined: Aug 2009
Offline

Joined: Aug 2009
Originally Posted By: kevs
Still don't get LS things, need real laymans explanation... It protects me from myself? It does not protect me from bad sites?


put another way, firewalls protect your computer and data from OTHER PEOPLE'S computers, from attacks launched from the internet.

little snitch protects your data from applications YOU HAVE INSTALLED on your computer. prevents them from doing things with your data like sending it off to somewhere on the internet.


I work for the Department of Redundancy Department
Re: Sophos, anyone using?
Virtual1 #33133 02/17/15 07:56 PM
Joined: Dec 2009
kevs Offline OP
OP Offline

Joined: Dec 2009
Virtual, that helps a bit thanks. Sounds like a bit overkill for $30, if it was free or $5, ok..

Re: Sophos, anyone using?
joemikeb #33676 04/02/15 07:05 AM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
Originally Posted By: joemikeb
Just to clarify, a trojan, by definition, tricks or somehow induces a user to install it. They are named after the story of the Greek Trojan Horse used to gain entrance into the city of Troy during the Trojan wars.

Sorry for taking so long to respond.

It seems to me that "trojan" is a misnomer in the present context.

The Trojan Horse was a drive-by...a one-step affliction, while what's called a trojan is a two-step affliction: First you've got to visit the website hosting it, and then you've got to do something stupid.

All the Trojans had to do was visit the Greek's website, i.e. drag the horse into their city, and their fate was sealed.

I've always found it mind-boggling that they were so incredibly stupid!

Last edited by artie505; 04/02/15 11:39 AM. Reason: Clarity

The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Sophos, anyone using?
artie505 #33682 04/02/15 12:04 PM
Joined: Aug 2009
Offline

Joined: Aug 2009
Originally Posted By: artie505
All the Trojans had to do was visit the Greek's website, i.e. drag the horse into their city, and their fate was sealed.

I've always found it mind-boggling that they were so incredibly stupid!

It wasn't too unusual back in those days for an army that was stymied but not annihilated to leave their victors a trophy of some sort. Back when war was occasionally a somewhat more chivalrous business.

wow I guess it was quite a big affair... https://en.wikipedia.org/wiki/Trojan_Horse

of course you still have to do it right

https://www.youtube.com/watch?v=tS_JBDRk8o0


I work for the Department of Redundancy Department
Re: Sophos, anyone using?
Virtual1 #33692 04/02/15 08:36 PM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
Originally Posted By: Virtual1
Originally Posted By: artie505
All the Trojans had to do was visit the Greek's website, i.e. drag the horse into their city, and their fate was sealed.

I've always found it mind-boggling that they were so incredibly stupid!

It wasn't too unusual back in those days for an army that was stymied but not annihilated to leave their victors a trophy of some sort. Back when war was occasionally a somewhat more chivalrous business.

Maybe the world was different back then, but I learned at a very early age that anything that's got an inside may have something inside it.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Page 2 of 2 1 2

Moderated by  alternaut, dianne, dkmarsh 

Link Copied to Clipboard
Powered by UBB.threads™ PHP Forum Software 7.7.4
(Release build 20200307)
Responsive Width:

PHP: 7.4.33 Page Time: 0.051s Queries: 48 (0.038s) Memory: 0.6664 MB (Peak: 0.7885 MB) Data Comp: Zlib Server Time: 2024-03-28 15:33:05 UTC
Valid HTML 5 and Valid CSS