Happy New Year! 2018 promises to be yet another cyberbattle between the black and white hat hackers, in a never-ending war. While you may not don either cap, you are here at EE and are more likely than not interested in how to protect yourself and your end-users (if you're an IT person) from being a casualty. Well, since I'm an Apple guy I'll give you the latest macOS exploit (see article). Essentially, it boils down to Apple having to fix this with their next security rollout, but it doesn't hurt to make sure that you're doing all you can to keep people off of your Mac. Here are some steps:
1) Open "System Preferences"
2) Click on "Users & Groups"
3) Click on "Guest User" and make sure it is "Off"
4) Next, click on "Login Options" and on the righthand side tap on the "Automatic Login" drop-down box and select "Off"
5) Select "Name and Password" (It makes it harder for someone to guess both the Username & Password, than just the password, which is all they have to guess if you select "List of Users".) If you don't want to select this option, then make sure you create a password that is 10-12 alpha-numeric characters long with a few special ones thrown in. To ease the process of creating such a password, use an app like "Last Pass" to create and hold your passwords (you can get it both for your Mac and iPhone/iPad)
6) Now, uncheck "Show Input menu in login window", "Show password hints", "Show fast user switching menu", "Use VoiceOver in the login window" (unless you need this option)
7) Back out of the "Users & Groups" and then click "Sharing"
8) Uncheck all boxes. If you ever need to perform any of the functions that these options offer, then check that box at the time you need to use it (my guess is that you'll find better ways to share files without compromising your beautiful Macintosh).
9) Back out of "Sharing" and then select "Bluetooth"
10) Once inside turn off Bluetooth. Not only will this save battery-life, but it will also eliminate another avenue that leads into your Mac. If you use a Bluetooth mouse/trackpad, then leave this option on but know that you're accepting the risk.
11) Back out of "Bluetooth" and then select "Network" (If you're not using Wi-Fi then you can skip points 11 & 12)
12) Once inside, tap on "Advanced" and then at the bottom of the window put a check in the box that's labeled "Create computer-to-computer networks". When you do this you're asking your Mac to request an Administrator password to create such a connection. Also, put a check in the box "Change Networks". By doing this you're telling your Mac to require an Administrator's password to change the Wi-Fi network your on.
13) Back out and click "Apply"
14) Back out again and click on "Security & Privacy"
15) Click on the "General" tab and then below checkmark the box "require password" and in the drop-down box select "immediately".
16) Now, if it's not already selected, click on "App Store and Identified Developers". This will give you a bit more breathing room to install apps on your Mac (since it allows apps that aren't in the App Store to be installed), but if you don't do get apps from outside sources, then keep "App Store" selected.
17) Click on the "FileVault" tab and turn on "FileVault". Why encrypt your hard drive? Because you never know if your Mac is going to be physically stolen or lost during travel. Also, by choosing to turn on FileVault you are protecting your Mac from someone getting to the "Recovery Mode" option (CMD + R when starting up) because your Mac will request the long password FileVault creates to get into Recovery Mode.
Side note: You're going to need to store this password in your Last Pass app or somewhere safe (Apple will not be able to help you get on your Mac if you lose this password).
18) After FileVault, please click on the "Firewall" tab. Turn this on if you don't have a third party application that has a firewall built-in (Some modern Antivirus software has this option coupled with it).
Lastly, consider buying a VPN to help keep your connections secure; it's not 100% safe, but it is better than not having one at all. I use Enrypt.me for all of my devices (Macs, iPhones, and iPads).
That's it! Take care all and may 2018 be your best year on record. ;)
I just got a twist on the Australia Post SMS scams. I get parcels delivered fairly regularly by Aust Post so I was surprised to get this SMS as I wasn't currently expecting one. It looked genuine and the number was spoofed successfully enough for the SMS to appear along with my other Aust Post notifications. It read:
You parcel: 068077299909
will not ship from distribution
center due to unverified
Track your package: http: // wtrgt DOT com / qOo (link has been purposely broken by me)
The grammar error was enough to alert me to the scam, as well as the link using http instead of https, and the wtrft domain being used instead of mypo.st which is where genuine Aust Post SMS alerts come from, but I can see how it might be easy to overlook and just tap the link.
I checked the tracking number on Aust Post website for giggles and sure enough, that's phony too. No surprise there. Keep an eye out if, like me, you also get parcels delivered by Aust Post.
Further to my last post about testing a variety of browser performance statistics, I've recently discovered something that I think may be of use to other EE members.
When using Google Chrome as my default browser along with a variety of different AdBlocking extensions, visiting a page like this one: https://www.dailymail.co.uk/ returns the following error after about 36 ads have been blocked. All further reading is prevented unless the site is whitelisted.
However, visiting the same page with the Brave Browser I can view the site and read any articles on there without ads and without triggering the Ad Blocker warning.
The site (along with a few others I've stumbled across) does not appear to recognize the built-in AdBlocker in Brave. How long that will remain to be the case I'm not sure.
I've also confirmed (from my own tests) that Brave is by far the quickest browser to use on Social Media sites like Facebook. Nowhere near the number of slowdowns that I experience with Google Chrome (or other browsers) that I've tested so far.
Further, using this extension (credit to McKnife for finding it) you can also leave Google Chrome as the default browser if you want to, yet easily send links to the Brave browser when needed. Works a treat here :)
I hope this little tidbit of information helps you out.