Toni Pace's Notes for 2012-09-10

LAPUG Meeting Notes_9_10_12

Meeting Theme: Security

Recommended Software

GateKeeper- Mountain Lion feature 

(defines what will allowed to run on your computer)

Three choices for settings 

•  Run only from Mac store
•  Run only from Mac store and known developers
•  Run from anywhere

(Remember that if you have old software that isn’t from a known developer, it will not run under Mountain Lion)…Can be overruled on a case by case basis.

What to do if your machine is infected?

Choose a well known software program to handle it.

Recommended:  Sophos (has a free version for home use)….but does create a performance issue on your machine.  So use it on your machine until it gets cleaned up…and then turn it off to restore performance.

Do not use MacKeeper

There are free apps from the App store that will do a scan of your hard drive for malware… (you activate the scan manually)…

You might accidently pass along a virus that doesn’t affect your Mac to a Windows user if you work in a mixed OS environment.

If you suspect your machine has a problem, check your Activity Monitor.

How does the bad code get on your machine?

• Phishing—This is an email that wants to encourage you to go to their web site…..emails that appear to come from a bank that says “click here”.  You can hover over a link to see where the link will actually take you….example…(dot ru is a Russian URL)….Never click on a link to a bank…always type in the address into the browser.

Apple does a good job of spam filtering.   Or you can use Spam Sieve as an additional service.

•  Spearfishing—is when the crooks really target you.  In some way or another you and your data have been compromised, and the evildoers use that information to target you.   You can insert some of security code in your process before any money is moved from one place to another.    Never click on a URL in an email with regards to money.

Prison inmates are now the biggest source of call center operators.

Great program = 1Password

1Password can make up passwords for you…that no one can figure out.

How does 1Password store its data?….it encrypts the document that stores your passwords on your computer.  

It is available on the App store.

It can create very secure passwords.

There are versions for the iPad and the iPhone…

Can store your encrypted database on Dropbox which actually lives on your computer and then is duplicated in the cloud.

Can access your 1Password data from the Dropbox web site from any browser if you have your 1Password password.

Certificates

You can create a certificate which makes certain email has come from you..…requires you have a specific domain name that belongs to you.  If you have a specific domain name, you can buy a certificate from a company that sells them.   All your email is now associated with this certificate and so it guarantees that it is from you.  Can also be applied to web sites….which will then start with  https: