terça-feira, 30 de dezembro de 2008

Como gerar muita documentação com pouco (ou nenhum) conteúdo!

Quantos projetos você já viu, com uma extensa documentação de fazer inveja, mas conteúdo zero? 


Agora você também pode! Veja o site http://www.suicidiovirtual.net/dados/lerolero.html, escolha um título e gere seu trabalho!


sábado, 27 de dezembro de 2008

Dica de leitura

Meus amigos Manuel Funes e Daniel Alcanja me indicaram o livro "Getting Real" (algo como "Caindo na Real").


É uma abordagem muito interessante sobre como simplificar a vida em projetos de software, mas que serve para qualquer projeto de vida.

O livro pode ser acessado (e lido gratuitamente online) no endereço: http://gettingreal.37signals.com/.

quarta-feira, 24 de dezembro de 2008

Symantec unveils Norton Internet Security for Mac 4.0

by Jim Dalrymple, Macworld.com 

Symantec on Thursday unveiled a significant upgrade for its Norton line of security software. Norton Internet Security for Mac features a variety of security tools in one application. 

Norton Internet Security for Mac includes traditional virus protection, a Firewall, and tools to help protect against spyware and identity theft. 

Many Mac users don't see many of these issues as problems for them because of the Mac's reputation as being one of the most secure platforms. However, with the Mac becoming more popular among new users, it's a good idea to be aware and ready for any potential threats. 

"You read so much about Windows threats and not so much about the Mac," Mike Romo, Symantec's Mac product manager, told Macworld. "Our goal is to provide a tool to cover all the bases without scaring people." 

In fact, Macs are becoming more popular in businesses these days, and many companies require security software on all of their computers, according to Romo. 

Norton Internet Security for Mac is also linked to Symantec's DeepSight Threat Management System, updating the firewall rules at least once a day to protect against the latest attacking IP addresses. This ensures that Mac users are protected on an ongoing basis without having to really think about many of the threats out there. 

The new application combines the protection found in Norton AntiVirus 11 for Mac, Norton Confidential, and two-way firewall functionality. 

Symantec says the application also protects against phishing Web sites, protecting your identity and protecting files against keyloggers and other types of eavesdropping applications. 

Symantec also announced Norton Internet Security for Mac Dual Protection. This protects users running Boot Camp or other virtualization software. 

Norton Internet Security for Mac and Norton Internet Security for Mac Dual Protection are 
available immediately for $79.99 and $89.99, respectively. 

NIST Draft Special Publication 800-120 has been Released

DRAFT NIST Special Publication 800-120, Recommendation for EAP Methods Used in Wireless Network Access Authentication

NIST announces the release of draft Special Publication 800-120, Recommendation for EAP Methods Used in Wireless Network Access Authentication. This Recommendation specifies security requirements for authentication methods with key establishment supported by the Extensible Authentication Protocol (EAP) defined in IETF RFC 3748 for wireless access authentications to federal networks. Please submit comments to 800-120comments@nist.gov with "Comments on SP 800-120" in the subject line. The comment period closes on January 30, 2009.

URL to Drafts page:
http://csrc.nist.gov/publications/PubsDrafts.html#800-120


Pat O'Reilly
List Administrator
Computer Security Division
NIST




segunda-feira, 15 de dezembro de 2008

Mac OS X Update - 10.5.6



Iniciar mensagem reenviada:

Data: 15 de dezembro de 2008 22h1min0s GMT-02:00
Assunto: Mac OS X Update - 10.5.6
Responder A: NSArchitect <noreply@blogger.com>
Fonte: iAntiVirus Blog
Autor: NSArchitect <noreply@blogger.com>

Apple has released an update for OS X which addresses some performance and severe security issues. Please run a Software Update and grab it today!



Security Issues addressed
  • Apple Type Services (ATS) server PDF embedded font handling issue (CVE-ID: CVE-2008-4236)
  • Arbitrary code execution in BOM (CVE-ID: CVE-2008-4217)
  • Heap buffer overflow in CoreGraphics' handling of color spaces (CVE-ID: CVE-2008-3623)
  • Possible user credential disclosure in Safari (CVE-ID: CVE-2008-3170)
  • Enhanced download validation capability, previously warnings were not displayed for all unsafe download content types, this allowed for arbitrary code/command execution (CVE-ID: CVE-2008-4234)
  • Multiple vulnerabilities in the Adobe Flash player plugin (CVE-IDs: CVE-2008-4818, CVE-2008-4819, CVE-2008-4820, CVE-2008-4821, CVE-2008-4822, CVE-2008-4823, CVE-2008-4824)
  • Local privilege escalation issue due to integer overflows in the kernel's i386_get_ldt and i386_get_ldt system calls (affects Intel based machines only) (CVE-ID: CVE-2008-4218)
  • Infinite loop when an exception occurs in a program (or dylib) which resides on an NFS share (CVE-ID: CVE-2008-4219)
  • Integer overflow in the LibSystem inet_net_pton function -> this could affect any program which uses that function (CVE-ID: CVE-2008-4220)
  • Memory corruption issue in the strptime function of LibSystem (CVE-ID: CVE-2008-4221)
  • Multiple integer overflows in the strfmon function of LibSystem (CVE-ID: CVE-2008-1391)
  • Per host configuration in managed client system installs sometimes incorrectly identifies the system (CVE-ID: CVE-2008-4237)
  • natd infinite loop due to a maliciously crafted TCP packet -> only affects systems with the Internet Sharing service enabled (CVE-ID: CVE-2008-4222)
  • Authentication bypass in Podcast Producer (OS X server only) (CVE-ID: CVE-2008-4223)
  • Input validation issue when handling malformed UDF volumes, ISO files. Opening a malformed volume may cause an unexpected syustem shutdown. (CVE-ID: CVE-2008-4224)

Information from Apple here .

Note: All CVE IDs will be linked to their respective pages once they become available.

Ler mais…



Trend Micro Common Client (TMCC) for Macintosh 1.0 Beta program

A Trend Micro liberou o Trend Micro Common Client (TMCC) for Macintosh 1.0 Beta program.


O produto é excelente, muito melhor que as versões para Windows. 

Quem quiser participar pode se inscrever em: http://www.trendbeta.com


segunda-feira, 8 de dezembro de 2008

CIBERGUERRA

Justiça usa Código Penal para combater crime virtualLevantamento realizado por especialistas em Direito da internet mostra que atualmente existem mais de 17 mil decisões judiciais envolvendo problemas virtuais; em 2002 eram apenas 400.


Crimes contra a honra (injúria, calúnia e difamação), furtos, extorsão, ameaças, violação de direitos autorais, pedofilia, estelionato, fraudes com cartão de crédito, desvio de dinheiro de contas bancárias. A lista de crimes cometidos por meio eletrônico é extensa e sua prática tem aumentado geometricamente com a universalização da internet. Levantamento realizado por especialistas em Direito da internet mostra que atualmente existem mais de 17 mil decisões judiciais envolvendo problemas virtuais; em 2002 eram apenas 400.

A internet ainda é tida por muitos como um território livre, sem lei e sem punição. Mas a realidade não é bem assim: diariamente, o Judiciário vem coibindo a sensação de impunidade que reina no ambiente virtual e combatendo a criminalidade cibernética com a aplicação do Código Penal, do Código Civil e de legislações específicas como a Lei n. 9.296 – que trata das interceptações de comunicação em sistemas de telefonia, informática e telemática – e a Lei n. 9.609 – que dispõe sobre a proteção da propriedade intelectual de programas de computador.

Na ausência de uma legislação específica para crimes eletrônicos, os tribunais brasileiros estão enfrentando e punindo internautas, crakers e hackers que utilizam a rede mundial de computadores como instrumento para a prática de crimes. Grande parte dos magistrados, advogados e consultores jurídicos considera que cerca de 95% dos delitos cometidos eletronicamente já estão tipificados no Código Penal brasileiro por caracterizar crimes comuns praticados por meio da internet. Os outros 5% para os quais faltaria enquadramento jurídico abrangem transgressões que só existem no mundo virtual, como a distribuição de vírus eletrônico, cavalos-de-tróia e worm (verme, em português).

Para essa maioria, a internet não é um campo novo de atuação, mas apenas um novo caminho para a realização de delitos já praticados no mundo real, bastando apenas que as leis sejam adaptadas para os crimes eletrônicos. E é isso que a Justiça vem fazendo. Adaptando e empregando vários dispositivos do Código Penal no combate ao crime digital.

E a lista também é extensa: insultar a honra de alguém (calúnia – artigo138), espalhar boatos eletrônicos sobre pessoas (difamação – artigo 139), insultar pessoas considerando suas características ou utilizar apelidos grosseiros (injúria – artigo 140), ameaçar alguém (ameaça – artigo 147), utilizar dados da conta bancária de outrem para desvio ou saque de dinheiro (furto – artigo 155), comentar, em chats, e-mails e outros, de forma negativa, sobre raças, religiões e etnias (preconceito ou discriminação – artigo 20 da Lei n. 7.716/89), enviar, trocar fotos de crianças nuas (pedofilia – artigo 247 da Lei n. 8.069/90, o Estatuto da Criança e do Adolescente - ECA).

No caso das legislações específicas, as mais aplicadas são as seguintes: usar logomarca de empresa sem autorização do titular, no todo ou em parte, ou imitá-la de modo que possa induzir à confusão (crime contra a propriedade industrial – artigo 195 da Lei n. 9.279/96), monitoramento não avisado previamente (interceptação de comunicações de informática – artigo 10 da Lei n. 9.296/96) e usar cópia de software sem licença (crimes contra software "Pirataria" – artigo 12 da Lei n. 9.609/98).

Consolidando dispositivos

O STJ, como guardião e uniformizador da legislação infraconstitucional, vem consolidando a aplicação desses dispositivos em diversos julgados. Nos casos de pedofilia, por exemplo, o STJ já firmou o entendimento de que os crimes de pedofilia e divulgação de pornografia infantil por meios eletrônicos estão descritos no artigo 241 da Lei n. 8.069/90 (apresentar, produzir, vender, fornecer, divulgar ou publicar, por qualquer meio de comunicação, inclusive pela rede mundial de computadores ou internet, fotografias ou imagens com pornografia ou cenas de sexo explícito envolvendo criança ou adolescente), e previstos em convenção internacional da qual o Brasil é signatário.

Mais do que isso: a Corte concluiu que, por si só, o envio de fotos pornográficas pela internet (e-mail) já constitui crime. Com base no artigo 241 do Estatuto da Criança e do Adolescente (ECA), os ministros da Quinta Turma do STJ cassaram um habeas-corpus concedido pelo Tribunal de Justiça do Estado do Rio de Janeiro (TJ-RJ) que determinava o trancamento de uma ação penal sob o argumento de que o ECA definiria como crime apenas a "publicação" – e não a mera "divulgação" – de imagens de sexo explícito ou pornográficas de crianças ou adolescentes.

Em outro caso julgado, a Turma manteve a condenação de um publicitário que participou e filmou cenas eróticas envolvendo crianças e adolescentes. Ele foi denunciado pelo Ministério Público de Rondônia com base no artigo 241 do ECA, nos artigos 71 e 29 do Código Penal (crime continuado e em concurso de agentes) e por corrupção de menores (Lei n. 2.252/54: constitui crime, punido com a pena de reclusão de um a quatro anos e multa, corromper ou facilitar a corrupção de pessoa menor de 18 anos, com ela praticando, infração penal ou induzindo-a a praticá-la).

Os casos de furto e estelionato virtual também já foram devidamente enquadrados pela Corte. A Terceira Seção do STJ consolidou o entendimento de que a apropriação de valores de conta-corrente mediante transferência bancária fraudulenta via internet sem o consentimento do correntista configura furto qualificado por fraude, pois, nesse caso, a fraude é utilizada para burlar o sistema de proteção e vigilância do banco sobre os valores mantidos sob sua guarda. Também decidiu que a competência para julgar esse tipo de crime é do juízo do local da consumação do delito de furto, que se dá no local onde o bem é subtraído da vítima.

Em outra decisão, relatada pelo ministro Felix Fischer, a Quinta Turma do STJ definiu claramente que, mesmo no ambiente virtual, o furto – "subtrair, para si ou para outrem, coisa alheia móvel" (artigo 155 do Código Penal) – mediante fraude não se confunde com o estelionato – "obter, para si ou para outrem, vantagem ilícita, em prejuízo alheio, induzindo ou mantendo alguém em erro, mediante artifício, ardil, ou qualquer outro meio fraudulento" (artigo 171 do Código Penal) – já que no furto a fraude é utilizada para burlar a vigilância da vítima e, no estelionato, o objetivo é obter consentimento da vítima e iludi-la para que entregue voluntariamente o bem.

Crimes contra a honra

Em uma ação envolvendo os chamados crimes contra a honra praticados pela internet, o desembargador convocado Carlos Fernando Mathias de Souza manteve a decisão da Justiça gaúcha que condenou um homem a pagar à ex-namorada indenização por danos morais no valor de R$ 30 mil por ter divulgado, pela internet, mensagens chamando-a de garota de programa. No recurso julgado, a ex-namorada alegou que, após a falsa publicação de e-mails com seus dados pessoais junto com uma fotografia de mulher em posições eróticas, ela passou pelo constrangimento de receber convites por telefone para fazer programas sexuais.

Em outro julgado, a Quarta Turma do STJ determinou que o site Yahoo! Brasil retirasse do ar página com conteúdo inverídico sobre uma mulher que ofereceria programas sexuais. A empresa alegou que o

site citado foi criado por um usuário com a utilização de um serviço oferecido pela controladora americana Yahoo! Inc., portanto caberia a essa empresa o cumprimento da determinação judicial.

Em seu voto, o relator do processo, ministro Fernando Gonçalves, sustentou que a Yahoo! Brasil pertence ao mesmo grupo econômico e apresenta-se aos consumidores utilizando a mesma logomarca da empresa americana e, ao acessar o endereço trazido nas razões do recurso como sendo da Yahoo! Inc. – www.yahoo.com –, abre-se, na realidade, a página da Yahoo! Brasil. Diante desses fatos, o ministro conclui que o consumidor não distingue com clareza as divisas entre a empresa americana e sua correspondente nacional.

A Terceira Turma decidiu que ação de indenização por danos morais pode ser ajuizada em nome do proprietário de empresa vítima de mensagens difamatórias em comunidades do site de relacionamentos Orkut. O tribunal considerou legítima a ação proposta por um empresário de Minas Gerais contra duas pessoas que teriam difamado o seu negócio de criação de avestruzes, causando-lhe sérios prejuízos. Segundo a relatora, ministra Nancy Andrighi, as mensagens divulgadas na internet não foram ofensivas somente ao empresário e a seu filho, mas também ao seu comércio de aves.

Atrás das grades

Aplicando os dispositivos do Código Penal, o STJ vem negando habeas-corpus a acusados e condenados por diversas modalidades de crimes eletrônicos. Entre vários casos julgados, a Corte manteve a prisão do hacker Otávio Oliveira Bandetini, condenado a 10 anos e 11 meses de reclusão por retirar irregularmente cerca de R$ 2 milhões de contas bancárias de terceiros via internet; negou o relaxamento da prisão preventiva de um tatuador denunciado por divulgar fotos pornográficas de crianças e adolescentes na internet; de um acusado preso em operação da Polícia Federal por participar de um esquema de furto de contas bancárias; de um hacker preso pelos crimes de furto mediante fraude, formação de quadrilha, violação de sigilo bancário e interceptação telemática ilegal; e de um técnico em informática de Santa Catarina acusado de manipular e-mails para incriminar colegas de trabalho.

O Tribunal também enfrentou a questão da ausência de fronteira física no chamado ciberespaço ao entender que, se o crime tem efeitos em território nacional, deve-se aplicar a lei brasileira. No caso julgado, um acusado de pedofilia alegou que as fotos pornográficas envolvendo crianças e adolescentes foram obtidas no sítio da internet do Kazaa, um programa internacional de armazenamento e compartilhamento de arquivos eletrônicos sediado fora do Brasil. A Corte entendeu que, como o resultado e a execução ocorreram em território nacional, o fato de os arquivos terem sido obtidos no Kazaa, com sede no estrangeiro, seria irrelevante para a ação.

O Poder Legislativo ainda não concluiu a votação do projeto de lei que visa adequar a legislação brasileira aos crimes cometidos na internet e punir de forma mais rígida essas irregularidades. O projeto, que já foi aprovado pelo Senado, define os crimes na internet, amplia as penas para os infratores e determina que os provedores armazenem os dados de conexão de seus usuários por até três anos, entre outros pontos.

Enquanto a lei que vai tipificar a prática de crimes como phishing (roubo de senhas), pornografia infantil, calúnia e difamação via web, clonagem de cartões de banco e celulares, difusão de vírus e invasão de sites não é aprovada no Congresso Nacional, o Poder Judiciário continuará enquadrando os criminosos virtuais nas leis vigentes no mundo real, adaptando-as à realidade dos crimes cometidos na internet.







sábado, 6 de dezembro de 2008

Opinion: The debate resumes over Mac security

Opinion: The debate resumes over Mac security

A revised Apple support doc told users to run antivirus apps; then it was yanked
Michael DeAgonia
 
Click here to find out more!

December 5, 2008 (Computerworld) The Mac community this week has been debating an updated Knowledge Base article on Apple's Web site that raised questions about the company's stance on security. The recent update, which was pulled down on Tuesday, originally recommended that users install at least one antivirus software app. It was an odd statement given that Apple has often bashed rival Windows for being less secure than Mac OS X.

The whiplash nature of the document's publication and its oh-so-quick removal renewed an age-old debate: just how secure from malware is the Mac operating system? After all, if Apple was changing its stance, should users now be worried? Adding fuel to the fire were recent reports about the release of a Mac-based Trojan horse.

Intego warns of new Trojan

Security vendor Intego released an advisory about the Trojan on Tuesday: "This new variant, like the initial RSPlug.A Trojan horse, has been found on pornographic web sites. ... When a user visits an infected site, and attempts to view a video, they are alerted that there is a 'Video ActiveX Object Error' and is told that their 'Browser cannot play this video file.' The alert instructs the user to download the 'missing Video ActiveX Object.' If the user clicks OK, a disk image downloads. Depending on the user's browser settings, this disk image may mount and launch automatically, commencing installation. If the user clicks Cancel when the Video ActiveX Object alert displays, however, they receive another alert saying, 'Please install new version of Video ActiveX Object.' This alert only allows the user to click OK, returning them to the first alert. The only way to get rid of these alerts is either to download the infected disk image, or quit the browser."

Each of these incidents -- the Knowledge Base article and the Intego warning, both of which came to light within a day of each other -- raised fears that Mac OS X might now be vulnerable to malware, and might now need extra security software to account for internal flaws. Some security researchers posited that Apple had finally wised up to the ways of the world. Others dismissed the Knowledge Base brouhaha as nothing new. Caught in the middle were Mac owners left wondering whether their favorite Mac was suddenly vulnerable.

So is it?

Spoiler alert: No. The BSD code underpinning Mac OS X goes a long way toward preventing malware problems -- as any Linux and Unix user can attest -- and there's a decided lack of interest in the Mac from cybercriminals. Apple has made major gains in recent years, but still has less than 10% of the operating system market share. There are many more PC users, making the payoff for cybercriminals that much greater if they target Windows.

Mac OS X inherently secure

In Computerworld's OS Smackdown, I touted the inherent security of Mac OS X as a major selling point, given that Macs are less susceptible to virus outbreaks than Windows-based PCs. Given the rarity of Mac exploits and the lengths malware authors must go to if they hope to successfully breach the Mac OS, I'd say nothing has changed since then. There are still no reports of self-propagating malware that can automatically infect a Mac by installing itself and then spreading itself to other computers. Even this latest Trojan horse requires visits to Web sites that almost anyone would be wary of and requires an administrator's password to actually install malicious code.

This is the technological equivalent of unlocking your door and helping a burglar pack your TV into his van.

And as menacing as the Intego statement sounds, I'm unaware of any Web browser that automatically commences an installation. Even when Safari's "Open safe files after downloading" option is selected, any software installation still requires the admin password. For most businesses and colleges, this isn't an issue because end users won't know that password, cutting off malware drama before it begins.

That's not to discount the value of security, however. Ultimately, Mac users have to be good Net citizens.

Antivirus software doesn't just help Mac users

I spoke to Randy Rowles, lead Macintosh Desktop Engineer for Houghton Mifflin Harcourt in Orlando, about finding the best antivirus software for the Mac and why users might still want to install one. "Antivirus [software] for Macintosh is a good thing to consider -- not necessarily for your own protection, but for the protection of others," he said. "Even though your Macintosh may not be affected by the bulk of viruses traveling around the Internet, any e-mail you forward that has a virus attached can infect other folks that receive it. Having a good virus scanning solution on your Macintosh can help prevent the spread of viruses."

Rowles recently had to figure out which of three antivirus apps -- McAfee VirusScan, VirusBarrier from Intego and Norton AntiVirus for Mac -- would be best for the Mac users at Houghton Mifflin Harcourt. "Each of the vendors offered similar options for protecting your Macintosh from virus infections, including the use of services for receiving updates and integration with Apple's Mail software."

"For enterprise customers, many vendors provide integration with a central management console," Rowles said. "This allows you to manage where your users get updates ... and often times what updates they receive. You also have a single place to schedule scans and control the preferences for multiple users."

While some of the antivirus software packages included real-time scanning options, the feature has drawbacks. "This feature is often called 'On Access Scanning' or 'Real-Time Scanning.' What this means is every time you read or write a file, that file is scanned for viruses. Normally, there are options for 'tuning' this process, allowing you to exclude specific folders or set it to only scan during a write operation. These options are your greatest asset at avoiding having your entire computer slow down and become sluggish."

Which antivirus app gets the nod?

When I asked which app he settled on, Rowles was quick to note that antivirus software has to be based on enterprise-specific needs. "We went with McAfee VirusScan because it offered a complete cross-platform management solution. McAfee also offers a complete suite of tools for firewall and host intrusion protection for Windows users that integrates with the same management solution. McAfee's VirusScan software for Macintosh has been a competent solution, and they have provided great support and have supplied hot fixes when needed. McAfee's 'On Access Scanning' solution isn't the best one out there, but it can be customized to not scan specific folders or to scan only on read or write instead of both. McAfee was also one of the first companies to offer an Intel Mac compatible solution and that was when we were comparing products."

For less enterprise-focused users, Rowles pointed to VirusBarrier from Intego. "The reason being is that their solution was written from the ground up for the Macintosh. They offer the same competitive features as McAfee and Norton, but in testing I found their Real-Time Scanning to be the quickest and [it] didn't cause nearly as much initial sluggishness -- if any -- compared to competitors. Enterprise customers will probably want to look elsewhere because VirusBarrier does not offer the same level of integration or cross-platform management as other competitors."

The upshot from this week's Mac security debate is simple: don't panic. It's not yet time to completely batten down the antivirus hatches on Mac OS X. Having said that, it's reasonable to assume that as OS X gains ground in the operating system wars, it will become a more attractive target for viruses. Think of it this way: Would you rather be installing antivirus software the day an unexpected virus pops up -- or the day after? For now, installing an antivirus package would certainly be the courteous thing to do for other, more susceptible colleagues. That kind of pay-it-forward approach to malware might even lead to good karma. After all, some folks have it far worse.

Michael DeAgonia is a computer consultant and technologist who has been using Apple products and working on them professionally since 1993. His tech-support background includes tenures atComputerworld, colleges, the biopharmaceutical industry, the graphics industry and Apple. Currently, he is working as a Macintosh administrator at a large media company.

quinta-feira, 4 de dezembro de 2008

Do You Need an Antivirus for Your Mac? Definitely, Yes.

Do You Need an Antivirus for Your Mac? Definitely, Yes.

Apple has gotten a lot of press recently regarding their position concerning the need for antivirus software to protect Macs. A Knowledge Base article spotted on the company's web site said, "Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult." The article went on to recommend three antivirus programs, including Intego VirusBarrier X5.

However, following an unexpected amount of attention in the press, Apple has removed the article. An Apple spokesman said, "We have removed the Knowledge Base article because it was old and inaccurate." Yet the article was recently updated, on November 21, 2008, so it was certainly not old. The Apple spokesman went on to say that, "The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box." But the Apple spokesman also said, "Since no system can be 100% immune from every threat, running anti-virus software may offer additional protection."

Apple has gone from recommending that Mac users protect themselves with antivirus software to saying that Macs have "built-in technologies" that protect against "malicious software and security threats." And rather than make that technical note "new" and "accurate", they have simply deleted it. What can Mac users understand from these flip-flops?

What probably began as a simple technical note based on the real-world experience of one of Apple's knowledgeable technicians (whose competency is recognized) turned into a major issue that affected Apple's marketing strategy. Apparently, it was Apple's top management that decided to remove the Knowledge Base article. It's usually safer to trust those with hands-on experience rather than the creative minds who make up ad campaigns. While Apple may be worried about its reputation, you should consider what you have at stake if your Mac gets infected by malware. You could lose important files: your business files, digital music and movies, and the thousands of pictures of your family could be wiped out by a single infection.

Apple may, in fact, be acting irresponsibly by suggesting that an antivirus is not essential. In a way, it's as if they were saying you shouldn't lock the doors to your home. Sure, burglars aren't watching all the time to see if you've locked your door, but if someone turns the doorknob and finds it open, they're more likely to go inside.

So what's the truth about malware and Macs? Do you really need to run an antivirus on your Mac? We think so. Laurent Marteau, Intego's CEO, explains why.


1. How secure is Mac OS X?

Like every operating system, Apple software contains bugs and security flaws that need to be corrected. So far this year, Apple has needed to issuea total of 34 security updates, covering a number of products: Mac OS X, the iPhone, QuickTime (an essential part of Mac OS X), Safari, the Apple TV, iPhoto and more. New security flaws are discovered regularly.

If you count all of the updates that average Mac users need to keep their Macs safe - which includes updates to Mac OS X, QuickTime, Safari, iTunes and other iLife programs, and Java - there have been a total of 20 updates this year alone to stanch security flaws in Apple's "built-in technologies." This represents a couple of gigabytes of files to download, just to stay up-to-date for security issues.

2. Doesn't Apple issue security updates quickly?

Apple tends to act like an ostrich regarding security issues, and can take a long time to update its software for known security flaws. In some cases the company takes months to get around to releasing a security update, and in others security researchers go public with flaws they've discovered after finding that Apple hasn't reacted in months.

This means that between the time that a security flaw is discovered - and while security researchers find many of these flaws, they are also found at the same time by malware writers - Macs are vulnerable.

3. Is malware targeting Macs becoming more common?

While Mac malware is scarcer than Windows malware, Intego has issued eight security alerts or memos so far in 2008. These cover Trojan horses (and a number of variants of one Trojan horse that has infected many Macs), rogue "security software," a serious bug in QuickTime, a very serious Apple Remote Desktop flaw, and a hacker toolkit that can be used to create malware. We have seen more new Mac malware this year than at any time since the advent of Mac OS X.

In addition, as Mac market share increases, those writing malware for profit are more likely to want to target this growing demographic. We have seen several recent types of malware that get downloaded to Macs from web pages. In the past, these pages would only serve up Windows malware, but now they detect the user's platform to provide the appropriate version of the malware.

Mac users are generally less security-savvy than Windows users, who are familiar with the many security threats to their platform, and who are generally protected. Average Mac users who unintentionally download a Trojan horse are just as likely as Windows users to enter a user name and password to allow malware to install itself on their Macs.

4. Aside from Trojan horses, what other kinds of malware do we need to worry about?

One serious type of malware is macro viruses that affect Microsoft Word and Excel. These viruses spread among your Word and Excel applications and documents, and, unlike other types of malware, affect Macs and Windows alike. If a friend, colleague or business contact sends you a Word file that is infected with a macro virus, it can damage any or all of your Word documents, and be very difficult to remove.

While this doesn't affect Office 2008 (which has no Visual Basic for Applications, the engine that lets macros run), any Mac user running earlier versions of Microsoft Office (2004 or v. X) is at risk. In addition, the more people you exchange Word and Excel documents with, the greater the risk. While these programs have a security setting that tells the programs to display a warning when you open documents containing macros, this warning only lets you turn off all the macros in the document. Many users need macros, especially in Excel spreadsheets, and find it normal to receive documents containing them, so they are unlikely to want to deactivate them.

5. Do businesses need Mac antivirus software?

Yes, especially because people in businesses are more likely to exchange files. In an enterprise environment, a global security policy generally requires that all computers be protected from malware. Macs can pass on files that contain malware to Windows users, and one line of defense is to use a Mac antivirus (such as Intego VirusBarrier X5) that detects and stops Windows viruses as well as Mac malware.

6. If I install an antivirus program on my Mac, it will only detect viruses that already exist, right?

Quite the contrary. Efficient Mac antivirus programs (such as Intego VirusBarrier X5) use "behavioral analysis" and other techniques to detect potentially dangerous activity, so they can spot new malware based on actions it attempts to perform. In addition, Intego's Virus Monitoring Center is constantly on the lookout for new threats, and generally updates VirusBarrier's virus definitions within 24 hours of the discovery of a threat, which is usually before it has had much of a chance to spread. You have to make sure you keep your antivirus software up-to-date, of course, and install new virus definitions as soon as they are available.

7. Doesn't antivirus software slow down my Mac?

Intego VirusBarrier X5 certainly doesn't. Not only does it use very little memory, but also very little CPU time, when it runs in the background. At the same time, its real-time scanner checks every file that is saved, written or opened on your Mac, ensuring that you don't get infected.

8. Aren't you saying all this just to sell your software?

No. We certainly have to tell the truth to our customers, who count on us to keep their Macs protected; this is one of our roles as a Mac security company. Nevertheless, Mac OS X is still much more secure than Windows, and Mac users face far fewer security threats than Windows users. It is important for Mac users to become aware of the issues they face, and a combination of education and security software will ensure that their Macs remain protected.

Anti-vírus x Macs - Mais um round

Esta semana, tivemos novamente a polêmica Mac versus vírus. Pois bem,
todo mundo sabe (até em Marte) que não existem vírus para Mac. Ponto.
Mas existem spywares (keyloggers, etc...). O problema não é esse.

O problema é que estão confundindo "vírus para Mac" com "vírus".
Simples assim. Não interessa que não existam vírus para Mac, o
problema é que existem vírus, e se você receber no seu Mac e repassar,
aí temos um problema.

As boas práticas (e a boa educação...) dizem que você não deve zelar
apenas pelo seu umbigo, mas sim contribuir para que uma atitude sua
não crie problemas para os outros.

"Ah, que se dane o Windows, que usa que se vire", é o discurso de quem
usa Mac (claro, nem todo mundo pensa assim). Mas não deveria ser.
responsabilidade social, sabe o que é isso? Então aplique!

E de novo, não estou recomendando a compra do Intego, Norton ou
Mcafee. Estou recomendando a a utilização do ClamXav, que é gratuito
(mas deixe de ser pão-duro, ou pão-dura, e faça uma doação no site) ou
do iAntiVirus (que também é gratuito, mas verifica apenas ameaças para
Mac. E ajude a fazer do mundo (ou pelo menos da internet) um lugar
melhor.

quarta-feira, 3 de dezembro de 2008

Apple pulls support note recommending antivirus software

Apple pulls support note recommending antivirus software

By AppleInsider Staff

Published: 08:00 AM EST

Apple has removed a widely publicized support document from its website that encouraged Mac OS X users to install antivirus software, explaining that its operating system was designed with safeguards to protect against malicious attacks on its own.

The recommendation drew widespread attention given that the Mac maker has been critical in its television advertisements of Windows users' need to stock up on virus detection software while its own computers remain immune to viral threats.

It was later revealed that the document was about a year old and only caught the attention of industry watchers after Apple recently updated it to reflect changes in the version numbering of the antivirus software it was recommending. 

"Apple encourages the widespread use of multiple antivirus utilities so that virus programmers have more than one application to circumvent, thus making the whole virus writing process more difficult," the document said, in part.

Speaking to CNet News.com, Apple spokesperson Bill Evans said the article was removed last night because it was deemed to be "old and inaccurate."

"The Mac is designed with built-in technologies that provide protection against malicious software and security threats right out of the box," he said. "However, since no system can be 100 percent immune from every threat, running antivirus software may offer additional protection."

TidBITS security editor Rich Mogull speculates that Apple may have never intended to urge Mac users to install antivirus software, and that the support article may have found its way to the company's website without being filtered through the proper channels. 

For its part, CNet believes Apple's latest statement "poses more questions than it answers."