Author Topic: Malware question : redux  (Read 5702 times)

0 Members and 1 Guest are viewing this topic.

Offline JDBush61

  • Hero Member
  • *****
  • Posts: 4654
    • View Profile
Malware question : redux
« on: October 04, 2016, 01:49:45 AM »
In a thread by DevDream (recently closed) regarding malware infecting Macs, Pete! (thanks Pete!) posted the following link to an interesting related 2012 InfoWorld article:
http://www.infoworld.com/article/2617132/mac-os-x/why-mac-users-should-care-about-windows-malware.html

In that article, the author states:

"What's more, Mac machines aren't entirely immune to Windows malware if they're, say, running Parallels. "When you run Parallels, or any virtual machine software that runs a full copy of Windows, it's just like you're running Windows when you're in that VM, and all the same rules apply..."

What I found frustrating is that the author goes on to state "In other words, it would behoove Mac users to start taking necessary precaution to better protect their machines...", yet fails to illustrate what those necessary precautions are. Avoiding malicious websites? Opening SPAM and clicking links? A Mac-specific malware program?

I currently run a MacBook at home loaded with "Office for Mac". I thought about (and am still thinking about) running a second Mac with a full Windows OS loaded as a second OS via Bootcamp. Do I also need to run Parallels? Office for Mac, although "glitchy" compared with running Office on my Windows 7 machine, is fine, yet I thought that maybe I would help myself by purchasing and loading (again, via Bootcamp) a full Windows OS on the Mac.

Does anyone here have experience with running Windows on a Mac via Bootcamp? And if so, what are the potential pitfalls, malware and virus wise, or otherwise? I run a business from that MacBook, so it's vital that I keep it squeaky clean. I'm not sure if it's just "bloatware", yet I installed Malwarebytes for Mac a few months back, mostly out of curiosity. I run it from time to time, yet it never finds anything, which means that either A) my Mac is clean or B) the malware hides really good (hoping the answer is A).

Anyway, all thoughts and advice most greatly appreciated!

Ps; I only post at this forum. My schedule's too busy to be doing "shotgun" blasts.  ;)
"In an age when mass society has rendered obsolete the qualities of individual courage and independent thought, the oceans of the world still remain, vast and uncluttered, beautiful but unforgiving, awaiting those who will not submit. Their voyages are not an escape, but a fulfillment."

~ THE SLOCUM SOCIETY ~

Offline Digerati

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1037
    • View Profile
Re: Malware question : redux
« Reply #1 on: October 04, 2016, 01:58:26 PM »
Quote
Avoiding malicious websites? Opening SPAM and clicking links? A Mac-specific malware program?
Yes, all the things you would do with a PC. That also includes keeping the OS current. And that would be for every computer (Mac and Windows) on your network - they all must be kept current, use a decent anti-malware solution, and most importantly, the users (always the weakest link) must practice safe computing and avoid being click happy on unsolicited links, downloads, attachments, and popups.
Bill (AFE7Ret)
Freedom is NOT Free!
2007 - 2018

Offline JDBush61

  • Hero Member
  • *****
  • Posts: 4654
    • View Profile
Re: Malware question : redux
« Reply #2 on: October 04, 2016, 08:36:53 PM »
Quote
Avoiding malicious websites? Opening SPAM and clicking links? A Mac-specific malware program?
Yes, all the things you would do with a PC. That also includes keeping the OS current. And that would be for every computer (Mac and Windows) on your network - they all must be kept current, use a decent anti-malware solution, and most importantly, the users (always the weakest link) must practice safe computing and avoid being click happy on unsolicited links, downloads, attachments, and popups.

Yes, the usual suspects. Was wondering if there is something else I might be missing/overlooking. I'm also interested if anyone here is running a Windows OS on a Mac via Bootcamp, and if so, what problems might arise. I find Office for Mac usable, yet not great. I'm running Word and PPT every day, all day, so hence my interest in running a Windows OS via Bootcamp.
"In an age when mass society has rendered obsolete the qualities of individual courage and independent thought, the oceans of the world still remain, vast and uncluttered, beautiful but unforgiving, awaiting those who will not submit. Their voyages are not an escape, but a fulfillment."

~ THE SLOCUM SOCIETY ~

Offline JDBush61

  • Hero Member
  • *****
  • Posts: 4654
    • View Profile
Re: Malware question : redux
« Reply #3 on: October 05, 2016, 05:42:45 PM »
Anyone?

I hear crickets.

Wrong forum for a "Mac/Windows" question? Where's my shotgun? ;)
"In an age when mass society has rendered obsolete the qualities of individual courage and independent thought, the oceans of the world still remain, vast and uncluttered, beautiful but unforgiving, awaiting those who will not submit. Their voyages are not an escape, but a fulfillment."

~ THE SLOCUM SOCIETY ~

Offline Digerati

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1037
    • View Profile
Re: Malware question : redux
« Reply #4 on: October 05, 2016, 05:59:09 PM »
Hmmm, I thought I answered - must of forgot to click the Post button - again!  :-[

I don't use a Mac so cannot answer your questions. Unless someone else reading knows, they might be better suited asked on a Mac oriented site
Bill (AFE7Ret)
Freedom is NOT Free!
2007 - 2018

Offline JDBush61

  • Hero Member
  • *****
  • Posts: 4654
    • View Profile
Re: Malware question : redux
« Reply #5 on: October 05, 2016, 06:16:33 PM »
Hmmmm, that was my point.  ;) Was hoping someone here had some experience with running Windows on a Mac via Bootcamp.

Oh well. Another day. :)

"In an age when mass society has rendered obsolete the qualities of individual courage and independent thought, the oceans of the world still remain, vast and uncluttered, beautiful but unforgiving, awaiting those who will not submit. Their voyages are not an escape, but a fulfillment."

~ THE SLOCUM SOCIETY ~

Offline Pete!

  • Hero Member
  • *****
  • Posts: 5176
    • View Profile
Re: Malware question : redux
« Reply #6 on: October 05, 2016, 06:26:10 PM »
Maybe I can reword it as a Windows-Windows question....

I have years of financial records, and business correspondence,  that are formatted for old DOS and Windows 16 bit programs.  My favorite genealogy program is 16 bit, and there are also dozens of classic games. They won't run on my Windows 10, 64 bit computer. They run fine on my old Windows 98 computer (32 bit), but the security software vendors, no longer support Windows 98.

I've been toying with running "Oracle VM VirtualBox" with Windows 10 as the "host", and using it to run Windows 98, to see if I can run some or all the old programs.

I realize Windows 98 has more vulnerabilities... BUT...
Will the AV, Firewall, & etc. that are installed on the Windows 10 (host operating system), be protecting me while running Windows 98 in VirtualBox.

Offline Digerati

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 1037
    • View Profile
Re: Malware question : redux
« Reply #7 on: October 05, 2016, 08:45:45 PM »
Quote
They run fine on my old Windows 98 computer (32 bit), but the security software vendors, no longer support Windows 98.
The issue with running these operating systems, especially XP, is exposing them to the Internet. That's when they can be compromised and used by the badguys to attack the rest of us. So just don't connect them to a network that has Internet access.

You can use a VM program to run those OS's, but that does not prevent the user from downloading and saving an infected file to the disk which might then be accessed by a vulnerable OS.
Bill (AFE7Ret)
Freedom is NOT Free!
2007 - 2018

Offline JDBush61

  • Hero Member
  • *****
  • Posts: 4654
    • View Profile
Re: Malware question : redux
« Reply #8 on: October 07, 2016, 05:39:14 AM »
Thanks for the replies. There's actually quite a lot of discussion currently available about this on line.
Was just wondering if there were any Mac users here at LD with experience/tips to share.

"In an age when mass society has rendered obsolete the qualities of individual courage and independent thought, the oceans of the world still remain, vast and uncluttered, beautiful but unforgiving, awaiting those who will not submit. Their voyages are not an escape, but a fulfillment."

~ THE SLOCUM SOCIETY ~

Offline DevDream

  • Member
  • Full Member
  • *
  • Posts: 32
    • View Profile
Re: Malware question : redux
« Reply #9 on: October 07, 2016, 01:12:33 PM »
I actually want to do that.

I'll post a question on macrumors about how to bootcamp and I'll get back to you in this thread. I tried usinv refit but it doesnt seem to work

Just wanted to ask and apologies if you feel im hijacking this thread, is it necessary to partition the hard disk before running boot camp?  Also you apparentlyneed livense for bootcamp im slightly confused cuz it appears as a utility on a newly purchased mac

Offline JDBush61

  • Hero Member
  • *****
  • Posts: 4654
    • View Profile
Re: Malware question : redux
« Reply #10 on: October 07, 2016, 07:18:07 PM »
I actually want to do that.

I'll post a question on macrumors about how to bootcamp and I'll get back to you in this thread. I tried usinv refit but it doesnt seem to work

Just wanted to ask and apologies if you feel im hijacking this thread, is it necessary to partition the hard disk before running boot camp?  Also you apparentlyneed livense for bootcamp im slightly confused cuz it appears as a utility on a newly purchased mac

Anything that adds to the discussion is helpful.

As for running Windows via Bootcamp, Apple support outlines the process here:
https://support.apple.com/en-us/HT201468



"In an age when mass society has rendered obsolete the qualities of individual courage and independent thought, the oceans of the world still remain, vast and uncluttered, beautiful but unforgiving, awaiting those who will not submit. Their voyages are not an escape, but a fulfillment."

~ THE SLOCUM SOCIETY ~

Offline DevDream

  • Member
  • Full Member
  • *
  • Posts: 32
    • View Profile
Re: Malware question : redux
« Reply #11 on: October 08, 2016, 09:49:02 AM »
Quote
They run fine on my old Windows 98 computer (32 bit), but the security software vendors, no longer support Windows 98.
The issue with running these operating systems, especially XP, is exposing them to the Internet. That's when they can be compromised and used by the badguys to attack the rest of us. So just don't connect them to a network that has Internet access.

You can use a VM program to run those OS's, but that does not prevent the user from downloading and saving an infected file to the disk which might then be accessed by a vulnerable OS.

I'm pretty sure that running virtualboxes and downloading malware onto them cant affect the actual OS? Also how about the option to disable write to disk?

Offline Pete!

  • Hero Member
  • *****
  • Posts: 5176
    • View Profile
Re: Malware question : redux
« Reply #12 on: October 08, 2016, 01:20:33 PM »
Quote
They run fine on my old Windows 98 computer (32 bit), but the security software vendors, no longer support Windows 98.
The issue with running these operating systems, especially XP, is exposing them to the Internet. That's when they can be compromised and used by the badguys to attack the rest of us. So just don't connect them to a network that has Internet access.

You can use a VM program to run those OS's, but that does not prevent the user from downloading and saving an infected file to the disk which might then be accessed by a vulnerable OS.

I'm pretty sure that running virtualboxes and downloading malware onto them cant affect the actual OS? Also how about the option to disable write to disk?
In the case of the genealogy program, every birth, marriage , and death, as well as newly discovered ancestors, would be an occasion to "write to disk". Games, often have a "save game" function. The archived financial records and correspondence, would be the only things that I'd want to keep "as is".

I'm (sort of) doing what Digerati suggested now, it would be easy enough to unplug the old computers from the router.... BUT:
    My wife thinks I have too many computers on my desk.

    They're getting kind of old. They're not going to be reliable forever.
On the upside, the old computers have the ability to read two sizes of floppies (the backup to my backup).

I wonder if running DOS 5 in a VM would be any safer. That would cover just about everything except the genealogy program.... Do the malware writers still "support" DOS? :)

Offline DevDream

  • Member
  • Full Member
  • *
  • Posts: 32
    • View Profile
Re: Malware question : redux
« Reply #13 on: October 08, 2016, 10:32:11 PM »
As in when you download a game?

Tbh i think ill create a thread on malwarebytes... Better to ask on a malware site? Lol

Offline techie

  • LzD Friends
  • Hero Member
  • *****
  • Posts: 592
    • View Profile
Re: Malware question : redux
« Reply #14 on: October 10, 2016, 08:55:42 PM »
I have used Sophos for a number of years on Mac machines. It works well for the personal edition.

The free version is rated as the best for Apple Macs OS X, for home users. Business is a paid service. You can easily test it for free. I recommend Sophos because there original area of expertise were Macs, and recently added Windows. Yes a Windows malware can run hidden in a Mac and not affect the OS, but could affect the other window machines attached or shared with it. The Sophos endpoint software allows you protect both Mac and Windows, from one account, up to ten devices, not limited to just computers, it also supports tablets and phones as well IOS and Android (not free). It has to be installed on the MAC OS and the Windows OS partition as well.

https://www.sophos.com/en-us/lp/sophos-home.aspx

Installing Windows with bootcamp is fairly straight forward. I have used it on a few systems. You can view files from both the Mac and the windows bootup, meaning shared and both should have protection. You should get a external mouse for the windows OS (not required) but easier. The thing is it's not hard to revert back to just the MAC OS only if you decide you don't want Windows on it any longer.

https://support.apple.com/en-us/HT201468

A couple of hints, by default MAC does not have stealth in the firewall turned on. Go to Security and firewall settings and change it to stealth. You can encrypt your personal data on a MAC system as well. It is built-in. Don't ever forget your password and\or recovery key for it. Windows offers Bitlocker for encryption. If encrypted you may not be able to see files between the two systems.

https://support.apple.com/en-us/HT204837