LandzDown Forum

Security => Security Software Programs => Topic started by: JDBush61 on October 04, 2016, 01:49:45 AM

Title: Malware question : redux
Post by: JDBush61 on October 04, 2016, 01:49:45 AM
In a thread by DevDream (recently closed) regarding malware infecting Macs, Pete! (thanks Pete!) posted the following link to an interesting related 2012 InfoWorld article:
http://www.infoworld.com/article/2617132/mac-os-x/why-mac-users-should-care-about-windows-malware.html

In that article, the author states:

"What's more, Mac machines aren't entirely immune to Windows malware if they're, say, running Parallels. "When you run Parallels, or any virtual machine software that runs a full copy of Windows, it's just like you're running Windows when you're in that VM, and all the same rules apply..."

What I found frustrating is that the author goes on to state "In other words, it would behoove Mac users to start taking necessary precaution to better protect their machines...", yet fails to illustrate what those necessary precautions are. Avoiding malicious websites? Opening SPAM and clicking links? A Mac-specific malware program?

I currently run a MacBook at home loaded with "Office for Mac". I thought about (and am still thinking about) running a second Mac with a full Windows OS loaded as a second OS via Bootcamp. Do I also need to run Parallels? Office for Mac, although "glitchy" compared with running Office on my Windows 7 machine, is fine, yet I thought that maybe I would help myself by purchasing and loading (again, via Bootcamp) a full Windows OS on the Mac.

Does anyone here have experience with running Windows on a Mac via Bootcamp? And if so, what are the potential pitfalls, malware and virus wise, or otherwise? I run a business from that MacBook, so it's vital that I keep it squeaky clean. I'm not sure if it's just "bloatware", yet I installed Malwarebytes for Mac a few months back, mostly out of curiosity. I run it from time to time, yet it never finds anything, which means that either A) my Mac is clean or B) the malware hides really good (hoping the answer is A).

Anyway, all thoughts and advice most greatly appreciated!

Ps; I only post at this forum. My schedule's too busy to be doing "shotgun" blasts.  ;)
Title: Re: Malware question : redux
Post by: Digerati on October 04, 2016, 01:58:26 PM
Quote
Avoiding malicious websites? Opening SPAM and clicking links? A Mac-specific malware program?
Yes, all the things you would do with a PC. That also includes keeping the OS current. And that would be for every computer (Mac and Windows) on your network - they all must be kept current, use a decent anti-malware solution, and most importantly, the users (always the weakest link) must practice safe computing and avoid being click happy on unsolicited links, downloads, attachments, and popups.
Title: Re: Malware question : redux
Post by: JDBush61 on October 04, 2016, 08:36:53 PM
Quote
Avoiding malicious websites? Opening SPAM and clicking links? A Mac-specific malware program?
Yes, all the things you would do with a PC. That also includes keeping the OS current. And that would be for every computer (Mac and Windows) on your network - they all must be kept current, use a decent anti-malware solution, and most importantly, the users (always the weakest link) must practice safe computing and avoid being click happy on unsolicited links, downloads, attachments, and popups.

Yes, the usual suspects. Was wondering if there is something else I might be missing/overlooking. I'm also interested if anyone here is running a Windows OS on a Mac via Bootcamp, and if so, what problems might arise. I find Office for Mac usable, yet not great. I'm running Word and PPT every day, all day, so hence my interest in running a Windows OS via Bootcamp.
Title: Re: Malware question : redux
Post by: JDBush61 on October 05, 2016, 05:42:45 PM
Anyone?

I hear crickets.

Wrong forum for a "Mac/Windows" question? Where's my shotgun? ;)
Title: Re: Malware question : redux
Post by: Digerati on October 05, 2016, 05:59:09 PM
Hmmm, I thought I answered - must of forgot to click the Post button - again!  :-[

I don't use a Mac so cannot answer your questions. Unless someone else reading knows, they might be better suited asked on a Mac oriented site
Title: Re: Malware question : redux
Post by: JDBush61 on October 05, 2016, 06:16:33 PM
Hmmmm, that was my point.  ;) Was hoping someone here had some experience with running Windows on a Mac via Bootcamp.

Oh well. Another day. :)

Title: Re: Malware question : redux
Post by: Pete! on October 05, 2016, 06:26:10 PM
Maybe I can reword it as a Windows-Windows question....

I have years of financial records, and business correspondence,  that are formatted for old DOS and Windows 16 bit programs.  My favorite genealogy program is 16 bit, and there are also dozens of classic games. They won't run on my Windows 10, 64 bit computer. They run fine on my old Windows 98 computer (32 bit), but the security software vendors, no longer support Windows 98.

I've been toying with running "Oracle VM VirtualBox" with Windows 10 as the "host", and using it to run Windows 98, to see if I can run some or all the old programs.

I realize Windows 98 has more vulnerabilities... BUT...
Will the AV, Firewall, & etc. that are installed on the Windows 10 (host operating system), be protecting me while running Windows 98 in VirtualBox.
Title: Re: Malware question : redux
Post by: Digerati on October 05, 2016, 08:45:45 PM
Quote
They run fine on my old Windows 98 computer (32 bit), but the security software vendors, no longer support Windows 98.
The issue with running these operating systems, especially XP, is exposing them to the Internet. That's when they can be compromised and used by the badguys to attack the rest of us. So just don't connect them to a network that has Internet access.

You can use a VM program to run those OS's, but that does not prevent the user from downloading and saving an infected file to the disk which might then be accessed by a vulnerable OS.
Title: Re: Malware question : redux
Post by: JDBush61 on October 07, 2016, 05:39:14 AM
Thanks for the replies. There's actually quite a lot of discussion currently available about this on line.
Was just wondering if there were any Mac users here at LD with experience/tips to share.

Title: Re: Malware question : redux
Post by: DevDream on October 07, 2016, 01:12:33 PM
I actually want to do that.

I'll post a question on macrumors about how to bootcamp and I'll get back to you in this thread. I tried usinv refit but it doesnt seem to work

Just wanted to ask and apologies if you feel im hijacking this thread, is it necessary to partition the hard disk before running boot camp?  Also you apparentlyneed livense for bootcamp im slightly confused cuz it appears as a utility on a newly purchased mac
Title: Re: Malware question : redux
Post by: JDBush61 on October 07, 2016, 07:18:07 PM
I actually want to do that.

I'll post a question on macrumors about how to bootcamp and I'll get back to you in this thread. I tried usinv refit but it doesnt seem to work

Just wanted to ask and apologies if you feel im hijacking this thread, is it necessary to partition the hard disk before running boot camp?  Also you apparentlyneed livense for bootcamp im slightly confused cuz it appears as a utility on a newly purchased mac

Anything that adds to the discussion is helpful.

As for running Windows via Bootcamp, Apple support outlines the process here:
https://support.apple.com/en-us/HT201468



Title: Re: Malware question : redux
Post by: DevDream on October 08, 2016, 09:49:02 AM
Quote
They run fine on my old Windows 98 computer (32 bit), but the security software vendors, no longer support Windows 98.
The issue with running these operating systems, especially XP, is exposing them to the Internet. That's when they can be compromised and used by the badguys to attack the rest of us. So just don't connect them to a network that has Internet access.

You can use a VM program to run those OS's, but that does not prevent the user from downloading and saving an infected file to the disk which might then be accessed by a vulnerable OS.

I'm pretty sure that running virtualboxes and downloading malware onto them cant affect the actual OS? Also how about the option to disable write to disk?
Title: Re: Malware question : redux
Post by: Pete! on October 08, 2016, 01:20:33 PM
Quote
They run fine on my old Windows 98 computer (32 bit), but the security software vendors, no longer support Windows 98.
The issue with running these operating systems, especially XP, is exposing them to the Internet. That's when they can be compromised and used by the badguys to attack the rest of us. So just don't connect them to a network that has Internet access.

You can use a VM program to run those OS's, but that does not prevent the user from downloading and saving an infected file to the disk which might then be accessed by a vulnerable OS.

I'm pretty sure that running virtualboxes and downloading malware onto them cant affect the actual OS? Also how about the option to disable write to disk?
In the case of the genealogy program, every birth, marriage , and death, as well as newly discovered ancestors, would be an occasion to "write to disk". Games, often have a "save game" function. The archived financial records and correspondence, would be the only things that I'd want to keep "as is".

I'm (sort of) doing what Digerati suggested now, it would be easy enough to unplug the old computers from the router.... BUT:On the upside, the old computers have the ability to read two sizes of floppies (the backup to my backup).

I wonder if running DOS 5 in a VM would be any safer. That would cover just about everything except the genealogy program.... Do the malware writers still "support" DOS? :)
Title: Re: Malware question : redux
Post by: DevDream on October 08, 2016, 10:32:11 PM
As in when you download a game?

Tbh i think ill create a thread on malwarebytes... Better to ask on a malware site? Lol
Title: Re: Malware question : redux
Post by: techie on October 10, 2016, 08:55:42 PM
I have used Sophos for a number of years on Mac machines. It works well for the personal edition.

The free version is rated as the best for Apple Macs OS X, for home users. Business is a paid service. You can easily test it for free. I recommend Sophos because there original area of expertise were Macs, and recently added Windows. Yes a Windows malware can run hidden in a Mac and not affect the OS, but could affect the other window machines attached or shared with it. The Sophos endpoint software allows you protect both Mac and Windows, from one account, up to ten devices, not limited to just computers, it also supports tablets and phones as well IOS and Android (not free). It has to be installed on the MAC OS and the Windows OS partition as well.

https://www.sophos.com/en-us/lp/sophos-home.aspx

Installing Windows with bootcamp is fairly straight forward. I have used it on a few systems. You can view files from both the Mac and the windows bootup, meaning shared and both should have protection. You should get a external mouse for the windows OS (not required) but easier. The thing is it's not hard to revert back to just the MAC OS only if you decide you don't want Windows on it any longer.

https://support.apple.com/en-us/HT201468

A couple of hints, by default MAC does not have stealth in the firewall turned on. Go to Security and firewall settings and change it to stealth. You can encrypt your personal data on a MAC system as well. It is built-in. Don't ever forget your password and\or recovery key for it. Windows offers Bitlocker for encryption. If encrypted you may not be able to see files between the two systems.

https://support.apple.com/en-us/HT204837



Title: Re: Malware question : redux
Post by: techie on October 11, 2016, 12:33:53 PM
"Do I also need to run Parallels?" 

Only if you intend on running Windows software while booted to the MAC OS. If you only intend to run Windows programs in the installed Windows OS, then the answer is no. If you use bootcamp, you will be given the option of which OS to boot into.

The plus is you can run Windows specific programs, without a add on. The minus is you have to reboot to switch between the two operating systems.
Title: Re: Malware question : redux
Post by: Digerati on October 11, 2016, 01:01:25 PM
Quote
The free version is rated as the best for Apple Macs OS X
That depends on who you listen too. It is highly rated but not always rated best. Regardless which security setup you use, the user is always the weakest link in security. So it is up to the user to keep the OS (or OSes) updated, that the user avoid risky behavior like visiting illegal gambling and pornography sites, avoid participating in illegal file sharing via P2P and Torrents, and the user is not "click-happy" on unsolicited downloads, attachments, popups and links.
Title: Re: Malware question : redux
Post by: techie on October 11, 2016, 02:05:39 PM
If a user is click happy or not safe in there habits, nothing is going to work as it should, it's on them. I don't see a business user doing any of these, maybe an employee.

I don't see this as a problem with JDBush61. This is just an extra layer of security, just like turning the firewall stealth on, or encrypting the files. He ask about security, this is the best answer I know, from experience. I just upgraded two Apple systems last Friday one Imac and one Macbook Pro for a friends business.

The odds are you may never have any problems or infections with a Mac. The answer yes bootcamp works well. You are just using a dual boot with two different OS. You can run all windows programs and apps in the Windows OS. Each OS should have Malware protection.

The answer is yes a Mac can can be a carrier of malware, with no affects on it's own OS. The ratings are just that, I haven't found anything that is perfect.

There are Macbooks and Windows in my own personal network and never has a Mac infected a Windows OS.

Title: Re: Malware question : redux
Post by: Digerati on October 11, 2016, 02:45:35 PM
Quote
I don't see a business user doing any of these, maybe an employee.
It happens all the time. That is exactly why "socially engineered (https://www.bing.com/search?q=socially+engineered&qs=AS&pq=socially+engin&sc=8-14&sp=2&cvid=47E35D2278904315BA3B74761A0A0B78&FORM=QBLH)" methods of malware distributions is, BY FAR, the most prolific, insidious, and successful way bad guys distribute malware and deliver their payloads.

You are suggesting that a business user (and how that is different from an employee, I don't understand), is somehow smarter and much more of a security expert than other users. Sorry, but that makes no sense.

It is about discipline much more than smarts and there is no reason a business user is more disciplined than any other user.

I don't see this a problem with JDBush61 either - but note even the most disciplined, security aware person can slip once in a while. Or another user less disciplined may have access to that computer.

So I say again, the user is always the weakest link - even if they are a top security expert.
Title: Re: Malware question : redux
Post by: techie on October 11, 2016, 03:28:01 PM
All I did was answer the question. A user is always the weakest link, but any user or OS needs security, This is off topic.

I answered the otiginal question, yes bootcamp works, yes a mac can have a Windows virus and not be affected. It can spread it to a Windows OS. No you don't need to run Parallels unless you continue to plan on using Windows apps or programs with the Mac OS.

My daughter is on the NYU network daily. I can't be there to help protect or clean her system up. It runs Sophos, with the Firewall Stealth on and her personal files are encrypted. It has worked for three years now. She is a smart user. Her iPhone never is connected to any wifi devices.

The business I was talking about the same setup, files are encrypted to help protect customer information.

Yes I have experience, I provided an answer and I'm now done with this topic.