Page 2 of 2 FirstFirst 12
Results 16 to 22 of 22
  1. #16


    Member Since
    Jan 01, 2014
    Posts
    175
    Specs:
    MacBookPro 13 v11.1, i5 2.4 GHz, 256 GBs SSD, 8 GBs DDRs
    Quote Originally Posted by chscag View Post
    Not to dispute what you wrote above, but I take anything that comes from McAfee with a large grain of salt. They have long been known to tilt statistics in their direction in order to sell more of their AV software.
    Oh man, I was hoping you would... But seriously...

    It's not just McAfee, others like Symantec, Kaspersky, etc., do the same. And it isn't just Mac platform, they do the same for Windows and others as well. But even if one would take these report seriously, all it does is proving the ineffectiveness of the AV.

    For example, the image in my posting shows ~460K malware for the Mac in Q4/16. For argument sake, let's just do some approximated calculation for 90 days:

    New malware released:
    Per day: 460,000/90=5,111
    Per hour: 5111/24= 213
    Per minute: 213/60= 3.5

    Let's say that the AV has 99.9% detection rate, very unlikely but go with that. Even then the AV won't detect five new malware per day. And that's just for the Mac, Windows numbers are ~20 times greater...

  2. #17

    lclev's Avatar
    Member Since
    Jul 24, 2013
    Location
    Ohio (USA)
    Posts
    3,475
    Specs:
    2011 15" MBPro, 2013 13" MBAir, 2010 MacPro, 2011 21.5 iMac, iPhone 7+
    I found out something interesting today. We have a young man who is in the national guard/army and he has to go to a website to check on a variety of things including keeping tabs on his men. He has an id with a chip in it that goes into a USB reader to be able to log on.

    What I found interesting was the site was unencrypted (no https) so I had to show him how to work around the warnings from chrome that the site was not safe. Even after he put in his card and pin he still had to tell chrome to ignore and to go to the site.

    I found that strange unless there is some other encryption going on that I am unaware of???

    Lisa
    Recommend using Onyx to clean your Mac.
    If you have been helped, please add to their reputation by clicking on the icon in the lower left hand corner of the post.

  3. #18

    chscag's Avatar
    Member Since
    Jan 23, 2008
    Location
    Keller, Texas
    Posts
    53,590
    Specs:
    Late 2013 27" iMac, 10.5" iPad Pro, iPhone 6s+, iPhone 7+, Numerous iPods, High Sierra
    I also find that strange. The DOD id dongle is supposed to only be used with encrypted sites. I have no idea if the National Guard (each state is a bit different) follows along with the same guidelines that DOD dictates. I suspect though it's as you say that encryption is taking place - maybe thru the dongle.

  4. #19

    lclev's Avatar
    Member Since
    Jul 24, 2013
    Location
    Ohio (USA)
    Posts
    3,475
    Specs:
    2011 15" MBPro, 2013 13" MBAir, 2010 MacPro, 2011 21.5 iMac, iPhone 7+
    I hope so. He says he has always had issues getting logged in. Since he and his wife decided to unplug at home he now needs to use our internet service and a computer - which is fine. I had offered to provide one when he first started working for us but he said he had no use for a computer. He has limited computer skills so I know better than to ask in depth questions. I was just amazed that there was a lack of encryption.

    Lisa
    Recommend using Onyx to clean your Mac.
    If you have been helped, please add to their reputation by clicking on the icon in the lower left hand corner of the post.

  5. #20


    Member Since
    Jan 01, 2014
    Posts
    175
    Specs:
    MacBookPro 13 v11.1, i5 2.4 GHz, 256 GBs SSD, 8 GBs DDRs
    Quote Originally Posted by chscag View Post
    I also find that strange. The DOD id dongle is supposed to only be used with encrypted sites. I have no idea if the National Guard (each state is a bit different) follows along with the same guidelines that DOD dictates. I suspect though it's as you say that encryption is taking place - maybe thru the dongle.
    Yes, the dongle and/or Common Access Card does include PKI digital certificates that can be used to encrypt the communication between the workstation and server. I'd be surprised, if it is not used via the middleware on the dongle. The PIN is for accessing the middleware and the PKI keys, after three incorrect entering the PIN, the chip will lock.

    State employees of the National Guard and eligible contractors are required to comply with FIPS 201 government mandate. The chances are that it is an extension/sub-domain of the DOD access control.

  6. #21

    lclev's Avatar
    Member Since
    Jul 24, 2013
    Location
    Ohio (USA)
    Posts
    3,475
    Specs:
    2011 15" MBPro, 2013 13" MBAir, 2010 MacPro, 2011 21.5 iMac, iPhone 7+
    Thanks for the information. The co-worker had no idea how it was supposed to work. He thought he had to download and install a driver for the USB card dongle but Windows 10 just installed it using it's drivers. We have it working but it is annoying to have to keep click advanced and telling Chrome to access the site even though it reads it as unencrypted. You would think the site would have encryption too.

    Lisa
    Recommend using Onyx to clean your Mac.
    If you have been helped, please add to their reputation by clicking on the icon in the lower left hand corner of the post.

  7. #22


    Member Since
    Jan 01, 2014
    Posts
    175
    Specs:
    MacBookPro 13 v11.1, i5 2.4 GHz, 256 GBs SSD, 8 GBs DDRs
    Chrome, like any other browsers, is looking for SSL connection in this case that's not there. Should there be? I don't know, one is six and the other is half a dozen in this case. As long as the connection is encrypted by other means, in this case via PKI, it should be just fine. SSL connections have the man-in-the-middle attack that is mitigated by the PKI secured connection. In addition, PKI provides positive ID for the end user that is easier to log, or rather evaluate, than the SSL connection.

    The access to the public and private keys on the card must be secured pretty good. Otherwise, one could swipe both of them and steal them, together with the PIN, via the man-in-the-browser attack. I am pretty certain that they are locked down, but I didn't look in to the inner working of the CAC, or Common Access Card...

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Mac Malware? VBS:Malware-gen
    By KMTS in forum Security Awareness
    Replies: 3
    Last Post: 02-22-2017, 12:06 AM
  2. How do i get rid off malware in IOS8 i.e WireLurker malware
    By richardbenson22 in forum macOS - Operating System
    Replies: 3
    Last Post: 11-10-2014, 07:49 AM
  3. mac malware? VBS-Malware-gen
    By macgig in forum Security Awareness
    Replies: 3
    Last Post: 02-06-2014, 09:39 PM
  4. Apple releases Mac OS X update to catch MAC Defender malware
    By OneMoreThing... in forum Apple Rumors and Reports
    Replies: 7
    Last Post: 05-31-2011, 09:12 PM
  5. Mac OS X security expert Charlie Miller addresses MAC Defender malware
    By OneMoreThing... in forum Apple Rumors and Reports
    Replies: 4
    Last Post: 05-24-2011, 02:45 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •