Essays in the Category "Computer and Information Security"
Page 30 of 30
Virus Killers: Macworld Lab Tests Virus Software and Survives
Macintosh users ignore computer viruses at their peril. Viruses can cause irreparable damage to the system or destroy megabytes of data. Fortunately, unlike their biological namesakes, computer viruses are relatively easy and painless to control. With a leading virus-protection software program, it takes only a few minutes a day to remain virus-free.
Macworld Lab tested four antiviral products—the freeware application Disinfectant, Central Point Software’s MacTools ($149.95), Symantec’s Symantec AntiVirus for Macintosh (SAM, $99), and Virex ($99.95) from Datawatch—against every Macintosh virus known at the time of testing, 52 in all. We also looked at each product’s features and measured how fast the programs detected viruses…
Virus Protection on the Mac is Simple But Necessary
“Protecting yourself from Mac virus infection is easy; it’s a wonder there are people who don’t do it,” said Ben Liberman, independent Macintosh consultant in Chicago. There are several good anti-viral software packages, both commercial and free, designed to protect your Mac from attack.
There are two types of anti-viral software: protective and detective. The commercial virus-prevention software packages -Central Point Software Inc.’s Central Point Anti-Virus for Macintosh 2.0, Symantec Corp.’s Symantec Anti-Virus for Macintosh 3.5 and Datawatch Corp.’s Virex 4.1 – support both protective and detective protection. There are two freeware virus-protection programs: Disinfectant, which takes a detective approach, and GateKeeper, which takes a protective approach. Both programs are available on most bulletin board systems and on-line services…
Clipper Gives Big Brother Far Too Much Power
In April, the Clinton administration, cleaning up business left over from the Bush administration, introduced a cryptography initiative that gives government the ability to conduct electronic surveillance. The first fruit of this initiative is Clipper, a National Security Agency (NSA)-designed, tamper-resistant VLSI chip. The stated purpose of this chip is to secure telecommunications.
Clipper uses a classified encryption algorithm. Each Clipper chip has a special key, not needed for messages, that is used only to encrypt a copy of each user’s message key. Anyone who knows the key can decrypt wiretapped communications protected with this chip. The claim is that only the government will know this key and will use it only when authorized to do so by a court…
Data Guardians
Security problems have become almost as commonplace as desktop computers. A disgruntled city employee, trying to get back at the boss, digs into the mayor’s personal files and sends damaging information to the press. A woman asks her computer-expert husband to recover an accidentally deleted budget file; he recovers not only that file, but purposely deleted letters to an illicit lover. Or a major corporation loses critical financial data to an industrial spy who dialed in to a company file server.
Most of us have some computer-security vulnerability. Fortunately, software solutions can address mild concern through outright paranoia. Some security products will keep your kid brother from reading your files. Others will prevent a Mac guru from reading your files. Still others will bar the best Macintosh programmers in the industry from reading your files. Finally, some software will probably keep the spy agencies of large nations or the industrial spies of multinational corporations from reading our files…
Taking Backups out of Users' Hands
Convincing people to back up their hard disks is a universal struggle. Most people make backups irregularly, if at all. And whether or not the backups are labeled or even if they can be used to restore data in the event of a disk crash is usually the responsibility of the individual user.
As companies downsize their computing centers, more critical applications are moving from mainframe computers to networked microcomputers.
The data on these microcomputers can be crucial to the life of the company, and network managers are loathe to leave the important task of backup to chance…
System 7's Security Shortcomings
System 7 and the Mac were designed for ease of use, not security. Networked Macs suffer from many security risks that stand-alone machines don’t and, unlike mainframe systems, there is no central computing machine from which to control access.
AppleTalk is a dynamic “plug-and-play” system – any Mac can plug into an existing network and immediately become part of it. AppleTalk also is a peer-to-peer system – any Mac can access resources on, send files to and exchange messages with any other machine. “Macintosh users are used to having an open platform and freely sharing files,” said Andrew Sneed, computer coordinator at The Analytical Services Corp. (TASC) in Fort Walton Beach, Fla. That openness is not conducive to network security, he added. “They want to be able to get any file on any machine painlessly and effortlessly.”…
Keeping Viruses Off Net a Battle
Macs sitting alone on desert islands don’t catch viruses. Even Macs whose users frequently trade disks with each other can be protected easily. With Macs on large networks, however, virus prevention can be a lot more complicated.
“If you have a published volume on your hard disk, someone can drop a virus on your machine without your knowledge,” said Jeffrey Shulman, author of Virus Detective and Virus Blockade and president of Shulman Software Co. of Morgentown, W.Va.
Many holes.
Shared disk space, on servers and local disks using System 7’s file sharing, are an often unprotected means through which viruses can spread…
'Fire Walls' Stand as a Protectant Between Trouble and the Network.
Large buildings are often built with fire walls—fire-resistant barriers between vital parts. A fire may burn out one section of the building, but the fire wall will stop it from spreading. The same philosophy can protect Macintosh networks from unauthorized access and network faults.
A network fire wall usually is nothing more than a router configured to prevent certain network packets from traveling between parts of the network. For instance, a router can partition off the machines in the R&D department, so other network users can’t access secret information. Some routers can be programmed to transfer electronic mail but restrict remote-terminal log-ons. And the chairman of the board’s laser printer could be hidden from the rest of the network, so the average user can’t print on that machine…
Sharing Secrets Among Friends
Whether you're protecting a nuclear missile or your new recipe for burger sauce, polynomial encryption can prevent people from stealing your secrets.
Let’s say you’ve invented a new, extra-gooey, extra-sweet, creme filling; or a burger sauce that is even more tasteless than before. This stuff is important; you have to keep the recipe secret. You can tell only your most trusted employees the exact mixture of ingredients, but what if one of them defects to the competition? Before, long every grease palace on the block would be making burgers as tasteless as yours. That just wouldn’t do.
You can take a message and divide it up into secure pieces. Each of the pieces by itself means nothing, but put them all together and the message appears. If each employee has a piece of the recipe, then only together can they make the sauce (employees could type their portion into a central sauce-making computer or something). If any employee jumps ship with a piece of the recipe, the portion is useless by itself…
Computer Security: Key Management Issue
MacWEEK Special Report: Emerging Technologies
Back when computers stood alone on desks, unconnected to the rest of the world, computer security was simply a matter of locking an office door, putting a lock on the power supply or installing a security software package. Today, the rules of computer security are changing, and in years to come, it’s going to be a whole new ball game.
What used to be the concern solely of the military is required by more and more companies. “Between LANs, file servers and dial-up connections, it’s hard to regulate who has access to what,” said Steven Bass, principal software engineer at Codex Corp., a division of Motorola Inc. in Canton, Mass…
Sidebar photo of Bruce Schneier by Joe MacInnis.