My Definitive List of Must-have Free Mac Applications and Best Paid-for Counterparts
These are the apps that I will install first on pretty much any new Mac that I get. I’m a huge fan of free and open source software, and no other platform has free software of the same quality and calibre as Mac OS X. Most of these are Mac-only apps (a couple are cross-platform). I’m listing free applications wherever possible, but if there is a paid-for app that I consider best-of-breed, I mention those too. Hopefully this list will help all of the techie switchers get the apps they need quickly. This list is a work-in-progress, so I’ll be adding to this it over time.
If you’re only interested in my recommended security apps, they’re at the bottom! Feel free to post in the comments if you have any you think are worth mentioning.
Last updated: 14/04/2015
OS X Lion Released, Brings Improved Security
As you will know by now, Apple has release Lion (OSX 10.7) to the orgasmic jubilation of Mac fans everywhere. Ok, perhaps I exaggerate, but Lion was probably the most anticipated release of OSX since Leopard. Critics will argue that the number of major new features are limited, but in my opinion it’s the refinements that make Lion a great update. And for what it’s worth, the Mac App Store update process went perfectly smoothly on my iMac.
Most importantly, however, are the security improvements that Apple have made to the OS. Leopard and Snow Leopard already had some of these features, but they were not fully developed. In Lion, it seems, many of those issues have been fixed. In fact Lion has been said by several security researchers to now offer superior security over competing operating systems. I’ve said for a while that Apple will wait until OSX is really stable before properly addressing security. It appears Lion is the start.
I’ll start off with the most user-visible security features:
- FileVault 2: Whereas FileVault on Snow Leopard only encrypted users’ home folders (using disk images), leaving the System and Applications vulnerable to attack, Lion now has true block-level Full Disk Encryption (XTS-AES 128 algorithm). FileVault 2 also supports full disk encryption of external USB and FireWire drives. One key new feature is Lion’s “Instant Wipe”, which will allow you to wipe the hard-drive should your computer fall into the wrong hands. Similar to iOS devices, this may tie in to the new Find My Mac functionality.
- Privacy Controls: Apple has sprinkled around some additional privacy controls, giving the user more say in how their data is stored or used. There’s now full control of which applications can make use of the Location Services features of OSX.
- Apple ID Authentication: This is an interesting feature that makes it easier for users to share content with others. Normally actions like Screen Sharing and File Sharing require the connecting user to have an account on the system. Now, you can simply add their Apple ID as an authorised account to give them selective access. It will be interesting to test how this actually works in practice.
- Application Sandboxing: Lion’s sandboxing capability has been greatly improved. Safari, for example, has been updated to include sandboxing, meaning that website content loads in a separate process with limited functionality. This help prevent malicious websites from gaining access to the underlying system. Apple is encouraging third party software developers to start sandboxing their applications.
- Full ASLR: This is a big one. Address Space Layout Randomization is a technique to make exploitation of vulnerabilities more difficult by not using fixed memory addresses for key data areas. In Snow Leopard, ASLR was half-baked and essentially broken. In Lion, it appears that Apple have finally implemented full ASLR (covering 32 and 64-bit application), although how well is yet to be fully determined. Either way this will present an additional barrier to exploits.
The State of Mac Malware
There’s been a lot of buzz recently about the sudden increase in Mac-specific malware cropping up so far this year. First people raved about the fairly tame and unthreatening BlackHole RAT trojan, then Mac users had to watch out for a slightly more crafty but avoidable MACDefender trojan, and now there’s news of a more advanced malware kit (Weyland-Yutani Bot) that has the ability to steal data entered into Firefox (Safari and Chrome currently unaffected, but expected to follow soon). AppleCare has reportedly been receiving a significant number of calls about the MACDefender trojan, and has issued a support document on how to deal with it.
Clearly some change is in the air, but exactly how does it affect normal Mac users? I for one actively look for Mac-based malware (eg. MACDefender), and have never stumbled across it by accident. Maybe I need to surf on the ‘dark side’ of the web more often. I just wanted to give my take on recent events and the state of Mac malware, and why I don’t think there’s any reason to be too worried just yet.
Mac OS X 10.6.7 and Security Update 2011-001
Apple has released 10.6.7 and its first security patch of the year, 2011-001, fixing a large number of bugs and vulnerabilities. In particular it fixes a known graphics bug in the 2011 MacBook Pros. It also improves Back To My Mac connectivity and SMB (windows file sharing). From a security perspective it fixes issues in a number of components including the Kernel, Airport, ImageIO, and QuickTime, many of which potentially lead to remote code execution. This update also adds detection for the OSX.OpinionSpy spyware to Mac OS X’s built-in file quarantine.
It’s a fairly big update, so users are naturally advised to patch soon. Hit the jump for the full list of security issues fixed. Read more
Loading ...
