Securing Your Mac Against A Virus

In the past, Macintosh users have been mostly spared from malicious worms and viruses. This is both because Mac OS X is fairly secure, as a UNIX application, and the fact that they have had smaller market share. On Valentine's Day 2006 this changed a bit.

A 'latestpics.tgz' file which claims to be a tar-zipped screenshot package (from the Mac OS 10.5), was posted to a popular site of Mac Rumors. Visitors of this site discovered it was a worm rather quickly - it was fairly benign, in that it didn't actually inflict damage on the machine, but rather infects your iChat list of buddies. This trojan only works on PowerPC-based Macs, not Intel machine. This only affects Macs of OS X 10.4 or after.

AV companies such as Sophos and Symantec have already responded, though there's also a simple workaround to use. Apple will most likely have an official security patch for this problem by the time you read this. In the meanwhile, just add a folder action which will alert you if something has been added to your input manager folder - the worm will work on that piece of the operating system.

In order to activate the alert feature:

Go to --> Library/InputManagers/ Right click (or Ctrl click) on the folder. Select 'enable folder actions' if this is not already enabled.

Right click (or Ctrl click) on the folder another time. Select 'attach a folder action.' Select 'add - new item alert script' from the Folder Action Strips folder (default).

By doing this small task, you will be alerted if an item tries to insert itself like a trojan into your InputManagers folder.

NOTE: This is not a solution, but a workaround. If you have an antivirus program which has an actual fix, or if Apple provides a security update, we advise that you rely on these solutions instead of the above fix to solve the issue.

To secure your Mac, follow the tips below:

>> Run AV.

>> Make your computer ask for a password whenever waking from sleep or a screen saver. Apple Menu > System Preferences > Security > Require password...

>> Use a non-administration account. Simply add an admin account for installing software and other tasks. Apple Menu > System Preferences > Accounts > add admin account, then demote to standard. Log out and log in while remembering new password.

>> Use a good password which has numbers, letters and symbols in it. Disable auto-login. /Applications/Utilities/Keychain Access, click on the key in the 'change keychain password dialogue' and select a password type & length in the assistant.

>> Disable unnecessary sharing; turn on firewall Apple Menu, System Preferences, Sharing Services. Uncheck all those you don't need. Apple Menu, System Preferences, Sharing, Firewall, Start!

With these tips, you should be on your way to securing your Mac computer from this another other malicious virues, worms, and trojans. Remember, this is just a work-around; if there is another official fix from Apple, we recommend that you use this fix to help solve the problem.

Nick Pegley is VP Marketing for All Covered: Technology Services Partner for Small Business, providing local disaster recovery consulting and technology services in 20 major U.S. metro areas.