Mac OS X 10.7.4 Update Image From Vinh Nguyen’s MacBook Pro
Last couple days, people have been reported that there has been a bug in Mac OS X 10.7.3’s system-wide debug log file, consequently allowing anyone or any malicious program that knows where to look and have access to a Mac OS X 10.7.3 machine to steal users’ passwords. It appears that the passwords are saved in plain text in Mac OS X 10.7.3 as the bug prevents the system from encrypting the passwords. As people are panicking and wondering when will this bug be patched by Apple, Apple has quickly released Mac OS X 10.7.4 to address this password security bug.
Furthermore, this new update to Mac OS X 10.7.4 will also address other security bugs within Safari web browser. Of course there are few other enhancements to other features too by updating to Mac OS X 10.7.4, but you can easily whisk over to Cnet’s Apple releases Safari 5.1.7, Snow Leopard updates, and more article for an in-depth look into Mac OS X 10.7.4 update. So, don’t you hesitate to update your Mac to OS X 10.7.4, because your Mac will be more secure than before with the newer update. To update your Mac to Mac OS X 10.7.4, just use the Software Update feature within Mac. You can find Software Update feature if you left click on the Apple logo at the top left corner of the monitor/screen.
Web browser (Photo credit: Wikipedia)
Mac users who use Norton Internet Security for Mac do not have the feature where they can save passwords securely so the passwords can later be autofilled into various web destinations that they frequently visit. Windows users who use Norton Internet Security do have this feature! Just recently, I’ve found out Symantec provides free Identity Safe app in Mac App Store, and so now Mac users have the option of using this app to save and retrieve their passwords with less hassle than before.
Unfortunately, Identity Safe app seems to be pretty crude! What I mean by this is that I think it only works with Safari web browser. I can’t really use it with Chrome and Firefox web browser. For an example, once installed the app, added a web destination with its proper credential, clicked on the app icon at the very top of the screen, clicked on the web destination under recent logins list, and a web destination would open in Safari web browser automatically with proper credential filled in (i.e., password and username). Of course, Identity Safe users can click on View All Logins within the Identity Safe app to view username and password for a specific web destination, and by doing this Identity Safe users can manually copy and paste the credential into a web destination with browsers that are not supported by Identity Safe app. This is a hassle of course!
Although I haven’t yet tried the import of logins for Safari, I’ve noticed a lot of app reviewers have complained that this app isn’t allowing to batch importing logins (i.e., can only import each login one by one as one has to approve the import for each login). If this is true, then the whole purpose of importing logins from Safari can be rather self-defeating since it will be so cumbersome to actually import hundreds of logins one by one. So, this is another hassle for using Identity Safe app.
Even though Symantec’s Identity Safe isn’t yet polished to my liking, I still think it does serve a purpose of safekeeping logins securely. Nonetheless, you have to trust Symantec in order for you to trust and use Identity Safe app. In my case, I do trust Symantec, therefore I don’t mind using this app. In my opinion though, there might be many other password/login apps that may provide better features in safekeeping one’s logins than Identity Safe app. Honestly though, if one doesn’t yet have a good app which helps securing logins on Mac, then I don’t see why one should not use Identity Safe app on Mac since it’s a free logins protection app from a trustworthy security company Symantec.
Mac?! (Photo credit: Kramchang)
It’s being reported that the newest version of Mac Flashback Trojan can now exploit Java engine in Mac OS X, all versions of Mac OS X I guess. It bypasses the administrator privilege protection, and so it can install itself onto any Mac machine with Java enabled without the need to use an administrator password. As now, Apple has yet to release a security fix to counteract Mac Flashback Trojan’s Java exploit, therefore I think it’s best for you to disable Java plugin for your browsers!
Should you disable Java on Mac altogether? Yes, but unfortunately Java is so interconnected with Mac OS X (all versions), therefore I do not yet know how to disable Java on Mac. If you know, please write a comment or two and share your knowledge with my blog’s readers. Anyhow, the easy quick fix for now is not to use Java in any browser that you use on Mac.
Without further ado, now I’m going into how to disable Java on the most popular browsers that you can use on Mac. These browsers will have to be Safari, Firefox, Chrome, and Opera! So check the instructions below…
- Safari – disable Java, you need to go to Safari > Preferences > Security > and uncheck the box that says Enable Java.
- Firefox – disable Java, you need to go to Tools > Add-ons > Plugins > and disable the Java Applet Plug-in plugin.
- Chrome – disable Java, you need to type in about:plugins in the browser address bar and disable the Java plugin.
- Opera – disable Java, you need to go to Tools > Advanced > Plug-Ins > and disable the Java Applet Plug-in.
Safari isn’t my favorite web browser, but as a Mac user, I have to try to keep everything on my Mac up to date. It’s sort of a best practice of mine in regarding to computer security, because I sleep better knowing that even the software I won’t use is still be up to date to minimize the risk of being hacked. This time around, Apple updates Safari to 5.1.2 version. To update to the latest version of Safari, you need to do Software Update. Your Mac will download a package with file size of 40.2 MB. This update requires you to restart your Mac before Safari can be installed to a newer version. Have fun with your new Safari!