A small update to include the newest AV for Mac; AVG AntiVirus for Mac. I had high hopes for AVG as it is my AV of choice for Windows but for Mac it does not do too well. It’s debut detection rate was 59%, putting it behind McAfee even. AVG for Mac has no controls apart from the ability to enable the scanning of archived files. No scheduled scanning, no heuristics, no automatic cleanup. It’s a very basic AV.
The latest PDF can be found ==> here <== and includes no updates for any of the other products.
Today was “Patch Tuesday” and Adobe released fixes for it’s Flash and Shockwave players. You can update your Flash player through System preferences > Flash Player > Advanced or download it from the adobe website here. After updating the version should read 11.9.900.170. The latest Shockwave player (version 126.96.36.199) can be downloaded here.
Firefox, which I consider to be the most private and secure web browser, released version 26 today. The update includes several security patches, click-to-play plugin support and performance enhancements. Firefox users can simply click in the “Firefox” menu and select “About Firefox”, an update button will present itself.
All of the above mentioned updates are recommended for all users.
This post is not really about security, not sure how to categorize it but as I had some time on my hands with nothing better to do I figured, what the heck. This post is about hard drives, why I choose one over the other, how I use them and how I discard them eventually.
I’ve made good and bad choices over the years but the good definitely outweighs the bad. By now I think I’ve figured out how to make the right choices and enjoy my purchases as long as possible without incident. In sharing this hopefully I’ll help someone out some day.
Want VS Need
I remember drooling over the 12GB CTO option when purchasing a PowerMac G3 in 1999, I wanted it. Of course I had no need for it but the stock 6GB drive just seemed so small. I had a ton of excuses as to why I really needed the 12GB instead of the 6GB and almost tricked myself into justifying the horrendous additional dollar figure expense. In the end I ended up with the stock 6Gb drive and guess what, it lasted me for years. Only a year later the PowerMac G4 was available with a 40Gb hard drive and a year after that there were 80Gb drives. Capacity nearly doubled every year and it quickly became obvious that biggest is not always best and if you’d just wait a few months an even bigger drive would be available for the same amount of money. With bigger drives also came more data to manage, more fragmentation (yes even on Macs) and even though you’d end up with more space, performance did not actually improve.
Yes you want room for growth but what is the proper amount? Buying an 4TB drive now should satisfy your needs for quite some time but let’s say you use 2TB in the next two years, two years from now that 4TB drive will be half the price and you could have saved some good money by just buying a 2 or 3TB drive, doh.
I try to plan for one or two years of growth and base my purchase on that, amongst other things. What are those other things? Read on to find out.
Continue reading “About hard drives” »
Things are not always what they appear to be, files on a Mac being no exception. We can identify a file just by glancing at it most of the time, we know what it is and most likely what application will open that file. A few examples:
A few of the file type icons you will most likely recognize.
Yup, no one needs to tell you what’s what, you know just by looking at it. The same goes for most file extensions. You know .jpg is an image, .mov is a video and .zip is an archive. While both the icon and the file extension are great ways to identify a file, this quick and easy way to identify files can be abused to trick you into opening a file that is not what it claims to be. In the case of malware we have seen this in the past with janicab, it masqueraded as a PDF while it was actually an application. More recently this trick has been used by an application posing as an installer.
Continue reading “Showing a file’s true nature” »
I received another email from Western Digital yesterday, here it is:
Dear WD Registered Customer,
As we previously announced, Western Digital received reports of Western Digital and other external HDD products experiencing data loss when updating to OS X Mavericks (10.9). Our investigation to date has found that for a small percentage of customers that have the WD Drive Manager, WD Raid Manager and/or WD SmartWare software applications installed on their Mac, there can be cases of a repartition and reformat of their Direct Attached Storage (DAS) devices without customer acknowledgement which can result in data loss. We have an updated version of the software that fixes this issue. We strongly recommend that you install this updated software. Please contact our service and support team with any questions.
Below are links to download the software:
Western Digital announced the issues customers were having earlier this month and have done a good job of keeping everyone informed. By installing these latest software versions the old versions (if still present) will be automatically uninstalled and it should be safe to use your WD external drives again. Keep in mind that for WD drives to work you don’t need any additional software for it to function. You just need it for additional functionality like configuring a RAID.
Follow up post
- A list of all the products and version numbers was removed. They can all be found in the PDF.
- “Hardware used” and it’s pages were removed. When referring to hardware specific tests and results in the future the hardware and specs will be mentioned at that time.
- Individual AV product tests were removed. The products and results change so often that these pages were outdated almost as soon as I published them. For the most up to date results check out the PDF. Resource usage and other details will be published in the PDF in the future as well.
- The “Testing Methodology” page has been rewritten with more details. If you’d like more details please let me know and I will add them.
- The “How apps are rated” page was removed as the testing methodology for products has changed and individual reports will not be published anymore.
Notes about the PDF update:
- I was unable to update the VirusBarrier X6 results as the application keeps asking for a license. I don’t have one so this will have to wait.
- Avira now detects Genieo samples as adware but apart from adding those signatures it does not detect the actually Genieo application, uninstaller or anything else. Because Avira now detects the Genieo samples it jumped up in rank on the results list from 95.4% to 98.5%. With it unable to detect any of the Genieo trace files though this means that new infections by this adware can be avoided but currently infected users will get no protection from Avira. The same goes for the latest Crisis.B, the sample is detected but the trace files are not.
- MacKeeper also detected samples but not trace files of Genieo and Crisis.B
- After testing for removal of malware samples and trace files as well, I found out that Sophos (who has been slipping for a while now unfortunately) is pretty bad at cleaning up. Leaving a lot of the detected files up for “Manual Cleanup” or “Cleanup Failed”. Now even MacKeeper performs better than Sophos which is quite embarrassing.
As mentioned, the PDF now shows results for clean-up. This is how well an AV product can cure/repair/delete (clean) infected files for you. There are three color codes that are used in this list:
Green = Infection cleaned.
Orange = Infection detected, pointed out but unable to clean and/or clean-up failed leaving user to manually clean.
Red = Infection not detected.
The rest of the AV products will be updated soon to fill all those gaps. I might even give all of the excluded apps another shot at the title. Due to the amount of time it takes I will only do on-demand, on-access and clean-up tests for the top performing AV (80% or higher detection rates). The PDF can be found here. Keep an eye on the widget to the right as it will show when the PDF is updated next, these minor changes will not be mentioned in a post like this one so that widget is the only way to see if the PDF has been updated since your last visit.
This is a quick “on the road” post that I will further update if needed later on.
A new version of the OSX/Crisis malware was found, you can read all about it here.
I have obtained a copy of all the files and will include these in the updated test results I have planned for this Friday-Saturday.
At the time of writing it appears only Intego can detect the malware but by the end of the week hopefully more AV will be on board.
Tagged with: Antivirus
, OS X
Posted in Security
[post updated to correct a typo that showed version .117 to be the current one. It should be .152. Thanks Ted for pointing this out.]
In case your system has not alerted you to the fact a new version is available (Flash rarely does this even though it should), you can get the latest version by going to System preferences > Flash Player > Advanced. Check for updates and you’ll be prompted to install one. You can also download an installer here. When done your Flash Player version should read 11.9.900.152.
An update is also available for ColdFusion, more details here.
The Flash Player update fixes two critical vulnerabilities (CVE-2013-5329, CVE-2013-5330) and the ColdFusion update addresses one (CVE-2013-5328).
Western Digital sent out another update that may give us a bit more information on what’s going on, here it is:
Dear WD Registered Customer,
On October 30th, 2013 Western Digital informed registered customers of affected products via E-mail regarding reports of Western Digital and other external HDD products experiencing data loss when updating to OS X Mavericks (10.9). Our investigation to date has found that for a small percentage of customers that have the WD Drive Manager, WD Raid Manager and/or WD SmartWare software applications installed on their Mac, there can be cases of a repartition and reformat of their Direct Attached Storage (DAS) devices without customer acknowledgement which can result in data loss.
WD has been tracking this issue closely through our WD Forum and through our Technical Support hotline and the occurrence rate of this event has been very low. A specific set of conditions and timing sequences between the OS and the WD software utilities has to occur to cause this issue. Should this event occur, the data on the product can likely be recovered with a third party software utility if the customer stops using the device immediately after the OS X Mavericks (10.9) upgrade. WD will be issuing updated versions of these software applications that resolve this issue.
WD strongly urges our customers to uninstall these software applications before updating to OS X Mavericks (10.9), or delay upgrading until we provide an update to the applications. If you have already upgraded to Mavericks, WD recommends that you remove these applications and restart your computer. If you have already upgraded to Mavericks and are experiencing difficulty in accessing your external hard drive, please do not save anything to the drive, disconnect the drive from your computer, and contact Western Digital Customer Service at http://support.wd.com/country/.
Even though there have been reports of people losing data without having any of the WD software installed, this email indicates the problem is the software. Possibly an issue triggered by Maverick’s new Timer Coalescing which is in part responsible for enhancing battery performance on portable products. This may also mean Western Digital has not done any testing prior to the release of Mavericks, people losing data could possibly have been avoided if they had. I’m assuming an issue like this would have been found while testing their software on pre-release versions of Mavericks.
For now, as suggested, remove the WD software if you have already upgraded. Some instructions in an earlier article here.
The issues appear to have been resolved, see the latest article here.