WHAT IS IT?
Another day, and yet another security threat has been announced. This one exposes a 20-year old hole that’s been in the UNIX OS called “Bash” that resides inside of every Mac. This could allow an outside attacker to have your computer execute commands, and potentially give them access to your machine without your knowledge.
DOES IT AFFECT ME?
Likely no – by default Macs do not have externally accessible services turned on – but servers and services that provide a web interface to the outside world are potentially threatened. This would include any service accessible by a web browser; web server, FTP server, email server with webmail, wiki, web or internet sharing, some games, etc.
HERE’S WHAT APPLE SAYS ABOUT IT:
“The vast majority of OS X users are not at risk to recently reported bash vulnerabilities,” an Apple spokesperson said. “Bash, a UNIX command shell and language included in OS X, has a weakness that could allow unauthorized users to remotely gain control of vulnerable systems. With OS X, systems are safe by default and not exposed to remote exploits of bash unless users configure advanced UNIX services. We are working to quickly provide a software update for our advanced UNIX users.”
As with most of these announced “possible exploits”, they are just that – possible – but that does not mean they are being used actively.
WHAT CAN YOU DO?
Don’t install ANY software or updates without asking Central Coast! If a software hack is installed on your Mac that makes it externally accessible, it could open your machine up to attack. Knowing that the industry is working on a fix, we would wait until that is available and install it. Central Coast will announce when its ready.
Turn off any services on your Macs you really aren’t using. Go to Apple>System Preferences>Sharing and turn off anything that’s on there you don’t directly understand. Ask if you have any questions. We see a lot of people with Apple Servers they set up themselves for simple file sharing with EVERY service turned on, which is not only reduces performance but gives more than one way for a bad guy to get into your server.
If you have a server that has externally accessible services, we are monitoring this issue closely and will work with you to get a plan in place for them.
WHAT’S THE LESSON HERE?
No computer are ever really “safe” unless you disconnect your internet connection. People write software, and people screw up, so we’ll never have a fully secure computing world. Reducing your “exposure” is the key to keeping your file, private and financial data safe. Here are the best practices for internet security in general:
- Don’t install any software or update without asking first. Really, there are no “routine updates”, everything is suspect.
- Have separate, unique passwords for all services you interact with, and use 1Password, LastPass, etc. to help manage them.
- If you must use the “cloud”, use it for temporary transferring of data only, not storing data long term. These servers out outside your control and are one breach away from exposing your data.
- Email delivery of “malware” is on the rise, so don’t click links, accept or install anything that wants to install once you open a message. If its from a “trusted source” like a service or bank you frequent, you should be able to go to their website and and get the same result, so don’t click links in email to get their – do it manually through your browser.
- Don’t let kids use computers that you use for your business! Get them their own machines to play on. We see a LOT of issues with this!
We’re here to help! Let us know if you think you may have opened the door to issues on your machine, and we’ll get things back in order and secure. If we haven’t seen you in a while, now may be a good time to go through your Mac and make sure everything is operating its best.
Email us at firstname.lastname@example.org.