App of the Week: DNSCrypt

When talking about security, DNS and encryption have become two major discussion points. Encryption is making the information being sent look random to anyone on the outside staring in, while the people sending and receiving the information can read and write in it just fine (the same way people might send secret coded messages). DNS basically is like a phone book for the Internet. When you type in an Internet address, that name is actually tied to an IP address, the individual number tied to each Internet connected device. Whoever provides your DNS, usually your Internet provider, looks up what IP address is connected to what you entered, and then directs you to the website. It’s the same principle as if you wanted to call a person or business. If you look up the name of the person or business in a phone book, you can find what their phone number is, call them, and exchange whatever business, pleasantries, or other reason you had to call them.

DNS has become more of a talking point lately, as recent malware attacks on multiple operating systems have resulted in changing your DNS addresses to lead you to malicious sites, designed only to steal your information and/or give you more malware. Other holes in the DNS process have caused concern for the process itself. But since DNS is such an integral part of the way we connect to the web, there’s not a way just to turn it off without disconnecting from the web. So the wonderful people at OpenDNS have created DNSCrypt to help with these security problems. DNSCrypt works to encrypt the traffic flowing between you, your DNS provider, and the website you are trying to contact. It works to prevent your

DNSCrypt's Preference Pane

DNS traffic from being intercepted and maliciously changed. But wait! What if your DNS addresses have already been changed? DNSCrypt fixes that because it runs off of OpenDNS’s own DNS servers. Some people may be concerned about changing DNS servers, but DNSCrypt changes it automatically so that you don’t have to, and can change back automatically to your former DNS servers if something doesn’t work right. If you’re worried about OpenDNS’s security though, OpenDNS has award-winning security, and can even speed up your web browsing experience. To change your DNS to their servers is free, but they offer home and business plans for more efficient and even more secure use.

I have been using the program for about two weeks. With it booting up as a startup program, I noticed a small increase in my Mac’s startup time, but I have not noticed any decrease in the speed of my overall browsing. I can’t say how well it blocks DNS attacks (I tend not to go searching for sites that do that), but I trust OpenDNS and have used it for a while now. And OpenDNS has a nice menubar icon to let your know its status.

While DNSCrypt is going to be a great tool to use in anyone’s security arsenal, there are a few caveats I have with it. For one thing, the program is still in beta, so anyone worried about stability might want to stay away. I haven’t experienced any crashes with it, but I would still wait until the final version of the program before using it for corporate work. Another issue with the program is that when it initially starts up, encryption hasn’t been enabled. You have to manually enable encryption from within the app’s preference pane. OpenDNS acknowledges this and say that they are coming with an update soon to fix this. And as an ascetic touch, I wish the menubar icon would have a more Mac-like feel, rather than being a red, yellow, or green light in the menubar (but at least it’s easy to understand your status).

For those willing to try a beta program, and for those who want some extra security, check out DNSCrypt. You can download it at http://www.opendns.com/technology/dnscrypt/ for free. It runs on OS 10.5 and higher. If you have any questions, comments, or suggestions about this or any other topic, leave a comment below or email me at easyosx@live.com You can also check me out on Facebook, Twitter, and YouTube by hitting the buttons on the top of your screen. You can also check out my Google Plus Page at https://plus.google.com/107817518299218190319. Thanks!

How to force your Mac to update its malware definitions | Antivirus & Security | MacUser | Macworld

Follow this terminal command:

more /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.meta.plist

If it isn’t up to date (as in today, or yesterday), go to Security under System Preferences, uncheck “Automatic updates, then immediately recheck the box.  Run the command again, and hopefully you should be up-to-date.

Read more here:  via How to force your Mac to update its malware definitions | Antivirus & Security | MacUser | Macworld.

Securing Opera Web Browser (Part 2)

Here is the 2nd part of how to secure to Opera web browser. I hope to get another security based video or two out, but I’m working on some other non-security related stuff as well. Enjoy the video, and thanks for watching.

P.S. Send any tips, suggestions, or questions to me at easyosx@live.com, or on Twitter @EasyOSX.

Mac Defender Variant Bypassed OS X Anti-Malware Software Within Hours | Cult of Mac

While Apple’s new update feature will likely catch this in the next few days, it does show how stubborn these malware developers are going to be.

Mac Defender Variant Bypassed OS X Anti-Malware Software Within Hours | Cult of Mac.

Update: According to CNET, there is a bug in the new automatic security updates feature that may cause the checkbox to be unchecked if the Security Preference pane is left open for more than 30 seconds.
http://reviews.cnet.com/8301-13727_7-20067942-263.html?part=rss&tag=feed&subj=MacFixIt

Apple Security Update

Apple just released a security update today that isolates several key files that the MacDefender malware uses. Be sure to update by using your software update function or by going to Apple’s website here: http://support.apple.com/kb/DL1387. But it also has it’s own updating list, so that the built in Mac malware protection can update on it’s own without having to got through software update. You can opt out of this by going to the Security Preference Pan, and unchecking “Automatic Updating”.