I haven't found a single post on security in any of the forums. Yet it's a topic that comes up for me on a regular basis. Every so many days I get a message on my screen: There's an update available for [say, Flashplayer], do you want to install it now?
Usually I click on yes and go through the installation process. But sometimes I wonder; any hacker could imitate the genuine messages that Adobe sends me and convince me to install his virus, worm, keylogger etc. on my computer. How can I see the difference - except when it is too late?
Today there was an update for Flashplayer and the installation stopped suddenly when it asked me to shut down Firefox. Since then I wonder what I gave access to my computer.
well - you can always see what the update is and then not agree to it there and go to the respective website and get the file there...in this case, go to adobe.com and get the latest flash install from them that way?
additional security can also be provided via checksums - some downloads will show you a checksum value on the page, and then once you download the file, you can run the checksum locally to make sure they match - if they do, then the file is unaltered. here's how you do that:
adobe doesn't offer those, i don't believe, but certainly you would feel better getting it from their site as opposed to the random dialog that pops up, which i do agree is always in theory something that could be replicated...
(but to note, of course - a checksum doesn't help if the site you are on is the hackers to begin with, but if you trust you are on adobe.com (again for example), then it is a useful tool to verify a file to be the same as the one they wanted to give you)
Thanks; this is the first time I got an explanation about the hash sums.
For me the problem is solved, I hope, but another question comes to my mind: Most people (like me until now) will not go to the site of the software maker but simple click on the pop up window to start the installation. Apparently this doesn't create a problem in 99% of the cases. I only read about Flash Updates being faked last year, and one fake Windows Anti-virus program.
Is the conclusion that it is difficult to fake these update messages? I can't imagine.
it is difficult to do and would require either software installed on your local machine to replicate it (at which point it is very easy, but that is what web browsers, etc. strive to avoid allowing sites to do, but security holes are out there) or it would require a very slick looking little web window that visually tricked you into downloading something, but even then it cannot install itself and you would be required to do that manually...
in mac land you are slightly less vulnerable, but that is more due to hackers not seeing enough of a market share to make exploiting holes worth it. but in general, you do have to trust that your os is patched up and will not allow this sort of thing which can ultimately only happen if a security hole has been found or you previously downloaded and installed some 3rd party tool that put a trojan horse on your system without your knowledge.
Thanks; I checked my computer with the help of your article and found it malware-free (at least free of Flashback). Pfew!
The article is worrying, though, and even more so the article listed on the bottom of that page saying that the malware-age for Mac has started and we are totally unprepared for it.
The solution for me is to use my Mac for FCX and use as much as possible Linux (through Parallels) for internet-related things. Not very practical, but better than dealing with malware.