On Snow Leopard, how to secure it?

[2012Tony2012]

I am running Snow Leopard, I cannot upgrade to anything else as then the iMac runs like a snail and very frustrating.

Question...if I run Snow Leopard, seeing no more security updates etc,,, what can I do to protect it so it doesn't get infected with any nasties and so it's secure when I do netbanking with Firefox?

 

[2984839]

Make your passwords long and complex, use a separate unprivileged account for browsing, install NoScript in Firefox, install the Perspectives addon in Firefox to check SSL certs, enable the firewall, disable services you don't need, uninstall programs you don't need, enable FileVault, don't browse to questionable websites, and encrypt local backups and sensitive files.

 

[2012Tony2012]

Make your passwords long and complex, use a separate unprivileged account for browsing, install NoScript in Firefox, install the Perspectives addon in Firefox to check SSL certs, enable the firewall, disable services you don't need, uninstall programs you don't need, enable FileVault, don't browse to questionable websites, and encrypt local backups and sensitive files.

Is there any antivirus and firewall application I can install onto Snow Leopard which can make all those tasks easier?

So you mean Snow Leopard can get a virus if I visit a questionable website?

How can I check Snow Leopard if it's ever become infected?

And how do I create a separate unprivileged account for browsing?

 

[redheeler]

And how do I create a separate unprivileged account for browsing?

System Preferences > Accounts, unlock the pane, and simply create a new account with the + button leaving the type as "Standard".

Also make sure you use an up-to-date and secure browser such as Firefox, and not the stock Safari.

 

[2012Tony2012]

System Preferences > Accounts, unlock the pane, and simply create a new account with the + button leaving the type as "Standard".

Also make sure you use an up-to-date and secure browser such as Firefox, and not the stock Safari.

Sounds good

So if I use latest version Firefox on Snow Leopard, are there any websites that can infect my iMac with anything nasty?

 

[GGJstudios]

Sounds good

So if I use latest version Firefox on Snow Leopard, are there any websites that can infect my iMac with anything nasty?

I know you've seen this information before, so I don't understand why you're asking the same questions. Perhaps you didn't read responses to your malware questions in other threads.

There are no websites that can infect OS X as long as you practice safe computing. Macs are not immune to malware, but no true viruses exist in the wild that can run on Mac OS X, and there never have been any since it was released over 12 years ago. The only malware in the wild that can affect Mac OS X is a handful of trojans, which can be easily avoided by practicing safe computing (see below). 3rd party antivirus apps are not necessary to keep a Mac malware-free, as long as a user practices safe computing, as described in the following link.

​

Read the What security steps should I take? section of the Mac Virus/Malware FAQ for tips on practicing safe computing.

 

[2012Tony2012]

I know you've seen this information before, so I don't understand why you're asking the same questions. Perhaps you didn't read responses to your malware questions in other threads.

There are no websites that can infect OS X as long as you practice safe computing. Macs are not immune to malware, but no true viruses exist in the wild that can run on Mac OS X, and there never have been any since it was released over 12 years ago. The only malware in the wild that can affect Mac OS X is a handful of trojans, which can be easily avoided by practicing safe computing (see below). 3rd party antivirus apps are not necessary to keep a Mac malware-free, as long as a user practices safe computing, as described in the following link.

​

Read the What security steps should I take? section of the Mac Virus/Malware FAQ for tips on practicing safe computing.

Thanks GGJstudios, however I want to be able to visit any website I want without worrying if I can get a trojan etc.

So seeing some websites can infect Mac OS X, unless "safe computing" steps are taken, my question is... what can I do in Snow Leopard to check if I got a trojan infection after visiting "unsafe websites"?

And what can I do in firefox to stop being infected with a trojan in the first place, EVEN if an unsafe website was visited? Any way to stop trojan infection for 100% of websites?

 

[GGJstudios]

Thanks GGJstudios, however I want to be able to visit any website I want without worrying if I can get a trojan etc.

If you follow the safe computing steps in the link I provided, you can't get a Trojan from visiting any website.

Any way to stop trojan infection for 100% of websites?

Yes, follow the safe computing practices in the link I provided. Then you can surf with confidence that you won't get malware on your Mac.

 

[2012Tony2012]

If you follow the safe computing steps in the link I provided, you can't get a Trojan from visiting any website.

Yes, follow the safe computing practices in the link I provided. Then you can surf with confidence that you won't get malware on your Mac.

How can I check my iMac after surfing to make sure I have no trojan or malware on Snow Leopard?

And GG, do you think I should create a new account and set as "standard" and use that account when visiting all websites?

 

[GGJstudios]

How can I check my iMac after surfing to make sure I have no trojan or malware on Snow Leopard?

Install ClamXav and run a scan.

And GG, do you think I should create a new account and set as "standard" and use that account when visiting all websites?

That's not necessary, and doesn't provide any additional protection over running as an admin user.

 

[grahamperrin]

Also: ProtectMac.

(I used ProtectMac for maybe two or three years. More recently I prefer fuller-featured Kaspersky Internet Security for Mac, but that will not work with anything less than Mac OS X 10.7 so it's not an answer to this topic.)

 

[2012Tony2012]

Install ClamXav and run a scan.

That's not necessary, and doesn't provide any additional protection over running as an admin user.

1. I didn't think ClamXav detected all malware and trojans on MacOS? I thought it had a low detection rate?

2. Interesting, I thought creating a standard account would have been more secure. So why would anyone need to create a Standard account seeing it doesn't provide any benefit or better security over a normal Admin account?

 

[GGJstudios]

1. I didn't think ClamXav detected all malware and trojans on MacOS? I thought it had a low detection rate?

It doesn't have a low detection rate. It's just that no antivirus app has a 100% detection rate. For the types of malware you're most likely to encounter, ClamXav will do fine. It may not detect more obscure malware, but it's very unlikely for you to have encountered something it doesn't detect. You have to remember that the vast majority of OS X users never encounter malware of any kind that can affect their Macs.

2. Interesting, I thought creating a standard account would have been more secure. So why would anyone need to create a Standard account seeing it doesn't provide any benefit or better security over a normal Admin account?

That's left-over mentality from Windows, where it does make a difference. On OS X, there is no real-world advantage in running a standard vs admin account.

 

[2012Tony2012]

It doesn't have a low detection rate. It's just that no antivirus app has a 100% detection rate. For the types of malware you're most likely to encounter, ClamXav will do fine. It may not detect more obscure malware, but it's very unlikely for you to have encountered something it doesn't detect. You have to remember that the vast majority of OS X users never encounter malware of any kind that can affect their Macs.


That's left-over mentality from Windows, where it does make a difference. On OS X, there is no real-world advantage in running a standard vs admin account.

OK thank you GGJstudios

 

[2012Tony2012]

When I scan using Clam to search for malware and trojans, do I always need to scan the WHOLE Macintosh HD, or just my Home Folder?

 

[grahamperrin]

1. I didn't think ClamXav detected all malware and trojans on MacOS? I thought it had a low detection rate? …

Re: ClamAV and signatures, I recall https://forums.macrumors.com/showthread.php?p=10023068#post10023068 from 2010.

Since I ceased to use ProtectMac, my familiarity with the ClamAV side of things has dropped considerably.

 

[grahamperrin]

… no real-world advantage in running a standard vs admin account.

Side note: CVE-2015-1130 was reportedly created by Apple; http://www.cvedetails.com/cve/CVE-2015-1130/ describes 10.10.2 as vulnerable, with no mention of 10.9, 10.8 or 10.7.

https://truesecdev.wordpress.com/2015/04/09/hidden-backdoor-api-to-root-privileges-in-apple-os-x/ is more broad-ranging (10.7 onwards) and it's not yet clear to me whether Snow Leopard and less may be vulnerable.

Just a hunch, it may be worth reviewing things after people respond to Emil Kvarnhammar's session at the forthcoming Security Conference in Sweden.

 

[GGJstudios]

When I scan using Clam to search for malware and trojans, do I always need to scan the WHOLE Macintosh HD, or just my Home Folder?

It doesn't hurt to scan the whole drive.

Re: ClamAV and signatures, I recall https://forums.macrumors.com/showthread.php?p=10023068#post10023068 from 2010.

While some would argue, adware, as mentioned in that link, is more "annoyware" than it is "malware". The OP was asking about malware such as Trojans, which are a different animal.

Remove unwanted adware that displays pop-up ads and graphics on your Mac
Adware can be removed by using this tool: AdwareMedic

Side note: CVE-2015-1130 was reportedly created by Apple; http://www.cvedetails.com/cve/CVE-2015-1130/ describes 10.10.2 as vulnerable, with no mention of 10.9, 10.8 or 10.7.

It specifically states that the only version vulnerable is 10.10.2, and still doesn't prove any advantage in running a standard account vs an admin account, since that specific vulnerability allowed admin access on a standard account. There are vulnerabilities in OS X, just as there are in all software, but there is no real-world advantage gained by running an OS X standard account over running an admin account.

 

[2012Tony2012]

Thanks again GG for all your help

In regard to AdwareMedic, it requires a Mac running Mac OS X 10.7 (Lion) or later. Wish they had one for Snow Leopard.