I expect you will have heard of the Mac-targeted 'scareware' that is doing the rounds. If not, you can read one of the many reports here. This nefarious software persuades you to install it, promising to be a defence against viruses. Up to recently it has asked those duped into installing it for their administration password, which should (hopefully!) have prompted them that something was proposing to install that was never asked for in the first place. You can prevent its prompt appearing by ensuring that Safari is set to NOT open 'safe' files after downloading in Safari's General Preferences. However, you can't prevent its downloading—so if you see any unexpected items appearing in your Downloads folder, delete them rather than opening them.
MacDefender (Wikipedia link) has now become more insidious, not requiring the administration password to install itself into the Applications folder. However, we can deal with that by forcing the password request through setting the Applications folder to be 'read-only'.
Setting the Applications folder to read-only
Setting the Applications folder to read-only for the 'admin' group ensures that entering your administration password is required before anything can be added to the folder. Installation of applications that already require your password are not affected.
Highlight the Applications folder and choose Get Info from the File menu. Click the padlock to authenticate changes you are about to make. In the Sharing and Permissions section, set the Privilege from Read & Write to Read only for the 'admin' group and also for the 'everyone' group if not already set. Click the padlock to lock the settings. Close the Info box.The result should look like this:
When any modification wants to be made to the Applications folder, you get a confirmation dialog which won't let it install until you authenticate.
Notice that now when you open the Applications folder there is a 'write-protect' icon in the bottom left of the window.
No comments:
Post a Comment