MacSecure.com
A Mac Security Blog

This blog has been neglected for a bit, but it’s coming back soon.

The new revision of TrueCrypt – Version 5.0(a) — has now been released for Mac.   Downloads are available here.  I haven’t had a change to work with it since I’m traveling, but initial word from some colleagues is that it works as expected.

Got to do some testing with TrueCrypt on the Mac – and immediately hit a wall.  One of the unique features of TrueCrypt is the ability to create a hidden TrueCrypt volume inside of another TrueCrypt volume.  The idea is that if you were forced to reveal a passphrase, you give up the passphrase to [...]

A staple on the Windows OS for quite a while, TrueCrypt has finally been ported to OS X. While it doesn’t have a lot of polish yet, it does indeed seem to work like the Windows version does. TrueCrypt has the ability to create an encrypted volume — which can [...]

Fixing some of the known issues with cups, tar, Safari, samba, etc.   Lots of updates in this one.
Apple has more info with CVE’s listed here.    SANS also has a blurb about it here.   I’ll install tonight and take some notes.   Also, coming soon — more tool discussions.

I’d say it’s less ‘risk’ and more ‘real’ at this point — but I’m traveling and I haven’t had much time to look into it yet.    Heise has more info available here.

See here.   Just a quick note:  if you read the Symantec advisory regarding the Quicktime RTSP Header Vunerability, they mention blocking certain traffic if you’re worried about the exploit — which appears to be Windows specific at this point. In the interest of being safe though, here is a set of ipfw rules for blocking [...]

Symantec is reporting details of a vulnerability in Quicktime 7.2 and 7.3 that is currently unpatched by Apple.   Right now the exploits in the wild for this vulnerability appear to only be loading Windows executables, but the suggestion is that OS X systems could potentially be vulnerable as well.  Recommended steps until there is [...]

Rich over at Securosis and some other folks have been working on a set of rules for the Leopard firewall (ipfw) that would be restrictive without breaking everything completely.  The ruleset has been tweaked extensively now and takes a lot of things into account.   I’ll be testing it out tonight, but it looks great so [...]

I’m sure the 10.5.1 update (which just rolled out to Software Update today) will be dissected on all of the Mac forums and blogs, but in the Security section of the release notes, there are a few highlights that were noteworthy:

The “Block All Incoming Connections” setting I talked about here has now been changed to [...]