If you’ve ever wished you could check up on your house while you’re away, wish no more because we have a simple solution. We are going to configure a Mac as a home security camera that will open a live video stream on demand which can be watched remotely from anywhere via an iPhone, iPad, iPod touch, or another Mac. If this sounds potentially complicated, it’s actually not at all, and everything is achieved through a little FaceTime hackery. Read along.

Requirements for the Mac Security Cam
Here’s what you’ll need before getting started:

• FaceTime app installed on the home Mac (comes with Lion or later, earlier Macs can get it from Mac App Store)
• A valid Apple ID to use as a FaceTime Login – you may want to create an additional unique Apple ID for this purpose
• An iPhone, iPad, or iPod touch, or another Mac with FaceTime

Setting Up the Camera & Accepting Remote Video Connections

This is easier to set up than you might think. We’re going to assume you already have FaceTime on the Mac installed, if not do that first. Next you’ll want to position the Mac so that the front-facing iSight (FaceTime) camera is pointing in the direction you want to watch. With that done, here’s the most technical aspect of this set up:

1. Launch Terminal found in /Applications/Utilities/ and enter the following command to automatically accept incoming FaceTime calls:

defaults write com.apple.FaceTime AutoAcceptInvites -bool YES

2. Still in Terminal, enter the next command, changing the email address on the end with the Apple ID you wish to automatically accept a video connection from:

defaults write com.apple.FaceTime AutoAcceptInvitesFrom -array-add change@me.com

If you want to add other Apple ID’s or even a phone number to automatically accept FaceTime video calls from, feel free to do so by running the above command again with additional email addresses. Phone numbers must be prefixed with a + like so: +14085551212

Opening the Live Video Feed

Now for the fun part. Grab an iPhone, iPad, iPod touch, or Mac that is setup to use FaceTime with the Apple ID you chose to autoaccept invites from, and initiate a FaceTime call with the home Mac’s Apple ID. It will automatically accept the call, giving you a live video feed of what’s going on at the location of the recipient Mac. Hang up the FaceTime call at any time to close the video feed.

As mentioned earlier, it may be best to create a unique Apple ID specifically for the recipient Mac. That Apple ID could then be added as a contact to the iOS Address Book as “Mac Home Camera” and added to favorites for quick access.

The only downside to FaceTime is the feed requires a wi-fi connection or to use Personal Hotspot to circumvent the FaceTime wi-fi limitation. You could probably use Skype to get around that limitation as well, but that’d be another article. Enjoy!

Apple has released a standalone removal tool that targets Flashback malware infections. The separate utility is recommended for Mac users who do not have Java installed on their OS X Lion machine, but it’s functionality is identical to that performed by the most recent Java update to remove Flashback.

If your Mac does not have Java or you did not install the most recent Java for OS X updates, running this tool is a good idea. Here is what to do:

1. Download the tool directly from Apple
2. Mount the DMG file and launch FlashbackMalwareRemover.pkg
3. Click Continue, click “Install” and enter the administrative password

Everything beyond that is automated, if the Mac is infected it will be automatically repaired.

Users should always keep system software up to date as part of a general maintenance routine. Despite the recent media overhyping of Flashback, Mac OS X remains a very secure platform. If you are concerned about potential attacks, our recent guide on securing Mac OS X from potential trojans and malware may be helpful to you.

Apple has released a new Java security update that automatically removes the most frequently occurring variations of the Flashback trojan malware. The software update is recommended for all Mac users to install, even if they have previously checked their systems for infection.

To get the update and remove any malware that is potentially on a Mac, simply download the “Java for OS X 2012-003″ update from Software Update found within the  Apple menu. There is no manual checking or removal required, simply installing the update from Apple resolves any potential infection for you.

The new Java update also disables automatic execution of Java applets, providing further security against potential threats down the road. Release notes are as follows:

This Java security update removes the most common variants of the Flashback malware.

This update also configures the Java web plug-in to disable the automatic execution of Java applets. Users may re-enable automatic execution of Java applets using the Java Preferences application. If the Java web plug-in detects that no applets have been run for an extended period of time it will again disable Java applets.

This update is recommended for all Mac users with Java installed.

For details about this update see: http://support.apple.com/kb/HT5242

All Mac users should install the update as soon as possible. For extra protection, don’t miss our recent post on some simple tips to secure Mac OS X from viruses, malware, and trojans.

Update: Apple has released an official update that removes Flashback with a Software Update. Download the latest Java updates from the OS X Software Update panel to automatically remove Flashback trojan malware.

A new application has been released which makes checking a Mac for the Flashback malware infection as simple as clicking a button. This is a huge help for assisting less tech savvy people for checking their Macs, though if you follow us you probably already checked for the Flashback trojan using the manual Terminal method. This new app-based detection method is very nontechnical and is just a two step process:

1. Download FlashbackChekcer from Github
2. Unzip and run the FlashbackChecker application, and click the giant “Check for Flashback Infection” button

If the “No Signs of infection were found” message appears you are safe, and the chances are extraordinarily good that you will not have the infection. If you see a “Potential Issue found” message, you may have the malware, though this is exceedingly rare and we haven’t heard of a single confirmed case in our sizable readership.

Just because you don’t have the infection doesn’t mean you should become complacent though. Be sure to update to the latest versions of Java for OS X, and don’t miss our post on eight simple tips to protect a Mac from viruses, trojans, and malware, a little prevention goes a long way.

Thanks for the tip Scott

The recent outbreak of the Flashback trojan (Apple released an update and fix, get it!) has brought a lot of attention to potential viruses and trojans hitting the Mac platform. Most of what you’ll read is overblown fear mongering hype, and practically all Mac malware has come through third party utilities and applications. What that means for the average user is that it’s very easy to completely prevent infections and attacks from occurring in the first place, especially when combined with some general security tips. Without further ado, here are eight simple ways to secure a Mac to help prevent viruses, trojans, and malware from effecting you:

1) Disable Java

Flashback and other malware has installed through Java security breaches. Apple has already released several updates to patch the Java security holes that allowed Flashback to spread (you should install those), but you can also go a step further and completely disable Java on the Mac. Frankly, the average person doesn’t need Java installed on their Mac let alone active in their web browser, disable it and you don’t have to worry about security holes in older versions of the software impacting your Mac.

1a) Disable Java in Safari

• Open Safari and pull down the Safari menu, selecting “Preferences”
• Click on the “Security” tab and uncheck the box next to “Enable Java”

Disabling Java in the Safari browser is reasonably effective, but why not go a step further and disable it in Mac OS X completely? Chances are high that you won’t miss it, let alone notice it’s disabled.

1b) Disable Java System-Wide in Mac OS X

• Open the Applications folder and then open the Utilities folder
• Launch the “Java Preferences” application
• Uncheck the box next to “Enable applet plug-in and Web Start applications”
• Uncheck all the boxes next to “Java SE #” in the list below

2) Update Apps and OS X Software Regularly

Apple regularly issues Security Updates and many third party apps do as well, therefore regularly updating both your OS X System Software and OS X apps are one of the single best preventative measures you can take to keep a Mac secure. We’ve hammered home about this repeatedly as a general Mac OS X maintenance tip because it’s important and so easy to do:

1. Open Software Update from the  Apple menu and install updates when available
2. Open the App Store and download available updates

3) Disable or Remove Adobe Acrobat Reader

Adobe Acrobat Reader has had multiple security breaches recently, therefore you’ll be safer without it in your web browser. There’s little reason to have Reader installed on a Mac anyway, OS X includes Preview for viewing PDF’s. Uninstall Adobe Acrobat Reader by running the bundled uninstaller app, or locate the following file and remove it to uninstall the Acrobat browser plugin:
/Library/Internet Plug-ins/AdobePDFViewer.plugin

4) Install Anti-Virus Software for Mac OS X

Using anti-virus software on the Mac is likely overkill, but it’s worth mentioning again. We’ve talked about the free Sophos anti-virus here before, and though you probably won’t ever need it, it’s a free and effective way to fight viruses that may end up on the Mac. If you’re the cautious type and you’d rather be safe than sorry there isn’t much harm to using it as a preventative measure:

• Download Sophos Anti-Virus for Mac

5) Disable Adobe Flash / Use a Flash Block Plugin

Flash has been used as an attack vector in the past, and Macs stopped shipping with Flash installed for a reason; basically it’s a crash-prone battery hog that has occasional security breaches. Many sites use Flash for video and games though, so instead of uninstalling Flash completely we’ll recommend using a Flash block plugin for your web browser. This causes all Flash to be disabled by default until you click to allow individual plugins and instances of the Flash plugin to run, preventing unauthorized Flash from running in a web browser completely. These plugins are free and available for every major browser:

• ClickToFlash for Safari
• FlashBlock for Chrome
• FlashBlock for Firefox

6) Disable Automatic File Opening After Download

Safari defaults to automatically opening “safe” files after they’re downloaded. For added security, disable this feature and manage the opening of downloads yourself:

• Open Safari preferences and click the General tab
• Uncheck the box next to “Open ‘safe’ files after downloading”

7) Double-Check Anti-Malware Definitions are Enabled

OS X automatically downloads and maintains a malware definition list which is actively used to combat potential threats and attacks. This is enabled by default, but you can double-check to make sure you’re getting the updates as they arrive by insuring the feature is turned on:

• Open System Preferences and click on “Security & Privacy”
• Under the General tab look for “Automatically update safe downloads list” and make sure it is checked

You can also check the update list manually if you’re concerned the latest version hasn’t been installed, but as long as you have the feature enabled and have regular internet access, it probably is.

8 ) Don’t Install Random Software You Didn’t Ask For

If you see a random pop-up window asking you to install random software you didn’t request, don’t install it! This may sound like common sense, but it’s actually how some Mac malware propagated in the past. Apple patched the hole that allowed for that to happen a while ago, but the overall message is still relevant: if you didn’t download or request an app to be installed and you’re suddenly confronted with an installation dialog, don’t install it.

That about covers it, but if you have any additional security tips and anti-virus/malware/trojan tips, let us know in the comments.

Update: Apple has released a Java software update that includes automatic detection and Flashback removal ability. Go to “Software Update” from the  Apple menu to download that update and automatically remove the trojan if you happen to have it on your Mac.

Trojans and viruses are generally something Mac users don’t have to worry about, but there’s a lot of hubub about the so-called Flashback trojan that has apparently infected a several hundred thousand Macs worldwide. The trojan takes advantage of a vulnerability in an older version of Java that allows it to download malware which then “modifies targeted webpages displayed in the web browser.” As we mentioned yesterday on Twitter, the vulnerability has already been patched by Apple and if you haven’t downloaded the latest version of Java for OS X yet you should do so now. Go to Software Update and install the Java for OS X Lion 2012-001 or Java for Mac OS X 10.6 Update 7, depending on your version of Mac OS. That will prevent future infections from occurring, but you’ll also want to review if a Mac is infected.

We haven’t heard of or seen a single case of the Flashback infection on a Mac, but for the sake of optimal security we’re going to cover how to quickly check if a Mac is afflicted by Flashback trojan:

• Launch Terminal (found in /Applications/Utilities/) and enter the following commands:

defaults read /Applications/Safari.app/Contents/Info LSEnvironment

• If you see a message like “The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist” than so far so good, no infection, proceed to the next defaults write command to confirm further:

defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES

• If you see a message similar to “The domain/default pair of (/Users/joe/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist” then the Mac is NOT infected.

What if you see something different in the Terminal? If the defaults read commands show actual values rather than the “does not exist” response, you may have the trojan, though this does seem to be extraordinarily rare. In the event you run into a Mac with the problem follow the guide on f-secure to remove the Flashback trojan, it’s just a matter of copying and pasting a few commands into the Terminal.

All in all this is nothing to freak out about, but it does serve as another reminder as to why it’s important to update system software as part of a general maintenance routine. If you want to take some extra security precautions and preventative measures, don’t miss our article on simple tips to prevent Mac virus infections, malware, and trojans.

The default passcode for iPad and iPhone uses a fairly simple four digit numerical password, these are fairly easy to guess because statistically many people use common passwords or some variation of a simple theme, like a repetition, countdown, or birth year.

An easy way to add more security to an iOS device is to disable simple passcodes and utilize the full keyboard, here’s how to enable this setting.

1. Tap on “Settings” and tap “General”
2. Tap on “Passcode Lock” and enter the current passcode
3. Next to “Simple Passcode” slide the ON button so that it’s off
4. Enter the old simple 4 digit passcode, and then enter the new password based on the full keyboard and special characters

You can now use a combination of letters, numbers, and special characters, though using the latter can be difficult to remember since their placement is different on the iOS keyboard than a standard QWERTY layout.

Don’t set something so complicated that you can’t remember it yourself, though it isn’t too difficult to reset if you need to, assuming you have access to a computer.

For those especially concerned with security, you can also set the iPhone or iPad to “self destruct” and automatically erase all data after 10 failed password attempts. This is also a fairly good anti-theft countermeasure, just make sure you don’t forget it yourself or you could accidentally wipe your device.

You can password protect files and folders in Mac OS X by using a trick with disk images. Here’s how it works; by placing files inside of an encrypted disk image, that disk image will work like a password protected folder and require a password before it’s mounted, preventing unauthorized access to all of the contents.

How to Password Protect Files & Folders in Mac OS X with Disk Images

Do this along with general password protection for maximum effect.

• Launch “Disk Utility” located in /Applications/Utilities
• Click on the “New Image” button at the top of the app



• Name the disk image and set a file size that is appropriate for what you intend to store in there
• Click on the contextual menu alongside “Encryption” and choose either 128 or 256-bit encryption (256 is stronger)



• Click “Create”
• At the next screen you will set a password to access the folder – do not lose this password, you will not be able to open the disk image if you do
• Optional: Uncheck the box next to “Remember password in keychain” – only do this if you’re the only user on the Mac, otherwise anyone can open the image without the password



• Click “OK” to create the disk image

The encrypted disk image is now created. Now you need to locate the image, mount it which will require the password set in the creation process, and drag files and folders into the mounted image that you want password protected. The default location for new disk images is the Desktop, but if you saved it elsewhere, look there instead.

Once you are finished copying files and folders to the mounted disk image, eject it like any other disk and the contents will be safely protected within, requiring the password to access again. Because the files and folders have been copied, you’ll want to delete the originals so they aren’t visible to anyone else. Again, do not lose the password set or you will not be able to get access to the contents of the encrypted disk image.

This should not be considered a replacement for setting a general password for a Mac, and it’s always a good idea to lock down the screen when you’re away from the computer. Filevault also provides encryption and security features, but older version have some potential speed drawbacks that are particularly noticeable on non-SSD drives, this is mostly a non-issue for OS X Lion, however.

The root user is a special user account with high level system-wide access privileges intended for system administration, monitoring, and in depth troubleshooting purposes. By default, root user is disabled in Mac OS X for security purposes, but if you need to enable superuser, this guide will show you how to do so in OS X 10.7 Lion.

If you do not have a specific need to enable root, you should leave it disabled.

Enable Root User in OS X Lion

This process also sets a password for the root account.

• From the Mac OS X Desktop, hit Command+Shift+G to bring up Go To Folder and enter the following path:

/System/Library/CoreServices/


• Inside CoreServices folder, locate and launch “Directory Utility”
• Unlock “Directory Utility” by clicking the padlock icon and entering the administrator password
• Pull down the “Edit” menu and select “Enable Root User”
• Enter and confirm a password to set the root users password and to enable the account

Be sure to set a strong password for the root account. If you’re bad at picking passwords or you just want the security advantages of randomness, generate one randomly from the command line.

With root now enabled, the account can be used freely. It will not appear in the Users & Groups preference pane.

The root account can access, read, and write to all files on a system, even if they belong to someone else. Additionally, root can also remove or replace system files. This is why it’s a potential security risk to leave the account enabled aimlessly, or to use a weak password with the account.

The Directory Utility control panel can also be used to change a set root password through the Edit menu, or that can be done through the command line using sudo passwd, similar to changing the root password in iOS devices.

Creating a password protected zip file is easy in Mac OS X and does not require any add-ons or downloads. Instead, use the zip utility that is bundled with all Macs.

If you’re familiar with the command line, the syntax of the encrypted zip command is as follows:
zip -e [archive] [file]

If you’re not sure how to use that, read on to learn how to create zip archives encrypted with passwords. These encrypted zip files will maintain password protection across platforms, meaning you can send a protected zip file to a Windows user and they will still need to enter the password in order to view the contents.

Set a Zip Password in Mac OS X

You can create password protected archives of files and folders:

1. Launch the Terminal from the Applications > Utilities folder
2. Type the following command:

zip -e archivename.zip filetoprotect.txt

3. Enter and verify the password – don’t forget this

The resulting archive, in this case named “archivename.zip”, is now encrypted with the password provided. The file that was encrypted, “filetoprotect.txt”, is now inaccessible without entering that password.

Example: Zipping a Folder and Setting a Password
Here is an example of what this will look like from the command line, in this case we are compressing and password protecting the entire ‘Confidential’ folder located within the users /Documents directory, and the password protected zip is being placed on the users desktop for easy access:
$ zip -e ~/Desktop/encrypted.zip ~/Documents/Confidential/
Enter password:
Verify password:
adding: ~/Documents/Confidential/ (deflated 13%)

Notice the password will not display, this is normal behavior for the Terminal.

Opening the Password Protected Zip

Despite being created at the command line, you do not need to unzip the file from the terminal, it can be expanded from the Mac OS X Finder or within Windows using standard unzipping apps. Just double click on the file, enter the password, and it will decompress. You can also decompress the zip archive from the command line with:
unzip filename.zip

Here are some use cases for password protected zip archives:

• Password protecting an individual file or directory
• Sending a sensitive and encrypted file over an unencrypted network
• Emailing confidential data to a Windows user
• Adding an additional layer of security to a hidden folder
• Password protecting your own backups, outside of Time Machine

While this can provide some protection on a per-file or folder basis, it’s always a good idea to password protect the Mac in general with a login requirement on system boot, wake from sleep, and waking from the screen saver.

If you’ve been following the Carrier IQ brouhaha and ensuing fallout, you might be interested to know that it’s very easy to disable the Carrier IQ service, logging, and reporting on iPhone or any other iOS device:

• Tap on “Settings”
• Go to “General” and tap on “About”
• Tap on “Diagnostics and Usage”
• Tap on “Don’t Send”

If this was already disabled for battery saving purposes or whatever other reason, you should have nothing to worry about, if not, then this should prevent Carrier IQ from sending any data over to Apple.

For some background here, Carrier IQ is network diagnostic software that some cellular carriers have been installing on smartphones and tablets. Going beyond just gathering network diagnostics, Carrier IQ was found on some Android phones to be gathering personal and private information, including phone call logs, text message content, and even encrypted web searches, or, put simply, it’s a substantial invasion of personal privacy. Later, renowned iOS hacker chpwn found references to Carrier IQ in some versions of iOS, but it isn’t nearly as nefarious as what was discovered on Android, doesn’t track nearly as much personal information, and thankfully, it’s much easier to disable.

Keep in mind that Apple also told WSJ’s AllThingsD that they stopped supporting the feature in iOS 5 for most of their products, saying the following:

“We stopped supporting CarrierIQ with iOS 5 in most of our products and will remove it completely in a future software update. With any diagnostic data sent to Apple, customers must actively opt-in to share this information, and if they do, the data is sent in an anonymous and encrypted form and does not include any personal information. We never recorded keystrokes, messages or any other personal information for diagnostic data and have no plans to ever do so.”

We should expect an update to iOS in the near future to address this on any remaining devices.

If you are using a public Mac or are just concerned about things like keyloggers and other potentially unauthorized access to your keystrokes, you can enable a feature in Mac OS X Terminal app that secures keyboard entry and input into the terminal. According to Apple, this feature “prevents other applications on your computer or the network from detecting and recording what is typed in into Terminal“, making it a good additional security measure when such precautions are needed. Enabling it is extremely easy:

• Pull down the “Terminal” menu and select “Secure Keyboard Entry

Using a personal Mac likely makes this an unnecessary precaution since the risk is very low, but it’s a helpful tip if you’re using another untrusted computer or in a situation where you’d be concerned about another application capturing keystrokes.

Be warned that enabling “Secure Keyboard Entry” will interfere with most password managers and anything else that attempts to automatically type and interact with the Terminal for you.

Private Eye is a free real-time network monitor app for Mac OS X 10.7+ that is extremely easy to use. Launching the app, you’ll start to see all open network connections, and you can then filter connections by app, monitor all open connections, or watch only incoming or outgoing transfer.

Connections are reported by application, the time of the connection, and arguably the most useful, the IP address that is being connected to by the app. If you have any interest in networking, security, or you just want to keep an eye on what apps are connecting to the internet and to where, you should download this app.

• Download Private Eye now (direct link) or visit the developers home

This is a simple yet powerful tool without the complexity or the learning curves related to compiling and using the command line tools lsof, watch, open_ports, or wireshark. Highly recommended.

Well here’s a security flaw in iOS 5 that will quickly get patched: anyone with a magnet (or a Smart Cover) can bypass the iPad 2′s locked passcode screen and access whatever app was previously left open. The passcode bypass was discovered by 9to5mac, who recorded a video demonstrating the security breach (embedded below).

From a locked iPad 2:

• Hold down the power button until the the slider appears across the top
• Close the iPad 2′s Smart Cover or swing a magnet over the magnetic points around the screen rim, then remove the Smart cover or magnet
• Click “Cancel” at the bottom of the lock screen

You’re now at the iOS 5 springboard, but the biggest security threat is when users have left an app open with sensitive data, since the lockscreen is bypassed directly to it. This could mean

Protection Against the iPad 2 Lock Screen Bypass:
For the time being, iPad 2 users are encouraged to disable the “Smart Cover unlocking” feature found in Settings > General.

Here’s the video showing the password bypass:

We recently wrote about the dscl utility and how it allows a Mac OS X Lion user to change a password without knowing the existing password. The lack of required admin authentication has since been widely reported as a bug, and a small Security Update will likely be issued by Apple sometime in the near future. Nonetheless, if you’re paranoid about someone getting ahold of your Mac and changing the user password without authorization, you can manually change the permissions of the dscl utility yourself, forcing it to require administrative privileges in order to be run.

• Launch Terminal (located at /Applications/Utilities/)
• Type the following command and hit return:

sudo chmod 100 /usr/bin/dscl

• You will be asked for the current administrative password to confirm the permissions change, enter it and hit return

This is a simple permissions fix that likely mimics what an official security update will do. Using sudo chmod 100 states that only the owner (root) is able to execute the dscl command, which effectively prevents other non-admin users from accessing the directory services utility without using the sudo command, and thus the administrator password.

There may be some unintended consequences of changing those permissions, but it’s unlikely to effect most users. If you do encounter some problems you can always change the permissions back, which look to be set as 755 by default.

A big thanks to “Tjb” who left this tip in the comments!

Update: Jim T left the following recommendation in the comments, suggesting another chmod command to change the permissions:

Instead, do this:

sudo chmod go-x /usr/bin/dscl

That will -only- remove the execute permission on group and other, leaving the other permissions (read & write, and root’s full permissions) completely as was before the change. To reverse, do:

sudo chmod go+x /usr/bin/dscl

Only touch the stuff you need to touch!

His reasoning is that chmod 100 is too restrictive in that it changes the command to execute only, where as before the root user could read, write, and execute.