November 16, 2015

Techno Bits vol. 49: I am concerned about the security of your...


The events of Friday weigh heavy on me today, but you're here for good commentary on technical matters, not geopolitical strife. I'll just say: nous sommes tout Parisienne toujours et pour l'eternité. 

Over the weekend, we had our monthly MacDMV meeting at Acronis in Ballston, and Dan Griggs from cmdSecurity spoke about the theory behind securing your Macs against external attackers. He made a critical point that I think everyone here will understand: It's not a matter of if, it's a matter of when. And if you're not doing some sort of continuous monitoring of your environment now would be a good time to start.

We'll have the video of Dan's presentation up later this week, and I'll tweet the link out, so keep an eye on the tiny birds. 

Related to Dan's talk, the Center for Internet Security released its annual benchmark report on OS X (PDF), and I understand work has begun on a new STIG for OS X. 

Security's only getting more important, not less. Just listen to this week's Clockwise to hear Glenn Fleishman talk about proof-of-concept ransomware existing for OS X. If that didn't just send cold shivers down your spine... then you have great backup, online and off, as well as onsite restoration. But still, scary.

Behold, the failure of the Mac App Store. This screenshot from Tapbots' Paul Haddad shows the problem dead center. The leaf certificate that was used to sign some of the app builds downloaded from the App Store expired this past week. If you haven't yet, read Michael Tsai's No One Minding The Store, which details the depth and the breadth of the App Store certificate failure.

There was a recent discussion in the MacAdmins Slack community, with one person arguing that the best way to roll out software was the Mac App Store. I couldn't disagree more, and this crisis, sadly, backs up my point. This was a rolling dumpster fire of a problem, and though Apple acted quickly to fix the situation, this sort of problem, one that was entirely preventable, is the sort of thing that can cripple an entire company if they rely on the MAS for distribution.

This is a nightmare, and it's not abating until Apple puts some serious effort into their App Store team.

Cool El Cap Tricks: Terminal Marks


Arek Dreyer posted this to his Facebook over the weekend, and I was fascinated. Terminal.app got some feature bumps in El Capitan, and the inclusion of Terminal Marks is one of them. You may have noted that some lines in terminal carry light-grey left brackets, showing executed commands. Better, you can jump between executed commands by using Command-UpArrow and Command-DownArrow. There's a nice highlight animation, as well, which I appreciate. This is great for debugging long-runs of code (like, say, Munki in a Box...)

Thanks Arek for posting this!

Links to Read