Snow Leopard Security (unwanted snooping)
in [Mac Systems]
|
Prev: Cheap Print Server
Next: Pascal recommendation?
From: Terry Carmen on 16 Mar 2010 15:48 On Tue, 16 Mar 2010 12:52:52 -0500, this wrote: > In article <36adnbbuSbWJIQLWnZ2dnUVZ_oOdnZ2d(a)giganews.com>, > Terry Carmen <terry(a)cnysupport.com> wrote: > >> Can anybody point me to a FAQ on Snow Leopard security or toss me a >> clue? > > Since your situation is unclear here are some links that may or may not > be useful. > Thanks! I'll take a look. Terry
From: Paul Cardiff on 16 Mar 2010 15:57 On 2010-03-16 13:12:52 -0400, Terry Carmen said: > Can anybody point me to a FAQ on Snow Leopard security or toss me a clue? > > I've disabled the guest account, changed the passwords and disabled > anything I can find that isn't necessary, however the snooping continues, > so I've obviously missed something. Have you checked Sharing in the System Preferences and made sure all sharing is turned off? Paul
From: Richard Maine on 16 Mar 2010 16:03 Terry Carmen <terry(a)cnysupport.com> wrote: > On Tue, 16 Mar 2010 11:13:48 -0800, Doug Anderson wrote: > > > Why do you think there is "snooping" and that sensitive information is > > being leaked? > > Because people are talking about things that they should have no > knowledge of. If that's the only basis for suspicion, odds are high that it has little to do with computer security. Not knowing the details of your situation, I can't offer much in the way of specifics, but there are always other ways to get information like that, particularly when you are talking about internal leaks. Some of the most common are really trivial - as in they talked to someone who knew. Or there is always just the watch over someone's shoulder when he/she doesn't see you. Or any number of other non-technical means. You can waste an awful lot of time looking for technical problems, when the leak really is non-technical. I reemphasize, this kind of thing is usualluy the answer - including in cases where people "swear" it couldn't be the case. Happens all the time. But for technical leaks.... well, if that's what you are looking for, you need someone who has a good knowledge of your exact configuration and operation. You aren't going to get expert technical advice on things like that on the net because it needs to much specifics. For example, you say elsethread that the data is stored "only on that machine". That right there tells me that one of two things are so. Either 1. You don't actually understand where all the data gets stored or 2. Someone is doing a negligently poor job of managing important company data. I say that because important company data should have backups. If you don't have backups of important company data, then it is being managed negligently. If you do have backups, then your "only on that machine" inaccurate, as the data also resides on the backups, wherever they are. -- Richard Maine | Good judgment comes from experience; email: last name at domain . net | experience comes from bad judgment. domain: summertriangle | -- Mark Twain
From: Tom Harrington on 16 Mar 2010 16:23 In article <36adnbHuSbUESALWnZ2dnUVZ_oMAAAAA(a)giganews.com>, Terry Carmen <terry(a)cnysupport.com> wrote: > That's the problem. I don't know what's happening, except that financial > information entered and stored only on that machine is becoming known to > people in the company who supposedly have no access to it. Nobody else ever has access to that machine except you? Even after hours? And this data is not something you retrieved from somewhere-- it's something you came up with on the spot, typed into the computer, and told nobody else about? And the data is not backed up anywhere? Physical security is the most important aspect of keeping data private, and the most common point of failure. -- Tom "Tom" Harrington Independent Mac OS X developer since 2002 http://www.atomicbird.com/
From: Terry Carmen on 16 Mar 2010 16:49
On Tue, 16 Mar 2010 14:23:39 -0600, Tom Harrington wrote: > In article <36adnbHuSbUESALWnZ2dnUVZ_oMAAAAA(a)giganews.com>, > Terry Carmen <terry(a)cnysupport.com> wrote: > >> That's the problem. I don't know what's happening, except that >> financial information entered and stored only on that machine is >> becoming known to people in the company who supposedly have no access >> to it. > > Nobody else ever has access to that machine except you? > > Even after hours? > > And this data is not something you retrieved from somewhere-- it's > something you came up with on the spot, typed into the computer, and > told nobody else about? > > And the data is not backed up anywhere? > > Physical security is the most important aspect of keeping data private, > and the most common point of failure. Yes, someone sits there (not me) and enters data on the keyboard, and it's in a locked office. It's not a backup problem, since the leaks have occurred before backups were performed. Thanks for everybody's help. I'm going to make the ipfw changes and see if that helps. If it doesn't, it's probably not a technology problem. Terry |