Feeds:
Posts
Comments

by Tom Nelson

The process of securely wiping a drive, that is, removing every bit of the data it contains and scrambling its content enough to protect the information stored on the drive from prying eyes, is fairly well understood for old-fashioned spinning hard drives. SSDs, on the other hand, can be affected poorly by the same techniques used on hard drives: overwriting data locations multiple times with random data or specific data patterns.

To make matters worse, at least from a security standpoint, even after overwriting data on an SSD, it’s possible that some of the original information is still present on the drive.

Which brings us to the question: Can you securely erase an SSD without damaging the drive, and make sure that all of the information is no longer recoverable?

Disk Utility’s Security Options for erasing a drive may not be present when used on an SSD. Screen shot © Coyote Moon, Inc.

It may be a good idea to review how Disk Utility can be used to erase and protect information in the article: How to Securely Wipe the Data Stored on a Drive in macOS High Sierra.

We originally looked at the changes High Sierra brought to performing a secure wipe. In this Rocket Yard article, we’re going to further explore how to securely wipe an SSD.

SSD Architecture
As we said above, the process of securely wiping a hard drive is fairly well understood. The linear nature of data storage on a spinning drive, along with the ability to access and read, write, and erase data at all active storage locations make the sanitation process pretty easy, though sometimes time-consuming. Essentially, you need to erase the volume and partition maps, and then overwrite each data location using a random or specific data pattern.

The number of times data is written, and the data pattern used for the secure wipe, allows the sanitation process to meet specific security requirements, including those set forth by the DOD or other government agencies.

SSDs, on the other hand, don’t use a linear storage convention, nor are the storage locations directly addressable. Instead, SSDs use a number of mapping layers that hide the physical layout of the flash-based memory, as well as help in managing how flash memory data integrity and lifetime are managed. Collectively, these layers are referred to as the flash translation layer (FTL).

The OWC Aura Pro X is 7% overprovisioned to optimize performance and ensure the FTL has plenty of free blocks to work with. Screen shot © Coyote Moon, Inc.

SSDs are also overprovisioned; they contain a bit more flash memory than what they’re rated for. This extra memory is used internally by the FTL as empty data blocks, used when data needs to be rewritten, and as out-of-band sections for use in the logical to physical mapping.

The mapping layers, and how the flash controller manages memory allocation, pretty much ensure that either erasing or performing a conventional hard drive type of secure erase won’t ensure all data is overwritten, or even erased at all.

One example of how data gets left behind intact is due to how data is managed in an SSD. When you edit a document and save the changes, the saved changes don’t overwrite the original data (an in-place update). Instead, SSDs write the new content to an empty data block and then update the logical to physical map to point to the new location. This leaves the space the original data occupied on the SSD marked as free, but the actual data is left intact. In time, the data marked as free will be reclaimed by the SSD’s garbage collection system, but until then, the data could be recovered.

A conventional secure erase, as used with hard drives, is unable to access all of the SSD’s memory location, due to the FTL and how an SSD actually writes data, which could lead to intact data being left behind.

Read more on Rocket Yard, The MacSales.com Blog

Advertisements

by Tom Nelson

Having issues with Mojave? Seems like it’s a rite of passage to install a new version of the macOS, and then uncover issues we didn’t see in the beta version.

With macOS Mojave, we appear to be seeing a smaller crop of issues than we saw in our previous “what broke” guides:

That may be due to a more rigorous beta cycle, or maybe we just haven’t had enough time to uncover all the possible problems. Either way, here’s our newest guide to what broke and how to fix it in macOS Mojave.

SMS Messages Not Delivered
If you use the Messages app on the Mac to send SMS messages, you may notice a strange timeout error occurring when you send an SMS message to a non-Apple device.

Once you send such a message, you may see a “Not Delivered” error message. While the error message is a bit vexing, it gets stranger. Turns out your message was sent, and likely received, without any problems.

Logging out and back into iCloud may correct the SMS delivery error. Screen shot © Coyote Moon, Inc.

If that was the extent of the issue, you could probably live with it and wait for a fix in one of the subsequent Mojave updates. But as you may have guessed, there’s one more problem associated with the Not Delivered error. Once you see the Not Delivered error message, the recipient will not be able to send you any responses.

At the time of this writing, there’s no fix available for the issue that always works. But I can list a few things that some people have reported as a cure, although just as many said the cure didn’t help them. Since there’s no official fix, this, then, is a best shot approach:

  • Sign out and sign back into Messages: Works for some people, but in most cases, the problem eventually returns.
  • Sign out of iCloud and sign back in: The idea here is to force your Mac’s data to re-sync with all of your other devices via iCloud. If you give this fix a try, be sure to save the iCloud data locally on your Mac, just to ensure you don’t lose any information. You’ll be presented with the option to save the iCloud data locally when you sign out.
  • Stop sending SMS messages to non-Apple devices: This works, but it may be difficult to get all your Android-using friends to switch to Apple.

The SMS error appears to be very erratic, with many people not experiencing the problem at all, yet there’s more than a handful of users who have reported the issue. If you’ve seen this problem, let us know by using the comments section, below.

Weird Fonts
No, not a new set of fonts for the Mac, but fonts you’ve been using for ages now looking weird in Mojave. The usual sign for weird fonts is a bit of blurring or softness along the edges, even the straight horizontal or vertical lines of a letter.

The blurring is seen most often on non-Retina Macs. The cause is Mojave disabling sub-pixel antialiasing, an older font rendering technique that helped fonts appear smoother and less jagged on most displays.

You could solve the problem by upgrading to a Mac with a Retina display, or you can try the following fix:

You may not be afflicted with the problem if you upgraded to Mojave from an earlier OS that had font smoothing enabled. Even then, some users have mentioned the weird fonts even though they upgraded. No matter what the actual sequence of events is needed to disable sub-pixel font rendering, you can turn the feature back on with this simple two-step process:

Launch System Preferences by clicking or tapping the System Preferences icon in the Dock, or selecting System Preferences from the Apple menu.

Select the General preference pane from the System Preferences window.

At the bottom of the General preference pane, make sure there’s a checkmark in the “Use LCD font smoothing when available” box. (It may say “Use font smoothing when available,” depending on the type of display you’re using.)

Use Terminal to enable sub-pixel font smoothing if you are experiencing weird looking fonts. Screen shot © Coyote Moon, Inc.

Even if the font-smoothing box was already checked, you need to continue on to the second part of the fix: using Terminal to force font rendering to be enabled:

Launch Terminal, located at /Applications/Utilities.

At the Terminal prompt, enter the following:

defaults write -g CGFontRenderingFontSmoothingDisabled -bool NO

Press enter or return on your keyboard.

You can quit Terminal and close the System Preferences window if it’s still open.

For the change to take effect, you need to restart your Mac.

Read more on Rocket Yard, The MacSales.com Blog

by Tom Nelson

macOS Mojave has a number of security and privacy enhancements that can help make using your Mac a simpler, safer, and more secure experience. Apple made changes to Safari, as well as expanded Gatekeeper and SIP services provided by the macOS.

Automatic Strong Passwords with Safari
Safari can automatically create strong 20-character passwords for you when you’re setting up a new service or account. Safari will populate the password and password confirmation field for you, though you can accept or reject the supplied password. The account password will be stored in Safari, and synced with your other Apple devices using iCloud. As long as you remain within the Apple environment (macOS, iOS, watchOS, tvOS), you can access all of your account passwords using just your Apple ID password.

Strong passwords can be automatically generated and inserted into password fields when you sign up for a new service. Screen shot © Coyote Moon, Inc.

To use Automatic Strong Passwords, launch Safari and browse to a website for which you would like to create a login account.

1) When you come to the password field, click or tap once in the field.

2) Safari will display a key icon in the far right edge of the password field.

3) Click or tap the key icon.

4) In the menu that appears, select Suggest New Password.

5) A strong password will be generated.

6) You can click or tap in the password field, and select Use Strong Password, or Don’t Use.

Of course, to make the strong passwords easy to use, Safari can also auto fill login fields when needed:

1) Launch Safari and select Preferences from the Safari menu.

2) Select the Passwords item from the Safari preferences toolbar.

3) Place or remove the checkmark from the item labeled AutoFill user names and passwords.

Safari Password Reuse
Apple can’t put an end to password reuse, the practice of using the same password, or weak variants of a common password, over and over across multiple sites and services. Reusing passwords can be a disaster waiting to happen. Should someone gain access to one of your accounts, they’re going to try that same password with any other account or service they think you’re using.

As you can imagine, the results wouldn’t be very pretty if you’re reusing your passwords.

Safari can audit your website passwords and point out when you reuse a password multiple times. Screen shot © Coyote Moon, Inc.

Safari in macOS Mojave won’t prevent you from reusing passwords on multiple websites, but it can warn you when you do:

Launch Safari, and then select Preferences from the Safari menu item.

In the Safari preferences window, select the Passwords item in the toolbar.

Enter the password for the current user in order to unlock the Safari passwords.

The passwords that Safari has remembered for you will be displayed. If any passwords are being reused, Safari will mark them with a yellow warning placard.

Clicking or tapping one of the warning symbols will display details about the warning, including where the password is being reused, and a link to the current site, so you can quickly go there and change the password.

Read more on Rocket Yard, The MacSales.com Blog

by Tom Nelson

When you’re ready to install macOS Mojave, you’ll need to choose between two different install methods. The default is an upgrade install, which will update the version of the Mac operating system currently on your startup drive to macOS Mojave, while retaining your user data, apps, and other assorted information you may have stored on your Mac.

The second option is a clean install. This method completely erases all of the data on the startup volume and replaces it with the macOS Mojave operating system. When the clean install is complete, you’ll have a pristine startup drive, reminiscent of when you first got your Mac.

We’re going to show you both install methods, although we’ve combined them, since most of the steps are the same.

Preparing for Mojave
Before you begin installing Mojave, there are a few things to do to ensure your Mac and you are ready for the new operating system. Start by reviewing these guides to make the process an easy one: Mac 101: How to Get Ready for macOS Mojave

And while it’s unlikely you’ll encounter any problems while installing, this Rocket Yard Guide may help you solve a problem, should one occur: Mac Installation Errors You May Encounter and How to Fix Them

The App Store
The macOS Mojave installer is available from the App Store. You can find instructions for downloading the installer, as well as information about which Macs are able to run Mojave, plus some tips on common problems and how to avoid them, in the Rocket Yard Guide: How to Download macOS Mojave and Avoid Common Problems

The above guide also contains information on creating a bootable macOS Mojave installer. You’ll need the bootable installer if you intend to perform a clean install on the startup disk. You won’t need a bootable installer if you’ll be performing a clean install on a non-startup disk.

Even if you don’t need the bootable installer, it’s a good idea to create one, as a way to archive the installer as well as to make installing macOS Mojave on multiple Macs an easier process.

At this point, you’ve acquired the macOS Mojave installer from the App Store, and are almost ready to perform a clean or upgrade install. Before you proceed, be sure you have an up-to-date backup of your Mac.

If you’re ready to begin the install, I’ve broken the process into two sections: an Upgrade Install and a Clean Install.

Clean Install Preparation
Performing a clean install on your startup disk requires a few extra steps, including starting up from the bootable installer you made earlier, and completely erasing your startup drive. It goes without saying, but I’m going to say it anyway:

WarningThis process will completely erase your startup drive, causing all data stored on the disk to be lost.

Insert the USB bootable flash drive you made earlier into your Mac, and make sure it successfully mounts.

Restart the Mac while holding down the Option key. Keep the Option key depressed until you see the boot manager appear, displaying icons for all the disks you can start up from.

Select the USB bootable flash drive from the icons, and then press the return key on the keyboard.

When performing a clean install, use the Disk Utility option to erase the startup drive, and the Install macOS item to install Mojave on the empty startup drive. Screen shot © Coyote Moon, Inc.

Your Mac will start from the bootable installer. The startup process can take a bit longer than usual, depending on how fast the USB device is. Eventually, you’ll see the macOS Utilities screen.

Select the Disk Utility option, then click or tap the Continue button.

Disk Utility will launch. Make sure you select the correct volume in the sidebar. If you’re performing a clean install, the usual name for the startup disk is Macintosh HD, though it may be different if you’ve customized the startup drive name, or are performing a clean install on a different volume. You can use the instructions in How to Use macOS Sierra Disk Utility to Partition, Erase Drives for erasing a drive.

Using Disk Utility to erase a macOS High Sierra startup drive in preparation for a clean install of Mojave. Screen shot © Coyote Moon, Inc.

When you’re finished with Disk Utility, select Quit Disk Utility from the Disk Utility window.

From the macOS Utility screen, select Install macOS, then click or tap the Continue button.

From here until the system setup process, the installer for upgrade or clean works the same.

Read more on Rocket Yard, The MacSales.com Blog

by Tom Nelson

One of the first steps in installing macOS Mojave is acquiring the Mojave installer from the App Store. While this is generally an easy process, it can have a few twists and turns that can leave you frustrated.

In this guide, we take a look at:

  • How to download the macOS Mojave installer
  • Problems you may encounter, including how to convert from beta testing to using the release version
  • Other issues you may experience

Before you start downloading, you should check to see if your Mac is able to run Mojave. You will find all the information you need in the Rocket Yard Guide: How to Get Ready for macOS Mojave.

How to Download Mojave

The Mac App Store is the primary host for macOS Mojave, and it’s likely that the new OS will be prominently displayed under the Featured tab. But finding the macOS Mojave tile at the top of the Mac App Store window isn’t guaranteed, especially immediately after Mojave is launched or down the road, when the release of macOS Mojave is yesterday’s news.

You’re much more likely to find macOS Mojave listed in the Quick Links area of the Featured section, either with its own link to the download page, or by using the Apps Made by Apple link. And of course, you can always use the App Store’s Search field if Mojave isn’t showing up in the expected places.

To find macOS Mojave, launch the Mac App Store by selecting the App Store icon in the Dock, or by selecting it from the /Applications folder.

The App Store window will open. Click or tap the Featured button in the toolbar if it isn’t already highlighted.

There’s a good chance that macOS Mojave will be the featured item, displaying prominently at the top of the window. You may also see a button labeled Download directly on the tile; if so, clicking or tapping the button will start the download process.

If you don’t see the download link on the tile featuring macOS Mojave, click or tap the tile to bring up the description page. You’ll find the Download button near the top left. Click or tap the button to start the download process.

When the downloading process is complete, a file called Install macOS Mojave will be present in your /Applications folder. The Mojave installer will also automatically start up once the download is completed. At this point, we suggest you quit the installer in order to perform some housekeeping chores before you start the installation of macOS Mojave.

macOS Mojave may be the featured item, showing up as soon as you launch the App Store. Screen shot © Coyote Moon, Inc.

How to Download From the New Mac App Store

If you’ve been testing the Mojave beta on your Mac, you’ve probably already discovered the Mac App Store has undergone a substantial update. If you haven’t peeked at the Mac App Store lately, go ahead and launch it, just to get your feet wet.

Because you’re already running macOS Mojave (in the beta form), you won’t see the new OS as a download option in the new Mac App Store. Instead, you’ll be able to update your beta copy to the Gold Master (GM) version using System Preferences. We’ll touch on how to download the GM version in a bit, but first a bit more about the new App Store.

The App Store interface may have changed in macOS Mojave, but the sidebar and its categories are very easy to work with. Screen shot © Coyote Moon, Inc.

The new App Store uses a two-pane interface, with a sidebar on the left and a larger pane on the right. The sidebar contains seven primary categories into which all apps in the store are sorted. When a new macOS version becomes available, you’ll see it promoted in the Discover category. This also happens to be the default category that’s displayed when you launch the App Store.

When you see an app such as a new version of macOS displayed, you can click or tap on its tile to bring up the description page. The Download button has been replaced with one that either shows the price for the app or, if it’s a free app such as the macOS, displays the word Get. Clicking or tapping the price button will change the button text to Buy App; clicking or tapping the Get button will change the button text to Install.

You’ll need to click or tap the Buy App or Install button to start the download process.

Read more on Rocket Yard, The MacSales.com Blog

by Tom Nelson

The summer is drawing to a close, which means macOS Mojave is about to be released. It may also mean a few other things, but we’re going to concentrate on the release of Mojave and what you’ll need to do to your Mac to get it ready for the new operating system from Apple.

Mojave has a number of new features that you may be excited to try out, but it also has quite a few upgrades under the hood, which mean it’s especially important to ensure your Mac and its software are ready for macOS Mojave.

Upgrading to macOS Mojave

For this article, we’re going to concentrate on steps you should take to ensure your Mac is capable of running macOS Mojave, as well as make sure there are no hidden issues that could adversely impact installing or using the new operating system. We won’t be looking at the various ways you can install Mojave; we’ll cover that in the weeks ahead. So, let’s start by checking if your Mac is compatible.

Check Hardware Compatibility with macOS Mojave

The first step is to check to see if your Mac meets the minimum guidelines for running macOS Mojave. You can find details in OWC’s Complete List of Mojave Compatible Macs.

The main takeaway from the compatibility list is that Apple has dropped support for most Macs older than 2012. The main exception is 2010 and 2012 Mac Pro models that have Metal-capable graphics cards. The original graphics cards offered with the early Mac Pros weren’t Metal compatible, but it’s possible to upgrade the graphics card with a new Metal-compatible model.

Apple recommends the following Metal-compatible cards:

  • MSI Gaming Radeon RX 560
  • Sapphire Radeon PULSE RX 580

But there are a number of other graphics cards available that will work with your Mac Pro and support Metal:

  • AMD: Radeon HD 7000 and HD 8000, as well as the 200, 400 and 500 series of cards.
  • NVIDIA: Most GeForce 600, 700 and 800 series.

XFX AMD Radeon RX 580 GTS is one of the Metal-capable graphics cards you can use with a 2010-2012 Mac Pro.

One issue you may encounter with a new Metal-capable graphics card is that it likely won’t contain a Mac-compatible boot ROM on the card. Without the boot ROM that supports the Mac, the graphics card won’t be initialized until after the Mac loads the graphics drivers. This can prevent boot up information from being displayed, including running firmware updates (should any become available) or using boot options that require any type of interaction.

To overcome the boot ROM issue, you can either attempt to locate a graphics card with an Apple boot ROM or keep the original graphics card installed and connected to a second monitor.

One last note on Metal graphics cards: AMD models come with Apple graphics drivers built in, while NVIDIA models do not. This means you’ll need to download and install the Mac graphics drivers from the NVIDIA website before the card will work correctly.

You may also need to update NVIDIA drivers before you upgrade to any new version of the macOS, such as Mojave.

Read more on Rocket Yard, The MacSales.com Blog

by Tom Nelson

With every new release of the Mac operating system, there always seems to be a few installation errors that are encountered by enough people to make us wonder how the OS managed to get through the beta process. The answer can usually be attributed to the difference in the relatively small number of beta users versus the large number of users downloading and installing a new official release of the macOS. When all those new users start to install the OS, the sheer number of Mac hardware, peripherals, and software makes it very likely that some bug that managed to sneak through the beta process will rear its ugly head in the release version.

No matter which version of the macOS you’re installing, including 10.14 Mojave, there’s a slight chance you may run into one of the problems in this guide.

In this guide, we’re going to look at some of the installation problems that tend to occur with new releases of the Mac operating system. With any luck, you may be able to either correct the issue, allowing you to finish the installation, or prevent the issue from occurring in the first place.

Installation Issues Commonly Seen with macOS
Before we get too far along, I want to point out the obvious: don’t install a new version of the Mac operating system without having a current backup. Some of the installation issues we’re going to mention can cause loss of data. Having a Time Machine backup or a clone of your current system can be a lifesaver. If you don’t have a backup system in place, I highly recommend investing in one before you install a new version of macOS.

You can find a large number of external enclosures, drives, and SSDs, as well as a portable and easily-carried-with-you Envoy Pro EX high performance USB 3 or Thunderbolt bus-powered SSD storage.

With the backup recommendation out of the way, let’s get started with the error messages.

Could Not Write Installation Information to Disk
This message usually shows up as a sheet that drops down from the macOS or OS X installer shortly after you start the install process. It may seem odd but the usual cause is a corrupt installer, and simply deleting the installer app and downloading a new copy will likely fix the issue. The error message seems to occur most often when the Mac installer is downloaded from a third-party site. This is a good reason to download the official copy from the Mac App Store, or join the free public beta program if you want to try out a new version of the Mac OS early.

You can use Disk Utility to repair common boot drive errors that may be keeping you from successfully finishing an installation. Screen shot © Coyote Moon, Inc.

Other possible causes include a damaged boot drive. Try using Disk Utility’s First Aid capabilities to test and repair your disk, as outlined in: First Aid: Verify and Repair HFS+, APFS Drives with Disk Utility.

Read more on Rocket Yard, The MacSales.com Blog

by Tom Nelson

Your Mac is probably pretty trouble free, at least most of the time. But occasionally you may experience a system, process, or app crash that stops you in your tracks, and prevents you from continuing to work. These crashes are usually fleeting in nature, and resolved by simply relaunching the app or restarting your Mac.

And while an occasional crash can be frustrating, it’s generally not something to worry too much about. Stuff happens, and you can think of it as one of the many reasons you have a good backup system in place. (You do, don’t you?)

Now, when a crash starts occurring on a more regular basis, or you notice it always happens when x event occurs, it may be time to start delving into the crash and discover what may be causing the problem.

In this Rocket Yard Guide, we’re going to take a look at using the Console app to track down the cause of a system or app crash. With any luck, the Console app will be able to help you resolve the problem that’s causing the crash, or at least give you a good idea of what’s going on.

What is the Console App?
Back in the early years of computing, the console was a terminal that was attached to a computer to monitor the status of the system. If you go back even further, the console may have been a bank of meters, lights, and switches that indicated how well the computer was operating.

The Console app from macOS High Sierra. The sidebar shows devices reporting to the Console, as well as reports organized by category. Screen shot © Coyote Moon, Inc.

The Console app included with the Mac is a modern-day version of the old computer console; its primary job is to help you monitor how well your Mac is operating. It can do this because of its ability to display logs, status, and error files your Mac’s operating system and individual apps generate as they’re running.

Log Files
There are a number of different types of files that apps, processes, and the system generate as they work; you can think of them as a journal or diary of what’s going on at any point in time. While there are diagnostic files, crash files, log files, and a few other types, we’re going to refer to them collectively as log files. And for the most part, they can all be read by the Console app.

OS X Yosemite’s Console app displaying the crash log from when a system preference terminated unexpectedly. Turns out the preference pane is from an old version of an app, and is no longer supported. Screen shot © Coyote Moon, Inc.

The Console app can also look at process messages, and a few other real-time events, but we’re going to concentrate on looking at log files to discover what happened in the past, such as when the system or an app crashed.

Read more on Rocket Yard, The MacSales.com Blog

by Tom Nelson

If your Mac seems to suddenly be running hot, with the fans making more noise than usual, your battery runtime has taken a nosedive, or you’ve noticed that your Mac seems to be slowing down, you may be experiencing the effects of cryptojacking.

Of course, there are plenty of other reasons why your Mac could be misbehaving as outlined above; hot summer days can make your Mac run its fans at a higher rate, battery runtime can be affected by the type of processes you’re running, such as video or audio processing, and the Mac’s processors may simply be engaged in running multiple threads from multiple apps, keeping things a bit tied up.

But you could also be a victim of cryptojacking. In this Rocket Yard Guide, we’re going to take a look at cryptocurrency, how it’s mined, and how it may be affecting your Mac.

What Is Cryptojacking? The New, Friendlier Malware
Cryptojacking is a somewhat new way for nefarious individuals to make use of your Mac’s processing power for their own gain. With cryptojacking, the gain is in the acquisition of cryptocurrency coins by having your Mac solve complex mathematical problems. Each solved problem is worth some number of coins or fractions of coins in the cryptocurrency being mined.

Mining for money using your Mac’s hardware without your consent is commonly referred to as cryptojacking. Coin mining is probably best known as the way to acquire Bitcoins, a popular cryptocurrency that has been in use for a number of years. In the early days of coin mining, the tasks a computer had to perform to generate a coin were easy enough that a moderately outfitted personal computer could perform the tasks in a reasonable amount of time. As cryptocurrency become more popular, the difficulty of the problems that needed to be solved increased dramatically, to the point where multiple specially designed computer rigs were being used together to solve the problems and generate cryptocoins in a reasonable timeframe.

As the various cryptocurrencies gained support, the mining of the coins became more and more difficult, so that the days of someone using an average personal computer to solve problems and generate coins went by the wayside. Nowadays, the mining, a common term for solving the problems and generating the coins, is being performed by highly advanced, dedicated mining rigs, or through distributed computing systems that use a large number of individual computers, each working on a piece of the puzzle.

It’s this last mining rig type that has spawned the growth of cryptojacking, using computers that have had mining software installed without the consent of the owner to hijack the computer’s processing power to mine for coins.

Types of Cryptojacking
Cryptojackers use two common methods of manipulating a computer to run mining software. The first, and somewhat less common at the moment, is the old standard malware approach of using a Trojan app to install the mining app on an unsuspecting system. This usually takes the form of a mining app masquerading as another, more popular application. Once the app is downloaded and the installer run, the crypto miner is installed and starts mining for coins.

However, the most likely way for a Mac to run into cryptojacking is through a web browser. The software for mining cryptocurrency has been developed using JavaScript, which every web browser can run. Cryptojackers can insert the JavaScript code into a hacked website, or they can embed the JavaScript mining code within ads which are then placed on many websites.

All you need to do is visit one of these websites, and your Mac will start happily running the cryptocurrency mining code.

For the cryptojacker, using web-based infection has many advantages. It’s easy to do; while they can hack a website and insert the code, they can also just create an ad and place it with an ad service to have it distributed to many websites. Web-based cryptojacking also doesn’t require any type of enticement to get you to download and install a cryptojacking app; instead, the browser runs the mining code for as long as the webpage is open; no installation of code required.

Read more on Rocket Yard, The MacSales.com Blog

by Tom Nelson

Originally introduced with OS X El Capitan, System Integrity Protection, usually referred to as SIP, is a security feature built into the Mac operating system that’s designed to protect most system locations, system processes, and Kernel extensions from being written to, modified, or replaced.

SIP and related security protections in the Mac operating system have undergone changes with each release of the OS, but the basics of how the SIP system works have remained the same, including how SIP can be enabled, disabled, and have its current status checked on.

Rootless, More or Less
OS X El Capitan was the first version of the Mac operating system to incorporate SIP, as well as the idea that the Mac operating system was now rootless; that is, there was no longer a root account, the all-powerful primary account that had access to almost the entire system. But it turns out the concept of the Mac being rootless was more of a security marketing gimmick than actual fact. There was still a root account; the difference is that when enabled, SIP poses additional restrictions on the root account, walling off certain portions of the system from access by an account with root level privileges.

The additional isolation of system components from accounts with root privileges helps to prevent malware from being able to gain access to the system, where it could embed itself and take advantage of all of the system services running on a Mac.

System Integrity Protection (SIP)
While “rootless” was mostly marketing, SIP actually hardened the Mac by preventing modifications to the following locations:

  • /System
  • /usr
  • /bin
  • /sbin
  • All apps preinstalled by Apple

The exceptions to the rule are apps or processes that have been signed by Apple and have special entitlement to write to system files. This includes Apple installers and Apple software update services.

SIP is effective at stopping system locations from being written to by third-party apps and services. Only Apple-signed system processes can write to system locations.

System processes can’t be attached to. This prevents code injection or runtime attachment to system processes, techniques often used by malware to force privileged processes to run the malware code.

Kernel extensions must be signed with an Apple Developer ID that specifically allows for signed Kext (kernel extensions) certificates. This can prevent kernel extensions from being replaced or modified by malware, as well as prevent new unsigned kernel extensions from being installed.

Read more on Rocket Yard, The MacSales.com Blog