Skip to main content

How mac detects few malwares downloaded from internet

The Apple Mac OS 10.6 + detects the few malwares downloaded from internet as per the signatures found in XProtect.plist file. This is not an antivirus application and only alerts the user when he tries download/install the suspicious application from internet. This file is located at /System/Library/CoreServices/CoreTypes.bundle/Contents/Resources/XProtect.plist. You will need a  good security software to protect your mac from bad guys on internet.  you can read more on this here  and here

Popular posts from this blog

How to find firmware or boot ROM version in Mac OS X

Firmware and boot ROM version of your mac can be found in two ways. Way 1 : 1. From "Apple" menu , choose "About This Mac" menu item. 2. Click " More Info " to open "System Profiler" application. 3. Under Contents -> Select Hardware Tree item. On the right side panel Under hardware overview section, we can see Boot ROM Version and SMC (Firmware) Version. Way 2 : Run the below command in terminal to get boot ROM version and SMC(firmware) version : $ system_profiler SPHardwareDataType | grep -i "Version" | awk -F ':' '{print $1 $2}'
6 comments
Read more

How to extract signing certificates from macOS binary files

Code signing is a macOS security technology that you use to certify that an app was created by you. Once an app is signed, the system can detect any change to the app—whether the change is introduced accidentally or by malicious code. As Apple Developer site says ( click here for more details  on code signing) : code signing allows the operating system to: Ensure that a piece of code has not been altered since it was signed.  The system can detect even the smallest change, whether it was intentional (by a malicious attacker, for example) or accidental (as when a file gets corrupted). When a code signature is intact, the system can be sure the code is as the signer intended. Identify code as coming from a specific source (a developer or signer).  The code signature includes cryptographic information that unambiguously points to a particular author. Determine whether code is trustworthy for a specific purpose.  Among other things, a developer can use a ...
Post a Comment
Read more

How to enable root login in gnome on Debian 6 or 7

Root user login in gnome is disabled on Debian system by default for security reasons. If you want to enable it for specific reasons then follow the below steps : 1. Login into Debian system 2. launch the Root Terminal from Applications -> Accessories. 3. Authenticate with password to launch the Root Terminal. 4. Open "/etc/pam.d/gdm3" with vi.          #vi /etc/pam.d/gdm3 5. Look for "auth     required     pam_succeed_if.so  user  != root   quiet_success"  , comment it out as below.     #auth     required     pam_succeed_if.so  user  != root   quiet_success 6. Save the modification with Esc+w+q+Enter keystroke. 7. Restart or reboot Debian system. 8. Login with root user in gnome. You should be now able to login successfully.   
11 comments
Read more