Last update March 11, 2016
Mac / OS/X Security Recommendations
- Keep your software up to date.
- Always update your Apple software from the Updates section of the Apple App Store. Click the Apple icon on the top left of the display, select “About this Mac” and click on Software Update. Never update by way of a link on a webpage or an email.
- Update non-Apple software from within the application or from the company’s web site. Beware of extra or bonus software downloads during updates. Oracle’s Java updates are notorious for installing unnecessary toolbars. Less scrupulous companies are often the source of unwanted add-ons that can steal data or show unwanted ads.
- Make Time Machine backups
- Select the option to encrypt backups.
- Keep at least two backups each at a different location and at least one disconnected. See my article on The Dangers of Cloud Sync.
- Install anti-virus software.
- Set a login password for your Mac
- Keep your Mac behind a good firewall.
- Most home routers have build-in firewalls. Make sure it is set up correctly and keep the router software up-to-date. See The Easy Guide to Updating Your Router Firmware. If your home router company stops publishing regular firmware updates it’s time to throw away the router. Try to avoid ISP provided modem + Router + WiFi hardware. A separate modem, router and WiFi are much easier to secure.
- If your ISP only provides combo units, have them configure the device in “gateway” mode and don’t use their router or WiFi functions.
- For better performance and protection consider a business grade solution such as pfSense from Netgate. pfSense is available in a community edition as Open Source software.
General Internet Safety:
Most malicious software gets installed when you do something, not on its own. Always remember that email can be forged. Just because it says it is from someone you know does not mean that is is or that they sent it. For example, if you get a mail message that says “From: Microsoft” and has a link to click that will update Microsoft Word, DON’T. Similarly for mail that appears to be from PayPal, eBay, or your bank.
If you’re browsing a web page and you get a popup window that wants you to update your Flash player, DON’T. (There are multiple fake updaters for Flash, some spread via Facebook.) If you receive an email from your bank with a low balance warning or any message that would cause you to want to login to the site NEVER click on any links in the email. Always go to your browser and type the full URL of your bank – https://mybank.com. Make sure the site is authentic by checking for the security lock icon in the address bar.
The most common attack I have seen during the last year is a browser hijacker. A browser hijacker (sometimes called hijackware) is a type of malware program that alters your computer’s browser settings so that you are redirected to Web sites that you had no intention of visiting. Browser hijackers are often installed together with other desired software as “extras” such as search or shopping toolbars. Once installed they can be quite difficult to remove. Some hijackers include very dangerous functions such as key logging or keyboard capturing, the action of recording (logging) the keys struck on a keyboard, typically covertly, so that the person using the keyboard is unaware that their actions are being monitored. A key-logger can capture website login names and passwords opening up online banking and other sensitive sites to the attacker. Most just take you somewhere you don’t want to go to generate revenue for the attacker.
Once your browser starts acting strangely IMMEDIATELY stop using it. The following links provide step by step removal instructions.
Another common cause of these symptoms is a DNS hijack. I will post a separate article about DNS hyjacvking but in the meantime here is an article by Malwarebytes with an explanation and repair techniques.
Good detailed article about Mac malware from HowToGeek.com
“AllThingsD.com is a Web site devoted to news, analysis and opinion on technology, the Internet and media. But it is different from other sites in this space. It is a fusion of different media styles, different topics, different formats and different sources. Because the site is wholly owned by Dow Jones, publisher of The Wall Street Journal, we aim to adhere to the journalistic standards of the best of the mainstream media. But, because it is run autonomously as a small online start-up, we aim to exhibit the fresh thinking and nimbleness of the best of the new media. We want to be first, and sassy, but also well sourced and accurate. We will offer lots of opinion and analysis, but plenty of fact as well. “
ARCHIVE. – This post is for historical purposes. On February 24, 2021, Fry’s announced the immediate and permanent closure of all of its stores.
DISCLAIMER – This site is not operated by, sponsored by, or affiliated with Fry’s Electronics in any way. The official Fry’s Electronics site is no longer available. All the opinions expressed are my own or in the case of third party links of their respective authors.
Fry’s Electronics is a unique chain of electronics ‘superstores’. Unlike Best Buy, Fry’s targets a much more tech savvy group. Fry’s carries a wide range of appliances, audio/video equipment, computers, CDs, DVD’s and just about everything that a Best Buy would have. In addition they carry more specialized computer and electronic parts such as punchdown blocks, test equipment, and network equipment that one would normally only find on the web. But a visit to Fry’s reveals a gap between the intended audience and the people who shop there. Fry’s has an undeserved reputation for low prices. While it is true that some of their advertised specials are incredible deals, the day in and day out prices are nothing special. Many shoppers also incorrectly assume that since Fry’s carries so much computer equipment, both systems and components, that it is a good place to get advice. In fact the opposite is true. While a sales person at Best Buy may shrug his or her shoulders at a technical question, or provide an answer like “let me read the box” a Fry’s Associate is more likely to make something up or intentionally lie. That is assuming you can find one. In fairness, since I originally posted this guide, Fry’s service has improved and there are certainly individuals (very few) that are capable and do give good advice.
Fry’s also has a very unique approach to customer service – they don’t have any. In fact I think it would be fair to say they go out of their way to provide customer dis-service. And for me, that is what makes a visit to Fry’s not just a trip to the store but rather like a competative sporting event.
My advice to friends and clients is not to go. But if you must, I hope the following rules of shopping at Fry’s will help you win more often then you lose.
1) They run some great sales items in the LA Times (and other metro area newspapers) on Friday, Saturday, Sunday and Wednesday. The Wednesday prices are only good for Wednesday and Thursday. the FrSaSu prices are good through the following Monday.
CAUTION — Look for ads that say “1 Day Only”
TIP — If you see a great price but can’t get to the store before it expires, try Frys.com online. If they have the item for the same price you can order online and select “Store Pickup”. This will buy you a few extra days to get to the store and hold the price.
2) Not every item in the ad is a good price. And MOST prices in the store range from nothing special to high. 2012 Update – the advertised specials have not been very special. In the past they appeared to be designed to drive traffic to the store, however, more and more they appear to be supplier paid advertising.
3) Each week they cycle through a part of a computer at an incredible price, like a motherboard and CPU for $59 but they will not have any good memory prices – you save $30 on the motherboard but then spend $40 too much if you buy the memory at the same time. If you want a great price, only buy what is on sale that day and wait to buy the other pieces. 2012 Update – Since the floods in Thailand have impacted the availability and prices of hard disk drives, there have been fewer specials on components for building your own computer. That has started to improve as of August 2012.
4) Many great prices require mailing in a rebate. The rebates almost always have very short time limits and require a special register tape, the rebate form, and a part of the product package. If you buy something with a rebate be sure to send it in promptly and fill out everything EXACTLY as requested. Many rebates are limit one per household so be sure to use different households for multiples of the same item. Another caveat is that many rebates require you cut out the UPC code from the box and once done the item can not be returned to Fry’s but only to the manufacturer for repair. So if you do buy a rebate item, test it before cutting out the UPC and don’t lose the box until you do.
5) NEVER ask a Fry’s employee a technical question. If they do happen to speak the same language as you, they will probably make something up or just lie for the fun of it.
6) Always bring the newspaper ad with you or write down the item number from the ad. For example, Fry’s sells half a dozen different DVD Burners. Each week (usually) a different one is on sale – say $29 for example. But on the shelf they are all marked $59 – $99. You need to match the exact item number to find the one on sale. A very common ploy is to advertise an item for a very low price and when you get to the store there are boxes and boxes of what appears to be the same item by the same manufacturer – BEWARE if the number is not exactly the same you will end up at the register expecting to pay $9 and being charged $29. I have seen this happen where the ad is for the same item in different packaging. The Fry’s website now includes the newspaper ads.
7) Fry’s likes to hide stuff often in plain site. For example, they often sell 100 CDRs for $9 which is a really good price. But if you go to the CDR section you may not find them. Try looking in the most illogical place – like next to the printers.
8) If the ad says limited quantities and you want one then go as soon as possible. If not, and they are out of stock when you go then ask for a rain check. As soon as they are “off ad” lots of stock will magically appear.
9) Many sales items are limit one. If you want two you can sometimes get the checkout person to ring it up on a separate tape. But beware – do not use the same credit card or the Fry’s system will flag it and require a manager to OK the transaction. This one approval can take up to 20 minutes and almost certainly will cost you more in time and aggravation than the savings. It’s best to pay with CASH for a second item on limit one.
10) For large limit one items, like a laptop, bring a friend to check it out for you.
11) NEVER TRY TO USE A CHECK AT FRY’S. See the horror links below for stories from customers who dared to use a check
12) Do not rely on signs or posted prices above products. A display bin filled with no-name surge suppressors for $7.99 may have a sign above it for a brand name surge suppressor for $5.99. Their strategy seems to be that by the time you get to the checkout you won’t go back for the 2 bucks.
13) Items that are $ 0 cost after rebate often have more then one of the above tricks – an item that is advertised as $14.99 less $15 rebate = FREE will be marked $19.99 while the same item by a different manufacturer will be labeled $14.99 but have no rebate. Always assume that the better the deal the more incentive Fry’s has to placing obstacles in your way. Always bring the item number from the ad and check it against the product label.
14) Don’t ask a Fry’s associate in the computer department a question about memory. Memory must be purchased in the components department. You should also never rely on memory advice from most but not all of the associates in the components department. Always know exactly what kind of memory ( not brand but specification ) you need. I recommend visiting http://www.crucial.com for looking up memory. Laptop memory is much more finicky than desktop.
15) Beware of rebate restrictions. Many of the best deals at Fry’s (and many other places) require one or more rebates. I hate rebates for many reasons but be careful of the following: a) rebates almost always requires the UPC code from the box be sent in. Once done you cannot return the item to Fry’s for an exchange or refund b) most rebates are one per household – don’t forget and buy more than one item or get the second item on a different checkout tape and use a different address for the 2nd rebate – it’s also better not to use a credit card with the same name on both items c) the rebate expiration can be very short – if you can not resist the rebate then test the item as soon as possible and send in the rebate form.
Think of shopping at Fry’s like a competition. There can only be one winner of a Fry’s visit, you or them. Like any sport you need to be in both good physical and mental condition. If you would like to add some of your own rules to this list please
email them to me here.
Since I first wrote these rules, Fry’s has not stood still. They have continued to hone their techniques and so must you. Always keep your eyes on your shopping cart. It can be very tempting to park your cart at the end of an isle – Fry’s is usually very crowded and a cart can really slow you down. But beware of the Fry’s Cart Theft maneuver. In the real world you would need to hold onto your cart after leaving a store – not at Fry’s. Here they want you to pack your cart with all the hard to find specials and just when you leave your cart to grab that final 99¢ ream of copy paper ( a special that has sadly been retired ) before checkout you return to find your cart is gone. I don’t know if this is being done by a lazy Fry’s shopper letting me do all the heavy lifting or by Fry’s black ops personel under the direction of store surveillance but either way it can be devastating.
Time permitting I will arrange a stakeout of a cart filled with specials and report on the results.