The Safe Mac

Follow The Safe Mac on Twitter to stay advised of the latest Mac security news!

Is downloading from the developer’s site safe?

Posted on June 29th, 2015 at 9:16 AM EDT


You should only download software directly from the site of the developer who created the software. This has been a bit of standard advice given by security people like myself when trying to help people understand what to download and what not to download. It’s good advice, right? Well… mostly, but not entirely, unfortunately. Read the rest of this entry »


Genieo changing its name?

Posted on June 19th, 2015 at 9:19 AM EDT


Earlier this month, I wrote about how new variants of the Genieo adware are proliferating. Now, however, it looks like Genieo may be changing its name. A new site, for an app called InKeepr, appears to be poised to take Genieo’s place, perhaps because of all the negative name recognition now associated with the Genieo name. Read the rest of this entry »


Multiple vulnerabilities found in Mac OS X

Posted on June 17th, 2015 at 3:30 PM EDT


A group of six researchers at several universities in the US and China published a paper last weekend revealing the details of several different vulnerabilities in Mac OS X. These vulnerabilities all provide ways for a malicious app to gain access to data from another app. Frighteningly, these vulnerabilities can be exploited from a Mac App Store app, and can even allow an attacker to gain access to keychain entries! Read the rest of this entry »


Tor Browser false positive

Posted on June 8th, 2015 at 8:07 AM EDT


A reader yesterday brought to my attention that his web browser was alerting him that The Safe Mac is trying to extract HTML5 canvas image data, with a scary-sounding warning that this could be used to identify the computer. Of course, I knew that this site does no such thing. Which left me questioning what browser was making this claim, and why? Read the rest of this entry »


Genieo adware proliferating

Posted on June 7th, 2015 at 9:00 AM EDT


In recent months, several new variants of the Genieo adware have crossed my path. This adware is still pulling many of the same tricks – changing the search engine to Bing, and installing all kinds of junk that runs in the background and modifies browser behavior. However, it’s now using a variety of different names, perhaps in an attempt to make detection more difficult. Read the rest of this entry »


Vulnerability could allow malware to change firmware

Posted on June 3rd, 2015 at 11:15 AM EDT

Last Friday, Pedro Vilaca announced the discovery of a vulnerability in the firmware of many Macs that would allow a piece of software to make changes to the firmware. In theory, this makes it possible for malware to permanently infect your Mac, by adding malicious code to the firmware. Read the rest of this entry »


OceanLotus malware attacks China

Posted on May 31st, 2015 at 8:11 AM EDT


On Friday, Chinese security researchers at Qihoo 360’s SkyEye Labs released a paper describing new malware they named OceanLotus. Unfortunately, this paper is written in Chinese, and Google’s far-from-perfect translation of the page is a difficult read. It is clear, however, that there is a Mac variant of this malware. Read the rest of this entry »


Time to boycott SourceForge?

Posted on May 30th, 2015 at 9:35 AM EDT


On Wednesday, ArsTechnica reported that the Windows version of the open-source GIMP image editing app hosted on SourceForge has been “seized” by SourceForge and used for distributing adware. This is a troubling development, but not exactly surprising for those who have been following the antics of SourceForge lately. Is it time to boycott SourceForge, as is already recommended for sites like and Softonic? Read the rest of this entry »


Staying safe on public wifi

Posted on May 21st, 2015 at 12:54 PM EDT


Everyone has to use public wifi now and then. It is somewhat common knowledge that this is unsafe, but most people aren’t entirely sure what to do about that, other than not visiting sensitive sites, like their bank site. Fortunately, there are some good tricks to keeping your Mac and your data safe on public wifi. Read the rest of this entry »


Address bar spoofing vulnerability found

Posted on May 20th, 2015 at 2:19 PM EDT


A proof-of-concept was released several days ago of an issue with some web browsers, including Safari, that could allow a phishing page to display the wrong address in the browser’s address bar. This is a potentially very serious issue, but fortunately there are some things you can do about it, if you’re aware of them. Read the rest of this entry »


This page and all contents (unless otherwise noted) copyright 2011-2014 by Thomas Reed.
For questions or comments, please contact me.