Mountain Lion Security

Hi, I am a PGA/LGA certified hardware engineer who worked R&D for decades.
One of the processes in R&D is the Verification of design function within complex designs that both do and do not use computers and or software.
In the case of a design where software is used, a simple process of verification takes place and ALWAYS takes place.
This simple process applies to the Mac Pro using Mountain Lion and directly references computer security.
The simple process is this.
The software engineer designs a graphic that pops on to the computer screen with buttons or check boxes that the user selects to make the hardware perform a certain function or function in a certain state.
Once this computer graphic and its selections are designed, the Hardware Engineer tests each portion of the hardware to verify that the software is controlling the hardware as the software graphic indicates.
The idea and process is quite simplistic.
Just because there is a graphic on the computer display telling the user that a certain hardware condition is set, there is no proof or verification that the hardware condition is actually set unless the hardware is tested and verified.
This verification cannot be performed by software, it must be performed by tests equipment not associated with the hardware or software under test.
In simple terms, it does not matter what your computer display tells you because the display can be false due to a software program error.
This procedure has been applied to the Mac Pro running Mountain Lion.
The test was to verify Network Settings and its network transceiver circuits. These tranceivers are, Ethernet, Firewire, USB, WiFi, and Bluetooth.
The technical engineering truth is.... there is no such thing as a computer that cannot be hacked, UNLESS, the computer is not attached to any network, OR, all network tranceiver circuits are disabled.
Trust me, that is a technical fact.
If you wish to produce copyright, patent, or any form of sensitive material on a desktop workstation, the first step is to deny ALL hackers ANY access.
The Mac Pro or similar desktop workstation (including PC's) with built in network (wired and wireless) tranceiver hardware must be tested and verified as capable of controlling all network transceivers REGARDLESS if you need or require perfect computer security.
Here are the test and verification results.
These tests were performed on:
1. PowerPC running Tiger and Leopard.
2. Mac Pro running Snow Leopard and Mountain Lion.
Do the PPC and MP operating system have hardware control over network transceivers?
Yes, this is verified.
Network transceivers are disabled under Energy Saver Options by deselecting "Wake for Ethernet Administrator access" in Tiger and Leopard, deselecting "wake for network access" in Snow Leopard and Mountain Lion and in Network by setting ALL "Configure IPv4" to "Off" and individually selecting each transceiver and applying "Make Service Inactive" under the tool wheel.
This is where things get confusing and flawed and the reason this post has been made.
This post is for those who use a computer workstation as a workstation and are rightfully concerned about protecting intellectual property produced on a computer workstation.
Does the computer operating system maintain these network transceiver settings if placed in sleep mode, woke up from sleep mode and or restarted?
In the case of the PPC running Tiger or Leopard the answer is Yes.
In the case of the MP running Snow Leopard and Mountain Lion, the answer is NO.
The Snow Leopard operating system DOES maintain these settings if placed into sleep mode.
The Mountain Lion operating system DOES NOT maintain these network settings if placed into sleep mode.
BOTH Snow Leopard and Mountain Lion DO NOT maintain these network settings if woke up from sleep mode or restarted.
Since this does not happen in Tiger or Leopard and the conditions are different between Snow Leopard and Mountain Lion, the problem is SOFTWARE.
This flawed function is a software bug by technical verification.
The computer graphic on the display indicates to the user that the network transceivers are disabled, when in fact they are enabled.
Summary:
The SL and ML operating systems can and do control network transceiver hardware via software command but ONLY if the computer never sleeps, is never woke up from sleep or is never restarted.
Neither operating system reads Network settings when woke up or restarted and yet.... reports that these network settings are set.
The software is not correctly or accurately reporting computer hardware conditions and is not applying software control.
These are the conditions required to define a Software Bug.
SL and ML FAIL to establish full network security.
The computer hacker is presented with an open door, an open door created by failing to disable the network transceiver Hardware in all modes.
If the user requires full computer security, the user must revisit and reset all above mentioned settings manually and never allow the computer to sleep in the case of ML and never be woke up or restarted in the case of both SL and ML.
Computer security in SL and ML has FAILED to pass hardware verification due to flawed software control for users who require complete security.
PLEASE UNDERSTAND!
This software bug is of very little concern to those who do not use a computer workstation as a computer workstation.
If you use the Mac Pro workstation as your internet, web, or social site device, then feel free to ignore this software flaw.
If you are a professional using the Mac Pro as a computer workstation to produce any form of intellectual property such as copyright, patent, CAD, or even software development, then you should be very concerned and follow the security directions given.
POSTSCRIPT:
The average person will seek debate, argument, conflict, or disrespect by attempting to establish a network link with the settings described above.
With the settings defined, no link can be established by the user.
HOWEVER.... a link can be established by a malicious hacker without the user ever knowing.
Proper Computer Security requires that software NOT be responsible for security via any active software process.
Security is established by disconnecting ALL hardware and or disabling ALL network hardware.
Failure to establish a link with network settings defined is NOT a valid verification test and is.... the fox guarding the henhouse.
Verification can only be performed on the network hardware.
COMIC RELIEF:
Yes, I reported this to Apple and senior advisor Brian told me that Apple's operating system cannot control the computer's network hardware and that software that controls hardware is "impossible".
Brian suggested I seek third party software but failed to explain how third party software is going to disable network transceivers while the computer is sleeping, woke up from sleep, or restarted and.... by suggesting third party software, verified that software can control hardware. (comedy)
If what Brian says is true fact.... the computer could not exist. (hilarious)
So much for the technical competence of Brian.
As we see so often these days, Brian was merely an Apple Support Customer assassin seeking to make the customer shut up.... especially if the issue was valid and verifiable and technically proven by a professional customer.

Test results using your suggestion FAILED.
Mountain Lion re-enabled network transceivers upon sleep mode, wake from sleep and restart.
The most convenient way to deal with this verified Software Bug is to create a new Location that has all settings I defined and manually switch between one Location and another and Apply.
This forces the operating system to revisit and apply the network settings.
Failure to do this each and very time in Snow Leopard re-enables the network transceivers.
It makes no difference if you do this in Mountain Lion, the network transceivers are all re-enabled upon entering sleep mode.
This is not proper operating system behavior and is a serious software bug that applies to professionals using Mountain Lion.
The operating system should automatically revisit and refresh network settings upon wake up or restart and should not re-enable network transceivers when entering sleep mode.
Thank you for help in further verifying this software bug.
PS
Psychology does not have any place in technical discussions but for the record.
Any user who seeks computer security MUST by default accept that system updates and similar require manual network settings.
This is no excuse for an operating system that fails to maintain and insure selected network settings and FORCES the user (if using Snow Leopard) to re-apply these settings every time the computer sleeps, is woke up, or restarted.
In the case of Mountain Lion.... the computer can never be allowed to enter sleep mode.
In the case of Mountain Lion users, the computer must be shut off after each use and network settings manually re-applied upon each restart.
This places undo strain on all computer componentry due to surge currents. (technical fact)
There is no competent person who would not define this as a software bug except Brian.

Similar Messages

  • Mountain Lion security update prevents successful restart of mac pro

    I updated my other MacBook Pro with the Mountain lion security update and it does not make it through the restart. The status bar gets to near the end of the indicator then it disappears and the computer shuts down. I tried restarting several times with the same results. I tried restarting several times with the same result. Help!

    The internal drive is malfunctioning, or you have some other hardware fault.
    Make a "Genius" appointment at an Apple Store, or go to another authorized service center.
    Back up all data on the internal drive(s) before you hand over your computer to anyone. If privacy is a concern, erase the data partition(s) with the option to write zeros* (do this only if you have at least two complete, independent backups, and you know how to restore to an empty drive from any of them.) Don’t erase the recovery partition, if present.
    Keeping your confidential data secure during hardware repair
    *An SSD doesn't need to be zeroed.

  • Can't purchase Mountain Lion - security questions

    i can't purchase Mountain Lion because i'm given three mandatory security questions, when i only defined ONE (plus date of birth) in my Profiles Security Settings - which was done automatically upon creation of profile, one question, not three.
    i've tried going to my Profile and add the required two questions, but that option isn't available.
    thank you! - (this is quite urgent...)

     Account Security Team (AST) 
    Check the AppleCare number for your country here:
    http://support.apple.com/kb/HE131
    Call them up, and let them know you would like to be transferred to the Account Security Team.
    Or… click on the blue "Start your support request online" links.

  • After upgrading to Mountain Lion I am not able to access "security and privacy" button under "system preferences". I like to activate "find my mac" but cannot access privacy setting after upgrade. Kindly advice.

    After upgrading to Mountain Lion I am not able to access "security and privacy" button under "system preferences". I like to activate "find my mac" but cannot access privacy setting after upgrade. Kindly advice.

  • I updated to Mountain Lion. I noticed 2 problems I would like to resolve. I can no longer get iCloud or Security

    Since updating to Mountain Lion I cannot LOAD iCloud or Security & Privacy. It just says ..."Loadind iCloud or Security & Privacy". Then I have to kill the process in Activity Monitor since it taks 99%+ of cpu. How can I get iCloud and Security & Privacy to load?

    I tried the part about logon as ROOT and rename the Preferences file and logon as normal but that did not correct my problem.

  • Mountain Lion (10.8.5) Security Update 2014-003 installation fails

    Hello,
    I tried to install the new Security Update for Mountain Lion (2014-003) and received an error message at the end of the installation process a la:
    "The installation failed". The Installation fails because of an error. Please contact your vendor (roughly translated from German).
    So I didn't found anything on the web to these issue. I remember a similar problem by the last security update too. So now I'm a little bit concerned regarding a virus or something else on my iMac.
    May anybody could help, please?
    Here my machine data:
    iMac May 2011, 3,1 GHz, Core 5, 12 GB RAM
    1 TB HDD w/ 3 Partitions (1x Mac, 1x Data, 1x BootCamp WIN 7)
    Free storage on Partition 1: 111 GB, 2: 133 GB, 3: ?
    Mac OS X 10.8.5
    Something missed?
    Kind regards
    Frank

    Disable anti virus softwrare if installed
    Check firewall options in System Preferences > Security & Privacy > Firewall > Firewall Options
    Make sure Gatekeeper is enabled
    Open System Preferences > Security & Privacy then select the General tab.
    Make sure either Mac App Store or Mac App Store and identified developers is selected. If that area is grayed out, click the padlock icon to proceed.
    OS X: About Gatekeeper

  • How can I securely erase my hard drive and reinstall OS X Mountain Lion?

    Hi, I am selling my MacBook and I was wondering if there's a way I can securely erase my hard drive, (... 7 pass, 35 pass) using these steps: http://www.mactip.net/how-to-securely-wipe-your-mac-hard-drive-before-selling-it /
    and also reinstall OS X Mountain Lion afterwards.
    Thanks in advance. 

    Boot into recovery mode by holding the command and r keys down during boot. Bring up Disk Utility and do the security erase you want to do. When done, choose to download Mountain Lion.

  • ICloud Password to Insert and Remove Account from your Mac with Mountain Lion for better Security

    Hello
    In fact I would put one in Schedule TIP for Apple, which would give greater security for users of the Mountain Lion operating system, or any other that supports iCloud.
    Would putting an administrator password to remove the iCloud account from your computer, once again, that only with her that if you can find the mac, alert by Find My Mac
    Otherwise, anyone who steals your mac, or act in bad faith, it can handle, and remove or simply log off from your account iCloud, and beyond what I think most serious, which is losing function of my Search Mac, and contact settings, calendar, among others.
    As with the iPhone, iPad, iPod .... RESTRICTIONS have the option, which many users do not use because they do not know, more is NOT a function that allows a thief eg delete your iCloud account from your device when you turn to that does not allow changes to Accounts and Location.
    That it should have, or simply their own password to enter, and REMOVE the computer. What would bring much greater security for us users. This all in both IOS and in OS X. All to remove your iCloud account password needed.
    Or creating a menu PRIVACY, you chose for which adjustments or applications, you'd want it to be password request, the type for Mail or Skype, although the computer is personal, but there is that possibility of someone picks open it and move on that should not.
    I ask that Apple is to sensitize the issue, and we help users to develop a system better and safer.
    Sincerely,
    Felipe Zago Xavier
    [email protected]
    +55 62 9974-4321

    Felipe Zago Xavier wrote:
    Yeah,
    but I need a e-mail from somebody to send, I dont know if they read it...
    Thanks !
    Use the link I posted.

  • Anyone updated system running OS X Server 2.2.2 with Security Update 2014-001 (Mountain Lion)?

    Has anyone updated your system running OS X Server 2.2.2 with the Security Update 2014-001 (Mountain Lion)? If you have, may I know if you have any issues?
    Also, does anyone know if a Apache HTTP module that was compiled with version HTTP 2.2.24 will work under HTTP 2.2.26 (updated by Security Update 2014-001)? I am asking because the module mod_jk.so is not available in the stock Mountain Lion but only in /Applications/Server.app/Contents/ServerRoot/usr/libexec/apache2/ (inside the OS X Server 2.2.2 app), and I am using the module for my Tomcat installation interface to HTTP server.

    Actually, the university I work for is having tons of issues with our Mountain Lion computer (all models) booting and it seems to be tied to this update.  After installing this update, the computer starts booting, gets to the grey screen with the Apple logo and then won't go any further and the cursor changes to the spinning color wheel thing.  A permissions repair resolves the issue temporarily, but it always seems to come back.

  • Is my OS X Mountain Lion installation vulnerable to security threats?

    Hello dear community members,
    I am a bit concerned about my OS X installation being vulnerable to known security threats which may not have been patched. Also came across an article:
    http://www.zdnet.com/os-x-mountain-lion-users-no-more-security-updates-700002232 2/
    What are your thoughts on this and how are you handling this issue?
    I can not upgrade my mac to Mavericks because I need to use some software which is only compatible with Mountain Lion.

    Aceattack wrote:
    It is not Apple's responsibility to ensure 3rd party compatability however the concern was that Apple continue to support and provide security fixes for old OS X versions rather than force people to upgrade just because Mavericks is a free upgrade.
    But Mavericks is a free upgrade. And any Mac that runs Mountain Lion will also run Mavericks.
    It is standard procedure to discontinue support for old products. I will quote the AppGate on the topic:
    Important note: End of Life AppGate Version 9*
    After due consideration, Cryptzone is declaring End of Life (EOL) on AppGate Security Server v9.x This became effective on October 30, 2013. Full support will continue to be provided for AppGate Security Server v9.x up until the end of Q2 2014 After this time any customers wishing to continue to receive support and updates must move to version 10.x (or newer). Most customers have already migrated, but if you have any still on this version please work with them to migrate to version 10.x.
    Why is it acceptable for one company to stop supporting an old product but unacceptable for another? And why do I suspect that the AppGate upgrade is not free?
    If you depend on AppGate and eToken and those products do not run on Mavericks, you should be asking why. Like all developers, they have had access to Mavericks since early June. What was so radically different about Mavericks that takes over 7 months get working? Either they aren't very committed to the platform or they really don't know how to write OS X software. Considering that the product seems to be Java-based, I suspect both.
    That is an interesting conundrum that is pretty typical for enterprise customers. You are running an old OS version without security updates because you depend on 3rd party security software that depends on 4th party Java software proven to be one of the last major malware conduits. And people wonder why these enterprise servers are always the ones to get hacked and hand over 45 million customer records.
    I feel your pain. I only recently updated my work machine to Mountain Lion due to similar enterprise security issues. Our market-leading antivirus vendor that protects us against the latest zero-day malware was unaware or just didn't care that Apple had released a new OS. And I'm talking about Lion! I have similar problems with my Java-based Juniper VPN. The Apple-provided VPN works fine, as it always has. And I can't really do without my Mac because I need it to develop on when my Linux servers with 24x7 on-site support from IBM and Oracle are out of commision for 4 months. Apple is not the cause of either of our problems.

  • Too much security in Mountain Lion

    I only switched to Mountain Lion last week. It seems that every time I do anything I get a pop up asking for my password. I am the only person who can access my Mac, so is there a way I can switch all this security off, or some of it.
    Examples:
    I start up Safari and I am asked if Safari can access my keychain.
    I am frequently asked for my admin password to unlock things, for example to start up Carbon Copy Cloner.
    There are too many other instances to mention, and I am tired of always being interrupted to give my password when it is TOTALLY unnecessary!!
    Thanks Apple people, but can you let me know how to switch this "security" off?

    Back up all data. Don't continue unless you're sure you can restore from a backup, even if you're unable to log in.
    This procedure will unlock all your user files (not system files) and reset their ownership and access-control lists to the default. If you've set special values for those attributes on any of your files, they will be reverted. In that case, either stop here, or be prepared to recreate the settings if necessary. Do so only after verifying that those settings didn't cause the problem. If none of this is meaningful to you, you don't need to worry about it.
    Step 1
    If you have more than one user account, and the one in question is not an administrator account, then temporarily promote it to administrator status in the Users & Groups preference pane. To do that, unlock the preference pane using the credentials of an administrator, check the box marked Allow user to administer this computer, then reboot. You can demote the problem account back to standard status when this step has been completed.
    Triple-click the following line to select it. Copy the selected text to the Clipboard (command-C):
    { sudo chflags -R nouchg,nouappnd ~ $TMPDIR.. ; sudo chown -R $UID:staff ~ $_ ; sudo chmod -R u+rwX ~ $_ ; chmod -R -N ~ $_ ; } 2> /dev/null
    Launch the Terminal application in any of the following ways:
    ☞ Enter the first few letters of its name into a Spotlight search. Select it in the results (it should be at the top.)
    ☞ In the Finder, select Go ▹ Utilities from the menu bar, or press the key combination shift-command-U. The application is in the folder that opens.
    ☞ Open LaunchPad. Click Utilities, then Terminal in the icon grid.
    Paste into the Terminal window (command-V). You'll be prompted for your login password, which won't be displayed when you type it. You may get a one-time warning to be careful. If you don’t have a login password, you’ll need to set one before you can run the command. If you see a message that your username "is not in the sudoers file," then you're not logged in as an administrator.
    The command will take a noticeable amount of time to run. Wait for a new line ending in a dollar sign (“$”) to appear, then quit Terminal.
    Step 2 (optional)
    Step 1 should give you usable permissions in your home folder. This step will restore special attributes set by OS X on some user folders to protect them from unintended deletion or renaming. You can skip this step if you don't consider that protection to be necessary, and if everything is working as expected after step 1.
    Boot into Recovery by holding down the key combination command-R at startup. Release the keys when you see a gray screen with a spinning dial.
    When the OS X Utilities screen appears, select
    Utilities ▹ Terminal
    from the menu bar. A Terminal window will open.
    In the Terminal window, type this:
    res
    Press the tab key. The partial command you typed will automatically be completed to this:
    resetpassword
    Press return. A Reset Password window will open. You’re not  going to reset a password.
    Select your boot volume ("Macintosh HD," unless you gave it a different name) if not already selected.
    Select your username from the menu labeled Select the user account if not already selected.
    Under Reset Home Directory Permissions and ACLs, click the Reset button.
    Select
     ▹ Restart
    from the menu bar.

  • Problem with unchecking secure sockets layer checkbox in outgoing SMTP server Apple Mail / Mountain Lion

    After installing Mountain Lion my mail was converted and all my messages showed up, however, when I try to send I get an error. I have traced this error to the fact that Apple has automatically checked the box "Use Secure Sockets Layer (SSL)" in my Apple Mail preferences even though it wasn't checked before upgrading.  Now whenever I try to uncheck it it keeps filling itself back in.  I have tried to delete that outgoing server and readd it and it continues to check the box.

    Hi
    I have a similar problem here i have work accounts which do not need the SSL ticked but when I uncheck the box and in a  few seconds the tick is back up again sometimes I have to click about 10 times or so for it to stay off. I tried to do your sollution it did not work on your suggested port but seemed to work on the 25 port . Also I found i only have the problem when I am at work were we are on a PC network and firewall. It seemed to work fine on a normal home line. Also it only happens on Mountain Lion I have a older macbook with snowleopard and there i have not problems sending messages
    as right it was said Apple needs to look into that ASAP as it is very frustrating

  • After upgrading to OX mountain lion my apps store doesn't open. App Store cannot verify a secure connection with the App Store. My internet connection is ok but i don't why this happening. What should i do?

    After upgrading to OX mountain lion my apps store doesn't open. App Store cannot verify a secure connection with the App Store. My internet connection is ok but i don't why this happening. What should i do?

    Hi Tahan007,
    Check these threads out:
    Cannot connect to the App Store since upgrading to Mountain Lion.
    Cannot connect to App Store since 10.8.1
    why is my app store sign in saying connection failed?
    Also if you're running any anti-virus SW, you might try temporarily disabling it

  • How do I fix the App Store cannot verify a secure connection with the App Store. in mountain lion tried safari reset, changing  the  MTU nothing works

    Hi all,
    how do I fix the App Store cannot verify a secure connection with the App Store. in mountain lion tried safari reset, changing  the  MTU nothing works at  this time. I am using a IMac ML 10.8.2
    Would like some help please.
    Gee

    Hi all,
    how do I fix the App Store cannot verify a secure connection with the App Store. in mountain lion tried safari reset, changing  the  MTU nothing works at  this time. I am using a IMac ML 10.8.2
    Would like some help please.
    Gee

  • TS3276 I can't send messages with mail 6.0 of mountain lion, because I can't desactivate the option SSL (Secure sockets Layers); it is locked

    I can't send messages with mail 6.0 of mountain lion, because I can't desactivate the option SSL (Secure sockets Layers); it is locked

    Hi, i am having the same problem. this is what i have noticed.
    I have 2 x imac's and 2 x macbook air's
    i upgraded the 2 macbook air's and 1 of the imac's to Mountain Lion, all these have problems acessing sites that require you to login .
    the one remaining imac is still running lion and works perfect.
    i am using a dlink router with DD-WRT firmware, i tested teathering from my iphone and i can log into websites fine using the newly upgraded mac's.
    It's not a wireless issue as my imac is using an ethernet connection.
    is there a compatibility issue with some routers.

Maybe you are looking for

  • Replacing closed eyes with open eyes...proportion

    I am attempting to replace closed eyes from one photo with open eyes from another.  No matter what I do, the proportion changes from one photo to the next and I cannot adjust it.  I've been doing this for years and have never had it happen but I'm st

  • Problem in file uploading to a temporary  folder.

    Hi all, I am trying to upload a file to the server to a particular location  D:/temp  folder.The code I used is as below.It is not throwing any error but the file is not getting written on the server. InputStream text; int text=0; try { String locati

  • How to activate an enterprise service for use?

    Hi experts, I want to use a web service out of the bundle "Technical Document Management Connectivity". The web service is called "Read Document File Variant". I know to use WSCONFIG to configure web services for use. But I can not find this web serv

  • Can I read the length of audio file?

    Any java technology is welcome.

  • A question from my text

    In my text there's a self-test question that looks easy but I couldn't figure out., as follows. Note that every detail exactly appers in the text. The question asks what output is produced. The answer is "Positive." Why? int number = 7; boolean isPos