USA declares Chinese companies a security threat (...

Similar Messages

• Is my OS X Mountain Lion installation vulnerable to security threats?

  Hello dear community members,
  I am a bit concerned about my OS X installation being vulnerable to known security threats which may not have been patched. Also came across an article:
  http://www.zdnet.com/os-x-mountain-lion-users-no-more-security-updates-700002232 2/
  What are your thoughts on this and how are you handling this issue?
  I can not upgrade my mac to Mavericks because I need to use some software which is only compatible with Mountain Lion.

  Aceattack wrote:
  It is not Apple's responsibility to ensure 3rd party compatability however the concern was that Apple continue to support and provide security fixes for old OS X versions rather than force people to upgrade just because Mavericks is a free upgrade.
  But Mavericks is a free upgrade. And any Mac that runs Mountain Lion will also run Mavericks.
  It is standard procedure to discontinue support for old products. I will quote the AppGate on the topic:
  Important note: End of Life AppGate Version 9*
  After due consideration, Cryptzone is declaring End of Life (EOL) on AppGate Security Server v9.x This became effective on October 30, 2013. Full support will continue to be provided for AppGate Security Server v9.x up until the end of Q2 2014 After this time any customers wishing to continue to receive support and updates must move to version 10.x (or newer). Most customers have already migrated, but if you have any still on this version please work with them to migrate to version 10.x.
  Why is it acceptable for one company to stop supporting an old product but unacceptable for another? And why do I suspect that the AppGate upgrade is not free?
  If you depend on AppGate and eToken and those products do not run on Mavericks, you should be asking why. Like all developers, they have had access to Mavericks since early June. What was so radically different about Mavericks that takes over 7 months get working? Either they aren't very committed to the platform or they really don't know how to write OS X software. Considering that the product seems to be Java-based, I suspect both.
  That is an interesting conundrum that is pretty typical for enterprise customers. You are running an old OS version without security updates because you depend on 3rd party security software that depends on 4th party Java software proven to be one of the last major malware conduits. And people wonder why these enterprise servers are always the ones to get hacked and hand over 45 million customer records.
  I feel your pain. I only recently updated my work machine to Mountain Lion due to similar enterprise security issues. Our market-leading antivirus vendor that protects us against the latest zero-day malware was unaware or just didn't care that Apple had released a new OS. And I'm talking about Lion! I have similar problems with my Java-based Juniper VPN. The Apple-provided VPN works fine, as it always has. And I can't really do without my Mac because I need it to develop on when my Linux servers with 24x7 on-site support from IBM and Oracle are out of commision for 4 months. Apple is not the cause of either of our problems.

• Chinese Companies and Forceful Purchases.

  Is it possible that the Chinese companies that sell thier apps though Apple are hacking people's Apple accounts?
  Thanks to apples notifacations today I found out that someone in Beijing bought some sort of apps made by a compony in Beijing China. I know that apple gives some of the profits to it's app sellers, but I have no interest in buying something that is only in chinese charaters. I have pressed the "report a problem" because it seemed to be sold apps that don't do anything, while the free app they decided to puchace on my account was the only thing downloadable but showed no content. Fortunatelly I only buy things though store creadit and not thouigh a card, so they had to do some sneaky things to spend my $48 store creadit and leave a reasonable remaining ammout.
  With the user agreement of us being responsible of our own security, we can not help it if we have the best security possible to be hacked by someting that has assimilated within Apple. If Apple is the next company to be targeted by our ever popular trade partners, then what is Apple going to to about it?

  Ultimately as a residential customer I would put the tin foil hats away it would be impossible for the chinese to slurp all your data to China as I think BT would notice all that extra traffic on there links! For anything really sensitive just ensure you are using a HTTPS connection to the website in question or for business use consider setting up some sort of VPN. I'd be far more worried about someone sniffing out passwords on badly written websites on unencrypted wifi links. Historically there used to be a number of websites for all sorts of things including banks that sent the initial login information in clear text before switching to an SSL/TLS encrypted session, that sort of newbie error has been fixed for the most part though.

• Firefox will not let me get on any websites (safe AND not safe), claiming that it "may pose a security threat to your system"; when I try to choose the "proceed unprotected" option, it won't let me.

  My computer's anti-virus software recently expired. A few days later, I went to download a new anti-virus software . . . when I opened up Firefox, I received a warning that claimed Firefox was infected with "Trojan-BNK.Win32.Keylogger.gen", and gave me two options: "Activate XP Security 2011 (recommended)" (this was a $60 charge and required credit card info) or "Continue unprotected (Dangerous)"
  Since I needed to install new anti-virus, I figured I would continue unprotected, download my new software quickly, and remove the virus. But when Firefox opened, it gave me a message saying: "Firefox alert. Visiting this site may pose a security threat to your system!". Gave me three options:
  1. "Get a copy of 'XP Security 2011' to safeguard your PC while surfing the web (RECOMMENDED)"
  2. "Run a spyware, virus and malware scan" (I already did this)
  3. "Continue surfing without any security measures (DANGEROUS)"
  I tried clicking on different links, but the same warning kept showing up, even on verified and safe sites. I tried to choose the third option so that I could download my anti-virus software quickly, but nothing happened when I clicked on it - the page reloads and the warning shows up again.
  My computer is still without anti-virus software because Firefox will not let me surf the internet. Please help!

  It sounds as though your PC is infected with fake antivirus software. The detailed cleanup instructions vary depending on which fake AV you have. However, as a first step, try this:
  Download the following on a different PC, copy them to a USB flash drive or CD, and then run them on the infected PC:
  Malwarebytes Anti-malware : http://www.malwarebytes.org/mbam.php
  SUPERAntiSpyware : http://www.superantispyware.com/
  Hopefully these will get you back online safely. If not, search for clean-up instructions for the specific malware.

• Is there any security threat?

  Hi Group,
  I have my IIS webserver outside the fire wall and my coldfusion application server and SQL Server is behind the firewall . Can IIS Still access the cold fusion application server and SQL Server for coldfusion pages, is it for this situation do i need to open the port no 1433 in the firewall for SQL Server, if so is there any security threat?
  Thank You for your Time

  You can run CF in a distributed mode if it is running on JRUN.  So the IIS server would only need access over JRUN ports (which are uncommon) to the CF server.
  This is a little harder to setup, but is covered in the livedocs.
  Alternately, if the person who does your firewall knows how to, you can place everything behind the firewall and segment the firewall into zones, so only your application has access to the database.
  Then your only concern would be what code is being placed on the server and by whom, internally.
  Of course, if your internal network is not secure and accessible, this is a "way in".
  Best practice is to allow no access, and grant only what is necessary.  This applies to all networks and routes that would have access to the entity being protected.
  There is also something to be said for security by obscurity.  Meaning if you have to make 6 jumps to upload code to your server, and only a handful or people know this process, that makes it all the harder to be compromised.
  Byron Mann
  [email protected]
  [email protected]
  Software Architect
  hosting.com | hostmysite.com
  http://www.hostmysite.com/?utm_source=bb

• Has anyone seen the following on their WP? Message from webpage WARNING: Time Warner Cable Customer – Your Internet Explorer browser and  computer may be compromised by security threats. Call 844-600-6224 now for IMMEDIATE assistance.  OK

  Has anyone seen the following on their WP?
  Message from webpage
  WARNING: Time Warner Cable Customer –
  Your Internet Explorer browser and
  computer may be compromised by
  security threats. Call 844-600-6224 now for
  IMMEDIATE assistance.
  OK

  This sounds like a virus or malware program that has made its way onto your computer.  I would ensure you have the latest virus definitions on your computer and run a thorough (complete) scan of your system.  If this doesn't work, I would suggest  you use Microsoft's Malware Removal Tool.  You can download it at the link below.   Hope this helps.
  http://www.microsoft.com/security/pc-security/malware-removal.aspx

• The whtopic.js  file was identified as a security threat

  Hello,
  We generate WebHelp using RoboHelp HTML. The security teams contantly runs security checks on the applications and the whtopic.js file that RoboHelp generates was identified as a security threat becuase of "DOM ocde injection". The comment was that the document.location.href is controllable and, at a minimum, ought to be run through some html encoding.
  Any one else ever run into security analysis of the RoboHelp generated files?
  Anything we can do about it?
  Thanks,
  Rakefet

  These security things sometimes come up in tools. As the code here doesn’t have anything to do with cross frame scripting, so I very much doubt this is an XSS vulnerability. I have asked the people who know about this to look it over.
  Greet,
  Willam

• I just buy new Macbook pro retina. How can I change the language from USA to Chinese., I just buy new Macbook pro retina. How can I change the language from USA to Chinese.

  anybody can help?
  How can I change the language from USA to Chinese? I already select in setup.

  If it didn't take for some reason, go to System Preferences… and select the Languages & Text preference pane and reorder the languages accordingly.
  Note however that specifying a language may not necessarily change everything about a system to being in that language.

• Have A "Security Threat Analysis" Problem

  While browsing with Firefox today, I received a pop up box warning me of a "Security Threat Analysis" and inviting me to click "OK" to start the analysis. The Firefox browser window showed "www1.avforall119.co.cc" I tried to shut the box using the red "X" and the Firefox window minimised. Thereafter, I could not get Firefox to open except in the minimised "Security Analysis" window.
  I have scanned with Windows Defender and Malwarebytes, but nothing found. Meanwhile, I have been able to get an operational Firefox back by uninstalling it and reinstalling it. However, I am concerned that there is still a hidden nasty on my PC. Grateful for advice as to what to do next.
  == This happened ==
  Just once or twice
  == Browsing

  You probably picked something up when you clicked on the red X in that window - in the future you should open the Windows Task Manager > Processes tab and kill the process that exploit opened.
  First thing to do is to update your AntiVirus program definitions, and then run a full, deep scan of your PC.
  Second, I don't know how good Windows Defender is, but Malwarebytes seems to pickup like 90% - only, you should do a scan using other programs, too.
  SuperAntispyware - [http://www.superantispyware.com/]
  Spybot Search & Destroy - [http://www.safer-networking.org/en/index.html]
  These forums specialize in Malware detection and removal.
  [http://www.spywarewarrior.com/index.php]
  [http://forum.aumha.org/]
  [http://www.spywareinfoforum.com/]
  [http://bleepingcomputer.com]

• Online security threats

  Is macbook pro prone to security threat? like to virus and malware

  I strongly disagree with using ClamxAV or any antivirus software on a Mac.  There just are no wild viruses out there, so why waste system resources for a nonexistent problem.  Malware is so rare, and is dependent upon user incompetence.  For example, Flashback makes you think that it's a Flash installer, but why would anyone install Flash that wasn't downloaded from Adobe directly?  I certainly wouldn't.
  Furthermore, both Snow Leopard and Lion have a Malware Protection System that is updated whenever necessary by Apple to block these trojan horses and such. 
  Seriously, use strong password protection for your admin access, don't open strange emails (and certainly not the attachments), and don't download anything that you don't absolutely trust.  That's how you protect yourself.

• WEB CLIP SECURITY THREAT???

  My Dashboard was not active, wherein I have 3 web clips stored. Suddenly my system started to hang, and I force restarted the Dock. When I did I regained control of the system. And I checked the console and found the following disturbing message. Is this a security threat with web clips and how could it activate without my opening the Dashboard?
  Jul 25 12:43:47 G5 [0x0-0xcc0cc].com.apple.dock[0]: Unsafe JavaScript attempt to access frame with URL http://www.kbb.com/KBB/UsedCars/PricingReport.aspx?YearId=2004&Mileage=13200&Veh icleClass=UsedCar&ManufacturerId=15&ModelId=111&PriceType=Trade-In&VehicleId=254 7&SelectionHistory=2547%7c25436%7c16001%7c0%7c0%7c100169%7ctrue%7c100187%7ctrue% 7c100215%7ctrue%7c100243%7ctrue%7c100292%7ctrue%7c100425%7ctrue%7c100418%7ctrue& Condition=Excellent&QuizConditions= from frame with URL http://usedcars.kbb.com/inc/cookiesync.jsp?ATCID=undefined&DK=kbb.com. Domains, protocols and ports must match.
  Also, how in the heck do you delete web clips from the dashboard. Nothing seems to work except turning OFF webclips entirely.
  Thanks
  Jeff

  I say NO!
  I say that is Kelly Blue Book's website you are attempting to clip, that site has problems on a good day and rarely works
  at all with Safari. Try it with Firefox 3.1 and I bet it works just fine.
  Could be your version of Safari/Javascript, but it usually bombs when it pops up with your zip code. Delete the clip
  in Manage widgets and it should be fine.
  The latest downloadable version of Safari from Apple's download is 3.1.2, when you download that update it it says
  Safari311UpdLeo.dmg when it SHOULD be Safari312UpdLeo.dmg, but it doesn't matter I cannot get it to update my
  Safari Version 3.0.4 (5523.15) (just did it 5 minutes ago).
  I'm finding I use FireFox 3.1 more and more since every time I pick up Safari it doesn't display a site or is completely
  broken. If you only have one browser installed, well, you are missing a whole lot of what you visit.

• Any open current internet security threats?

  CNN and others are periodically announcing a internet security threat that has been active for 2 years and is a threat to steal passwords -- suggesting that all passwords be changed.
  This has upset my wife -- i am an apple only household since the 1980s with all s/w completely updated to this moment.
  what is the status of this threat?   do i need to take further percautions?
  i think not  -- but looking for confirmation.
  thnx - j

  OpenSSL Heartbleed bug

• Received security threat analysis- Mozilla Firefox which detected 5 viruses on harddrive & recommendation was "click to start protection". Is this trustworthy & should I click?

  Five viruses detected on security threat analysis. Is the message trustworthy and should I click "start protection"?
  == This happened ==
  Just once or twice
  == Today ==
  == User Agent ==
  Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; GTB6.4; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729)

  No.
  You should never respond to such unsolicited pop-up messages.
  Doing that is a sure way to get infected with malware.
  Do a malware check with a few malware scan programs.
  You need to use all programs because each detects different malware.
  http://www.malwarebytes.org/mbam.php - Malwarebytes' Anti-Malware
  http://www.superantispyware.com/ - SuperAntispyware
  http://www.safer-networking.org/en/index.html - Spybot Search & Destroy
  http://www.lavasoft.com/products/ad_aware_free.php - Ad-Aware Free
  http://www.microsoft.com/windows/products/winfamily/defender/default.mspx - Windows Defender: Home Page
  See also "Spyware on Windows": http://kb.mozillazine.org/Popups_not_blocked

• How will the Time Capsule support IPv6 and coop with the new emerging security threats that will emerge due to the new technical possibilities that IPv6 provide?

  How will the Time Capsule support IPv6 and coop with the new emerging security threats that will emerge due to the new technical possibilities that IPv6 provide?

  Cross your fingers and hope.
  Obviously if there is any big or known threat Apple will send out a firmware fix.
  But the TC is designed to be end user simple device. It has no firewall that is visible at any rate. I don't know that it truly doesn't have a firewall but it is not part of the end user controls.
  IMO if you have major security concerns that go beyond end device firewall, which is where Apple do put most of the security, since firewall in the router is plainly not a stop to anybody deliberately downloading an infected file or website, and most end users.. do not want a firewall that prevents them using the web like a business does, where only certain ports are allowed. Everything else tough luck.. you are not allowed to use it. Then TC is unsuitable for you anyway.. buy a proper firewall appliance.

• Since I can't upgrade my iPad 1 to iOS 6, is it now vulnerable to security threats?

  Since I can't upgrade my iPad 1 to iOS 6, is it now vulnerable to security threats?

  According to my brief search on the support site, there is some discussion on this very topic.  No operating system is completely secure!!  Read http://support.apple.com/kb/HT5503  for iOS 6 security content.  Since Apple does not want to provide support for the iPad 1, I have now stopped doing anything online that requires a password or other sensitive data.  No more new apps or upgrades to my present apps.  It has gone from a fantastic piece of technology to a toy in two years.