Blog Archives

news: DetectX v2.14 released

Screen Shot 2016-02-14 at 23.03.29

Yes, two in two days! We’ve added a Preference Pane since yesterday, and improved the performance of the search function. Note that the new Sparkle Vulnerability check we introduced in v2.13 is now off by default. It can be turned on from the Preference Pane (see above).

Other changes are listed in the release notes.

DetectX is still free, fully-functional, and without time-limit for home users. Available for download from here.

🙂

 

news: FastTasks v2.6 released

An update to FastTasks 2 was released earlier today adding further adware definitions to the Analyser function. FT2 is available for free from here. Requires OS X 10.9 or higher.

news: DetectX 2.12 released

We just released an update to DetectX, available for free download from here. The release notes are here.

news: DetectX for Snow Leopard update released

We’ve just released DetectX for Snow Leopard v2.1 (DetectXSL), a long-awaited update that fixes, among other things, the bug in the updater mechanism.

If you have problems either downloading or installing the update from within DetectXSL*, please delete the DetectXSL.app (v2.0) from your mac and download and install v2.1 directly from here (direct download).

Now that we’ve got a working install of 10.6.8 again in the Sqwarq office, we’re planning on updating DetectXSL a bit more frequently, though working in Xcode 3 again is proving to be a bit of a memory challenge!

(and for you more up-to-date folks, don’t forget DetectX runs on everything from OSX 10.7 thru 10.11).

🙂

*requires 10.6.8, Intel, 64-bit architecture

news: FastTasks Update

sudoers
With recent adware attacks exploiting a vulnerability in OS X and giving themselves sudo permissions without the user providing a password, we thought it’d be a good idea to have FT2 show you info on the Sudo permissions file. This feature has been added in today’ update, FT2 v1.68.

The file in question, sudoers, lives in the (usually) hidden /private/etc folder at the root of your hard drive. Most ordinary users won’t have cause to go digging around in there and probably don’t even know it exists. However, sudoers is the file that determines who can get admin access in the shell (aka ‘the Terminal’), and adding a user to the sudoers file gives them pretty much a carte blanche over the system.

It appears that Apple have already taken steps to block the recent attack, and the next version of OS X (likely due out next month) will restrict what even sudoers can do to the system (although not to the user). Nevertheless, we think it’s good idea to have an easy visual check as to whether the sudoers file has been modified or not. You can find the sudoers information in the Analyser just before the System section (marked by the green dashed line).

Be aware that it is entirely possible that if an attacker gains access to your system, they could not only modify the sudoers file, but completely replace it with a new one. That’d give a new creation date but no modification date. With that in mind, it’s worth checking just when the file was created. Running the public release of OS X Yosemite, build 14E46 (you can find the build number in FastTasks menu), my default sudoers file has a creation date of 2014-09-10. If you are running a different build of Yosemite or OS X you may see a different date. Obviously, if you have modified (or given an app or process permission to modify) the file, that will cause you to see different dates also.

%d bloggers like this: