Sorry, Jose, that was a typo.   I meant that I had installed OS X 10.7.4 Lion.  
My SimpleTech Pro Duo is a software based RAID (configured as a RAID-0) and it
won't mount under Lion.   I had read that software based RAIDS wouldn't work due
to a bug Apple introduced in 10.7.4.   My hardware based Guardian MAXimus, is a
hardware based RAID-1, purchased from Other World Computing.   It works fine
under 10.7.4.

Last night, during Jose Kissell's Q&A, I asked him about my problem.   He said
that he was only familiar with software based RAID's configured with Apple's
software.   I clarified that the Pro Duo was a hardware package that I had
purchased from Fry's Electronics.  I had read that it was software based.  He
said that he didn't have an easy solution for me.   There are new situations
that are difficult, even for experts like Joe Kissell, who gave a captivating 90
minute presentation last night, including Q&A.

I suspect that I'll have to boot from a 10.6.8 Snow Leopard partition on the
ProDuo, connect a new drive via Firewire 800 and received my data that way.  
The fan bearings were already failing, and I learned shortly after I bought it,
that it had a high failure rate.   So, data recovery this way seems my best long
term solution.   It only served as a secondary backup, with my most important
backups being on the Guardian MAXimus.   We now see why multiple backups are so
important!!!! :-)

Thanks,
Len

--- In svmug@yahoogroups.com, Jose Francisco Medeiros <jose.medeiros@...> wrote:
>
> Hi Len,
>
> Glad to her that you got it working, just to clarify, you did mean 10.7.4
> Lion, and not 10.6 Snow Leopard?
>
> Out of curiosity how did you resolve your software Raid external drive
> mounting issue?
>
> Is the Newer Technology textural hard drive, hardware based RAID  working
> with Lion correctly?
>
> Jose F. Medeiros
> 408-256-0649 Google Voice
> ----------------------------------------------------------
>
>
>
>
> On Mon, Jun 18, 2012 at 8:37 AM, Len <MacREALTOR@...> wrote:
>
> > **
> >
> >
> > I'm successfully running OS X 10.6.4 Lion, after reformatting my internal
> > drive, then clean installing from a bootable clone of Snow Leopard with the
> > Lion installer, which automatically imported all my old settings and data.
> > This left me with a lot of old crud, which I had to gradually deal with.
> > I'm still dealing with post-install issues.
> >
> > While, trying the following isn't feasible for me, with a Fall 2006
> > MacBook Pro, with the maximum 3 GB RAM, it may work for others, with a late
> > model Mac with a lot of RAM. Licensing is a separate issue.
> >
> > The Reader Report here, posted on 6/18, describes running Snow Leopard as
> > a VirtualBox virtual machine in Lion, so as to have a Rosetta solution.
> >
> > http://www.xlr8yourmac.com/feedback/virtualbox_user_reports.html#storytop
> >
> > Len Walther, CDPE Advanced, e-PRO, GRI
> > Certified Distressed Property Expert, Advanced
> > http://www.LenCanHelp.com/
> > Broker, DRE#00460258
> >
> > RE/MAX Real Estate Services
> > 19200 Stevens Creek Blvd, Ste 210
> > Cupertino, CA 95014
> >
> > Director, California Association of REALTORS®
> > President's Choice Award, 2002, Santa Clara County Association of REALTORS®
> >
> > 408-252-9800 Ext 2537 Phone
> > 408-252-9819 Fax
> >
> >
> >
>

Hello SVMUG and SMUG members,

By way of Mary Agnes Early, I have learned that Ro Dinkey has died this past May
29th. Ro was Mary and Jim Early's neighbor, and a past member of SMUG. I thought
perhaps some of you might remember her, so I am passing along the information
that Mary Agnes sent me. Ro is survived by her husband, Jim Dinkey. A memorial
service is to be held Saturday June 23rd, at the Elk's Lodge in Palo Alto.

-- Robert Brown

http://www.geekculture.com/joyoftech/joyarchives/1707.html

Enjoy! :-)

Len Walther, CDPE Advanced, e-PRO, GRI
    Certified Distressed Property Expert, Advanced
    http://www.LenCanHelp.com/
    Broker, DRE#00460258

RE/MAX Real Estate Services
19200 Stevens Creek Blvd, Ste 210
Cupertino, CA 95014

Director, California Association of REALTORS®
President's Choice Award, 2002, Santa Clara County Association of REALTORS®

408-252-9800 Ext 2537 Phone
408-252-9819 Fax

I look at our email with my iPad first, then look at the seemingly safe subset
with our Mac. Of course this does not block hijacked web pages being presented
for view, and subtle attacks, when we web surf with our Mac.

In our wait for the new Mac OS, Mountain Lion I came across this survey article
about security vulnerabilities. Although I never was knowledgeable to the extent
that I might work in software at the detailed level outlined here, it has
provided me with some evidence to influence my future choices of hardware
operating systems.

===================================================
http://www.macrumors.com/2012/06/25/apple-updates-mountain-lion-developer-previe\
w-with-new-security-features/

munkery
10 hours ago at 08:40 pm
OS X NEVER was more secure than Windows - that's just a stupid myth.

1) Until Vista, the admin account in Windows did not implement DAC in a way to
prevent malware by default. Also, Windows has a far greater number of privilege
escalation vulnerabilities that allow bypassing DAC restrictions even if DAC is
enabled in Windows.

Much of the ability to turn these vulnerabilities into exploits is due to the
insecurity of the Windows registry. Also, more easily being able to link remote
exploits to local privilege escalation exploits in Windows is due to the Windows
registry.

Mac OS X does not use an exposed monolithic structure, such as the Windows
registry, to store system settings. Also, exposed configuration files in OS X do
not exert as much influence over associated processes as the registry does in
Windows.

Mac OS X Snow Leopard has contained only 4 elevation of privilege
vulnerabilities since it was released; obviously, none of these were used in
malware. Lion has contained 2 so far but one of these vulnerabilities doesn't
affect all account types because of being due to a permissions error rather than
code vulnerability.

The following link shows the number of privilege escalation vulnerabilities in
Windows 7 related to just win32k:

http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=win32k+7

More information about privilege escalation in Windows 7:

http://www.exploit-db.com/bypassing-uac-with-user-privilege-under-windows-vista7\
-mirror/ -> guide to develop exploits to bypass UAC by manipulating registry
entries for kernel mode driver vulnerabilities.

https://media.blackhat.com/bh-dc-11/Mandt/BlackHat_DC_2011_Mandt_kernelpool-wp.p\
df -> more complete documentation about Windows kernel exploitation.

http://mista.nu/research/mandt-win32k-paper.pdf -> more complete documentation
about alternative methods to exploit the Windows kernel.

http://threatpost.com/en_us/blogs/tdl4-rootkit-now-using-stuxnet-bug-120710 ->
article about the TDL-4 botnet which uses a UAC bypass exploit when infecting
Windows 7.

2) Windows has the potential to have full ASLR but most software does not fully
implement the feature. Most software in Windows has some DLLs (dynamic link
libraries = Windows equivalent to dyld) which are not randomized.

http://secunia.com/gfx/pdf/DEP_ASLR_2010_paper.pdf -> article overviewing the
issues with ASLR and DEP implementation in Windows.

Also, methods have been found to bypass ASLR in Windows 7.

http://vreugdenhilresearch.nl/Pwn2Own-2010-Windows7-InternetExplorer8.pdf ->
article describing bypassing ASLR in Windows 7.

Mac OS X has full ASLR implemented on par with Linux. This includes ASLR with
position independent executables (PIE). DLLs in Windows have to be pre-mapped at
fixed addresses to avoid conflicts so full PIE is not possible with ASLR in
Windows.

Using Linux distros with similar runtime security mitigations as Lion for a
model, client-side exploitation is incredibly difficult without some
pre-established local access. Of course, this is self defeating if the goal of
the exploitation is to achieve that local access in the first place.

See the paper linked below about bypassing the runtime security mitigations in
Linux for more details.

http://www.blackhat.com/presentations/bh-europe-09/Fritsch/Blackhat-Europe-2009-\
Fritsch-Bypassing-aslr-slides.pdf

The author only manages to do so while already having local access to the OS.

3) Mac OS X Lion has DEP on stack and heap for both 64-bit and 32-bit processes.
Third party software that is 32-bit may lack this feature until recompiled in
Xcode 4 within Lion. Not much software for OS X is still 32-bit.

But, not all software in Windows uses DEP; this includes 64-bit software. See
first article linked in #2.

4) Mac OS X implements canaries using ProPolice, the same mitigation used in
Linux. ProPolice is considered the most thorough implementation of canaries. It
is known to be much more effective than the similar system used in Windows.

http://www.blackhat.com/presentations/bh-usa-04/bh-us-04-silberman/bh-us-04-silb\
erman-paper.pdf -> article comparing ProPolice to stack canary implementation in
Windows.

5) Application sandboxing and mandatory access controls (MAC) in OS X are the
same thing. More specifically, applications are sandboxed in OS X via MAC. Mac
OS X uses the TrustedBSD MAC framework, which is a derivative of MAC from
SE-Linux. This system is mandatory because it does not rely on inherited
permissions. Both mandatorily exposed services (mDNSresponder, netbios...) and
many client-side apps (Safari, Preview, TextEdit…) are sandboxed in Lion.

Windows does not have MAC. The system that provides sandboxing in Windows,
called mandatory integrity controls (MIC), does not function like MAC because it
is not actually mandatory. MIC functions based on inherited permissions so it is
essentially an extension of DAC (see #1). If UAC is set with less restrictions
or disabled in Windows, then MIC has less restrictions or is disabled.

http://www.exploit-db.com/download_pdf/16031 -> article about Mac sandbox.

http://msdn.microsoft.com/en-us/library/bb648648(v=VS.85).aspx -> MS
documentation about MIC.

https://media.blackhat.com/bh-eu-11/Tom_Keetch/BlackHat_EU_2011_Keetch_Sandboxes\
-Slides.pdf -> researchers have found the MIC in IE is not a security boundary.

6) In relation to DAC and interprocess sandboxing in OS X in comparison with
some functionality of MIC in Windows 7 (see #5), the XNU kernel used in OS X has
always had more secure interprocess communication (IPC) since the initial
release of OS X.

Mac OS X, via being based on Mach and BSD (UNIX foundation), facilitates IPC
using mach messages secured using port rights that implement a measure of access
controls on that communication. These access controls applied to IPC make it
more difficult to migrate injected code from one process to another.

Adding difficulty to transporting injected code across processes reduces the
likelihood of linking remote exploits to local exploits to achieve system level
access.

As of OS X Lion, the XPC service has also been added to implement MAC (see #5)
on IPC in OS X.
(http://developer.apple.com/library/mac/#documentation/MacOSX/Conceptual/BPSyste\
mStartup/Chapters/CreatingXPCServices.html)

7) Windows has far more public and/or unpatched vulnerabilities than OS X.

http://www.vupen.com/english/zerodays/ -> list of public 0days.

http://www.eeye.com/Resources/Security-Center/Research/Zero-Day-Tracker ->
another list of public 0days. (Most if not all of the Apple vulnerabilities in
this list were patched in the latest Apple security update
->http://support.apple.com/kb/HT5002)

http://m.prnewswire.com/news-releases/qihoo-360-detects-oldest-vulnerability-in-\
microsoft-os-110606584.html -> article about 18 year old UAC bypass
vulnerability.

8) Password handling in OS X is much more secure than Windows.

The default account created in Windows does not require a password. The
protected storage API in Windows incorporates the users password into the
encryption key for items located in protected storage. If no password is set,
then the encryption algorithm used is not as strong. Also, no access controls
are applied to items within protected storage.

In Mac OS X, the system prompts the user to define a password at setup. This
password is incorporated into the encryption keys for items stored in keychain.
Access controls are implemented for items within keychain.

Also, Mac OS X Lion uses a salted SHA512 hash, which is still considered
cryptographically secure. It is more robust than the MD4 NTLMv2 hash used to
store passwords in Windows 7.

http://www.windowsecurity.com/articles/How-Cracked-Windows-Password-Part1.html
-> article about Windows password hashing.

9) The new runtime security mitigation improvements to be included in Windows 8
have already been defeated.

http://vulnfactory.org/blog/2011/09/21/defeating-windows-8-rop-mitigation/

To put this into perspective, methods to bypass the new runtime security
mitigations in Mac OS X Lion are not yet available.

10)In regards to recent earlier version of Mac OS X:

The following article relates to varying levels of security mitigations in
different Linux distros but it is applicable in revealing that the runtime
security mitigations in some earlier versions of Mac OS X prior to Lion were far
from inadequate.

http://www.blackhat.com/presentations/bh-europe-09/Fritsch/Blackhat-Europe-2009-\
Fritsch-Bypassing-aslr-slides.pdf

While Mac OS X Leopard/SL lack full ASLR, Windows Vista/7 have stack canaries
(aka stack cookies) that are trivial to bypass.

The following link shows the issues with stack canaries in Windows.
->http://www.blackhat.com/presentations/bh-usa-04/bh-us-04-silberman/bh-us-04-si\
lberman-paper.pdf

So:

Windows Vista/7 = NX + ASLR
Mac OS X Leopard/SL = NX + stack cookies

These articles show that NX in combination with stack canaries is more difficult
to bypass than a combination of NX and ASLR.

11) Mountain Lion only improves upon the security of Lion.

BTW, Safari on a Mac running Lion was not hacked at the last pwn2own.
Rating: 8 Positives / 1 Negatives

In case you skimmed past this message, it is the most complete and well
documented comparison of Apple OSX vs Microsoft Windows vulnerabilities I have
ever seen, I have some friends that will be made aware of the contents of this
message (grin0

Hello SVMUG members,

I just finished a little conversion project. In the past, I have been using
Firewire and USB connected hard drives, for critical duties of holding my
Aperture library, iTunes Media folder, Time Machine backup database, and
enormous video files. I have moved this data to a pair of LaCie RAID drives (4TB
and 6TB), with Thunderbolt connections. The difference is very noticeable --
much faster access, file movement, etc.

I am using the default out-of-the-box RAID 0 configuration. This means the two
drives in each LaCie box are used in the non-redundant striped data recording.
This yields high performance, as data blocks are fetched by sequential
alternation between the two drives. The two drives look like a single drive --
e.g. a pair of 3TB drives becomes a massive 6TB drive. But there is consequence:
if either drive fails, the whole thing fails.

Another option is RAID 1. In this case, the two drives are mirrors of each
other. If one fails, the other still has the data. But then the capacity has
been cut in half.

Finally, there is the non-RAID option: JBOD -- "just a bunch of drives". This
gives you the highest capacity. There is no redundancy, but at least if a drive
fails, the data on the other drive in the box is unaffected. Plus, the drives in
this configuration are hot-swappable.

When I can I will add more drives. A rational configuration is to use RAID 1 for
a drive set will hold critical data like my iTunes media folder and my Aperture
Library. A RAID 0 should be used for the work-in-progress video files. A
separate RAID 0 will be for the Time Machine backup, which needs a massive
drive.

-- Robert Brown

If you use this service, it will be shut down at the end of July.  You might
want to transfer your stuff to one of the many cloud services floating around
now.

https://www.iwork.com/signin/

Wil
Sunnyvale

This is a very concise article that makes it's point well with graphical data!

http://www.asymco.com/2012/07/04/the-building-and-dismantling-of-the-windows-adv\
antage/

Len Walther, CDPE Advanced, e-PRO, GRI
    Certified Distressed Property Expert, Advanced
    http://www.LenCanHelp.com/
    Broker, DRE#00460258

RE/MAX Real Estate Services
19200 Stevens Creek Blvd, Ste 210
Cupertino, CA 95014

Director, California Association of REALTORS®
President's Choice Award, 2002, Santa Clara County Association of REALTORS®

408-252-9800 Ext 2537 Phone
408-252-9819 Fax

Hello SVMUG members and my other Mac user friends,

I have been reading about the recent developments in individually targeted
attacks against the Macintosh operating system. The most recent seems to be a
backdoor installing trojan program, called "MaControl" by some.

The most interesting, to me, feature of these attacks is that the trojans are
set to attack specific groups of users. Much like the Stuxnet trojan, the attack
package will examine a computer which it has managed to infect, to determine
whether or not the computer is used by some one of interest to the attacker.
Stuxnet would determine if it had accessed a particular Siemens controller, used
with the Iranian isotope separation centrifuges. If so, it ramped the centrifuge
speed up, to the point of destruction, while keeping the indicators normal for
the viewing by the human technicians.

The MaControl behaves similarly in that it pulls data from the infected machine
and sends this data to a command-and-control (CAC) server. On this server, the
data is examined to determine if the infected machine is in use by a political
activist. Of course, the CAC could be set up to look for anyone. Details about
the CAC have been decrypted from the MaControl program -- it is known that it is
in China and is presumably government sanctioned. The idea is that having found
a person of interest, they can focus on that person, extracting the information
they need without wading through a mass of indiscriminately fetched files.

So we are back to the days of yesteryear (around 1980 to 1990) when the Apple II
and later on, the Mac, were in the crosshairs of viruses writers. I remember
well getting almost weekly updates for my virus scanners. But in the last decade
of the previous century, thanks largely to the efforts of Forbes, Business Week,
and the WSJ, Macs were yanked from corporate environments, replaced by PC™
models. This near hegemony made the PC the target of choice. (I also believe the
focus was on PC's because frankly it is really easy to write virus and trojan
programs for the PC. For the Mac, not so fast and furious.) We users of
Macintosh computers enjoyed a little respite from serious attacks, while the PC
world twisted in agony from rapid and dangerous assaults, mostly recently
seeking to send your passwords and credit numbers to the notorious Russian
Business Network (RBN).

But now, THEY"RE BACK!!!! In our new Millennium, it appears that not just any
victim will do. They want specific computers, specific groups, and it is
suspected even specific high profile individuals. It is like a smart cluster
bomb -- it is scattered as a huge number of bomblets over a wide range, but it
does no damage unless by chance one of the bomblets rolls into the targeted
hands.

There are lots of high profile people who use Macintosh computers. Accordingly,
the new attacks have to be written for the Mac, to reach these people. It is not
just artists and scientists. For example, former President G. W. Bush jr.,
former President W. Clinton, future President H. Clinton, could-have-been
President Al Gore, Soviet President Boris Yeltsin, former Iceland President
Madam Vigdís Finnbogadóttir, Rush Limbaugh, G. Gordon Liddy, and the Dalai Lama
are all devoted Macintosh users.

What to do? Dust off your old security skills. It is time to get serious again.

1. Most attacks start by a little social engineering. The attacker needs to get
you to grant administrative permissions for a trojan to install itself on your
computer. The FlashBack trojan did this by clever screens  that would deceive
you into thinking this was a real update, issued by Adobe. Other methods include
hiding as a script in a MS Office document, popping up the standard "Okay to
Run?" dialog. Be alert, think about what you are installing. Did it REALLY come
from a trusted source. Suddenly, the "walled garden" of Apple doesn't sound so
bad, does it.

2. Change your passwords every now and then. Use good passwords. At the very
least for any finance related accounts.

3. Use a decent anti-malware scanner, for example clamAV which is available from
the Apple App Store. Keep it up to date. Warning: anti-malware scanners are not
a panacea. Just kind of a weak kidney.

4. Don't make it easy: do not put certain personal information into a social
network. The forbidden items include your full birth date, your mother's maiden
name, your social security number, and so forth. If you have used something as
one of your "security challenge" questions and answers, it must be treated as
secret knowledge.

5. Encryption is not very helpful. The reason is that the attacking program
already has administrative permissions, from the time you unwittingly installed
it, so the operating system will happily decrypt files on the fly for it.
However, it is nice to encrypt the system drive on a computer that might be
stolen from you. Firevault on the Mac OS X offers automatic encryption and
time-of-use decryption. It is not perfect, but it is helpful. Please do not
forget your recovery password -- no one can help you if set up encryption and
then forget the master recovery password.

-- Robert Brown


P.S. No, I do not know how to pronounce Vigdís Finnbogadóttir.

P.P.S. Other devoted Mac users are listed on this very impressive web page:
http://applemuseum.bott.org/sections/users.html

P.P.P.S. Limbaugh and Liddy, I can accept that. But Tom Cruise? That is, for
some reason, very disturbing.

David, you seem to be describing a document scanner for office or home office
use, or perhaps portable use.

These scanners can have document input trays and often can scan at high speeds.
The resolution will be satisfactory for scanning of documents, but wouldn't be
suitable for scanning photographs at high resolution.

For this purpose, the Fujitsu ScanSnap series of scanners can't be beat!

http://www.fujitsu.com/global/services/computing/peripheral/scanners/ss/lineup/

Another REALTOR® I know has the Canon Scan-tini portable document scanner and
loves it:

http://usa.canon.com/cusa/office/products/hardware/scanners/high_speed_document_\
scanners/imageformula_p_215_scan_tini_personal_document_scanner

Note that the more portability you want, the more costly it tends to be!

Hope this helps!

Len Walther, CDPE Advanced, e-PRO, GRI
    Certified Distressed Property Expert, Advanced
    http://www.LenCanHelp.com/
    Broker, DRE#00460258

RE/MAX Real Estate Services
19200 Stevens Creek Blvd, Ste 210
Cupertino, CA 95014

Director, California Association of REALTORS®
President's Choice Award, 2002, Santa Clara County Association of REALTORS®

408-252-9800 Ext 2537 Phone
408-252-9819 Fax

--- In svmug@yahoogroups.com, "David H." <menschdh@...> wrote:
>
> I should want to change my paper  files and catagarize them. What make and
model do you reccomend?
>  
> David Hirsch
>

 

David, you seem to be describing a document scanner for office or home office use, or perhaps portable use.

These scanners can have document input trays and often can scan at high speeds. The resolution will be satisfactory for scanning of documents, but wouldn't be suitable for scanning photographs at high resolution.

For this purpose, the Fujitsu ScanSnap series of scanners can't be beat!

http://www.fujitsu.com/global/services/computing/peripheral/scanners/ss/lineup/

Another REALTOR® I know has the Canon Scan-tini portable document scanner and loves it:

http://usa.canon.com/cusa/office/products/hardware/scanners/high_speed_document_scanners/imageformula_p_215_scan_tini_personal_document_scanner

Note that the more portability you want, the more costly it tends to be!

Hope this helps!

Len Walther, CDPE Advanced, e-PRO, GRI
Certified Distressed Property Expert, Advanced
http://www.LenCanHelp.com/
Broker, DRE#00460258

RE/MAX Real Estate Services
19200 Stevens Creek Blvd, Ste 210
Cupertino, CA 95014

Director, California Association of REALTORS®
President's Choice Award, 2002, Santa Clara County Association of REALTORS®

408-252-9800 Ext 2537 Phone
408-252-9819 Fax

--- In svmug@yahoogroups.com, "David H." <menschdh@...> wrote:
>
> I should want to change my paper  files and catagarize them. What make and model do you reccomend?
>  
> David Hirsch
>

 

I should want to change my paper  files and catagarize them. What make and model do you reccomend?

 

David Hirsch

Dave,


I just ran across this scanner / fax / Printer on CDW's closeout section in case
anyone has an interest. The price is cheaper then replacing the ink cartridges
in most members printers. HP supports Lion with this model, but I am not sure
if  it has OCR software for a Mac.


HP OJ 6600 E AIO PRINTER (BSTK)
http://www.cdw.com/shop/products/HP-OJ-6600-E-AIO-PRINTER-BSTK/2728397.aspx

Here are the HP specs:

http://www.shopping.hp.com/en_US/home-office/-/products/Printers/HP-Officejet/CZ\
155A?HP-Officejet-6600-e-All-in-One-Printer-H711a

Jose :-)

For those that haven't heard, read this:

http://www.macworld.com/article/1167654/hackers_publish_emails_passwords_from_ya\
hoo_service.html

I'm changed my Yahoo!, AOL and Comcast passwords and don't use the other listed
services.   I use the AgileBits 1Password random password generator to generate
long and random passwords.  CHANGE YOUR PASSWORDS NOW, AND CONTINUE TO DO SO FOR
ALL YOUR PASSWORDS ON A REGULAR BASIS.  DON'T USE THE SAME PASSWORDS ON MULTIPLE
SITES!!!

Most of us already know we should do this, but think it is too much work, and
never get around to it.   It's time to put into practice what we already know!
:-)

Thanks,

Len Walther, CDPE Advanced, e-PRO, GRI
    Certified Distressed Property Expert, Advanced
    http://www.LenCanHelp.com/
    Broker, DRE#00460258

RE/MAX Real Estate Services
19200 Stevens Creek Blvd, Ste 210
Cupertino, CA 95014

Director, California Association of REALTORS®
President's Choice Award, 2002, Santa Clara County Association of REALTORS®

408-252-9800 Ext 2537 Phone
408-252-9819 Fax