Archive for category: AFP548 Site News

Arbitrary Code via Puppet instead of Jamf (Pro)

Arbitrary Code via Puppet instead of Jamf (Pro)

If you are familiar with Jamf Pro’s (formerly the JSS/Casper Suite’s) model of smart groups and extension attributes (or EA’s), they provide a way to run code that can (among other things) inventory the state of a computer. Every recon run, they run the provided scripts configured server-side, and through […]

Read more

Proactive Mac Security: Santa 🎅

Proactive Mac Security: Santa 🎅

For the next stop in our journey, we’ll review that jolly ol’ soul, Santa. It’s a system for either monitoring what apps are launched and blacklisting the ones you decide are bad, or locking down a macOS computer to only run the ones you’ve whitelisted. Despite what The Register seems […]

Read more

Stop All The Downloadin’

Stop All The Downloadin’

Just a quick one, to remind you that there are ways you can have a dialog with users about tightening security controls. We’re beating the drum about Flash dying a death, and haven’t included it in our image since the Great Analytics Fiasco of 20.0.0.235. I’m not the most tolerant […]

Read more

Proactive Mac Security: osquery

Proactive Mac Security: osquery

There are two reputations(at least) that your faithful writer is hoping to shake: #1, I do not work for Google. #2, I am not the ‘osquery guy’. I don’t even know any C++! (I’m going to make time for this eventually, though.) However, for three events over the course of […]

Read more

ICYMI – LISA Conversations, with Google

Just a quick post for folks that missed it (I follow Clay on the twitters but got notice it was happening a bit too late), the well-regarded ‘Managing Macs at Google Scale’ talk Clay Caviness and Ed Eigerman gave for LISA ’13 was revisited for their video series, embedded below. […]

Read more

Smother the Sparkler

Smother the Sparkler

You’ve read the Mule, you’ve read Ars, and folks like Mactracker have gone out and moved their feed to https like good citizens. But what about those old, abandoned apps we still want to keep using? Well, this is why it’s called risk management and not fire-proofing. Just like physical […]

Read more

Skipping Network Setup in SetupAssistant

SetupAssistant.app has many fun hidden dot files in /var/db/ and Pepijn Bruienne (@bruienne) has found another good one: /var/db/.MBSkipWiFiSetupIfPossible This dot file will make SetupAssistant skip the WiFi setup portion of the setup in some cases. Only 10.11 and higher will respect this dot file. For SetupAssistant to skip the […]

Read more

Brand New Season, Wrong Ocean

It’s great to be back. You’re not deceived, this is the AFP548 Podcast feed, but we’re piggybacking on it with a new title and format. If you’d like to submit art for our new branding, please let us know through the channels discussed in the episode. (Thanks to Graham Gilbert […]

Read more

MacUpdate Considered Harmful

MacUpdate Considered Harmful

Just for those that didn’t see this: https://blog.malwarebytes.org/news/2015/11/has-macupdate-fallen-to-the-adware-plague/ $ strings /Volumes/MacUpdate\ Installer/MacUpdate\ Installer.app/Contents/bin/AssetsChanger | grep browser 18BrowserTools_Opera 19BrowserTools_Safari 19BrowserTools_Chrome MacUpdate has decided to sell out their good name and lie down with the scummiest hijackers on the internet by allowing downloads to be delivered as an app instead of the […]

Read more

Challenges My Organization Faces Upgrading to OS X 10.11, El Capitan

Challenges My Organization Faces Upgrading to OS X 10.11, El Capitan

As if you haven’t heard, there’s something new this month to cause drama on the Apple upgrade treadmill (just as nefarious as Slack dragging everyone’s communication watering hole into the future). This time it’s the coming System Integrity Protection and other tightening restrictions we’re all dealing with. I wanted to […]

Read more