xCode Security
xCode is asking for both administrator and Darwin passwords. Is that required to run xCode?
iMac
Apple Event: May 7th at 7 am PT
xCode is asking for both administrator and Darwin passwords. Is that required to run xCode?
iMac
A local admin logon can be needed to install certain components, docs, etc.
The only thing I see in the referenced image is that quicklook wasn't able to make a thumbnail of the file (which is most likely the reason for the log entry). This would have been something you initiated, such as the preview used in Finder's column view.
For the most part, no one will be able to access your machine without you starting the communication in the first place. A good example of this is your web browser - once you contact any particular page, several ports are opened up to deal with the traffic (that you requested) from your machine to the server, not just from the server to your machine.
Once you do initiate that contact, then all kinds of auto-read and auto-send cookies can be downloaded to your system, is that right?
What other software can also be uploaded to your system, once you initiate contact with a site or other file system?
Correct - a web browser sends and recieves al kinds of stuff, including cookies, although cookies can't send anything by themselves. Other items depend on exactly what is downloaded and what kind of access it has (this is why it is recommended to use a standard account instead of an administrative one). Normally you would need to authorize the installation of an application, otherwise malware tries to take advantage of some flaw in an underlying framework.
For the most part, you will be fine using a normal approach to security (e.g. using a router, running from a standard account, not clicking on mysterious links, not installing plug-ins or applications unless you know what they are and where they are coming from, etc), although it doesn't hurt to understand the reasoning for doing these kinds of things.
Doesn't hurt? That's an understatement! I have been browsing with an administrator account, and that is probably why I feel like browsing is unsafe.
I'm pretty sure most people don't know about that in the public, since it isn't a concern for companies or governments, which always have ordinary accounts doing the browsing. I think you just hit the key that was motivating this whole concern. I feel like the whole issue is solved, now.
Now since I have been browsing for a year with an administrator account, what steps should I take to 'clean' my system? Is it going to be going through every file, etc?
Does apple have a list of the keychain access that MUST be available for important OS folders/files (e.g., which folders/files MUST have wheel, everyone, read access, etc.)?
Unless you have some reason to suspect that your system has been compromised, I wouldn't worry about it too much. Lots of people run from an administrative account without any problems; using a standard account is just another way to limit any damage that malware or a rogue/runaway application can cause.
There are literally hundreds of thousands of files in the system, so going through every one is unrealistic. The system files are owned by root, and although most are readable by everyone, they can't be altered without you giving permission - this is one of the main reasons for only downloading and/or installing items from known and trusted sources.
The main thing is to just be aware.
Well there is definitely reason for me to believe that my system has been compromised, even if just by cookies that read data for perfectly legitimate companies. The computer gets hot, when it didn't before, there are people reading information from my computer who I may not want to read information from my computer, etc. If you multiply the lower level of security awareness that most individuals or families have by the greater and more well-trained security awareness that corporations and governments (and criminal organizations) have, you end up with a magnitude of advantage for collectivist bodies against the disadvantage of less tech-savvy individuals and families that is a clear systematic compromise.
It need not be necessary for individuals to keep network authorities, etc, OFF of their systems, but it is certainly necessary for them to know how to and be able to monitor who is on their system. Such an arrangement serves the common security interests.
Cookies don't read anything, they are put there for whoever to read. I keep a few site cookies around if they serve a purpose, but delete everything else at the end of the day since Safari still doesn't have decent (well, any) cookie management.
The only way to really be sure your system is not compromised is to reinstall your OS. I'm not overly paranoid (why do you ask?), but with a fresh install, I use an administrative account to create a standard one for every day normal use, then set up the application firewall and install Little Snitch (it is interesting to see what tries to go out) - I use a business class router (without the default password or remote management enabled) that takes care of outside stuff like stealth, DoS, P2P, etc. From there, it is just basic awareness, decent passwords, being careful what gets installed, etc.
Just about all of the malware out there either jiggles the handle to see if the door is unlocked, or tries to convince you that their product is the only thing that will keep the rampaging hordes at bay, so with the proper tools and awareness it is fairly easy to spot things that don't sound right. I didn't know I had that many uncles in Nigeria though...
It's nice to know that I'm not being paranoid.
Did you happen to see the other post, 'root user' where I'm denied access to the root user list, even when I'm logged on as a root user? Why is that happening and who is responsible for that?
In that one, it looks like you were trying to execute the file - it is just a configuration file and therefore doesn't have execute privileges.
xCode Security