Wednesday, May 6, 2015

Whoops, (Little Snitch, Mac, Safari, infoRisk TODAY)

Yesterday, I was teaching using GoToTraining. I run an outbound firewall called Little Snitch. You would not believe how many outbound connections that product requires and worse many of them to not resolve.

Fortunately I started preparing almost an hour before the training and finally realized allowing each connection wasn't going to work. So, I finally decided to disable outbound filtering.

This morning, I had an email from a group called infoRisk TODAY. Not sure how I got it, guessing they bought a mailing list. One of the articles, an interview with the CEO of BB&T looked interesting. So I clicked on that link. Ghostery showed the usual suspects, so these people do want to track you.

After a minute the screen darkened and a little box popped up. I killed the tab. And realized outbound filtering was still disabled. Whoops. I used Safari Preferences to clear cookies and website data, (I have Safari set to always block cookies, but some stuff gets in anyway). Then I killed Safari and ran CCleaner to get the stuff Safari doesn't take care of.

Then I went back. The popup still got through everything. Time for me to revisit how I harden my general purpose browsing. Screenshot with partially successful popup is below.

Then it was time to unsubscribe from infoRisk TODAY. That took me to a screen that said my first name was Suzy, funny, I thought it was Stephen. Sigh, it is sad when you can't tell the good guys from the bad guys.

No comments:

Post a Comment