Anti malware software and such [and Enpass]
Now that im using 1PW (and I love it) and in the proces of transferring files from Enpass to 1PW I was asking myself how do I know my Mac isn't infected in any way with software that wants my data as when being infected than even 1PW is being targeted too.
I need to transfer my pw's thru a csv file
So my q'n is what do you people use to check if your Mac systems isn't infected in any way and what software you use.
I like to be on the safe site and don't take things for granted as our lives are more and more digital so the attacks are aimed at our devices with better be in top shape to minimize the hacker attacks.
Are there programs that I should run to help me keeping on the safe site in everyday internet use.
And yes I'm aware of using my head and not downloading all which I don't, but sometimes one has to download on the makers site than the App Store.
So far my list on what I use is this
NordVPN
Protonmail
Torbrowser
1Blocker
1Password
Fill me in please as I'm always open to learn especially on this subject not pretending to know it all which I don't.
1Password Version: 6,8,7
Extension Version: 4,70
OS Version: OS X 10,13,3
Sync Type: Not Provided
Referrer: forum-search: malware
Comments
-
This is a very big, complex subject. It sounds like you are trying to do your best in an exceptionally hostile world. The generic response I personally give folks who ask the generic How Can I Be Certain I Am Safe question, the answer is You Can't. It's a basic premise that you should never play an expert in his own game. And folks like you and I are novices in a ruthless sea of sharks. With today's malware, supported by nation-state budgets, and with years of development expertise, you'll never see it coming, and you'll never know its hit you if it does.
So all you can do is your best, use the standard practices provided by security experts, pay careful attention to what your system is asking/doing, and tread cautiously. The largest threat is still generally social engineering tactics, so be alert.
I'll leave this topic, and move onto your other goal - moving your Enpass data over to 1Password. I see that Enpass finally supports CSV exports. That lack was the primary reason I did not create a converter for that password manager. Its TXT export was severely limited.
That said, I'm now willing to create an enpass converter. Would you be interested in using it? It would make importing into 1Password significantly simpler than using its generic CSV importer.
0 -
Now that im using 1PW (and I love it) and in the proces of transferring files from Enpass to 1PW I was asking myself how do I know my Mac isn't infected in any way with software that wants my data as when being infected than even 1PW is being targeted too.
I need to transfer my pw's thru a csv file@Jo_ann77: Definitely a complex topic! Ultimately no security software can protect you from yourself, if you're running software from untrusted sources or just using a device with an unpatched vulnerability. So the most worthwhile advice I can give you is to keep all of your software up to date and practice good security hygiene. And definitely don't use an untrusted network or devices to transmit or store sensitive information.
So my q'n is what do you people use to check if your Mac systems isn't infected in any way and what software you use.
I use XProtect, which is built into macOS. I don't normally think of VPNs this way, but I do use them when on untrusted networks.
I like to be on the safe site and don't take things for granted as our lives are more and more digital so the attacks are aimed at our devices with better be in top shape to minimize the hacker attacks.
Are there programs that I should run to help me keeping on the safe site in everyday internet use.
And yes I'm aware of using my head and not downloading all which I don't, but sometimes one has to download on the makers site than the App Store.
So far my list on what I use is this
NordVPN
Protonmail
Torbrowser
1Blocker
1PasswordI realize that this advice isn't particularly comforting, as it doesn't give you an actionable security checklist. But none of these apps/services can stop you from compromising the machine yourself, or otherwise giving your information out.
Fill me in please as I'm always open to learn especially on this subject not pretending to know it all which I don't.
It really depends on your behaviour and the particular threats you face. For example, not everyone is computing in a hostile environment while traveling or working, but some are. When I'm at home, I take modest measures to protect my stuff: I have a reasonable timer set to lock 1Password an the computer when not in use. But when traveling, I remove unnecessary vaults from my devices, do a new backup beforehand, and use more aggressive lock settings. At home, I leave my laptop on the table when I go to the bathroom. In public, I take it with me. It's all about choices.
I agree with everything MrC already said on the subject, with an additional note of some hope: while normal folks like us are equipped to defend ourselves against professional attackers, most of us won't face that, so it's a matter of taking reasonable measures to protect ourselves from the likely threats. It's just counterintuitive that for most of us, the primary threat will be ourselves. It feels like a bummer that there isn't a specific external adversary we can try to protect against, but we're in a better position to be aware of our bad habits and work to improve ourselves. :)
0 -
MrC and Brenty,
Thanks so much for sharing both your time, knowledge and expertise on this subject as its much appreciated.
It took a few readings for me to fully understand the wise words both of you have shared but the massage is clear.Its like a unhealthy lifestyle cant be cured with a magic pill evenso is a healthy lifestyle no guarantee for not getting sick but the changes are severely reduced in doing so 😊
This is the best was for me to discribe this subject in my own words.Again many thanks for sharing and another valuable lesson learned im sure there will be many more that will follow 👍
Keep up the good work.0 -
@Jo_ann77: Thank you for the kind words! You're totally welcome, but I think you said it even better than I ever could:
Its like a unhealthy lifestyle cant be cured with a magic pill evenso is a healthy lifestyle no guarantee for not getting sick but the changes are severely reduced in doing so 😊
I hope you don't mind if I borrow that. I think that's a much better way of putting it that pretty much all of us can relate to. Cheers! :chuffed:
0 -
Hey, likewise, great topic and a great metaphor! :)
0 -
Hello @Jo_ann77 ,
I have good news.
I have just posted an update to the 1.10 version of the converter suite. It now includes an enpass converter. I've currently only tested it on macOS, but will get to Windows shortly.
Download the entire zip again, and replace what you've downloaded in the past.
Please note, while the Enpass CSV export is valid CSV, there are several issues:
- There is no information in the records to indicate the category, so the converter uses key field matching heuristics to detect a category.
- The CSV export eliminates empty fields from the export, so some category detection may be impossible under certain circumstances.
- Some records duplicate certain field names. The converter tries to map these fields to the correct 1Password field, but due to 2 above, such fields may not map as you'd like or expect.
- If you've renamed any of the key field labels, the converter may not detect the category. The converter can be easily customized to handle this, and I'm happy to help you do that if necessary.
- Enpass does not do any date validation - dates are simply random string values, and therefore are meaningless. The converter does not attempt to parse any date values, and they will be placed into the Notes section of the record.
Enpass has a ridiculous number of categories / record templates (some of which make no sense for a password manager, such as Flight Information and Hotel Reservations). I've handled all of them with the exception of a few esoteric categories beneath the other Other grouping. This just means they will go to Secure Notes, and you could not specify them with using the
--include
or--exclude
options.Let me know how things go!
0 -
Super cool! Thank you! :chuffed:
0