Should I remove 1Password from a computer that no longer supports updates?

Hi @kohls,

It might be that my personal preference is seen as a little extreme. We've had a couple of high profile security scares recently, Shellshock (CVE-2014-6271) and FREAK attack (CVE-2015-0204) really stood out for me as they applied to so many systems out there. Now my memory hasn't served me well as I was under the impression that Apple had patched neither in Lion while it seems that they did patch Shellshock but not FREAK attack.

If your older MacBook is early 2008 or older then sadly Lion is the last compatible OS, a bit of a kicker given the late 2008 MacBook is compatible with Yosemite and I believe will also run El Capitan. Ironically you could be safer running Windows on an early 2008 MacBook Pro - it will run Windows 7 which has extended support through to 2020.

Once upon a time simply not loading dodgy files off of a floppy disk was enough to stay safe, then it was simply don't visit dubious websites. Nowadays reputable websites with a flaw allow miscreants to attack users. A fully patched system is a must these days hence why I personally would have concerns about running on obsolete OS any more.

Now to your questions. Yes, you can safely remove 1Password 3 from a Mac without it affecting any other device. We have uninstallation steps for 1Password 3 here and all you would have to remember is that your .agilekeychain is in your Dropbox account to allow all of your other devices to synchronise. Would doing so help your security though?

Can I ask, what do you see as the role of this older MacBook, what purpose does it serve that isn't met with your newer MacBook Air? I'd love to gain a better awareness.

Hi @khols,

Personally I would recommend using FileVault regardless but that's more a safety measure should a machine ever be stolen. A Mac without FileVault can have the entire contents of the drive accessed extremely easily unless you have drive encryption. The goal is to make any of your files inaccessible and leave you with some reassurance that anything on the drive is locked away from the less than savoury person responsible. It's also why I would always recommend a PIN or passphrase on an iOS device alongside Find My iPhone. If somebody is going to nick it you may as well try your best to make sure they don't profiteer from it.

Now an air-gapped machine (one not connected to a network) is secure for all the obvious reasons. Heck that's what Bruce Schneier and Edward Snowden do so you know you're in good company there (although they do so for slightly different reasons). Anyway, even if a machine has known security flaws, the ability to compromise such a machine is significantly harder if it isn't networked so I can't fault that approach. You have to go to some serious effort to take over such a machine and that means a targeted attack - something you're not concerned about.

I do understand not wanting to throw away a perfectly good machine, that's pretty reasonable behaviour. I'm just wondering if you have a purpose in mind. Do you have a need that this machine will fit or is it more that it isn't fit for scrap so you need to find a role for it?

@kohls: I hear you. Though it hasn't seen any use for a while, I still have my original PowerBook. ;)

As far as role, I used it as a media server for many years. But really, the possibilities are endless. Cheers! :)

:lol: :+1: