Mountain Duck

Mountain Duck is a cross-platform utility from David Kocher (Iterate GmbH) that “lets you mount any remote FTP, SFTP, WebDAV, S3 and OpenStack Swift server storage as a local disk in the Finder. Open remote files with any application and work like on a local volume. Transfer files using Finder to remote servers, fast.” Among many MountainDuck features is support for Cryptomator interoperable secure vaults (like cross-platform, cloud-friendly versions of Apple’s FileVault-encrypted Mac disk images).

Mountain Duck 3.3.5 is priced at $39 for OS X 10.11 and later with a trial version available for downloading (and also is available for Windows). The latest release brings support for TLS 1.3 networking and support for Cryptomator Version 7 vaults. Version 3 brought a smart synchronization feature to add offline support:

Like Dropbox for any cloud storage with smart synchronization. Files are synchronized to your local disk when opened to allow offline usage and changes are uploaded in the background as soon as a connection is available. You can also explicitly select files and folders available for offline use.

TenFourFox

TenFourFox is a Firefox-based web browser, reprogrammed for PowerPC-based Macs with separate downloads optimized for G3, G4 and G5 processors. Providing up-to-date security to the older Mac platform, it offers “the latest bug fixes, security improvements and all the powerful technology underlying Mozilla Firefox”, along with “AltiVec JPEG, HTML and WebM decoding acceleration for G4 and G5 Macintoshes” and JavaScript performance based on a “best-in-class, just-in-time PowerPC script compiler.

TenFourFox Feature Parity Release 19 is free and open-source software for PowerPC-based Macs running Mac OS X 10.4 and 10.5. Release 19 brings security fixes and updates.

Microsoft Excel security patches

Microsoft has issued February updates for its Office applications and patched the latest vulnerabilities in supported versions of Excel.

CVE-2020-0759 | Microsoft Excel Remote Code Execution Vulnerability
A remote code execution vulnerability exists in Microsoft Excel … an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights…

Adobe critical security flaws

Adobe issued its latest batch of patches for critical security flaws across its product portfolio:

We strongly recommend removing Adobe Flash from your systems because of its security flaws and exploitation, and Adobe has announced its termination.

Firefox, Thunderbird security updates

Firefox, the free, cross-platform web browser from Mozilla, got an update today with important security fixes (which follows the January security fix for a critical vulnerability).

Firefox 73.0 is a free download for OS X 10.9 and up, plus Linux, and Windows.

Firefox ESR 68.5.0 (see security notes and downloads) brings the fixes to the Extended Support Release family for OS X 10.9 or later, Linux, or Windows. A Firefox FTP server includes all the various versions for downloading.

Firefox Quantum Developer Edition is an alternate version for desktop systems that incorporates tools such as editors, debuggers and responsive design views. Firefox Quantum for Enterprise is a version that lets people set up policies (e.g. proxy, restrict features) with Group Policy on Windows and a JSON file on Mac and Linux.

Firefox for iOS 22.0 is a free mobile version for iOS 11 and up, with automatic search suggestions, a private browsing mode, tracking protection and Siri Shortcut support for iOS 12.


Thunderbird, Mozilla’s free, cross-platform email, chat, calendar, contacts and newsfeed (RSS) program, also got security fixes.

Thunderbird 68.5.0 is a free download for OS X 10.9 and up, as well as Linux and Windows. (Pre-release test versions are also available.)

Little Snitch

Little Snitch is privacy/firewall software for the Mac from Objective Development Software GmbH that monitors network activity and gives you control and visibility for data leaving your computer via network connections. Features include connection alerts with flexible blocking of outgoing traffic, including on-the-fly control, rules-based configuration (with several aids) and configuration profiles (e.g. for different locations or networks); DNS name based traffic filtering; network monitoring displays and snapshots (with details about traffic, history, hostnames, ports, geographic locations, etc., plus packet capture in PCAP format); an inbound firewall; a “research assistant” database to help identify networks and activities; and much more.

Little Snitch 4.4.3 is priced at $45 for OS X 10.11 and up. A demo mode functions for three hours at a time, for 30 days. (Little Snitch legacy versions support Mac OS X 10.2 and up.) The most recent release updated macOS Catalina support.

Please upgrade to this version before you upgrade to macOS Catalina!
On Catalina, system apps have been moved from /Applications to /System/Applications and the paths in rules must be updated. If you upgrade to Catalina while a previous version of Little Snitch is installed, rules for system apps are not updated.

Hands Off

Hands Off is a Mac security app from One Periodic Inc. that controls access to your network and storage devices by applications to help prevent programs from “phoning home”, stealing sensitive information, or installing malware on your computer. Hands Off monitors applications and uses notifications and configuration rules to control what they can access. You can choose among default presets for ease of use or more detailed configuration options. Rules can be applied to a single user or globally to the whole system, and you can make them temporary (until the application quits) or persistent. (See Hands Off basics for more information).

Hands Off 4.4.2 is priced at $49.99 (one user) for OS X 10.11 and up, with a free demo version available. The latest update brings support for macOS Catalina 10.15.3 and 10.15.4. (Older versions are available for earlier Mac systems.)

Scudo

Scudo is new macOS “hybrid firewall” software from Murus.it (which previously created WaterRoof, IceFloor, Murus and Vallum firewall apps for the Mac), designed to be user-friendly while letting you choose between a “silent” automatic mode and an interactive mode.

Scudo combines both a network-layer and an application-layer firewall. Its purpose is to give all Mac user a compact, easy, reliable and affordable way to:

  • protect shared documents and services from unwanted connections from remote computers
  • improve privacy and security detecting apps connections attempts and allowing you to choose which app is allowed to connect to the network
  • throttle upload and/or download bandwidth usage for each service/app independently

Scudo is a graphic user interface for an inbound network layer packet filter based on PF and an outbound application layer socket filter based on AFW. Additionally, Scudo automatically monitors your Mac for active network services and applications so you are always aware of all network activities.

Scudo 1.0 is priced at $10 for OS X 10.11 and later. The download includes an installer package, an uninstaller app, and a user manual in PDF format.

Murus, Vallum

Murus is a graphical front-end (from Murus.it) for the Mac’s full-fledged, built-in PF (“Packet Filter) network firewall, offering control over inbound connections and heavy-duty features, including “proactive” features like “port knocking” and an adaptive firewall to block brute-force attacks and use blacklists, customizable logging with realtime graphing and statistics, user-defined notifications, connection sharing with access limits and accounting, port forwarding, bandwidth management, a “remote safety switch” and much more. A Murus Assistant app helps quickly configure and enable PF, choose a predefined configuration profile or create your own configurations.

Vallum is a companion application-level firewall that controls outbound connections via a friendly user interface with a configuration assistant, plus a rules editor, log analysis, user-specific rules and geo-IP controls, “fingerprint” matching, and more. (See also: Murus-Vallum comparison.)

Murus 2.0 is available in three versions for macOS 10.12 and later: a free Lite version, a $10 Basic version, and a Pro bundle, priced at $35. The latest release is the new Version 2.

Vallum 3.3.2 is priced starting at $15 for OS X 10.11 and up with free evaluation and a 15-day money back guarantee. The latest release is compatible with Murus 2.

Scudo, a new “hybrid firewall” from the company, is an alternative option.

Chromium security update

Chromium is an open-source web browser project on which Google Chrome is built, but it doesn’t include Google’s proprietary alterations, such as the hidden auto-update daemon and agent that wrecked Mac systems and caused other havoc. (Chromium also omits the Adobe/Pepper Flash plug-in with all Flash’s dangerous security flaws.)

The latest version of Chromium includes critical security patches (56 in all), among other security changes (sans readable documentation).

Chromium 80.0.3987.87 is a free download for OS X 10.10 and up, available via SourceForge and via FreeSMUG. A separate Chromium updater extension checks FreeSMUG for new releases, and Chromium can also be installed and updated via Homebrew.

 

Google Chrome security update

Google Chrome is the cross-platform web browser from Google Inc. with a hidden auto-update daemon and agent that has wrecked Mac systems and wreaked other havoc, and it has other proprietary Google additions on top of its open-source platform. The latest release includes a bunch of high-priority security patches among a total of 56 security fixes.

Google Chrome 80.0.3987.87 is a free download for OS X 10.10 and up, as well as Linux and Windows.

Google Chrome for iOS 80.0.3987.88 is a free download for iOS 12 and up with the following change in the latest release:

When you start a search in the address bar, you’ll see top suggestions served locally on your device, even in Incognito mode.