Apps to Write NTFS Drives on a Mac OS X

I believe most of the Mac user know by default Mac OS only can read from Windows-formatted NTFS drives. To write NTFS disk, you need to have 3rd party software.

When you google it, first page of google sure will show you the two best paid version of NTFS app which is Paragon NTFS for Mac and Tuxera.

If you look for free version of NTFS app, i would recommend an application called Mounty for NTFS which available for free. You can get it here right now.  I have tested this apps, it is easy to use and the performance not bad.

If you have any others good free apps, please do not hesitate to share with me. 🙂

Reference: http://enjoygineering.com/mounty/

Mac OS X – WARNING: UNPROTECTED PRIVATE KEY FILE!: “Permissions 0755 for ‘id_rsa.pub’ are too open.”

When i transfer my private key file to my new Mac OS X, i got an error message below:-

If you are getting this error then you probably reset the permissions on your hidden .ssh directory in your user folder.

So, the solution for this is, make that file(id_rsa) readable or writable only for the owner with private key. Below is the command

sudo chmod 600 ~/.ssh/id_rsa

After change the permission, my problem is solved.

 

Security Vulnerability – Meltdown & Spectre

The most recently critical vulnerabilities that called Meltdown and Spectre which will disclose information from operating system that caused by a fundamental design flaw in Intel’s processors.

Google Project Zero has disclosed this the Vulnerability Note (VU#584653). Click HERE to read it.

Question: Are we affected by this Vulnerability?

Answer: Mostly likely yes:

  • The chip vendors Intel, AMD and ARM are affected.
  • Windows, Linux (Android included) and macOS are affected
  • Cloud service vendors such as AWS and AliCloud are affected

To make sure yourself safe from this vulnerability, please keep updated on the newly released patches and apply them when available.

Patching this vulnerability is more difficult than usual: It happens on hardware level, affects multiple platforms, including varies version of mobile and IoT devices.

Some of the big vendors are already giving feedback about their patching status:

  • VMware: https://www.vmware.com/us/security/advisories/VMSA-2018-0002.html
  • AMD: https://www.amd.com/en/corporate/speculative-execution
  • Red Hat: https://access.redhat.com/security/vulnerabilities/speculativeexecution
  • Nvidia: https://forums.geforce.com/default/topic/1033210/nvidias-response-to-speculative-side-channels-cve-2017-5753-cve-2017-5715-and-cve-2017-5754/
  • Xen: https://xenbits.xen.org/xsa/advisory-254.html
  • ARM: https://developer.arm.com/support/security-update
  • Amazon: https://aws.amazon.com/de/security/security-bulletins/AWS-2018-013/
  • Mozilla: https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/

If you wish to learn more about this vulnerability, please refer to the following link:

https://meltdownattack.com/

https://social.technet.microsoft.com/wiki/contents/articles/51021.mitgations-for-speculative-execution-side-channel-vulnerabilities-meltdown-spectre.aspx

https://support.microsoft.com/en-gb/help/4072699/january-3-2018-windows-security-updates-and-antivirus-software