Best way to install a blacklist on a Mac computer?
June 12, 2012 10:23 PM   Subscribe

My dad's computer was (mildly) compromised a few months ago - he visited "one of those sites" and ended up clicking "ok" to the dialog boxes and installing an unwanted (and very hard to get rid of) toolbar, which also changed his search engine and home page. This happened TWICE, just a few weeks apart. I've since installed a browser add-on that will prevent that particular type of mischief from happening again. But...

He's clearly getting "of an age" where his critical thinking and decision making skills are not as sharp as they used to be. (He's been a computer user since 1979 with a TRS-80, and on the internet since pre-web with an AOL account.) So I need to help protect him from himself. In a "net-nanny" sort of way.

I want to install a blacklist on his MacBook Pro that will prevent him from accidentally visiting or loading from phishing sites, etc. This needs to be installed on his computer, not on a router or firewall device, as he takes his laptop to other locations (coffee shops, library, traveling in his RV etc.) and he may go online thru any type of network (wifi, ethernet, EVDO device, etc.). I need to be able to install it remotely (using LogMeIn), and ideally the solution will also auto-update against a blacklist online, such as the list at:

http://winhelp2002.mvps.org/hosts.txt

BUT I also need to add a few sites (such as the sites that added the unwanted toolbars) that I simply do not trust, even if they aren't in the blacklist. I also need "plausible deniability" that I manually added the sites, so that I can "blame" the blacklist for the reason he can no longer reach those sites.

I'm technical enough that I can follow detailed instructions to get this done, but I'm not going to be able to write scripts or code - I need a solution where someone else has written the code and I just install and configure it.

Remember, the solution needs to run on a Mac - MacBook Pro, I think he is running OS X 10.5.8, but it could be 10.6 or 10.7.
posted by jcdill to Computers & Internet (9 answers total) 2 users marked this as a favorite
 
You could configure his network settings to use Open DNS' DNS servers. That'll provide a baseline layer of location-independent phishing protection.
posted by mumkin at 10:32 PM on June 12, 2012


Response by poster: I need something stronger than just the openDSN servers. They don't block the site that installed the toolbars on his browser.
posted by jcdill at 11:21 PM on June 12, 2012


will something like adblock plus do the job? it'll block out most of the ads that he'll be clicking on and you can add sites to it.

also, you might think about covertly adding links to good, nonscammy porn sites, maybe with a prepaid membership. a family member of mine does this for an elderly relative because he doesn't want to fix the computer when the elderly relative inevitably surfs for porn like an 11 year old boy and infects the computer.
posted by nadawi at 1:34 AM on June 13, 2012 [1 favorite]


Some random thoughts:
  • Would you Dad be comfortable using the Mac with Parental Controls enabled? This, unfortunately, will only provide you with two options: automatically attempting to block adult-related websites and providing white-list access to sites. You can't use it to black-list sites.
  • An old trick on Unix based systems, including Macs, is to modify the /etc/hosts files to force DNS hostnames and IP addresses to map onto localhost, which means that the computer will try to contact itself when reaching given websites. This will give you the blacklist functionality you want, but you'll need to find a good black-list from somewhere (you've found one already!), and then roll your own script that'll help you keep this blacklist updated.
I'd recommend combining both approaches, i.e. setting up automatic blocking in a Parental Controlled account, and using an e.g. Python script to keep /etc/hosts updated. Also combine this with using OpenDNS.

Here's how I'd set up this Python script:
  • Install pip on the computer. This involves executing two commands in Terminal: curl http://python-distribute.org/distribute_setup.py | python curl https://raw.github.com/pypa/pip/master/contrib/get-pip.py | python
  • Install requests by executing: pip install requests
  • Create a Python script that executes via /etc/crontab that does something like:
    import os
    import requests
    
    r = requests.get(r"http://winhelp2002.mvps.org/hosts.txt")
    if r.status_code != 200:
        print "couldn't get hosts list"
        sys.exit(1)
    with open(r"/var/blah.txt", "w") as f_out:
        f_out.write(r.text)
    os.system("/etc/hosts /etc/hosts.backup")
    os.system("sudo mv /var/blah.txt /etc/hosts")
    

I haven't tested these instructions! If this is something you want to pursue let me know and I can provide more details.
posted by asymptotic at 3:35 AM on June 13, 2012


Wow, a few glaring mistakes above! You want to "cp /etc/hosts /etc/hosts.backup". Hopefully it vaguely makes sense! Feel free to post on SuperUser if you want more help.
posted by asymptotic at 3:37 AM on June 13, 2012


You could just buy him a Chromebook or install Linux only. There are way too many...sites with viruses for you to manually block them all, and I'm sure that he's going to want to continue his...old ways.
posted by 200burritos at 4:42 AM on June 13, 2012


Why not a hosts file? You can manually add whatever sites you want. If you're getting a master list from a trusted source, there's your plausible deniability.
posted by mikewas at 4:57 AM on June 13, 2012


You could install Web of Trust and set it to actively block unsafe and unrated sites...then add exceptions where needed.
posted by samsara at 5:57 AM on June 13, 2012


Intego's antivirus product has all of these features, that coupled with little snitch should get you where you need to be.
posted by iamabot at 9:11 AM on June 13, 2012


« Older How do I move on from an ex boyfriend and meet new...   |   I just got my washing machine and it's broken. Newer »
This thread is closed to new comments.