Linked by Thom Holwerda on Wed 25th May 2011 17:02 UTC, submitted by kaiwai
Mac OS X Well, it took them long enough. Apple has finally acknowledged the existence of the MAC Defender trojan, and has offered removal instructions. The company has also promised a security update to Mac OS X that will block MAC Defender and its variants from working. All this information was published in the form of a support document on Apple's website. Update: Well, that was fast. A new variant of the trojan, called Mac Guard, has been discovered. Unlike previous variants, this one does not require users to enter their administrative password.
Order by: Score:
Finally
by wereling on Wed 25th May 2011 17:43 UTC
wereling
Member since:
2006-05-15

Considering the reputation that Applecare has I'm amazed it took them this long to deal with. I know Apple has made "It doesn't get malware" part of its "it just works" marketing line, but you'd think that they would respond to something like this faster.

Given the premium price Apple charges for its hardware were I an owner of a OSX product I would be completely incensed. I feel sorry for the tech support reps who had to bear the brunt of that anger.

Reply Score: 1

RE: Finally
by libray on Wed 25th May 2011 19:56 UTC in reply to "Finally"
libray Member since:
2005-08-27

Applecare has a good reputation but is nothing more than an extended warranty. It's the same thing that most people refuse when leaving a store with new goods. If I pay 10% extra for a purchase, I'd better get something out of it. Since the hardware surprisingly fails, people are happy they bought the extended warranty.

Reply Score: 2

RE: Finally
by Sabon on Wed 25th May 2011 23:40 UTC in reply to "Finally"
Sabon Member since:
2005-07-06

Considering the reputation that Applecare has I'm amazed it took them this long to deal with. I know Apple has made "It doesn't get malware" part of its "it just works" marketing line, but you'd think that they would respond to something like this faster.

Given the premium price Apple charges for its hardware were I an owner of a OSX product I would be completely incensed. I feel sorry for the tech support reps who had to bear the brunt of that anger.


If ignorance is bliss then you are one very blissful guy.

Reply Score: 0

RE: Finally
by pantheraleo on Thu 26th May 2011 13:51 UTC in reply to "Finally"
pantheraleo Member since:
2007-03-07

Considering the reputation that Applecare has I'm amazed it took them this long to deal with.


The reputation AppleCare has? You mean like the three hours cumulative that I had to spend on the phone with them get them to replace a defective Mighty Mouse? As the tech made me do things like try different USB ports, create a new account and try the mouse from there, etc., even though I already had tried a different mouse and it worked fine? And even though the Mighty Mouse was widely known to have problems with the scroll ball failing after just a month or two of use (a problem Apple never admitted).

My experiences with AppleCare have been largely negative, with them refusing to admit they have hardware problems or design flaws, wasting my time making me perform useless troubleshooting procedures that I already know will not solve the problem, etc.

Reply Score: 2

RE[2]: Finally
by polaris20 on Thu 26th May 2011 14:30 UTC in reply to "RE: Finally"
polaris20 Member since:
2005-07-06

Thanks for your anecdotal evidence of one occurrence. You having a bad AppleCare experience != AppleCare universally bad.

Reply Score: 2

RE[3]: Finally
by pantheraleo on Thu 26th May 2011 14:44 UTC in reply to "RE[2]: Finally"
pantheraleo Member since:
2007-03-07

Thanks for your anecdotal evidence of one occurrence. You having a bad AppleCare experience != AppleCare universally bad.


I've had other bad experiences with AppleCare at work as well. Including ridiculously long hold times, and even Apple itself not supporting certain features of their OS. We were having issues with Active Directory integration for example. Microsoft was actually more helpful than Apple was when it came to resolving those issues on our Macs so that they could integrate properly with Active Directory, even though Microsoft did not write OS X, and had no obligation to support getting it to connect properly to Active Directory. As far as Microsoft is concerned, Macs are not a supported client. Mac integration with Active Directory is entirely Apple's doing. Yet Microsoft was more helpful with getting it work than Apple was.

Edited 2011-05-26 14:53 UTC

Reply Score: 2

RE[4]: Finally
by polaris20 on Thu 26th May 2011 14:58 UTC in reply to "RE[3]: Finally"
polaris20 Member since:
2005-07-06

And I've had opposite results at work with Apple, in regards to AD integration and Samba on OS X Server. They've always been very quick to respond, and they really are quite helpful.

I've also had very different experiences with Microsoft than you have, and they weren't positive.

My point is everyone has different experiences; nothing is a universal truth. Posting on the Internet "oh yeah? Well I had a crappy experience, so you're wrong!!" is dumb.

I also find it quite unnecessary that you call the other guy sheep, and are so condescending. Try for a moment not to be the smarmy IT guy.

Edited 2011-05-26 15:04 UTC

Reply Score: 2

RE[5]: Finally
by pantheraleo on Thu 26th May 2011 15:06 UTC in reply to "RE[4]: Finally"
pantheraleo Member since:
2007-03-07

My point is everyone has different experiences; nothing is a universal truth. Posting on the Internet "oh yeah? Well I had a crappy experience, so you're wrong!!" is dumb.


The instructions that AppleCare reps were given regarding the malware problem is more evidence that AppleCare leaves a lot to be desired. And of course, then there was this gem that I got when I called AppleCare about my early MacBook pro running too hot:

AppleCare: The MacBook Pros do not run too hot and are within tolerances. It is normal for them to run hot.

Me: It's so hot that I can't even use it on my lap. The bottom gets uncomfortably hot. I should be able to use a laptop on my lap. If I can't that means the system is running to hot.

AppleCare: We aren't selling them as laptops. We are selling them as notebooks.

Yes, that is honestly what they told me.

Edited 2011-05-26 15:08 UTC

Reply Score: 2

RE[6]: Finally
by polaris20 on Thu 26th May 2011 15:14 UTC in reply to "RE[5]: Finally"
polaris20 Member since:
2005-07-06

Me: This MacBook Pro has difficulty waking from sleep; but it's inconsistent and difficult to reliably reproduce. However sometimes I have to hold the power button down.

AppleCare: Why don't we just go ahead and swap that out for you. Did you do a Time Machine backup? If not, we can walk you through that, as well as restoring from it on the new laptop.


It's not just Apple either; Lenovo does well for us too. But really posting all of the experiences we have online really doesn't prove anything.

If you're not happy with Apple's service, I would suggest you either stop buying their products, or, if you're not responsible for these decisions, petition your superiors to do so.

There's no reason to buy a product you find unreliable, with service that is subpar. There are a lot of great companies out there to buy quality computers from. Apple isn't anything special in that regard.

Edited 2011-05-26 15:16 UTC

Reply Score: 2

RE[7]: Finally
by pantheraleo on Thu 26th May 2011 15:25 UTC in reply to "RE[6]: Finally"
pantheraleo Member since:
2007-03-07

If you're not happy with Apple's service, I would suggest you either stop buying their products


We already have. We no longer allow Macs in our company at all.

Apple is a special case. It really is. And this incident and the leaked internal documents only prove it. Apple is more concerned about having their lawyers tell their support reps exactly what to say, what not to say, what they can help customers with, what they cannot, etc., then then they are about actually solving the customer's problem.

Here's an idea for Apple that would go a long way towards improving their support experience. Instead of immediately denying there is problem, they could try something like "We are aware there might be an issue and have received reports of it. We are looking into it and trying to gather more information about it before we recommend a solution."

I'd much rather deal with a company that tells me the truth, even if the truth is "we don't know right now" than deal with a company that flat out lies to me and claims there is no problem, when in fact, they know damn well that there is a problem.

The problem is that the lawyers have to much control at Apple.

Edited 2011-05-26 15:27 UTC

Reply Score: 2

Comment by Drumhellar
by Drumhellar on Wed 25th May 2011 17:44 UTC
Drumhellar
Member since:
2005-07-12

Oh-Em-G Thom is sooo anti-Apple! Why does this obvious Apple-hater get to post about Apple when Apple is truly awesome! </sarcasm>

I figured I'd just post it before somebody else did.

But seriously, it's one thing to remain tight-lipped about security holes as the other OS and software vendors tend to do, but to instruct employees to explicitly deny the existence of a trojan, even one that doesn't exploit OS design but user carelessness, is something else.

But, at least they are actually working on it.

Reply Score: 1

RE: Comment by Drumhellar
by Thom_Holwerda on Wed 25th May 2011 18:06 UTC in reply to "Comment by Drumhellar"
Thom_Holwerda Member since:
2005-06-29

Oh-Em-G Thom is sooo anti-Apple! Why does this obvious Apple-hater get to post about Apple when Apple is truly awesome! </sarcasm>


I'm going to buy an iPad 2 over the coming days. LOL.

Reply Score: 2

RE[2]: Comment by Drumhellar
by umccullough on Wed 25th May 2011 18:09 UTC in reply to "RE: Comment by Drumhellar"
umccullough Member since:
2006-01-26

I'm going to buy an iPad 2 over the coming days. LOL.


You're such a consumer ;)

Reply Score: 2

RE[3]: Comment by Drumhellar
by Neolander on Wed 25th May 2011 19:44 UTC in reply to "RE[2]: Comment by Drumhellar"
Neolander Member since:
2010-03-08

Totally, should be so ashamed to do a disservice to the true OS community by buying this cr-p ;)

Reply Score: 1

RE[3]: Comment by Drumhellar
by Thom_Holwerda on Wed 25th May 2011 19:57 UTC in reply to "RE[2]: Comment by Drumhellar"
Thom_Holwerda Member since:
2005-06-29

INORITE.

Reply Score: 1

RE[4]: Comment by Drumhellar
by Drumhellar on Wed 25th May 2011 22:27 UTC in reply to "RE[3]: Comment by Drumhellar"
Drumhellar Member since:
2005-07-12

You know, people are only complain that you only bought the iPad just so you give the illusion of being an Apple customer, when you really secretly still hate them.

Reply Score: 4

RE[5]: Comment by Drumhellar
by Thom_Holwerda on Wed 25th May 2011 22:30 UTC in reply to "RE[4]: Comment by Drumhellar"
Thom_Holwerda Member since:
2005-06-29

You know, people are only complain that you only bought the iPad just so you give the illusion of being an Apple customer, when you really secretly still hate them.


/Typed on my MacBook Air.

Reply Score: 2

RE[6]: Comment by Drumhellar
by Drumhellar on Wed 25th May 2011 22:34 UTC in reply to "RE[5]: Comment by Drumhellar"
Drumhellar Member since:
2005-07-12

You still hate Apple. You only have a MacBook Air because all your knives are dull from cutting yourself, you self-loathing masochistic APPLE-HATER!

//Am I doing it right?

Reply Score: 4

RE[7]: Comment by Drumhellar
by Thom_Holwerda on Wed 25th May 2011 22:36 UTC in reply to "RE[6]: Comment by Drumhellar"
Thom_Holwerda Member since:
2005-06-29

//Am I doing it right?


You're getting there. You need a Google reference.

Reply Score: 3

RE[3]: Comment by Drumhellar
by dukes on Wed 25th May 2011 22:46 UTC in reply to "RE[2]: Comment by Drumhellar"
dukes Member since:
2005-07-06

Well.. make your own Apple linkbait and you can buy your very own iPad as well.

For the record, I do think Apple's stance on security needs to be greatly re-engineered.

Reply Score: 2

Bill Shooter of Bul Member since:
2006-07-14

Stances are not engineered. If they were they'd be two foot thick and made of concrete of a known strength suitable for the application. Stances are words people say that they use to deflect criticism. See the difference?

Reply Score: 3

RE[2]: Comment by Drumhellar
by macUser on Thu 26th May 2011 15:37 UTC in reply to "RE: Comment by Drumhellar"
macUser Member since:
2006-12-15

"Oh-Em-G Thom is sooo anti-Apple! Why does this obvious Apple-hater get to post about Apple when Apple is truly awesome!


I'm going to buy an iPad 2 over the coming days. LOL.
"

Just make sure you don't use it to create anything. It's not meant for that!

Reply Score: 2

RE: Comment by Drumhellar
by rhavyn on Wed 25th May 2011 20:09 UTC in reply to "Comment by Drumhellar"
rhavyn Member since:
2005-07-06

but to instruct employees to explicitly deny the existence of a trojan


They instructed Apple employees to neither confirm nor deny an issue, not to explicitly deny anything because ...

they are actually working on it.


they wanted to actually have a solution to offer when they addressed the issue. Again, the leaked memo doesn't say deny the problem it says don't talk about the problem. There's a big difference between the two.

Also, this is becoming a pretty consistent pattern. Some issue comes up having to do with Apple (antenna problems, location problems, malware problems). The technical press goes berserk, claims Apple is denying/covering up/sky is falling the issue. About a week later Apple puts out an announcement that deals with the issue.

Reply Score: 5

jabbotts Member since:
2007-09-06

It was only a week from start to finish forthe antenna issues? I thought the PR denial campaign lasted longer then that.

First, Apple clames perfection in it's marketing. It's magic. It's revolutionary. It's invulnerable to all but good intentions. No one ever needs AV when running osX. They paint a pretty big target on there backs.

Second, when something is found, they automatically go into a denial PR campaign. There is no issue with our antenna; oh.. sorry, there was and here's a free rubber band to fix it. Malware on our products? No such thing, oh.. wait.. let us see about fixing that.

Remember how there was no problem in the osX network stack and drivers. They denied all alegations of an issue while at the same time threatening legal action against researchers presenting evidence. Six months later they quietly slipped a driver and stack patch into the update cycle. "we're apple, perfect in every way. Pay no attention to the lawyers threatening those folks or this update to fix something that didn't exist."

How about some actually transparency and responsable disclosure on Apple's part. Let's see Apple's PR spinsters respond with "yeah, we heard about that and are looking into it now. We'll have more details soon."

The issue is not that Apple products, like any other product, ship with some bugs. It's that the marketing claims no such possability while the automatic response is a cover-up leaving the end users at risk until Apple deems it apropriate to ship a fix.

Reply Score: 8

RE[2]: Comment by Drumhellar
by pantheraleo on Thu 26th May 2011 14:07 UTC in reply to "RE: Comment by Drumhellar"
pantheraleo Member since:
2007-03-07

Also, this is becoming a pretty consistent pattern. Some issue comes up having to do with Apple (antenna problems, location problems, malware problems). The technical press goes berserk, claims Apple is denying/covering up/sky is falling the issue. About a week later Apple puts out an announcement that deals with the issue.


That's right. Be a good little Apple sheep and defend their actions past all point or reason. Steve Jobs has you trained well. Good boy.

You seem to forget that for a long time, Apple DID deny there was an antenna problem with the iPhone 4. In fact, to this day they have never admitted that there is a problem. Only that some customers may experience problems because of the way they hold the phone, etc. They basically provided the bumper case fix without ever admitting a problem. They were still blaming the user for holding the phone wrong. But it doesn't stop there:

* Apple denied that the early MacBook Pros had cooling problems. Then quietly released a firmware update later on that was supposed to address the issue.

* Apple denied the "hissing / whining" noise problem when the CPU was idle on early MacBook Pros. But eventually offered main-board replacements for those customers that were affected.

* Apple denied that the new 27 inch iMacs had screen problems, then released several firmware updates that were supposed to resolve the problem, but did not for many people.

* Apple claimed that the "yellow tint" problem on the iMacs was not a defect because color variations in LCD screens were normal and acceptable. Uh, sorry. But to graphics designer? No, they are not. And given graphics design has been a Mac stronghold, that was incredibly lame for them to even try to convince customers of that one.

* Apple never admitted that the Mighty Mouse had a design problem that caused the scroll ball to stop scrolling in one or more directions after just a couple of months of use. Even though there are thousands of reports on the Internet from users complaining about this problem.

Lets be honest here. Apple really does have a history of denying problems, even when they are obvious. Only to finally cave to pressure and address them after getting really bad press, and sometimes even class action lawsuits started against them.

Edited 2011-05-26 14:17 UTC

Reply Score: 3

Yayy - New software
by harcalion on Wed 25th May 2011 17:51 UTC
harcalion
Member since:
2005-07-12

Welcome to the first release of Windows... sorry MacOS X Malicious Software Removal Tool. Personally, I don't like the double M (even worse MXMSRT), I think it will twist the tongue of Apple users every month.

Reply Score: 1

v Alert the enemy
by wocowboy on Wed 25th May 2011 17:56 UTC
RE: Alert the enemy
by Bill Shooter of Bul on Wed 25th May 2011 18:59 UTC in reply to "Alert the enemy"
Bill Shooter of Bul Member since:
2006-07-14
RE: Alert the enemy - the enemy already knows
by jabbotts on Wed 25th May 2011 21:00 UTC in reply to "Alert the enemy"
jabbotts Member since:
2007-09-06

I suspect the Shneier link says as much but to provide the bullet points:

1. the enemy already knows, the consumer is always the last to find out they are at risk.

2. if researchers with good intent can find a bug, so can researchers with malicious intent; see point 1.

3. the end user has no chance of mitigating risk while waiting for a solution if they don't know about the problem which is already known to the enemy; back to point 1

4. for-profit corporations may need the motivation of public disclosure before they choose to fix a vulnerability.

For that last one, there is actually a network appliance vendor who said outright that they where not going to fix a discovered vulnerability because "none of our current customers have discoved it and complained yet."

Microsoft has said outright that it won't be fixing the dynamic link library vulnerability because "it's up to the third party developers to choose to use static link library paths" yet the vulnerability is enabled by the OS and fixing the OS would positively affect all third party software as a result.

Sony had no inclination to fix vulnerabilities in it's network because "we haven't been broken into yet". How's that working out for them and the over 24 million customers who now have personal information available for download and exploitation?

Much of the time when vulnerabilities are discoverd and reported, the corporate response is to threaten legal action to protect the business reputation rather than to work with the person reporting the issue to protect the customers.

Reply Score: 6

RE: Alert the enemy
by t3RRa on Wed 25th May 2011 22:40 UTC in reply to "Alert the enemy"
t3RRa Member since:
2005-11-22

That probably be only your guess, your hope. I don't remember seen any company to "come out & make a statement the day attack began in the wild, saying what it was, exactly what they planned to do about it on what day, what method they were going to use, everything that the enemy.. blah blah" Corporations do not work that way.

Reply Score: 2

:)
by poundsmack on Wed 25th May 2011 19:44 UTC
poundsmack
Member since:
2005-07-13

"Update: Well, that was fast. A new variant of the trojan, called Mac Guard, has been discovered. Unlike previous variants, this one does not require users to enter their administrative password."

You know what, as someone who's used Windows over Mac and liked it that way, i have a great feeling of smug satisfaction knowing i can walk up to pretentious mac users and say "welcome to hell suckers!" ;)

not all mac users mind you, just the "I'll buy anything shiny that's made by apple" fans who defend it to the death simply because it's apple. you know the type...

Reply Score: 7

RE: :)
by systyrant on Wed 25th May 2011 19:58 UTC in reply to ":)"
systyrant Member since:
2007-01-18

From what I've seen it's pretty easy to get rid of it unlike it's PC cousin. And the new version that doesn't require the root password probably has extremely limited access to anything outside the users directories.

I've not had it on my Mac, but I did get the pc variant and the only way to fix the damage it did was with a complete format of the PC. Does the Mac variant cause the same kind of headaches?

Reply Score: 2

RE[2]: :)
by poundsmack on Wed 25th May 2011 20:06 UTC in reply to "RE: :)"
poundsmack Member since:
2005-07-13

Not sure how lethal the mac one is, but the pc one is fairly easily removed these day with Malwarebytes and or SuperAntiSpyware.

Reply Score: 2

RE[3]: :)
by rhavyn on Wed 25th May 2011 20:12 UTC in reply to "RE[2]: :)"
rhavyn Member since:
2005-07-06

Not sure how lethal the mac one is, but the pc one is fairly easily removed these day with Malwarebytes and or SuperAntiSpyware.


http://support.apple.com/kb/HT4650

Summary: Quit MacDefender. Drap MacDefender to the trash. Empty the trash. Remove login item.

Reply Score: 3

RE[2]: :)
by wocowboy on Thu 26th May 2011 10:34 UTC in reply to "RE: :)"
wocowboy Member since:
2006-06-01

I would wager that most people would say closing a program and dragging it to the trash, etc, is a FAR FAR FAR less major problem to get rid of than having to erase/reformat/reinstall your whole operating system and all your software, as is the Windows method of Defender removal. Good lord, this isn't anywhere close to being as severe as 99% of the millions of Windows malware and viruses that are in the wild. That's why I made my other statement that got modded down like I expected it to; you people are blowing this "threat" so far out of proportion in an effort to make Mac users think they are now susceptible to all the Windows problems you have had to suffer/deal with, but I don't think this even comes close. I have been a Windows user, I have had to erase/reformat/reinstall dozens of times, so I know the pain and agony of losing EVERYTHING. And so I say again: this is NOWHERE close to that process!

Reply Score: 1

RE[3]: :)
by Lennie on Thu 26th May 2011 11:21 UTC in reply to "RE[2]: :)"
Lennie Member since:
2007-09-22

Depends most spambots and similair bad traffic don't need any root access, just a way to get started on startup (or login of the user).

Reply Score: 2

RE[3]: :)
by SteveB on Thu 26th May 2011 11:31 UTC in reply to "RE[2]: :)"
SteveB Member since:
2005-07-10

I would wager that most people would say closing a program and dragging it to the trash, etc, is a FAR FAR FAR less major problem to get rid of than having to erase/reformat/reinstall your whole operating system and all your software, as is the Windows method of Defender removal.
I am mainly a Linux user but Windows is by far not that draconian that you need to reformat whole OS just for a Virus removal.


Good lord, this isn't anywhere close to being as severe as 99% of the millions of Windows malware and viruses that are in the wild.
And what is your point? It's not about quantity.


That's why I made my other statement that got modded down like I expected it to; you people are blowing this "threat" so far out of proportion in an effort to make Mac users think they are now susceptible to all the Windows problems you have had to suffer/deal with, but I don't think this even comes close. I have been a Windows user, I have had to erase/reformat/reinstall dozens of times, so I know the pain and agony of losing EVERYTHING. And so I say again: this is NOWHERE close to that process!
Look. I already wrote you that I am a Linux user and not a Windows nor a Mac user. But I know the others too. The problem with the Mac is that most users using a Mac are brain washed to think that Mac = No malware/virus. Do you understand that? Now combine this with the fact that there exist malware for the Mac. What does that give you? Right. A problem. It is a problem because most user using a Mac have no malware/virus protection on their system. And this is a problem. It's okay that Windows has 1'000'000'000 times more malware and virus. But where are we here? Kindergarten? Does the fact that Windows has a gazillion times more malware/virus on their platform make your Mac any more secure? NO! It does not change any thing.

And don't take this personal. It's not about you and me. No one has anything against you here just because you are using a Mac.

Reply Score: 1

RE[4]: :)
by WereCatf on Thu 26th May 2011 11:57 UTC in reply to "RE[3]: :)"
WereCatf Member since:
2006-02-15

No one has anything against you here just because you are using a Mac.


Hey now, it's not polite to lie in public comment areas.

Reply Score: 2

RE[5]: :)
by SteveB on Thu 26th May 2011 15:22 UTC in reply to "RE[4]: :)"
SteveB Member since:
2005-07-10

Hey now, it's not polite to lie in public comment areas.
LOL. But you are right. I can impossible talk for all of us. But for me it's sure that I have nothing against him for using a Mac. He can use whatever he like. I don't care. As long as I am not forced to use it.

Reply Score: 1

RE[3]: :)
by pantheraleo on Thu 26th May 2011 13:54 UTC in reply to "RE[2]: :)"
pantheraleo Member since:
2007-03-07

I would wager that most people would say closing a program and dragging it to the trash, etc, is a FAR FAR FAR less major problem to get rid of than having to erase/reformat/reinstall your whole operating system and all your software, as is the Windows method of Defender removal.


Uh no? Windows virus removal almost never requires an erase / reformt / reinstall. The only time you need to do that is if an attacker has managed to get root / administrator privileges on your system. But that's true of any OS, including OS X. Once you have been rooted, you can't trust any of the software on your system because you have no way of knowing for sure which files the attacker touched. Important system utilities that could detect problems might have been replaced by trojans. And that includes OS X. For example the "ps" command is replaced by one that will not list the rogue processes, the who command is replaced by one that will not show the attacker listed as being logged in, etc.

Edited 2011-05-26 13:57 UTC

Reply Score: 2

RE: :)
by senshikaze on Wed 25th May 2011 20:22 UTC in reply to ":)"
senshikaze Member since:
2011-03-08


You know what, as someone who's used Windows over Mac and liked it that way, i have a great feeling of smug satisfaction knowing i can walk up to pretentious mac users and say "welcome to hell suckers!" ;)


And as a Linux user I'll just be over here, not burning.
;)

What I want to know is how they got it to not ask permission. My work mac still sometimes asks me for the password when opening Chrome.(I guess due to the auto-updater? Not sure)

Reply Score: 1

RE: :)
by zetsurin on Thu 26th May 2011 02:57 UTC in reply to ":)"
zetsurin Member since:
2006-06-13

"I'll buy anything shiny that's made by apple"

They're actually worse than that, it's more like:

"I'll ONLY buy anything shiny that's made by apple".

I think you're entitled to some smugness. It balances out all the Apple user smugness that's been polluting the interwebs. I'm an Apple user myself, but also own competing products. Essentially I buy whatever suits my needs without caring too much about who makes it. That steps me out of line a bit on the Apple forums I frequent though.

Those apologist Apple users are now trying to insist that - get this - the lack of malware on the Mac was due to the more intelligent users (as they can't use the 'better OS' argument now), but now an increase of malware on OSX can be attributed by the lower intelligence of the newer switchers. Unbelievably, they still manage to try to out-smug the smug!

It's always simply been because Apple has a smaller user-base. I think that fact can't be argued anymore, there will be loads more malware on the way given the press this this one has received.

Reply Score: 4

First rule of fight club....
by henderson101 on Wed 25th May 2011 22:59 UTC
henderson101
Member since:
2006-05-30

Every new Mac, without fail, I do this:

1) Create a second admin account
2) Revoke admin rights from my login account

Why? Because otherwise stupid shit like this happens. What happens if this "new" variant runs on my MacBook right about now? I would be asked for my admin account username and password. Why? Because default users can't copy or delete files from /Applications. End of threat. End of Panic. Goodnight!

Sent from my iPad 2... Lol.

Reply Score: 2

How is this Apple's problem?
by 3rdalbum on Thu 26th May 2011 08:12 UTC
3rdalbum
Member since:
2008-05-26

If people are silly enough to download and run trojans, why is it Apple's responsibility to fix the damage that occurs? If it was an OS security flaw then Apple should fix it - if it was caused by dumb humans then it's not Apple's problem.

Reply Score: 1

RE: How is this Apple's problem?
by Neolander on Thu 26th May 2011 08:23 UTC in reply to "How is this Apple's problem?"
Neolander Member since:
2010-03-08

But if people have gotten the habit of usin their root password for small things and just considering it as an annoyance, it could be Apple's problem.

Reply Score: 1

henderson101 Member since:
2006-05-30

But, by default, you aren't asked for admin access any where close to as much as you were in Vista. The difference is that by default, the really, really stupid mistakes people make are covered - not every little thing. I personally have my default OS X account not set to be admin and so I get asked for my root password a lot more, but then I *read* the pop-up and decide if it's a threat or not. I don't just click through mindlessly.

Reply Score: 2

RE: How is this Apple's problem?
by flanque on Thu 26th May 2011 08:27 UTC in reply to "How is this Apple's problem?"
flanque Member since:
2005-12-15

Yeah sure.. If this was Windows it'd be WTF M$ ARe SO CrAP!!!

Reply Score: 3

henderson101 Member since:
2006-05-30

Yeah sure.. If this was Windows it'd be WTF M$ ARe SO CrAP!!!


No.. Microsoft are still fledglings in the user experience. They just about got it right in Windows 7, but in Vista, every time you sneezed, you were asked to authorize it with the admin account. Try running Vista with multiple user logins, some of which aren't admins... you pretty much can't do anything as a standard user because you need an admin password repeatedly.

Reply Score: 1

flanque Member since:
2005-12-15

I think we're talking under different contexts of your original post.

Reply Score: 2

MOS6510 Member since:
2011-05-12

The frequency at wich these popups appeared was annoying, but also the darkening of the background and then switching back to color after you guessed your password right. My eyes and brain didn't like that one bit.

Reply Score: 1

Lennie Member since:
2007-09-22

They actually removed safety checks in Windows 7, it may be better for the user, but it doesn't make it more secure.

But I've never seen malware on Windows ask for admin-password or anything like that. The malware usually just runs because it exploits a bug in windows.

I fully understand why the prompt was added in Windows, but it didn't make it much more safe.

Reply Score: 2

Thom_Holwerda Member since:
2005-06-29

ut I've never seen malware on Windows ask for admin-password or anything like that. The malware usually just runs because it exploits a bug in windows.


Malware on Windows 7? Lolwut?

Reply Score: 1

WereCatf Member since:
2006-02-15



Indeed. Win7 isn't impervious to these things. However, I'm curious about one thing that there kinds of articles never mention: how big percentage of the malware is the kind that the user installed and how big percentage of the malware is the kind that actually got in through a security hole. Because I have the feeling that it's mostly user-installed malware nowadays, not the latter one.

Reply Score: 2

RE: How is this Apple's problem?
by pantheraleo on Thu 26th May 2011 14:10 UTC in reply to "How is this Apple's problem?"
pantheraleo Member since:
2007-03-07

If people are silly enough to download and run trojans, why is it Apple's responsibility to fix the damage that occurs?


Most computer problems are caused by users screwing up their own systems. If "user screwed it up. So we don't have to support it" is the end-all of tech support, than computer companies might as well not even provide it.

Reply Score: 2

polaris20 Member since:
2005-07-06

Where do you draw the line though? I've seen users cause plenty of stupid problems not even related to hardware or malware. Is the distributor of the OS responsible for that too? What is worthy of their time and effort?

Reply Score: 2

pantheraleo Member since:
2007-03-07

Where do you draw the line though?


I'm not sure where you draw the line. But I do know you better draw the line at least as high as your competitors. Microsoft, and most OEM PC vendors provide support for virus and malware removal. Apple better do the same if they want to remain competitive.

And as I said, when it came to integrating our Macs at work with Active Directory, Microsoft was more helpful than Apple was, even though Microsoft has no obligation at all to support Macs since they have nothing at all to do with Mac's Active Directory integration.

Edited 2011-05-26 14:55 UTC

Reply Score: 2

Countdown to Linux Virii
by Darkmage on Thu 26th May 2011 09:43 UTC
Darkmage
Member since:
2006-10-20

So how long until Linux gets hit? it's only a matter of time if OSX is getting attacked now. The more Android devices/Ubuntu installs out there, the larger a target linux becomes.

Reply Score: 1

RE: Countdown to Linux Virii
by MOS6510 on Thu 26th May 2011 09:48 UTC in reply to "Countdown to Linux Virii"
MOS6510 Member since:
2011-05-12

I believe the total percentage of desktop Linux users is just below 1% and that 1% is divided over one million different distributions. Although I think most users will have Ubuntu installed (and even that is probably divided over X number of versions 'n' variants).

Reply Score: 1

RE: Countdown to Linux Virii
by renox on Thu 26th May 2011 14:31 UTC in reply to "Countdown to Linux Virii"
renox Member since:
2005-07-06

So how long until Linux gets hit? it's only a matter of time if OSX is getting attacked now.


Well Android has already had malicious games, so trojan horse like MAC already exist on Android.
As for desktop users, there are far more OSX users than Linux users on PCs, so this shouldn't happen soon..

The more Android devices/Ubuntu installs out there, the larger a target linux becomes.


Sure and in fact if such attack ever happen on Ubuntu, with a significant number of users falling for it, then it would be a *good* news for Linux as it would be a signal that the number of Linux desktop users has grown a lot.

Reply Score: 2

RE: Countdown to Linux Virii
by pantheraleo on Thu 26th May 2011 21:46 UTC in reply to "Countdown to Linux Virii"
pantheraleo Member since:
2007-03-07

Linux already gets hit on a very regular basis. Of course, usually when Linux gets hit, it is with a worm that exploits a vulnerability in some application that is running on Linux. Several worms have propegated by exploiting vulnerabilities in various versions of WordPress for example. Or it is by someone explicitly trying to target a certain site for one reason or another.

Edited 2011-05-26 21:47 UTC

Reply Score: 2

security by Obscurity??
by rakamaka on Fri 27th May 2011 14:27 UTC
rakamaka
Member since:
2005-08-12

My 2cent Rant

Do you MAC guys have this Bonjour service running in background???

MS have DEP and ASLR, Do apple have anything close to this type on MAC?
Search for hackers Compitition. Winner could break mac in no time..
Pay $1000 for MAC and get false sense of security OR pay $500 for PC+ $50 for good AV. It is your money, your choice.

Reply Score: 2