Linked by Thom Holwerda on Tue 1st Mar 2011 00:28 UTC
Mac OS X It's sad to see that even after all these years, we still have to write articles like this one. It's all over the web right now: a new backdoor Mac OS X trojan discovered! Code execution! Indicative of rise in Mac malware! Until, of course, you actually take a look at what's going on, and see that not only is it not in the wild, it can't really do anything because it's a beta.
Thread beginning with comment 464515
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Maybe I'm crazy...
by kaiwai on Wed 2nd Mar 2011 01:29 UTC in reply to "Maybe I'm crazy..."
kaiwai
Member since:
2005-07-06

If you think the linkbait is bad, then check out this:

http://img600.imageshack.us/i/screenshot20110302at125.png/

That is an advertisement by Google (on Macrumors) linking to two known scam websites, bidfun and bidhere, both of which are owned by the same company and both are known to be fraudsters and yet we have Google quite happy to take money from con-artists. At least in the case of linkbait all you need to be is a little savvy about the internet but if something is being advertised on a platform run by Google wouldn't it be correct that Google wouldn't allow con-artists and fraudsters to use their services to commit criminal acts? I mean, if I was an average end user I'd assume that Google checked out the company before allowing them to advertise with Google.

But I don't give a damn if a piece of malware can gain root privileges on my desktop when measured against the greater harm that results from it getting and sending my personal information. This old mentality of "oh, well, it can't gain root so it's no big deal" needs to stop dead. Which is worse, my system being brought down or otherwise affected... or my personal data being snagged? This isn't a trick question, especially in today's environment. I'd argue that gaining user's data is worse than gaining root privileges when you're referring to desktop machines. On servers, of course, the situation is completely different and root access is much worse than a single user being compromised. We're not talking about servers this time around, however.


Agreed; with so much personal data on ones computer either explicitly in files or saved in cache or even virtual memory that hasn't been flushed yet (Mac OS X has 'secure' virtual memory) will cause more damage than some mischievously socially engineered application.

I personally think the whole thing is way over blown because at the end of the day there is nothing you can do as so far as 'security' and 'linkbait' unless one were to go to the logical extreme and lock down the whole system with the only avenue of purchase being through some sort of 'AppStore'. I would sooner give up some security if it means I have more liberty in the process - freedom is never neat and tidy, and quite frankly I don't think the hysterics of halfwitts getting hacked because of their own stupidity is really helping the situation either.

Reply Parent Score: 2

RE[2]: Maybe I'm crazy...
by Alfman on Wed 2nd Mar 2011 02:58 in reply to "RE: Maybe I'm crazy..."
Alfman Member since:
2011-01-28

"there is nothing you can do as so far as 'security' and 'linkbait' unless one were to go to the logical extreme and lock down the whole system with the only avenue of purchase being through some sort of 'AppStore'."


I hope I am misunderstanding you, because the app stores of the "walled garden" variety are not about security so much as they are about control.

Even devices in walled gardens can have vulnerabilities exploitable through the app store or directly. The iphone rootkit (which is generally used intentionally by end users to break apple's chain of control) is technically proof of a vulnerability in the device.

While it represents a win for end users due to the freedom it gives them, it represents a failure by apple to protect it's platform. It's just so contorted that we live in a world where we have to break into our own devices.



"I would sooner give up some security if it means I have more liberty in the process - freedom is never neat and tidy..."

Thankfully we agree, but I don't think security implies lack of freedom in the first place. However, security just happens to be an excellent excuse for vendors to take freedoms away from the ignorant, and by extension (through market pressure) the rest of us too.

Reply Parent Score: 1

RE[3]: Maybe I'm crazy...
by kaiwai on Wed 2nd Mar 2011 06:00 in reply to "RE[2]: Maybe I'm crazy..."
kaiwai Member since:
2005-07-06

I hope I am misunderstanding you, because the app stores of the "walled garden" variety are not about security so much as they are about control.

Even devices in walled gardens can have vulnerabilities exploitable through the app store or directly. The iphone rootkit (which is generally used intentionally by end users to break apple's chain of control) is technically proof of a vulnerability in the device.

While it represents a win for end users due to the freedom it gives them, it represents a failure by apple to protect it's platform. It's just so contorted that we live in a world where we have to break into our own devices.


True, but a walled garden makes the likelihood a whole lot lower but event then I think it gives a false sense of security to end users - I think there has already been an example recently with Android where an application was a approved but then remotely removed because it turned out not to be so kosher after all. There is only so many things that the app reviewers can check for and it wouldn't surprise me if sometime in the future there is an embarrassing situation. Although I love the AppStore on Mac OS X I never use it as my 'line of defence' against trojans etc.

Yes, I understand it is about control but a side effect of control is greater security in much the same way that a police state can result in a lower crime rate - is it really worth the price for less freedom? I certainly don't think so. Is Singapore clean and pretty much crime free? sure but I sure as hell don't want to be arrested because the morality police catch my boyfriend and I having some undercover fun.

Thankfully we agree, but I don't think security implies lack of freedom in the first place. However, security just happens to be an excellent excuse for vendors to take freedoms away from the ignorant, and by extension (through market pressure) the rest of us too.


When I mean security I am talking about the fact that when you add more security to a system things either become more laborious to do, require you to work around it or worse ends up curbing your freedom in some way. If you have a fixed purpose device like an iPod Touch, there is security because there are limited things you can actually do with the device - you actually have to really go out of your way to accomplish the end goal of making it less secure. The net result is you've got a secure market place that has fixed set of rules but is it worth the price of not being able to tinker, source applications from other locations, being able to maybe loading on another operating system to the device itself etc?

Reply Parent Score: 2

RE[2]: Maybe I'm crazy...
by Neolander on Wed 2nd Mar 2011 05:50 in reply to "RE: Maybe I'm crazy..."
Neolander Member since:
2010-03-08

How about not giving average applications access to so much user data (which they really don't need) as a default setting, but giving the user the option to choose to do so for software which requires it, with an UAC/gksudo-like window ?

Reply Parent Score: 1

RE[3]: Maybe I'm crazy...
by kaiwai on Wed 2nd Mar 2011 09:46 in reply to "RE[2]: Maybe I'm crazy..."
kaiwai Member since:
2005-07-06

How about not giving average applications access to so much user data (which they really don't need) as a default setting, but giving the user the option to choose to do so for software which requires it, with an UAC/gksudo-like window ?


Apple already provide sandboxing API's but unless Apple enables a way where applications refuse to run unless they're sandboxed I simply don't see things changing. The solution is there, it has been there for quite some time but are you willing to be told that 99% of your applications will fail to run because they're not using sandboxing by default?

There is security on one side of the coin and on the other side the practical considerations.

Reply Parent Score: 2

RE[3]: Maybe I'm crazy...
by Alfman on Wed 2nd Mar 2011 16:57 in reply to "RE[2]: Maybe I'm crazy..."
Alfman Member since:
2011-01-28

Neolander,

"How about not giving average applications access to so much user data (which they really don't need) as a default setting, but giving the user the option to choose to do so for software which requires it, with an UAC/gksudo-like window ?"

This is exactly what we *needed* for security, but the walled garden is what mobile users are *getting* instead.

The local application sandbox is not only valid in theory, but we already have several viable implementations. The benefits to end users is exactly the reason they're losing traction in the mobile sector - they permit the secure execution of arbitrary applications without relegating control to a single vendor.

Most apps we might want to run from the internet don't need (and should not have access to) other apps or local files. The sandbox model addresses all technical security concerns, yet mobile manufacturers are opting for a walled garden instead in the interests of market control.

Reply Parent Score: 1