Linked by Thom Holwerda on Tue 1st Mar 2011 00:28 UTC
Mac OS X It's sad to see that even after all these years, we still have to write articles like this one. It's all over the web right now: a new backdoor Mac OS X trojan discovered! Code execution! Indicative of rise in Mac malware! Until, of course, you actually take a look at what's going on, and see that not only is it not in the wild, it can't really do anything because it's a beta.
Thread beginning with comment 464522
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[2]: Comment by larwilliams
by larwilliams on Wed 2nd Mar 2011 04:17 UTC in reply to "RE: Comment by larwilliams"
Member since:

Funny, I thought the article cleary was a put-down of the sensationalists, which I thought was pretty reasonable considering the lack of real danger (yet again). (Note that the headline now is:"Supposed Mac OS X Trojan Another Piece of Linkbait", not sure if it was different earlier.)

Not saying it won't ever happen, but looking at the number of comments from Windows fanboys on sites like DailyTech - where the author actually was defending calling this thing a 'virus' - you know, because even if you have to install it yourself, the virus term is so broad now (uh, I'm thinking virus / trojan / worm, but apparently that's now too 'technical'), clearly there are people who really desperately want OSX to get a real virus, and it just hasn't happened. Maybe they can get on the 12/21/12 doomsday thing instead?

I guess you have forgot that there are at least half a dozen very real trojans infecting OSX installations since 2008?

OSX/Jahlav aka "MacAccess" is a prime example of one. It's a typical "missing codec" trojan that used itself to download and install more crap.

Edited 2011-03-02 04:18 UTC

Reply Parent Score: 1

RE[3]: Comment by larwilliams
by mrstep on Thu 3rd Mar 2011 22:16 in reply to "RE[2]: Comment by larwilliams"
mrstep Member since:

Wow, a full half-dozen? Should I be concerned when this random software asks for the admin password?

There was the one embedded in the iWork bittorrent downloads as well - I can come up with a real example off the top of my head, so I'm not saying there aren't any trojans. If you're an idiot, sure, install the Russian iWork variant or some unknown codec. I don't blame Microsoft for Windows users installing trojans either - it's social engineering, not an OS issue - and every OS has users who will click the OK button and type in a password.

My point was that there hasn't been an actual virus or worm. And I'm still not saying it won't ever happen, but I haven't had to deal with/worry about AV crap, rootkits, keyloggers, etc. since 2003 myself when I ditched the lovely Windows world. I'll be very sad if that security does fall at some point, but 8 years for me of not wondering if a random jpeg in an ad on CNN has taken over the computer is certainly nice.

Interestingly, Apple may just end up protecting the Mac more with the App Store there too now if you're willing to purchase through that channel. (Ignoring arguments for/against curated apps, etc., just saying for a lot of users that may make life easier/safer too...)

Edited 2011-03-03 22:17 UTC

Reply Parent Score: 1

RE[4]: Comment by larwilliams
by Alfman on Fri 4th Mar 2011 01:19 in reply to "RE[3]: Comment by larwilliams"
Alfman Member since:

"My point was that there hasn't been an actual virus or worm."

There is so much contradictory information it's hard to tell what's true, I actually do hear about mac viruses, look them up and they even have names like "OSX/Leap-A" which was propagated through vulnerabilities in jpeg decoders.

Saying that macs have no viruses is kinda wishful thinking IMHO.

"I haven't had to deal with/worry about AV crap, rootkits, keyloggers, etc. since 2003 myself when I ditched the lovely Windows world."

Most of us (edit: technically knowledgeable) on windows didn't have to deal with malware on our own systems, but rather we had to clean out the systems of friends who were careless.

The vast majority of windows malware is caused by unsafe user practices such as downloading and running software from untrusted sources such as emails or web pages. Is this a hit against the windows experience? It sure is.

However, to make a fair comparison, what does apple do to protect the same careless users on a mac? If they were equally targeted on macs, aren't they potentially even more vulnerable there without A/V?

If we eliminate malware which is the "user's fault", then windows is actually fairly safe these days.

Remember, it was mac-os and not windows which was exploited with a zero day email exploit in the pwn2own contest last year.

Granted, I'm taking the position of devil's advocate here. I'm not a fan of MS products, they've dragged their users through hell over and over again with shoddy software and IE/activex/WGA crap. But all of that is no excuse not to evaluate apple objectively, they need to clean up their backyard too.

Edited 2011-03-04 01:32 UTC

Reply Parent Score: 1