Linked by HAL2001 on Thu 19th May 2011 12:10 UTC
Privacy, Security, Encryption "A little over two weeks have passed since the appearance of MAC Defender, the fake AV solution targeting Mac users. And seeing that the approach had considerable success, it can hardly come as a surprise that attackers chose to replicate it. This time, the name of the rogue AV is Mac Protector, and the downloaded Trojan contains two additional packages. As with MAC Defender, the application requires root privileges to get installed, so the user is asked to enter the password."
Thread beginning with comment 473733
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: We told you so
by gfolkert on Thu 19th May 2011 13:57 UTC in reply to "We told you so"
gfolkert
Member since:
2008-12-15

Not particularly.

These equivalent programs get installed in Windows without the "root" privileges.

This means that privilege separation in Windows is just Palin broken and has been since they broke Ring 0.

If these users automatically put in the password when they don't know what in hell they are installing in the first place... then this is not a real problem with the OS design, but with the person operating the machine.

Someone installing a program outright in OSX regardless of its supposed or real intent does not constitute an OS design flaw.

Reply Parent Score: 3

RE[2]: We told you so
by fretinator on Thu 19th May 2011 14:11 in reply to "RE: We told you so"
fretinator Member since:
2005-07-06

This means that privilege separation in Windows is just Palin broken

That's really broken. I guess the only thing worse is Sony broken.

Reply Parent Score: 4

RE[2]: We told you so
by pantheraleo on Thu 19th May 2011 15:07 in reply to "RE: We told you so"
pantheraleo Member since:
2007-03-07

Actually, according to most security researchers, from a technical standpoint, Macs are more vulnerable than Windows. Apple has been pretty lax on security. Safari, for example, has more security issues than IE does. it's easier to root a Mac than it is to root Windows. The first commenter is correct. The only reason we don't see more widespread Mac infections is because it's not a high profile enough target.

Reply Parent Score: 5

RE[3]: We told you so
by Kivada on Thu 19th May 2011 15:47 in reply to "RE[2]: We told you so"
Kivada Member since:
2010-07-07

And yet most of the holes aren't related to Apple software, but Adobe's piles of crap that are forced upon the computing world.

Size of target has nothing to do with value of target.

And before you cite the pwn2own contests, look again at what hoops they make them go through on the Mac to open up an attack vector and that the Mac has a far higher resale value then the generic PCs they put up. Mabe if they offered something of value, like a decent Toughbook or maybe something from Sager/Clevo or BoxxTech you'd see a change in what was targeted first.

Reply Parent Score: 0

RE[2]: We told you so
by moondevil on Fri 20th May 2011 16:56 in reply to "RE: We told you so"
moondevil Member since:
2005-07-08

Not particularly.

These equivalent programs get installed in Windows without the "root" privileges.


Only if running as administrator.

Show me a Windows machine properly up to date, with a user running with a limited account, where he can install such applications?

Reply Parent Score: 2

RE[2]: We told you so
by BluenoseJake on Sat 21st May 2011 15:49 in reply to "RE: We told you so"
BluenoseJake Member since:
2005-08-11

They get installed as the current user if you are not an administrator, just delete the account, and you are good to go, just like in Unix.

It's only when you are running as admin do they get access to the entire machine.

Reply Parent Score: 2