Linked by Thom Holwerda on Fri 20th May 2011 20:37 UTC
Apple I have personally tried to pretty much let the whole MAC Defender trojan thing pass by, since we're not a security website. However, we have an interesting turn of events this week. An article over at Ars Technica quotes several anonymous Apple Store employees as saying that the infection rate of Macs brought into the Apple store has gone up considerably. More interestingly though, Apple's official policy states that Apple Store employees are not allowed to talk about infections to anyone - they're not even allowed to inform Mac owners if they find the infection without the customer's knowledge. Another interesting tidbit: Apple mandates the use of Norton Antivirus on company Macs, according to one Apple Store genius.
Thread beginning with comment 474034
To read all comments associated with this story, please click here.
Patch the User
by Moredhas on Fri 20th May 2011 21:39 UTC
Member since:

This just goes to prove that the biggest security risk is still the user. Same goes for your house, give a disreputable character the house keys, don't be surprised when your TV is gone. On the one hand, Apple are right that they don't HAVE to do anything, but it really harms their image and their security track record. I don't expect them to fix it on every computer, but some user education wouldn't go astray. They're so fond of forcing things on people, so why can't they force a slideshow on people the next time they turn on their mac?

A side anecdote about users. Apple are right not to remove this for them because of user objections. I've mentioned a thousand times here I work in a phone shop, and worked in an internet cafe / repair place, so this makes for a modest pile of user anecdotes. At the internet cafe, I found more than enough computers brought to us with exactly this kind of scareware installed on them. I removed it, and the idiot users, even after I explained what it was, wanted it back. I was more than happy to oblige after their rather friendly advice. Flash forward a couple of years, and a customer came into the phone shop with one of those "you've just won a MILLION POUNDS in the MEXICAN LOTTERY!" messages, asking HOW TO CLAIM IT! As if the helpful URL in the message weren't enough. A co-worker deleted the message for them, and they threatened to sue. They in fact DID go to their lawyer, we found out, when the lawyer called us up just to laugh about the customer. Seems there are some lawyers out there who won't take just any case.

So, my point is, the users are dullards, and likely to get angry that someone has arbitrarily removed their paid software, whatever the intent.

Reply Score: 8

RE: Patch the User
by Phloptical on Fri 20th May 2011 22:35 in reply to "Patch the User"
Phloptical Member since:

Their security track record is based on a market share that, up until recently, hasn't made their OS worth targeting.

Reply Parent Score: 3

jabbotts Member since:

Security really can't be compared to market share.

Security relates to how well a thing resists attack not how many attack attempts it receives. A thing that resists five out of ten attacks (50%) is more secure than a thing that resists two out of six attacks (33%) even though six attacks is less "market share" than ten attacks.

In terms of market share (popularity), a thing that becomes more popular still had all those un-found vulnerabilities before gaining popularity.

OSX may be getting more attempts against it now due to popularity but exploitable vulnerabilities discovered still existed before now. It was still just as insecure against attempts before as it is now.

Small market share is actually obscurity not security.

Obscurity; I hide behind a corner and you can't see me until you walk around the corner. I'm obscured only until you know where to look.

Security; I hide behind a corner but you can't walk around it and see me because you'd have to get through the locked gate between us.

The first provides no real resistance to finding me where the second does provides some form of resistance to your attempts at walking around the corner.

Reply Parent Score: 2

RE: Patch the User
by darknexus on Fri 20th May 2011 22:51 in reply to "Patch the User"
darknexus Member since:

Apple are right not to remove this for them because of user objections.

Quite right, you should never remove something without asking no matter what it is. But to not even be allowed to mention that they found it and actually ask that question is inexcusable. If you tell the user what it is and they throw a fit, then by all means let them lie in their own soiled bed. However, on the flip side, if you *do* find something like this and do not tell a user and they find out later, you could be in for just as much of a trouble spot as if you removed something without their consent. You see, when someone doesn't fix something even though they're being paid to do so... that means they aren't doing their job, at least in my mind. Essentially what Apple has done is protected the geniuses (most of whom are anything but, by the way) from reprisal by people who might actually have a clue. Then again, I suppose the people who actually understand this stuff don't take their machines into the geniuses in the first place, and probably didn't even fall for this trojan to begin with.

Reply Parent Score: 4