Linked by Thom Holwerda on Wed 25th May 2011 17:02 UTC, submitted by kaiwai
Mac OS X Well, it took them long enough. Apple has finally acknowledged the existence of the MAC Defender trojan, and has offered removal instructions. The company has also promised a security update to Mac OS X that will block MAC Defender and its variants from working. All this information was published in the form of a support document on Apple's website. Update: Well, that was fast. A new variant of the trojan, called Mac Guard, has been discovered. Unlike previous variants, this one does not require users to enter their administrative password.
Thread beginning with comment 474635
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Alert the enemy - the enemy already knows
by jabbotts on Wed 25th May 2011 21:00 UTC in reply to "Alert the enemy"
Member since:

I suspect the Shneier link says as much but to provide the bullet points:

1. the enemy already knows, the consumer is always the last to find out they are at risk.

2. if researchers with good intent can find a bug, so can researchers with malicious intent; see point 1.

3. the end user has no chance of mitigating risk while waiting for a solution if they don't know about the problem which is already known to the enemy; back to point 1

4. for-profit corporations may need the motivation of public disclosure before they choose to fix a vulnerability.

For that last one, there is actually a network appliance vendor who said outright that they where not going to fix a discovered vulnerability because "none of our current customers have discoved it and complained yet."

Microsoft has said outright that it won't be fixing the dynamic link library vulnerability because "it's up to the third party developers to choose to use static link library paths" yet the vulnerability is enabled by the OS and fixing the OS would positively affect all third party software as a result.

Sony had no inclination to fix vulnerabilities in it's network because "we haven't been broken into yet". How's that working out for them and the over 24 million customers who now have personal information available for download and exploitation?

Much of the time when vulnerabilities are discoverd and reported, the corporate response is to threaten legal action to protect the business reputation rather than to work with the person reporting the issue to protect the customers.

Reply Parent Score: 6