Slashdot Mirror

That is outright false. I challenge you to provide a citation to a reasonably authoritative site saying that - basically anybody who isn't a kook. You can't.

Clearly you phrased it that way so you could reject any site I offered, based on your own myopic view point.

So here are the rules:
You don't get to reject any source! You have to invalidate every one of these and all of their claims.
After all, extraordinary claims of something being "outright false" require extraordinary proof.

http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?pagewanted=2&_r=0
http://nakedsecurity.sophos.com/2013/03/16/has-https-finally-been-cracked/
http://www.theguardian.com/commentisfree/2013/sep/05/government-betrayed-internet-nsa-spying
http://www.theregister.co.uk/2013/09/05/nsa_gchq_ssl_reports/
http://www.zdnet.com/has-the-nsa-broken-ssl-tls-aes-7000020312/
http://www.forbes.com/sites/andygreenberg/2013/06/20/leaked-nsa-doc-says-it-can-collect-and-keep-your-encrypted-data-as-long-as-it-takes-to-crack-it/

http://nakedsecurity.sophos.com/2013/06/03/oracle-promises-secure-java/

Well, those are the people who are too stupid to figure out Java, like OP stated.

Sure, except they're not. I'm talking specifically about people who's living is security, and who don't like the language itself. Whether or not that somehow gives you butthurt. http://nakedsecurity.sophos.com/2013/06/03/oracle-promises-secure-java/

Along with random number generator checks http://nakedsecurity.sophos.com/2013/09/11/rudest-man-in-linuxdom-rants-about-randomness-we-actually-know-what-we-are-doing-you-dont/?utm_source=Naked+Security+-+Sophos+List&utm_medium=email&utm_campaign=a7340f16d1-naked%252Bsecurity&utm_term=0_31623bb782-a7340f16d1-418465757

I applaud Google's admission, but sad to note that that the argument will embolden those who've been touting the "fact" that iOS is more secure than Android.

I guess one cannot be blamed for saying, "So much for the so called secure open nature of Android."

It just doesn't seem to work...or does it?

This is just more mindless Google fanboy anti-Apple hate.

It's not like this a trojan you have to turn on the installation of non-market applications and go to a pirate app store to get installed. You actually have to have the device.

And this is just like a jailbreak, so it is a good thing.

Actually, this isn't mindless. This has been a known security issue in iOS since iOS 3 days, that Apple hasn't bothered to fix.

See this article coming out of DEFCON 2011:
http://nakedsecurity.sophos.com/2011/08/19/is-juicejacking-the-new-firesheep/

So unless you carry around a charging cable with the data pins removed or never charge at a USB port you don't own yourself, this is an issue (and has been for years).

Google (partially) fixed this on Android when noise first started being made in late 2010, but Apple didn't. Of course, due to fragmentation, that only means it's fixed if you bought your Android phone after mid-2011 or have an upgrade that implements the fix -- but Apple seems to be fragmenting within its own ecosystem, as this fix is iOS 7, and there are now a large number of iOS devices in every day use that aren't won't run iOS 7.

Yes, this is mindless, because it's an issue with all mobile OSs - funny how you managed to find an article that pretends otherwise http://managedsolutions.com/tag/juice-jacking/ doesn't.

BTW: there are commercial chargers that remove malware from Androids http://kapricasecurity.com/ - you really believe the opposite can't be done?

This is just more mindless Google fanboy anti-Apple hate.

It's not like this a trojan you have to turn on the installation of non-market applications and go to a pirate app store to get installed. You actually have to have the device.

And this is just like a jailbreak, so it is a good thing.

Actually, this isn't mindless. This has been a known security issue in iOS since iOS 3 days, that Apple hasn't bothered to fix.

See this article coming out of DEFCON 2011:
http://nakedsecurity.sophos.com/2011/08/19/is-juicejacking-the-new-firesheep/

So unless you carry around a charging cable with the data pins removed or never charge at a USB port you don't own yourself, this is an issue (and has been for years).

Google (partially) fixed this on Android when noise first started being made in late 2010, but Apple didn't. Of course, due to fragmentation, that only means it's fixed if you bought your Android phone after mid-2011 or have an upgrade that implements the fix -- but Apple seems to be fragmenting within its own ecosystem, as this fix is iOS 7, and there are now a large number of iOS devices in every day use that aren't won't run iOS 7.

I use my cable company's cable modem that has 802.11 N, Sophos UTM (free and on a low end AMD mid tower that cost about $200), and Cisco SMB switches that come with a lifetime warranty. Granted, this places wireless outside my firewall and IDS but that's OK because I have multiple ways to work around any issues that may arise. For example, I can remote print to my printers via Google, HP or via dynamic DNS (through a VPN). Here's the URLs: Sophos UTM: http://www.sophos.com/en-us/products/free-tools/sophos-utm-home-edition.aspx Cisco SMB Switches with lifetime warranty: http://www.cisco.com/cisco/web/solutions/small_business/products/routers_switches/100_series_switches/index.html

they can't check.
they know they can't check.

I'm not convinced that's even remotely true.

Since ICE is under DHS, and they've basically said they can search your laptops ... it falls within the mandate of ICE to now police copyright.

I can entirely believe that (if not now, soon), they might start saying that if you've got ripped media you can get detained. Once your border folks are an extension of policing copyright for industry, this is an entirely plausible scenario.

that's not what I meant. I meant they can't check if it's legally ripped or not.

they can't check.
they know they can't check.

I'm not convinced that's even remotely true.

Since ICE is under DHS, and they've basically said they can search your laptops ... it falls within the mandate of ICE to now police copyright.

I can entirely believe that (if not now, soon), they might start saying that if you've got ripped media you can get detained. Once your border folks are an extension of policing copyright for industry, this is an entirely plausible scenario.

Since Android 4.2, Google has been including antivirus with Android.

I showed possible and (in my opinion) probable explanations on why the SK computers may have stopped working (and I even admit I might be wrong). From my perspective, would be enough to at least cast a doubt on the assumption it was an act of "aggression".

I'm seeing you in sticking to your position of attempting to infer an intentional attack and decline any possibility it may have just an act of incompetence.

The malware, detected proactively by Sophos products as Mal/EncPk-ACE, has been dubbed "DarkSeoul" by experts analysing its code at SophosLabs.

What's curious is that the malware is not particularly sophisticated. Sophos products have been able to detect the malware for nearly a year, and the various commands embedded in the malicious code have not been obfuscated.

For this reason, it's hard to jump to the immediate conclusion that this was necessarily evidence of a "cyberwarfare" attack coming from North Korea.

Backing up the evidence that the attack was targeted against South Korean computers, Sophos experts have determined that "DarkSeoul" attempts to disable two popular anti-virus products developed in the country: AhnLab and Hauri AV.

I'm also seeing you in putting words into my mouth and constructing a straw man for you to have something to demolish
But... all the above makes me curious: did you acquire a taste for yellow snow or do they feed you well to make the snow yellow?

James Lyne once said that he changed to standard security certificate dialog to say "by cllicking this you kill 1000 kittens".

No one raised an issue, not even IT.

Which goes to show how pointless the dialog is and how far it goes in adding security

Oh and if you refer to the OS X only Safari 6 that had a prize in this event, nobody even tried to hack it in this convention...

http://nakedsecurity.sophos.com/2013/03/07/pwn2own-results-java-chrome-ie-10-and-firefox-owned-on-day-one/

Yes it's so easy, it's the script kiddies choice!!!!

http://nakedsecurity.sophos.com/2013/02/21/oxford-university-blocks-google-docs-phishing-attacks/

This could have been totally avoided with a little user education and decent network security policy.

By which, of course, you mean banning Adobe software and blocking any attempts to download it. It seems like I'm getting Flash Player security updates about once a week. On the one hand, it's good news that they're finally fixing that steaming pile of bugs, but on the other hand, it makes me wonder how many of those security holes have been secretly exploited for years, and how many of the Flash crashes I've seen over the years would have been successful attacks on some specific version of some specific OS.

That is a sophisticated attack, yes. Overrated does not mean impossible - years ago, practical attacks on WEP and SSL also seemed unlikely. I also seem to remember a story recently about malware being found on Reaper drones - certainly not the end of the world, but unless things have been drastically altered (not a hallmark of MilAero applications) many of those vulnerabilities are probably still present.
On the whole, I am more concerned about the potential of an adversary simply interrupting communication with the drone, this takes a lot less effort. They don't have to take control of the drone, they just have to remove the pilot's.
What was an effective weapon is now just a hunk of metal hurtling through the air.
Losing a Predator to this kind of attack would be annoying and the gain for an opponent is minimal, but an F-35 or an F-22? That is a much greater gain/loss.

There are no known virus on Macs.

Since that statement is easily disprovable with a single example, here's the word from Sophos from 2006, for OS X specifically. There's even a nice section labeled "Is Leap-A a virus or a Trojan?" to counter your next rebuttal. If you disagree with their assessment, argue with them, not me.

If you look at the Mac virus timeline on that page, you can see the first one in 1982, which predates the first IBM PC virus by 4 years. There have been several viruses written to target various Mac operating systems, and you can even credit Microsoft with a working cross-platform macro virus.

Only malware I've heard of is Trojan Horses

Then you aren't really in a position to make any definitive claims regarding the history of viruses on Macs, are you?

You mean something like this?

http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx

Happened to me, hence, why I got into the tool hairyfeet noted -> http://tech.slashdot.org/comments.pl?sid=3466197&cid=42920911

* YES, believe-it-or-not, that happened to me (w/ BOTH the genuinecheck.exe tool MS makes you use to validate your copy of Windows isn't "pirated" AND also Windows Update itself...)

HOWEVER - otherwise? I am completely with you, that Windows Update SHOULD have patched most anyone online (offline of course, won't do it, but then again by the same token on the "flip-side of the coin"? They don't have to worry that much about remoted threats like botnets either!)...

Again - That is, unless they "hit" what I did & yes, I've seen others hit it too, especially for "genuinecheck.exe"... which I spotted when it stopped for me also!

(I did what I did, for the RIGHT reasons on security... however, it doesn't mix with some MS sites, or Adobe ones either (& a couple others over time I hit)).

APK

P.S.=> Took me a hell of a long time to figure out & determine, but, I finally did... & yes/once more, stressing it:

I've seen others online complain of it also!

So, odds are, they are running a NAT stateful packet inspecting firewall as I do (for the right reasons) with THOSE filter rules in place operating, which unfortunately, stall out access to SOME sites!

(I suspect they're either CDN's, or, use JAVA, or ActiveX if not some form of cookie too - the rules I use (all of them) are "Filter Proxy" (hence CDN imo @ least), "Filter Cookies" (they probably MAKE you take these to get stats etc.), "Filter JAVA" (for obvious reasons, since it's SO security-flaw ridden lately, which hopefully gets FULLY patched soon 4 days from now -> http://nakedsecurity.sophos.com/2013/02/12/oracle-on-java-we-will-have-patch-tuesday-after-all/?utm_source=Naked+Security+-+Sophos+List&utm_medium=email&utm_campaign=28ab144f68-naked%252Bsecurity ), & lastly, also "Filter ActiveX" (again, for obvious reasons for security)...

... apk

FYI you can't disable people tagging you in pictures, only them showing up on your wall

Yes you can, the setting talked about here prevents photo tagging and the one above it prevents general tagging. http://nakedsecurity.sophos.com/2013/02/02/facebook-turns-facial-recognition-back-on/

Like one individual oops sure he'll survive but he probably had to pay a lawyer to prove his innocence, the problem is the burden of proof is on you at that point. I'd be happy to share it for a select few services however, like Google maps or something, sure have at it! If the hardware kept some kind of record of who connected and when it may go a long way to making it FBI raid friendly.

You are apparently unaware of FISA and the TOS agreement between Americans and their government, specifically, Amendment 4 of the Bill of Rights.

Here are some links to help get you up to speed:
FISA: http://nakedsecurity.sophos.com/2013/01/16/redacted-fisa/
AT&T and NSA's laptop in a closet on everyone: http://en.wikipedia.org/wiki/Room_641A
Retroactive immunity for Telecoms: http://www.techdirt.com/articles/20111230/00522317232/retroactive-immunity-govt-warrantless-wiretapping-deemed-constitutional-suit-against-govt-lives.shtml
4th Amendment: http://en.wikipedia.org/wiki/Fourth_Amendment_to_the_United_States_Constitution

Showing how YOU utterly screwed up, eldavojohn?? Absolutely:

"Do you have a link to the law that says writing viruses is illegal?"" - by eldavojohn (898314) * on Thursday December 13, @01:41PM (#42277049)

I have 2 links that show YOU ARE IN GRAVE ERROR:

(Bigtime)

---

Finland declares writing viruses illegal:

http://news.slashdot.org/story/99/09/23/0747210/finns-outlaw-virus-writing

---

Japan declares writing viruses illegal:

http://nakedsecurity.sophos.com/2011/06/17/japan-makes-virus-creation-illegal/

---

There you go, & "Eat YOUR Words"... since depending on WHERE YOU ARE IN THE WORLD? Virus writing is indeed, illegal!

---

"You're saying that if I set up a network of computers in my house disconnected from the internet and infect them to study how a botnet mutates, that would be illegal?" - by eldavojohn (898314) * on Thursday December 13, @01:41PM (#42277049)

Yes, see above (if you're in Japan or Finland, you'd be breaking the law creating viruses that way even (unless they have given you permission to do so I'd imagine, ala a license for an antivirus firm for example))...

---

"That's exactly what the author had me do when I read and reviewed the Metasploit guide http://developers.slashdot.org/story/11/09/14/2125259/book-review-metasploit-the-penetration-testers-guide." - by eldavojohn (898314) * on Thursday December 13, @01:41PM (#42277049)

Then, you are MISINFORMING PEOPLE - now, either YOU didn't read it right, OR the folks that wrote it are in error, but either way? YOU & YOUR "SOURCE" SCREWED UP LARGE!

Especially CONSIDERING THIS:

Both of the article I post have laws in effect that predate your "review",and possibly before that "guide" was created even!

Which IS, misleading others ( & dangerously on legal grounds!)

(Thus, some kid's going to read your words, & think "Oh, slashdot said it was ok to do" & that kid happens to LIVE in JAPAN or FINLAND, & get jailed...)

APK

P.S.=> Worst of all, when I pointed this UTTER FAIL of yours out?

You came along & downmodded it 2x to *try* to "hide it from view" (lmao, lame & pretty POOR "tactics"):

---

http://interviews.slashdot.org/comments.pl?sid=3314681&cid=42279703

&

http://interviews.slashdot.org/comments.pl?sid=3314681&cid=42280227

---

Even though what I posted IS THE TRUTH and yes, LAW (in those 2 nations)...

... apk

http://news.slashdot.org/story/99/09/23/0747210/finns-outlaw-virus-writing

* So, not only the Finns have outlawed VIRUS WRITING as shown in the link above? So have the Japanese, shown here -> http://nakedsecurity.sophos.com/2011/06/17/japan-makes-virus-creation-illegal/

(Have you fools NO shame?)

APK

P.S.=> This site has a lot of people that lead others TOTALLY astray & yet they get +5 upward moderations? (That's directed to eldavojohn - the parent poster here!).

Please... lol!

... apk

First off - how the HELL did your bullshit get a +5?

(Using sockpuppets there, "eldavojohn"?? It's obvious you do!)

I.E./E.G.-> I've seen so many of your bullshit posts get that for total crap, it's unbelievable. Seriously unbelievable.

Secondly "big talker"?? DO BETTER THAN Mr. K. has in the art & science of computing... you bullshit artist!

Everyone KNEW what he meant about Doctors, Firemen, etc. - except you, you nitpicking nobody.

Your "nitpick bullshit" here now??? No WAY it is worth a +5 upward mod... no way.

By the way - depending on WHERE you write viruses/malware in general?? It IS illegal:

http://nakedsecurity.sophos.com/2011/06/17/japan-makes-virus-creation-illegal/

You big mouthed bullshit artist...

APK

P.S.=> You make me ill... & especially since I've noted that you get way, Way, WAY TOO MANY +5 moderations for total horseshit like your post now

Do us, and yourself, a HUGE favor - Why don't you just ADMIT you're a sockpuppet alternate registered "luser" /. account user, hmmm?? apk

Just in case someone wants the numbers.

Includes eight points of document, attack points, response and versions of product in which they were fixed and dates the fixed versions released.

Sophos KB Article 118424

Where this all started back in July 2012:
Small children shouldn't cast stones


Ongoing "drama"
A dish best served with Ketchup

The "sequel"
Never let a good Rant get the best of you

And today "When last we Left Lost.."

Just in case someone wants the numbers.

Includes eight points of document, attack points, response and versions of product in which they were fixed and dates the fixed versions released.

Sophos KB Article 118424

Where this all started back in July 2012:
Small children shouldn't cast stones


Ongoing "drama"
A dish best served with Ketchup

The "sequel"
Never let a good Rant get the best of you

And today "When last we Left Lost.."

Just in case someone wants the numbers.

Includes eight points of document, attack points, response and versions of product in which they were fixed and dates the fixed versions released.

Sophos KB Article 118424

Where this all started back in July 2012:
Small children shouldn't cast stones


Ongoing "drama"
A dish best served with Ketchup

The "sequel"
Never let a good Rant get the best of you

And today "When last we Left Lost.."

One has to wonder if the Sophos targeting was spite-driven in any way. Back in 2010, Sophos kind of trashed Tavis for disclosing a vul in Windows: http://nakedsecurity.sophos.com/2010/06/15/tavis-ormandy-pleased-website-exploits-microsoft-zeroday/

About two years ago Sophos was highly critical of the way Tavis disclosed a high profile vulnerability in Windows calling it irresponsible.

http://nakedsecurity.sophos.com/2010/06/11/google-engineer-act-irresponsibly-microsoft-zeroday-disclosure/

Looks like Tavis did not too took it too well and has been since going after Sophos products.His tone in the latest paper is simply a reflection of the feud between the two.

From http://nakedsecurity.sophos.com/2012/11/05/tavis-ormandy-sophos/ and reprinted here in case of slashdotting...

As a security company, keeping customers safe is Sophos's primary responsibility. As a result, Sophos experts investigate all vulnerability reports and implement the best course of action in the tightest time period possible.

Recently, researcher Tavis Ormandy contacted Sophos about an examination he had done of Sophos's anti-virus product, identifying a number of issues:

A remote code execution vulnerability was discovered in how the Sophos anti-virus engine scans malformed Visual Basic 6 compiled files. Sophos has seen no evidence of this vulnerability being exploited in the wild.
First reported to Sophos: 10 September 2012
Roll-out of a fix for Sophos customers completed: 22 October 2012 (42 days later)

The Sophos web protection and web control Layered Service Provider (LSP) block page was found to include a XSS flaw. Sophos has seen no evidence of this vulnerability being exploited in the wild.
First reported to Sophos: 10 September 2012
Roll-out of a fix for Sophos customers completed: 22 October 2012 (42 days later)

An issue was identified with the BOPS technology in Sophos Anti-Virus for Windows and how it interacted with ASLR on Windows Vista and later. Sophos has seen no evidence of this vulnerability being exploited in the wild.
First reported to Sophos: 10 September 2012
Roll-out of a fix for Sophos customers completed: 22 October 2012 (42 days later)

An issue was identified in how Sophos protection interacts with Internet Explorer's Protected Mode. Sophos has seen no evidence of this vulnerability being exploited in the wild.
First reported to Sophos: 10 September 2012
Roll-out of a fix for Sophos customers cbegan: 5 November 2012 (56 days later)

Vulnerabilities were found in how Sophos's anti-virus engine handles malformed CAB files. These vulnerabilities could cause the Sophos engine to corrupt memory. Sophos has seen no evidence of this vulnerability being exploited in the wild.
First reported to Sophos: 10 September 2012
Roll-out of a fix for Sophos customers completed: 22 October 2012 (42 days later)

Vulnerabilities were found in how Sophos's anti-virus engine handles malformed RAR files. These vulnerabilities could cause the Sophos engine to corrupt memory. Sophos has seen no evidence of this vulnerability being exploited in the wild.
First reported to Sophos: 10 September 2012
Roll-out of a fix for Sophos customers began: 5 November 2012 (56 days later)

A remote code execution vulnerability was discovered in how the Sophos anti-virus engine scans malformed PDF files. Sophos has seen no evidence of this vulnerability being exploited in the wild.
First reported to Sophos: 5 October 2012
Roll-out of a fix for Sophos customers began: 5 November 2012 (31 days later)

Tavis Ormandy has provided examples of other malformed files which can cause the Sophos anti-virus engine to halt - these are being examined by Sophos experts. Sophos has seen no evidence of this occurring in the wild.
First reported to Sophos: 4 October 2012
Roll-out of a fix for Sophos customers will begin: 28 November 2012 (55 days later)

Best practice
Sophos customers are reminded of the following best practices:

1. Keep systems patched and up to date

2. Upgrade to the latest version of Sophos software to get the best protection

Responsible disclosure
Sophos believes in responsible disclosure.

The work of Tavis Ormandy, and others like him in the research community, who choose to work alongside security companies, can significantly strengthen software products. On behalf of its partners and customers, Sophos appreciates Tavis Ormandy's efforts and responsible approach.

As of the 1st of October Japan has been in on it too. http://nakedsecurity.sophos.com/2012/10/02/japan-rolls-out-stiff-fines-and-jail-times-for-illegal-downloads/

Yes, this was bad. The virus signature in question appears to match any software that does auto-updates (possibly trying to spot phone-home malware?) so it's flagged dozens of software packages and according to what policy you've set, quarantined or deleted the files. This includes the auto-update part of the sophos client. The flood of emails from the sophos enterprise manager package as machines were switched on this morning quickly alerted us that this wasn't good, and just looking at names of the files it was flagging was enough to see that this was a false positive. Cleanup continues.

We've been very happy with sophos enterprise, and I'm staggered that this signature made it out the door - they should have numerous controls in place to ensure this can never happen and I await an explanation for how they failed.

I'm not too impressed by some of the advice given in their cleanup procedure - they advise setting the policy to not scan certain sophos directories - guess where viruses may try to hide in future.

This is an embarassing fubar which will have had a high impact on thousands of enterprises. It'll be interesting to see if Sophos come clean about the circumstances and can be convincing enough about how it's never going to happen again.

Being insulted by malware authors can be the best reward:

http://nakedsecurity.sophos.com/2012/08/24/sophos-sucks-malware/?utm_source=Naked+Security+-+Sophos+List&utm_medium=email&utm_campaign=86a68ce746-naked%252Bsecurity

* I'd *think* that THAT is your "motivation" here in fact...

That, along with YOU being EMBARASSED HERE, badly, by myself with your list of YOUR "greatest hits" (lol, not):

---

1.) Again: IF my program has a "bug", how come it ran PERFECTLY here vs. your "trollspeak/trollanguage"? Hmmm?? -> http://tech.slashdot.org/comments.pl?sid=3058625&cid=41052117 (which IS also PROOF you came in here "trolling" starting it up also)...

2.) You conceded memory usage with loaded data (where first you criticized me for it & withdrew it) -> http://slashdot.org/comments.pl?sid=3058625&cid=41126057

3.) You BLEW IT on the print statement -> http://slashdot.org/comments.pl?sid=3058625&cid=41126057 (yes, I proved I was well aware of it, but unlike YOU, google-boy/googler? I do my OWN work & write my own inlined code vs. function call overheads & control actually - same reason I didn't use BDE or SQLite - I did the work, myself, perfectly!)

4.) The fact that the hosts file DOES need protecting (UAC ACL & write protect help do so) -> http://tech.slashdot.org/comments.pl?sid=3058625&cid=41126421

5.) You ADMITTED hosts files are useful (which I will find very useful in the future, thank you!) -> http://tech.slashdot.org/comments.pl?sid=3058625&cid=41126661

6.) 2 significant folks in the security field who create custom hosts file data host my GUI program in malwarebytes' hpHosts & securemecca -> http://slashdot.org/comments.pl?sid=3058625&cid=41126285 for custom hosts file creation & mgt.... and you said nobody gives a hoot about my program (seems you do, & fail vs. it, and there's these security folks also).

7.) Text Editors like notepad.exe &/or gedit will NOT handle properly processing hosts file data fully, which YOU had to be "schooled in" also -> http://slashdot.org/comments.pl?sid=3058625&cid=41121573

8.) You had to be reminded of what the topic is here (hosts) since you were trolling calling me homo, retard, & such, plus starting up your trolling b.s. (shown in #1 above) -> http://slashdot.org/comments.pl?sid=3058625&cid=41104817 YOU OFF-TOPIC TROLL!

---

(You made those mistakes, not I... & all you have, is some b.s. that my program has a "bug"? LMAO! Sure, sure (sarcasm) - disprove what's in #1 above then... good luck, you'll NEED it!)

APK

P.S.=> Once more: IF my program has a "bug", then how come it ran PERFECTLY vs. your "trollspeak/trollanguage" here -> http://tech.slashdot.org/comments.pl?sid=3058625&cid=41052117 where you came in here trolling?

Hmmm??

Answer that question...

... apk

It's called "Morcut" by Sophos and they offer a free anti-virus product for Mac OS X.

They claim it's designed to access these things: mouse coordinates, instant messengers (for instance, Skype [including call data], Adium and MSN Messenger), location, internal webcam, clipboard contents, key presses, running applications, web URLs, screenshots, internal microphone, calendar data & alerts, device information, address book contents

Except they don't do this because it's not useful information for a provider. An individual's usage habits are uniquely worthless.

To the utility's own operations, probably pretty useless. But the data that can be extracted - depending on the update rate the utility can pull, right down to what TV show you are watching - would have high commercial value on the open market (think well-known consumer data-aggregators (Experian), advertisers, etc.). How long will the utility leave that money on the table?

Yes and yes respectively.

http://nakedsecurity.sophos.com/2012/01/08/28c3-smart-meter-hacking-can-disclose-which-tv-shows-and-movies-you-watch/

http://nakedsecurity.sophos.com/2012/04/04/dont-be-an-internet-troll-you-could-be-sent-to-jail/?utm_source=Naked+Security+-+Sophos+List&utm_medium=email&utm_campaign=a6d16b7680-naked%252Bsecurity

http://nakedsecurity.sophos.com/2012/04/04/dont-be-an-internet-troll-you-could-be-sent-to-jail/?utm_source=Naked+Security+-+Sophos+List&utm_medium=email&utm_campaign=a6d16b7680-naked%252Bsecurity

http://nakedsecurity.sophos.com/2012/04/04/dont-be-an-internet-troll-you-could-be-sent-to-jail/?utm_source=Naked+Security+-+Sophos+List&utm_medium=email&utm_campaign=a6d16b7680-naked%252Bsecurity

http://nakedsecurity.sophos.com/2012/04/04/dont-be-an-internet-troll-you-could-be-sent-to-jail/?utm_source=Naked+Security+-+Sophos+List&utm_medium=email&utm_campaign=a6d16b7680-naked%252Bsecurity

Great... so instead of one password per site, someone just needs to log into your DropBox account and crack your (hopefully fairly strong) KeePass password, and they get everything -- not just all your passwords, but what sites they're for and what the associated usernames are. All sitting out there on a public server 24x7.

How strong is your KeePass password?

Note that there are no known viruses for OSX, and a properly configured mac makes even malware difficult to run.

600K macs estimated to be infected with flashback, the only really known problem malware at the moment.

Off the top of my head, there's also Flshplyr, SabPub and Maljava. If you don't keep up with the tech world, at least check your facts before getting on your soapbox. There's been PLENTY of OSX malware, mostly trojans and scareware - the aforementioned, Dloadr, FakeAv, Miner, Imuler, Renepo. Yes, there have been viruses, worms and malware for OSX. This is a matter of indisputable fact. This is not the first, it's not the only vulnerability currently out there. None of this is news.

• Flshplyr - Trojan 2012 (Java)
• SabPub - Trojan 2012 (Java and MS Word Document variants)
• Maljava - Trojan 2010 (Java Applet)
• Dloadr - Windows Trojan 2012
• FakeAv - Trojan 2007
• Miner - Trojan 2011
• Imuler - Trojan 2011
• Renepo - Worm 2004 - never seen in the wild, ie concept virus

So, with the exception of Renepo, which doesn't exist except as a concept and was for PPC Macs, the real problem was Flashback. All the other recent Trojans were targeted. I'll also note that Sophos now estimates the Flashback to be less than 275K infections as of last week. What was your point again?

...but how is it 'transmitted'? That implies an installed transmitter, ie. malware.

A lot of Windows malware is transmitted via email, because there's a long history of Windows mail clients (most importantly Microsoft's crapware) being directly vulnerable and/or facilitating deceptive mail.

I have a lot of Windows malware on my Macs because I have email addresses that have been used openly and actively for 20 years and so have made it onto all sorts of indiscriminate spamming lists that are used for malware distribution. Because mail abuse is a professional focus of mine, the archives of malware-bearing spam I have accumulated is a resource, not an infection. I'm not sure why anyone else would retain all of their junk forever, but many people do so. It is a rare hour when I can't identify a log entry from my mail server rejecting mail that is almost certain to be bearing malware, and a rare week when I don't have at least one spam slip through carrying some form of malware.

If you dig down past the click-bait page referenced in the /. submission, the original source of this story is a blog post by Graham Cluley at Sophos: http://nakedsecurity.sophos.com/2012/04/24/mac-malware-study/ and it includes a breakdown of the strains of Windows malware seen on Macs. The top 2 I recognize as mail-borne and some of the other named ones are likely to end up the browser cache of any carelessly wandering user. It is an act of irresponsible fearmongering by Cluley to say (as he does) in an unqualified way that these "can still be spread to others" and compare the 20% infection rate to the 20% rate of Chlamydia infection in young men in the UK. Those in men are infective, a Mac with a Windows trojan in its browser cache or junk mailbox is not.

After going through the links to find a better source, I think I understand what happened.

The study comes from Sophos, with data collected from computers which downloaded their free anti-virus for Mac.

The most commonly found malware on the Macs was apparently fake antivirus scareware. My guess is that a lot of users saw the fake browser popup telling them a virus was found, and then clicked on it. This started a download which didn't run, but now they have a malware binary in their download directory that they can't use.

These are the people who downloaded free anti-virus from Sophos. No correlation.

The last sentence in the article makes their motives clear: “What Mac users really need to do is protect their computers now or risk allowing the malware problem on Macs to become as big as the problem on PCs in the future.”

Sophos simply wants to scare up some more business selling Mac business users their anti-virus software. (At least right now, home users can get it from them for free, at: http://www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx)

I'm in no position to challenge their numbers, but even "1 in 36 Macs" having a Mac specific infection seems awfully high to me. Maybe this last trojan horse that made the rounds pushed that number way up ... but I haven't encountered a single Mac that was infected yet, out of the ones my co-workers own (and always ask me for help with when they have problems), out of the ones we use at home, or out of the ones I support for clients in my side job. I don't think any of my Mac using friends on Facebook mentioned problems with it either.

Regardless? The concern of Macs harboring Windows malware is nothing new... That's been a potential issue for as long as I can remember. I recall the office running Norton anti-virus for the Mac on iMac G3 machines running MacOS 8.6 and 9.1, at one of my old jobs, just for that reason. They didn't want to accidentally spread an infected file they might have gotten via email to a Windows recipient.

The main reason Mac users stopped that practice, as I recall, was the really poor quality of most anti-virus packages when OS X came out. Apple even gave away copies of Virex for OS X to .Mac account holders at one time, and the software bogged down and destabilized the machines so badly, everyone I knew removed it in a matter of days!

If someone knows of an actual virus for iOS (and for OS X too by the way) I'm very interested to know about it.

It only effected morons that didn't know changing the default password after jail breaking was a good idea, but there was the ikee worm. More a flaw in the fleshy bag of water holding the phone than it's OS, but still a self replicating piece of malware all the same.

Yep, that was the funny part of the article. "Whatever critics may say about Apple's App Store, which is significantly more selective about the titles it hosts, complaints about malware aren't one of them.'"

But one of them would be that the assertion is ridiculously incorrect.

Even weak google-fu turns up this, among many...
http://nakedsecurity.sophos.com/2011/11/08/apple%E2%80%99s-app-store-security-compromised/

Why do apple people think their products and services are malware proof, even though anyone with a self respecting brain capacity would know its not true in theory or in practice? Is that why they pay twice as much for stuff?

You mean OSX/Leap-A from 2006 isn't technically a virus? Are you going to explain how a worm is not a virus? Or did you just not know?