Slashdot Mirror

All GUI archive managers require a separate "Extract" command (that preserves execute permission), that is different from the default action that is to view a file (without giving it an execute permission even if it is present in the archive).

I have to admit I only tried "tar xvf" to verify that permissions were preserved. Nevertheless, you really think you couldn't get people to actually extract an archive?

For anyone but total newbies it should be obvious that the user should NEVER run anything he downloads unless he is installing some software that is not in a repository -- as root, as his own user or as anyone else.

Yeah, that users won't run crap is well justified.

And because I ran out of words in that sentence before links, here are some more: 1 2 .

To put those into context, those are all links from Wikipedia's "Timeline of Notable Computer Viruses and Worms" from the last decade, including the only two entries on that page from 2009 and 2010. Most of the above had a noticeable amount of mainstream press coverage at the time, and the list includes names like ILOVEYOU, Sobig, MyDoom, and Storm.

Sure, they aren't the scariest worms out there, and over the last few years they haven't been the most damaging. But at the same time, if I got to bet whether a manually-spread trojan is worthwhile, I know which side of that bet I'd take.

Personally I would just turn them into traditional #! scripts with "interpreter" doing what a file manager would, and file manager refusing to execute anything in them unless they are executable.

The .desktop files contain rather more information than just what program to run. How would you deal with that? Specially-formatted comments in the script? Pass the script a command line argument?

Besides, it's not like running scripts without execute permissions is a new concept. "source foo.sh", ". foo.sh", "perl foo.pl", "python foo.py", etc. IMO are all comparable to Gnome looking into the .desktop files on boot to see what to run.

iServices.A is a mac only botnet that is distributed with pirated copies of iwork.

Oooh, scary ! A botnet with literally DOZENS of hosts :

"Threat Assessment
Wild

        * Wild Level: Low
        * Number of Infections: 0 - 49
        * Number of Sites: 0 - 2
        * Geographical Distribution: Low
        * Threat Containment: Easy
        * Removal: Easy"

Oh, for crying out loud. The report PDF isn't even searchable: every page is a solid bitmap graphic.

Can anyone tell me what a "brand-related risk" might be for security professionals (see page 6). Do they mean corporate espionage? Or has the CTO threatened to use red-hot irons on the I.T. staff?

...is here.

The original Symantec study listed seven bullet points and staffing was number four.

Staffing and budgets remain tight with half of all enterprises reporting they are somewhat/extremely understaffed. Finding budget and qualified applicants are the biggest recruiting issues. Seventy-six percent of enterprises have the same or more job requisitions open this year.
http://www.symantec.com/about/news/release/article.jsp?prid=20100111_01

More important and certainly more interesting was the finding:
... the study found that mid-sized enterprises (2,000 to 9,999 employees) are more likely to adopt cutting-edge technologies such as cloud computing, deduplication, replication, storage virtualization, and continuous data protection than small or large enterprises to reduce IT costs and manage increasing complexity.

Um, any remote code execution vulnerability allows a worm to propagate. There have been tons of those in nearly any OS. The question is whether anyone writes a worm to take advantage of it and what they did with machines they compromised. Client Linux is less of a target due to its low marketshare, but it's by no means immune: http://en.wikipedia.org/wiki/Ramen_worm http://en.wikipedia.org/wiki/Devnull http://en.wikipedia.org/wiki/L10n_worm

Server software tends to be a better target as there are a larger number of more powerful always connected machines to hit and provide the opportunity to induce secondary infections on clients accessing the server. Of course because of the high value of the target, it's not necessary to attack with a worm, simply hacking a single server can be worth it: http://it.slashdot.org/article.pl?sid=08/01/24/1930207 http://www.symantec.com/security_response/writeup.jsp?docid=2002-091311-5851-99

But there *has* been linux malware before!

I remember a worm a number of years ago that took advantage of unpatched BIND installations. It was called 'Lion'. http://www.symantec.com/security_response/writeup.jsp?docid=2001-032311-2042-99

And there have definitely been tons of root kits for Linux. You can't claim that those aren't malware.

What's the Windows OS percentage of that botnet?

http://www.symantec.com/security_response/writeup.jsp?docid=2008-021215-0628-99
100%, minus controllers, that might run on any OS

http://www.symantec.com/netbackup

Just throwing that out there.

You dont look hard enough

http://www.symantec.com/norton/security_response/writeup.jsp?docid=2009-110309-3638-99
http://www.symantec.com/security_response/writeup.jsp?docid=2007-110101-2320-99
http://www.symantec.com/security_response/writeup.jsp?docid=2006-021614-4006-99

Also, there was a torrent of a mac program recently that a lot of people downloaded and the keygen contained a virus. i think it was an iLife suite torrent...

Seriously. Everyone. With viruses, the problem is always PEBKAC.

You dont look hard enough

http://www.symantec.com/norton/security_response/writeup.jsp?docid=2009-110309-3638-99
http://www.symantec.com/security_response/writeup.jsp?docid=2007-110101-2320-99
http://www.symantec.com/security_response/writeup.jsp?docid=2006-021614-4006-99

Also, there was a torrent of a mac program recently that a lot of people downloaded and the keygen contained a virus. i think it was an iLife suite torrent...

Seriously. Everyone. With viruses, the problem is always PEBKAC.

You dont look hard enough

http://www.symantec.com/norton/security_response/writeup.jsp?docid=2009-110309-3638-99
http://www.symantec.com/security_response/writeup.jsp?docid=2007-110101-2320-99
http://www.symantec.com/security_response/writeup.jsp?docid=2006-021614-4006-99

Also, there was a torrent of a mac program recently that a lot of people downloaded and the keygen contained a virus. i think it was an iLife suite torrent...

Seriously. Everyone. With viruses, the problem is always PEBKAC.

You do realize that if your running two AV's they stomp on each other and nothing works

No always the case, You can use and Online Scanner with no problem.
Sadly they sometimes pick up things otherones miss.
http://housecall.trendmicro.com/
http://security.symantec.com/
http://www.kaspersky.com/virusscanner
Just to Name a few online ones.

To remove norton, Don't bother with the uninstaller. Get the Norton Removal tool from their site:

http://service1.symantec.com/Support/tsgeninfo.nsf/docid/2005033108162039

This is for ANY install of ANY norton products. It also gets rid of shared files and their registry settings.

For a year or more, all Symantec security products have included some form of heuristics/behavior/reputation-based detection. The technologies include Norton Insight, SONAR, and TruScan.

The signature-based detection that has been used for so many years isn't very useful anymore. By the time something is confirmed to be in the wild, captured, analyzed, and defintions created for and tested, that particular strain has pretty much ran its course already.

Usually, the Norton Removal Tool does the job in blowing Norton's software off the system.

I've had to be able to get enough people there in my line of work that I know the way there. Grab it, and let it wipe that damn thing out.

I regularly end up helping people who've bought a new PC which comes infested with the Norton malware. If you don't rip it out before the free trial ends it is virtually impossible to get rid of it. And, of course, if you wait until the trial expires, you've probably caught some nasty - their package is, to put it bluntly, a bloated and useless piece of shit.

I've had my issues with Symantec AV products totally borking the TCP/IP stack or just making the computer unbearably slow, but this is a little beyond anything I've ever heard. Regardless, you might put this in your digital toolbox. Norton Removal Tool

What really, really pissed me off was Vista. XP's security control centre quite happily recognised Avira, but Vista "conveniently" failed to recognise it. This means that unless you're reasonably technically savvy you will get constant nagging that you have no antivirus product. I wonder if that had anything to do with their plans to release this new product.

That's awfully paranoid. Maybe you should've tried installing the latest version.Old versions of Symantec Antivirus have had issues with Security Center as well and required patching. Software changes, life goes on.

The link provides it. Symantec knew what that POS software was doing and yet it did nothing to identify it. In fact, I recall other mainstream AV never flagged it as malware.

Ref 12: http://www.symantec.com/security_response/writeup.jsp?docid=2005-110615-2710-99

More damning from Schneier (from the Wikipedia link)
Ref 13: http://www.schneier.com/blog/archives/2005/11/sonys_drm_rootk.html

Except it isn't.

Also, pretty much nothing besides IE use it on Windows. Microsoft's implementation only works for binaries compiled with ASLR support, which causes issues for XP users, so pretty much no one is using it.

I'm wondering if Symantec will be closing down their China Development Center in Bejing since Symantec has been developing security software in China for a few years now. Don't know how you reconcile these draconian security concerns with having a major development center in said country... developing security software for use in the west.

It is interesting how the Obama administration seems to be much less accommodating to the Chinese than the Bush administration was. The Bush administration bent over backwards for China and all the multinationals that wanted to move all their operations, R&D, jobs, capital and IP in to the hands of the Chinese though the Chinese government is still basically the same one which was an bitter adversary 30-40 years ago and against whom the U.S. and U.N. waged a never concluded war in Korea.

Its amazing how all the Chinese had to do was create a free economic zone on their southern coast, declare profit and capitalism OK there, and use the flashing dollar signs as a snare to get the west to unilaterally capitulate economically and politically without a shot being fired.

.. articles that use links to "everyclickmatters.com" and such.

Maybe using this tool is not such a smart idea?!?

Precisely what I wanted to say. Add in the fact that symantec.com doesn't have a link to it that I was able to find, and it sounds pretty phishy. I also note that Symantec has no press release regarding this tool on their press releases page, and Merrit's Symantec page makes no mention of it.

Press release. And on the Symantec, Norton and Norton today homepages the central Flash banner links directly to everyclickmatters.com .

.. articles that use links to "everyclickmatters.com" and such.

Maybe using this tool is not such a smart idea?!?

Precisely what I wanted to say. Add in the fact that symantec.com doesn't have a link to it that I was able to find, and it sounds pretty phishy. I also note that Symantec has no press release regarding this tool on their press releases page, and Merrit's Symantec page makes no mention of it.

Press release. And on the Symantec, Norton and Norton today homepages the central Flash banner links directly to everyclickmatters.com .

.. articles that use links to "everyclickmatters.com" and such.

Maybe using this tool is not such a smart idea?!?

Precisely what I wanted to say. Add in the fact that symantec.com doesn't have a link to it that I was able to find, and it sounds pretty phishy. I also note that Symantec has no press release regarding this tool on their press releases page, and Merrit's Symantec page makes no mention of it.

Press release. And on the Symantec, Norton and Norton today homepages the central Flash banner links directly to everyclickmatters.com .

.. articles that use links to "everyclickmatters.com" and such.

Maybe using this tool is not such a smart idea?!?

Precisely what I wanted to say. Add in the fact that symantec.com doesn't have a link to it that I was able to find, and it sounds pretty phishy. I also note that Symantec has no press release regarding this tool on their press releases page, and Merrit's Symantec page makes no mention of it.

Press release. And on the Symantec, Norton and Norton today homepages the central Flash banner links directly to everyclickmatters.com .

Symantec provides a tool exactly for that purpose.

Norton never seems to uninstall correctly, and our campus requires McAfee. The tool is amazing - almost as amazing as if they had just written the installer correctly to begin with at any point over the past ten years...

To do the same thing (and much more) in my position I use Symantec's Altiris product.

cause it's so hard to do that

cause it's so hard to do that

If Oracle stops supporting ZFS, I'd pay for the Veritas Storage Foundation. The VxVM (Veritas Volume Manager) is quite a bit more mature than LVM2, and VxFS is just amazingy fast. It has many advanced features (ie, extra cost), like multi-master cluster mountable FS and Oracle features. Even today, it has a lot of features that ZFS doesn't have. I expect ZFS to catch up, assuming Oracle doesn't screw it up.

Admittably, I have not compared VxFS to ext4. I have compared it to ext3, and there's no way I'll run ext3 on a volume larger than 100G again. fscks are painful

Yes, they deciphered exactly when and how it will strike, but can't figure out how to remove it?

They have already figured out how to remove it.

They "sell" over 125 'security products'. Not including the other 30 Altiris downloads, and likely others.

Personally I have little faith that Symantec can securely maintain their insanely fragmented product lines.

And they all look so good... I do wonder how a business/server would run if every single applicable one was installed.

It's not just AV software. The entire software industry operates this way.

1. Shovel feature-rich bug-ware onto unsuspecting schlubs to build "brand" (especially in the enterprise/IT market where the person purchasing the software is often not the person who has to use it, so they make decisions based on feature list and brand name rather than quality) 2. Wait for hobbyists, researchers, or smaller companies to figure out how to do it right 3. Buy their companies 4. Repeat

Remember when Norton was actually decent? It was before Symantec bought them. After the acquisition, Symantec went back to Step 1 and gradually bloated and encrapified the antivirus. Now they are on Step 2. I wouldn't be surprised if they bought up someone like TrendMicro soon, spouting promises of a glorious and euphoria-inducing Norton/PC-cillin integration.

-- 77IM

They already have, they bought up Sygate and shut it down, since it was competing with their firewall product. Now they are supposedly impementing some of sygate's technologies, but honestly I just no longer trust Nortons products. Sygate Personal Firewall

A quick Google search shows Symantec products are not much different: Norton - From Symantec - Problems, Problems, Problems..

Or, Multiple serious problems with symantec endpoint 11 - Please help.

Or, Norton Internet Security 2009 has caused me problems. (Norton.com is owned by Symantec, of course.)

You know there are problems when Symantec provides a Removal Tool.

I think you might be confusing the internet protection suit with just the AV protection. I don't use the firewall BS and I always disable the link scanner (although it is working smoothly nowadays). Never had real-time-protection turned off either.

Anyways, I don't remember the one update that screwed everything. Actually, I remember the reports of it but none of the 150 instances across 7-8 sites I manage with AVG as the Antivirus had the issue. However, deleting innocent files, system files, email, Programs you have ran for years or screwing other installed programs for no apparent reason doesn't seem to be an isolated or uncommon issue. Then there was the MS root certificate expiration BS where symantec clients froze the system for 10 minutes anytime you opened a signed program like office or adobe or whatever.

I doubt your going to find one piece of software that doesn't give fits at some point in time. This is especially true when you consider the complexity of an AV product. If when it does, it throws you off from it, then by all means, use something else. But be realistic because you might be bouncing around for a while.

Norton is "easy" to remove. You just have to download the norton removal tool. Of course, that thing should be the default uninstall.

"Gee, you had to go back 8 years to find three issues. The first one isn't even malware, just bad programming by the vendor that reduces performance. The next two are specific to Apache web servers, NOT Linux." - by parodyca (890419)
on Friday June 12, @10:12AM (#28307657) Homepage

Does it matter how far back I had to go, & no, not all are from "8 yrs. ago", because below also shows otherwise!

So, to prove the subject-line is bullshit? I provided contrary evidence thereof...

However, it appears You need more proofs then, apparently, so here you are/"ask & ye shall receive":

Linux RAMEN Worm:

http://service1.symantec.com/sarc/sarc.nsf/html/linux.ramen.worm.html

Net-Worm.Linux.Mighty:/b>

http://www.viruslist.com/en/viruses/encyclopedia?virusid=23864

DroneBL Security researchers warn of Linux Router worm (PsyB0t)

http://www.tcmagazine.com/comments.php?shownews=25399&catid=5

Linux ADORE Worm:

http://www.sss.ca/sensible/home.nsf/6481a22be8dfdd19852568c900171fc6/abbbaec934169f6d85256a280054fd31?OpenDocument

New Worm Targets Linux Web Service Holes:

http://www.eweek.com/c/a/Linux-and-Open-Source/New-Worm-Targets-Linux-Web-Service-Holes/

gicumz worm:

http://blogs.securiteam.com/index.php/archives/305

Linux malware list (37 Viruses, worms, & trojans on Linux):

http://en.wikipedia.org/wiki/List_of_Linux_computer_viruses

(Want more?? I'll supply them... & they're not all "8 years back either", don't you OR can't you read & determine dates? Apparently not...)

APK

P.S.=> Better luck next time, because all of your "it's old news" b.s. propoganda doesn't matter, if your subject-line is absolute b.s. - gotta love the Linux Penguin crew around here, with their "straight outta pravda" 1/2 truths they spout... lol! apk

"Right, there's no way you could have, say, a malicious perl script." - by sqlrob (173498)
on Friday June 12, @09:46AM (#28307331)

Agreed, 110%... And, "right, there's no way you could have, say, a malicious javascripted page or malicious javascript adbanner affect Linux either"

(NOT! Mainly because javascript runs everywhere & is the "vector for infection" across any OS there is, via webbrowsers themselves - correct me if I am wrong on this account fellas, but, it's right along the same lines that sqlrob is hitting upon...).

APK

P.S.=> And, as far as the subject-line above? "Yea, right" (sarcasm) again, because these items show otherwise:

-----

Bitten By the Red Hat Perl Bug:

http://linux.slashdot.org/article.pl?sid=08/08/29/1423201

(Per SQLRob's statement, no less)

-----

Linux.Slapper.Worm:

http://www.symantec.com/security_response/writeup.jsp?docid=2002-091311-5851-99

-----

New worm targets Linux systems (Lupper):

http://news.cnet.com/New-worm-targets-Linux-systems/2100-7349_3-5938475.html

-----

But, then again, because it was said on SLASHDOT that "Viruses aren't a problem in Linux", per the subject-line above (again)?

"Well, heck, those other sources I just put out MUST be lies"... right, Linux Penguins?

Hate to tell you this truth then: "NOT!"

Because the main thing defending Linux vs. these "heinous machinations" is the fact it is less used than Windows (The most used OS on the most used hardware platform for personal computers in x86 that there is, bar-none)...

I.E.-> Security by obscurity, as the saying goes, IS what defends Linux from attacks! IF Linux is ever as widely used as Windows is, you can bank on it that it will be just as oft attacked as Windows is & has been the past decade++ now, because it will be the most used. MacOS X, once it started gaining market share, began to be attacked a lot more than any other *NIX variant I know of, because of it gaining ground... same thing WOULD happen to Linux, should it start stealing personal computer desktop share worldwide.

(Mainly because today's malware makers aren't out to "wreck your machine", as they used to be - now, it's a far more serious game: They're after your personal information & monies (such as stealing credit card #'s &/or other personal info.) OR turning your machine into a zombied DDOS slave, so it can be used to attack others - so, to do that? These malware makers did the LOGICAL thing (from their pov), & that's to attack the most widely used body of systems there is, Windows NT-based ones!) apk

As a spelling Nazi, it's spelled "Norton AntiVirus" -- http://www.symantec.com/norton/antivirus ... :P

Except that Linux and Mac users aren't immune to viruses, they just aren't the big target. In fact, if you are working in a secure environment, *every machine* must have antivirus software installed, if it's available for the OS. To say that they would take a disproportionate amount of the (financial) burden is false. As those OS's gain more market share, or gain position in large targets (corporate servers), they too will become larger targets.

Norton AV for Mac
They do have SAV for Linux, just hidden behind obscure web design... so here's a Helpdesk page instead.
McAfee offers Linux/Solaris as well as Windows too.

Except that Linux and Mac users aren't immune to viruses, they just aren't the big target. In fact, if you are working in a secure environment, *every machine* must have antivirus software installed, if it's available for the OS. To say that they would take a disproportionate amount of the (financial) burden is false. As those OS's gain more market share, or gain position in large targets (corporate servers), they too will become larger targets.

Norton AV for Mac
They do have SAV for Linux, just hidden behind obscure web design... so here's a Helpdesk page instead.
McAfee offers Linux/Solaris as well as Windows too.

Estimated size of iBotnet based on number of trojan infections : 0 - 49. Which makes this single botnet 38000 times larger than the mac one.

It seems like OSX design might have at leat something to do with that. (in b4 correlation is not causation)

1. My one-year-old iMac sucks rocks.

Probably not.

2. My Internet connection sucks rocks (but somehow it still loads a two-minute Youtube video in 10 seconds and never drops network connections). Odd.

Then how, exactly does it freeze up watching flash videos? It either buffers, or it doesn't. You claimed earlier that it was buffering, but not saying it, but now you claim it loads completely in 10 seconds. Which is it?

Besides, you could still be getting connection resets or dropped packets that don't affect normal error-correcting TCP connections, but could screw up a finicky flash player.

3. My iMac is infected with malware.

You say that like it's an impossibility. Don't rule it out. Likely? Not really. Possible? Certainly.

4. I'm using Norton on Mac OS X.

Why is that so impossible to believe?

5. I'm using the latest version of Adobe Flash available, which is "old/insecure/unsupported/third-party" and "currently trying to infect your computer with crapware, thereby sucking rocks."

When the next version of flash player comes out, because a security hole will be found in the current one, then it the current one will be considered insecure. But it's the exact same code that people are currently using, and is considered secure. That means it's also insecure now, just not too many people realize it.

So in order to become part of this botnet, I do nothing but go to a pirated software site, download contaminated software and then install it as administrator. Since when was it news that most software on pirated sites contain malware.

When 'Adobe CS4 Crack(intel)' is executed, the Trojan extracts its main component to the following location: /var/temp/[RANDOM FILE NAME]. It will then prompt the user for root credentials in order to execute it

> I also disagree that ASLR was old hat before MS announced support for it. ASLR isn't old hat even today.

Good God, man, ASLR was first introduced in 2001 with some patches for the Linux kernel, which is practically ancient history for a computer security geek. Next you'll be telling me that WEP is cryptographically weak. Although WEP was introduced in 1999, the cryptographic attack on the IVs wasn't disclosed until August 2001; around the time when the term ASLR was first coined. Just for reference, the Linux 2.4 kernel was not yet released at the start of 2001.

> As to your comments that MS NX and ASLR in Vista SP1 mean nothing, the back to back winner of pwn2own seems to disagree.

First, I didn't say that it "means nothing." I said that it wasn't as great as you're making it out to be and that Microsoft wasn't somehow at the head of the pack.

Second, security contests are a bad way to metric for a great many reasons that anyone who was part of the security community ought to know by now (they're gimmicky, they don't attract top talent, they're no replacement for a real security audit, and they're frequently used to "prove" things about security that simply aren't true). I'm not saying that guy who won is bad at security (anyone who can write their own exploits has to know a thing or two), just that you cannot and should not judge expertise by how many contests someone has won. Computer security is not a sport.

Third, I still say you're misreading what the guy is saying. You made me research it more than I had bothered to yet, but Vista's ASLR implementation isn't all that great (PDF). Apparently, this one guy hadn't worked out how to use any of that in time for the contest. Don't worry, even with the contest over, hackers will continue to analyze it and exploit those weaknesses later.

> There is only one mainstream OS that ships with it on, so it's not old hat yet.

If you're going to play the "mainstream OS" game, I'm going to have to ask for a definition of "mainstream" that isn't ad hoc. Especially when you say "ships." Nobody uses just the Linux kernel and nothing else, they use a packaged distro (several of which do, in fact "ship" with this on, because they're made with security in mind). Linus' kernel is not the end-all-be-all of Linux. Hardened Linux distros are widely used and generally contain features like ASLR by default (along with a great many other things).

Furthermore, OpenBSD is quite mainstream for security-critical applications. I personally prefer using Linux, but if someone wants a server and security is top priority, I would start by exploring OpenBSD-based solutions followed by various hardened Linux distros. There's no way in hell I'd go to Vista first. Their security records aren't even comparable, particularly if you want to compare default installations.

Now, you can either continue to insist on misunderstanding what some security guy you don't know wrote, or listen to someone who was a part of the security community when ASLR was new. It's old hat.

But that's okay, if you hang around long enough you'll find out that people often find really old stuff (say, the reasons for using SYN cookies) and think they've discovered something brand new. It happens all the time in the security community. That, too, is old hat.

It's been happening since long before I first learned the basics of the art.

FYI, Symantec has a gratis removal tool available here. In case that helps anyone unfortunate enough to be using Windows AND infected by Conficker :P

Veritas Storage Foundation Basic

Free (beer) closed source volume manager and Filesystem. High performance and High reliability. The Enterprise version saved my ass more times than I can count, and I can count some extremely unlikely scenarios.

The only drawback (the reason I don't run it at home) is the low limits:

This free version is limited to 4 user-data volumes, and/or 4 user-data file systems, and/or 2 processor sockets in a single physical system.

We've had evil viruses around for a while. Anyone remember

W95.CIH? Back in the Windows 95 days, this mean son of a bitch could nuke your BIOS from orbit. And we're talking over a decade ago.

Computers are still chugging along fine. This will probably end up breaking more computers than it ends up hijacking. A broken computer is one that gets flagged and fixed or throw away.

If an ATM is on a TCP/IP network that is VPN'ed to another network that has access to the net. Then that ATM is effectively connected to the network. Sure they can block all ports and protocols but what they need. But I have seen so few companies employ an "allow whitelist only" for network or VPN.

Further the worm W32.Welchia.Worm (as stated by the previous poster spreads over the network looking for two different vulnerabilities. Which tells me it wasn't an infected flash drive
http://www.symantec.com/security_response/writeup.jsp?docid=2003-081815-2308-99

Again, if the ATM (or any machine) is connected to a network that has net access, then you are one PEBKAC away from it not making a difference. Someone downloads maleware/tojan/worm, server gets hacked, etc.

Huh? I think this is actually a clash of the slashdot zealots personally. There is always software for backing things up regardless if the software is closed source and the company doesn't include an official means.

Norton Ghost anyone (Windows)
CarbonCopyCloaner (Mac OS X)
iBackup (iPhone)

iTunes backs up your data anyway and a firmware flash will restore the system software. I seriously think the only point real of your post was that Android is open source and iPhone is not.

Nope. Not even an Apple can save you from Symantec.