Symantec: Mac OS X Becoming a Malware Target
tb3 writes "According to ZDNet 'Security vendor Symantec is warning that Apple's OS X operating system is increasingly becoming a target for hackers and malware authors.' They go on to warn that the only thing that's protected Apple users from exploits so far has been the small number of Macs on the net. Now that people are buying Apple products for 'style over function,' according to one analyst, Apple computer has become a target for new attacks. More coverage on Australian IT and Silicon.com. I guess sales of Norton Anti-Virus for Mac needed a boost." Symantec may well be right about this, but note that they also have the world's biggest vested interest in making Mac owners nervous enough to buy their anti-virus products.
That's great!
/usr/ports/malware
Once they have it for OSX it must be fairly easy to port it to FreeBSD. I guess they might have to add a new category in the ports:
Is that so wrong?
Yes. Now, back to the bash prompt with you, heathen, and may the glistening tentacles of Aqua and Luna never intrude upon your conscience again!
(I kid, I kid. Luna doesn't glisten.)
The coolest voice ever.
Symantec Anti-Virus OSX Version 1.0:
Please upgrade to signature file 032105.sgn, your current version only detects 3 viruses, however the new signature file finds and cleans 5 different viruses.
I think he meant "style over malfunction."
Hey, I have a product I have developed that stops all known chartreuse buzzards from stealing your cheese if you send me 50 bucks I will letr you use it. (I mean since you are using a product that detects all known viruses on OS X you must be interested in using my product too right?)
Bad Panda! No Bamboo for you! In matters of importance ACs will not be responded to. Want to say something critical,OK
I said the same thing about my ex before she gave me herpes. =(
"Quoting famous computer scientists out of context is the root of all evil (or at least most of it) in programming." - K
"Don't hate me because I'm beautiful."
&c.
There are no trails. There are no trees out here.
I try sticking to the bash prompt, but I keep seeing Safari through the translucent Terminal window and coming back to check Slashdot.
Maybe I'm doing it wrong.
and it kinda sucks. Every now and again (and not when it is scanning) it just takes over all the CPUs attention. So you kill it and then it comes back. So you kill it and then it comes back. So you disable it and this story comes out.
Looks like this is my fault. Sorry.
This
This is such a deep insightful article! Do I understand it correctly? Here's what I think it says:
A virus proctection and half-ass security company says that as the marketshare of one of the platforms it supports increases so should sales for the products it creates for that platform.
Did I get that correct?
-- force and mind are opposites; morality ends where a gun begins ayn rand
"The one thing that bothers me about KDE is the fact that every application's name begins with a "K""
;)
Ive always wanted to make some software named something like "Usable Network Toolkit" and have it added to KDE - just to see if they persist with the K prefix
iLife, iMovie, iTunes, iPod, iMac... iKnow I'm forgetting a lot of them...
The Farewell Tour II
Yes, but OS X has the most stylish viruses and malware around!
Apple fans are the perfect audience. Most are technically non-savvy arty types who are easier to FUD.
.exe containing a keylogger trojan. If this would have been a Windows box she would have unknowingly attempted to install a trojan. (All of our Windows boxes have AV software centrally managed)
I believe general stereotypes are bad but do have an example that fits this.
I work for the local school district as a computer tech. Recently, the art department bought a Powerbook for every art teacher. I got a call last week from an art teacher and said she was having problems installing a program. I told the user I would help her install it.
I get to the computer and ask her where the software is. She said she got it in an email from a friend. The subject was "Spring screensavers for you."
Of course the attachment was a zipped
I guess my point here is what if that trojan was coded for a Mac? A multiuser system is pointless if the user knows the admin/root password. (Our users do not have admin access.) In my experience, entering a password is more of an annoyance than a security measure for many users.
Ok, now I'm going off to another story but it is worth reading. A person of importance in the district recently got a new computer with XP Pro. She had previously had a Windows 98 PC and was in a habit to cancel past the Microsoft login. I don't blame her. There is not security there. Her new computer is shared between two people so I made an account for each of them like I do on every new computer. This person did not like the idea of having to type her password in just to get into her computer.
On Friday at 3:45 (work ends at 4:00) I got a call from the user demanding that the password be taken off the computer. She just wanted to turn on her computer and be at the desktop.
I did as she asked but also took the liberty to change her important documents to hidden. I was hoping I would get a call today. I did.
After getting a desperate voicemail for the user, I slowly made my way to her office. There she asked me what had happened to her documents. I played stupid and asked what documents. She said all of her important files were in the My Documents folder on Friday and there are not there anymore. I then came up with some bs about how I would need to recover them because someone must have been using the computer over the weekend and must have deleted them by accident. (Strangely enough there were children in that room over the weekend. Perfect scapegoats.)
I waited for about ten minutes and when she left the room I removed the hidden property from the documents. I then said I could enable the password so no one could get into her computer. She was more than willing.
Was my action unethical? Perhaps. Was it funny? I think so. I'm just happy I got my point across with no damage done.
Let me just tweak com.lovecraft.fhtagn.cthulhu.plist real quick.
Village idiot in some extremely smart villages.
I manage a group of offshore foreign software engineers and they will use VBScript to run FTP with the shared directory mapped to the root of the C drive using the domain administrator account over the Internet. I have tried to explain to them why this is not a good idea, but their argument is always, "We haven't had any [security] problems yet...if you don't like it then rewrite it [the software] yourself." One step that Microsoft is taking is to require Certified Partners to adhere to the best practices, which include not requiring root privileges to run the software (unless of course the program is an OS service or other administrative related application that requires root by definition). You are right though, plenty of developers are ignoring these best practices. However, there will come a day, and the day is fast approaching, when no serious company will be able to sell their Windows software if they do not get it certified and signed with a code-signing certificate. So at least in that regard the trusted computing initiative may be a good thing.