Slashdot Mirror
AppleCare Reps Told To Skirt Malware Questions
Dominare writes with this bit from ZDnet: "'A confidential internal Apple document tells the company's front-line support people how to handle customers who call about malware infections: Don't confirm or deny that an infection exists, and whatever you do, don't try to remove it.' So basically, now that Macs have their own equivalent to XP Antivirus the best you can hope for is to be pointed at the store where you can buy something that may or may not fix your problem ... nice."
To be fair, I have never had any malware with OSX and I'm certain I will not. OSX by its roots (BSD) means it doesn't get the kind of malware that plagues all those M$ Windows computers. I feel safe with OSX and have no need for antivirus. If you give our your root password to a random program, well, you're stupid. But if you use Windows you get infected just by connecting to the internet. I've never had such experience with my Mac.
apple buries their heads in the sand just like most of their computer users....
I have faith that Apple will remove any malware from my Macs. I believe this with all my heart and I pray that Apple will deliver me from temptations.
Microsoft doesn't support removal of the hordes of malware on it's platform either.
but windows do have millions of PCs infected with various malware.
To be fair, I have never had any malware with OSX and I'm certain I will not..
Welcome to relevant market share.
We Linux guys got the problems long enough, i also had to reinstall a VM because i forgot to change a default password.
You think XServe is dead because it was better?
Certainly the best way to deal with a problem is to deny that it exists altogether. I guess so long as people have faith that a mac is somehow immune (be it to actual virii or user error induced malware installs), and they keep selling, that's all that matters.
Steve must have been taking lessons from some govn't agencies.
Sent from my PDP-11
they must think so, evidenced by they don't massacre each other. of course if they had secret deals to buy (on credit) billions of WMDs, then they might have to kill each other off, just to get out of debt. we're smarter than that?
Apple declares: Fuck it, we're evil
"But our stuff is sooo good. You’ll keep taking our abuse. You love it, you worm. Because our stuff is great. It’s shiny and it’s pretty and it’s cool and it works. It’s not like you’ll go back to a Windows Mobile phone. Ha! Ha!"
http://rocknerd.co.uk
I hear that Sony has some "recently available" security engineers, maybe Apple should hire them to work the phones.
Shouldn't front-line support people actually know if it's actual bad malware or not? If it is, this is remarkably stupid to neither confirm nor deny that it even exists. That seems like it came from marketing, not tech support. sigh.
Enough said, although the internal memo from Apple smacks of "cover our ass" legal hot footing - they pretty much say "go look this up on the internet", which is not a great response, although this isn't actually a public response. No doubt there will be something forthcoming soon.
AppleCare techs *have* responded to people about how to remove it, although I guess that's not policy now, although given that it's still "an issue in progress" I expect these are temporary policies while they hammer something out - like a malware tool, or some specific legal thing. No doubt it will be trotted out every time a security issue comes up, along with the trolls saying things like "it takes years for apple to respond to any security vulnerability" (+5 insightful). mmm. Tasty truthiness!
All you have to do is go into Safe Mode. http://support.apple.com/kb/HT1455 Then go into the Applications Folder > Choose MacDefender.app > Move to Trash. (in Safe Mode) Reboot normally and reset Safari.
Seriously, if you knew how many websites were running on un-patched Fedora Core 1 installs you'd shit your pants. And the thing is, they don't usually make the news because the 'sysadmins' (often web developers who know just enough to be dangerous) have no idea their boxen have been rooted.
hey, this is a web page claiming that your infected, click ok!!
umm, you clicked cancel, you really want to click ok, ok??
you know, it doesn't matter which button you push, both result
in the continuation of this racter like discussion.
wow, you clicked ok, wait while I install some software to 'help' you.
oh, while installing I noticed that I will need your password to continue....
wow, you gave me your password, can you google pwn3d ?
works on PC, works on Mac, likely works on every other modern OS.
this isn't an exploit via bug, its an exploit via user, if you drop your pants in front of a glory hole......
that said Apple isn't really helping by avoiding the topic.
Unix, an obscure operating system developed by bored researchers in an attempt to get a better game playing experience.
Apple employees are directed to not help you fix a problem with a bad application you chose to install AND chose to give root privs to.
And ... ?
I was waiting for MS to release such malware. Initially, I was surprised that it took so long, but it had to get to 3.0 before being adopted.
No manufacturer covers malware as part of their warranty. Fun to see all the righteous indignation of this topic, but getting upset about it is utter nonsense. You put it on there, it didn't ship that way. If you run a red light and get smashed into, are you going to expect Ford to cover the costs of it? No, most rational people wouldn't that why there's insurance. If you infect your computer with some malware, well there's anti-malware for that. Guess what, you have to pay for it just like you do insurance.
brandelf -t FreeBSD
Dell, HP, Microsoft, take your pick. They will say the same thing, not our problem. Why are you people defending idiots who allow malware in their system? Or can't figure out how to remove it, or rebuild their computer? Calling a CSR asking for help is about as good a solution as banging your head on a brick wall, and feels worse.
The crux of the current problem is a setting in Safari that allows the computer to open"safe" documents automatically. The issue with that checkbox has been known for over a year and its one of the things I remember to do is to uncheck it (as it has been defaulted to checked, open those documents.)
Apple could have done an update to uncheck that box, or better yet remove the feature, but it sadly remained and now they are going to have to pay for thier ignorance of the issue.
"Enjoy what you're doing! If it becomes drudgery, you're doing it wrong!" - Jim Butterfield
Little know that OS X comes wit built in virus protect with the Xprotect.plist... Not advertised because Apple want to keep the impression that Mac's don't get infected.
||| I still can't believe Parkay's not butter.
It clearly says "don't help remove". It does not say anything about not admitting that there is a problem, but obviously people read what they want to read. By the way - it's not an internal document, but an anonymous employee being cited. This article was also posted here earlier today....
The problem is Apple is NOT an OS maker, they are a system maker. In particular they make a unified system where they do it all. If you talk to a Mac head this is one of the things they talk about being so great, that Apple creates a "unified experience" and supports everything. They push the model of "Just bring it to the Mac store," as how you handle support and all that.
Fine but that means that you are going to get questions about malware and the like. They can't play it off with "But MS doesn't help!" They are selling the "We are the company that takes care of you and makes everything," they get to deal with the support calls.
Also, MS DOES in fact help with that shit. If nothing else they publish the malicious software removal tool (which Windows get automatically) and make Microsoft Security Essentials available for free. While they don't do everything, they do provide free tools to help.
A customer of mine had some trouble over the weekend and the genius fixed it no-charge
The headline implies Apple is skirting questions about the existence of malware. This is not true. They are telling their support people they must not confirm or deny that the callers particular machine is infected, because they don't do antivirus malware cleaning support, (Neither does MS).
(If at first you don't succeed, do it different next time!)
I don't see a problem. I'm guessing the vast majority of infections aren't the fault of the OS or hardware. So why should Apple be on the hook to repair some guy's machine who infected himself by running a porn dialer or some app he grabbed off a torrent site?
Even programs like OpenSSH (with your precious BSD heritage) have had their fair share of vulnerabilities in the past.
Clue me in, what is the "fair share" for a program such as OpenSSH? A zero-day on OpenSSH is the rough equivalent of raising the Libyan flag at the center of the Pentagon.
I can't stand the thinking that buffer overflows are a fact of life. Only if you believe that shoddy workmanship is a fact of life. Subtle edge cases in a tricky protocol account for maybe 1% of the buffer overflows out there. The majority are copy first, ask questions later. There are plenty of these people out there programming computers; very few of these people are accepted into med school. The root cause of most buffer overflows in commercially important applications with large, well-resourced development teams is the network effect. There's a hideous pressure to be first, rather than right, or solid and tight.
Imagine if PC Magazine back in the fat 1980s had a penetration testing department that stamped "did not qualify" on every beta software product tested where any serious failure mode was tripped. But no, if the software could do one important function correctly 10% faster than the next piece of software (by hook or by crook), it was stamped "editor's choice".
In sports forums where there is serious discussion about prospects, this is ridiculed as "saw him good". There's always a contingent out there drooling over the next hockey jesus with the flashy stick move who leaks the puck in his own end ten times per shift, and wailing with incomprehension over why the professional hockey minds have his ass stapled to the bench or racking up demotion miles to a lower league.
The only difference is that in software, your pimply hockey jesus is referred to as the next "killer app". A certain type of consumer is busy drooling over the 30 second highlight reel without any real concern over whether the kid is willing to learn how to play a two-way game for sixty minutes.
Moral of the story: you get what you drool over.
Apple is trying to protect themselves from becoming a helpdesk, which is something they are not. They are very clear about this. The Genius Bar is also, very clear about this. They are not a help desk, and in advanced cases support comes at a price. Just as apple is not on the other side of the phone to teach you what each keyboard shortcut does, they're not there to fix every little computer problem you have. You can't call apple if you delete a photo, and all the same you can't call apple if you clicked a link and had your system violated.
The major problem is that we now have to recognize exactly what this means. This does not mean that the mac is more or less vulnerable, because it's not - it is exactly as vulnerable as it was before. The problem is that as the total users of Apple computers grows, the ratio of of (minority) secure users to (majority) vulnerable users grows in distance. As the Apple becomes more popular, the chance of the user interacting with the system is likely to follow a malicious link, open a malicious email, or fall for a malicious ad, is greater; there is a higher chance that this user is the type of user interacting with the system, as these are the most common users on the internet.
This is a trend that was not witnessed with PCs, as by the time Malware became a heavy component of the PC/Internet world, PCs had penetrated every aspect of the general public. Mom and little brother would follow any link to their hearts content, would want to help the Nigerian Prince, and would feel obligated to save the Penguins of North Africa. Apple has now begun penetrating this market as well, and it can only be assumed that the same ignorance will also affect the Apple community.
You can secure a computer all you want, it's very difficult to keep most people from clicking the latest joke link and falling for any one of the thousands of ads they'll see in a 5 minute time period. The only perfect solution, is to not let them on the computer at all.
A confidential internal Apple document
Speaking of security...
As if the 3x inflated price vs the same hardware in the PC world, with more limitations wasn't reason enough...............
Just like my father used to say,
"You got a herpe, son? Now you are a man. Don't admit anything."
(Emphasis mine.) No, that's a reason, in a long list of reasons. Seriously, you just have not thought about security, if you think that Windows is only attacked because it's common. Windows is fucked up in a way that most other platforms aren't. Wake me up when you have to turn on an .exe file's executable bit before you can run it, like you can on every Unix and Unix-like OS. Wake me up when Windows doesn't come out-of-the-box with something even half-as-silly as ActiveX enabled. And I don't know if this is still the case (I think it might not be) but Windows used to have something on by default, where merely inserting media (e.g. a CD) would cause the OS to immediately load and execute code.
Then, on top of all that, most machine that have Windows, come with borderline malware preinstalled by the hardware vendor. Hey, I'm not saying this is Microsoft's fault; it's not. But it is the reality of the situation and the installed base of machines out there. And it is part of the culture; if someone is willing to settle for Windows, they really are willing to settle for their "ware" being more "mal." That's how they vote with their wallets.
Seriously, Windows is just plain bad. It's below average when it comes to security. MacOS, like Linux, is pretty average. And then there are the good OSes (which nobody likes to use). With equal marketshares, Windows is still going to have more malware than anything else.
Even better is building it right in the first place. There's really no excuse for bad RAM (expeically at the prices Apple charges). Diagnosing bad ram can be extremely time consuming and the symptoms aren't easy to spot (unless it's really DOA). You've drunk the Apple-aide on the iPhone. Rather than complaining a crappy, poorly manufactured product, you're proud that you bought a defective item and then when you identified the customer they fixed it. How much time did you spend going to the ARS, waiting in line, talking to someone to get a defective product fixed.
If you had bought a Dell and it came with defective RAM or flash, you would complain about the crappy quality of PCs. With Apple, a bad product is a way of delighting the customer.
I have to say that in purchasing close to 100 Dells for my company I've never gotten a DOA device or bad RAM.
http://www.apple.com/support/security/guides/
For starters, @ least. That's CERTAINLY better than doing nothing, which avoiding questions basically, is.
However - doing that guide's points/tips/tricks/techniques?
That's up to the user, or a family member OR pal/friend perhaps, to help them with possibly.
I figure it THIS way:
Sometimes? If you want help, you HAVE to help yourself! It's not like Apple's "not helping" here, either... it's just that like with Microsoft Windows, and yes, EVEN LINUX SeLinux bearing distros?? They do NOT, by default, ship them as "security hardened" as is possible.
Which, imo @ least, speaking "seller to buyer", makes sense: However, guides like this one & others like it??
Sometimes "turns off" things some users want on by default, or wouldn't KNOW how to turn back on themself... from a seller to customer perspective @ least!
Personally, were I ANY of these OS vendors??
I'd ship the OS' "super-hardened" & secured by default ( & let the user assume responsibility for opening up any doors after that, themself!)
(Personally? I think that IF you want to do a job right?? Educate yourself, thoroughly & from reputable sources FIRST, & DO IT YOURSELF! That guide above's a great starting point for Mac freaks imo!)
APK
P.S.=> I've been doing guides like this for Windows since 1997, & yes, they do help/work! See here:
http://www.bing.com/search?q=%22HOW+TO+SECURE+Windows+2000%2FXP%22&go=&form=QBRE [bing.com]
The MacOS X guide's pretty good, & pretty much fairly along the same "generic lines" as what MY guides for Windows espouse (layered security techniques)
... apk
So, Apple allows you to install any software you want, by giving it the root password... So a user action. Yet, Apple rolls out the App Store on OS X to avoid this issue, and /. lambastes them because they are making the OS less "free" - so which do you want - the ability to totally fuck your computer up - or a guardian angel?
Maybe you ment to write 17 minutes, and not years.
If you took it to an Apple store they would help. AppleCare "technicians", generally speaking, are Tier I support. Mac Genii are considered tiers II and III. There's a whole lot of stuff AppleCare techs aren't given permission to do, that a Mac Genius will. Not to mention, I'm sure any reputable Apple authorized service provider would be more than willing to help and put it on Apple's dime. I've personally never drank anyone's Kool-Aid, I prefer Macs for home (for simplicity and ease of use), and was a Mac Genius for about 3 1/2 years. I now support about 1000 Windows 7 machines, and a couple dozen windows 2008 servers. They're all infernal machines to me :). The truth is there have been virii for Macs for a long time. One of the big reasons people don't get infected is, you have to authenticate for there very installation. If you're typing your password in to install a package, and don't know what it is, that's the problem, not the operating system.
Are people so idiotic to think malware could be removed with any assurance, or that Apple would want to warranty its removal?
Once malware is installed, the machine, the drive needs to be wiped from a clean machine and restored from a backup prior to the installation of malware. I bet that that's all Apple would sign up to do too.
Customer support should never, ever confirm or deny the possibility of malware on a device. It presents a huge liability issue, especially if there is malware and a chat/phone technician starts snooping around and tries to remove it. Accidental data loss by techs is a huge problem. Security issues should always be escalated to senior technicians. My company has a policy that forbids anyone to remove _any_ data on customer equipment. We've been sued for it before.
Does anyone not notice that this is from Ed Bott's Microsoft blog, just like yesterday's Mac "malware explosion" article was also from Ed Bott's Microsoft blog?
You have to install a virus intentionally, or should I say Stupidly! Most come from torrent copies of pre infected versions of Mac software. Those people with infections deserve it!
When the system asks for your admin password, there's a reason.
Pirates!
so they are the same level as geek squad?
as most geek squad reps just hook up systems to a remote link to get them fixed.
By definition, this malware is 3rd party software. Users have to enter their admin password to install it. Just like any other third party software, I am not sure why people think that Apple should provide any support for it. For example, if I install some 3rd party shareware program that turns my pointer into a naked girl with bouncy boobs and it causes conflicts with other software or eats up system resources or sends out emails on my behalf, then I have zero expectation for Apple to supply support for the situation I got myself into.
Just because Apple sells both the hardware and OS doesn't mean they have to provide support for or have their staff trained to deal with every piece of software that could possibly run on that machine. The same is true of any computer with any OS. If you are typing in your password to install something, know what you are installing first. Duh.
Once malware has run on your box, it's a wipe and reinstall issue. And if it is a business machine then there are potential legal issues with disclosures and so on. In that environment there is no safe guidance a technician can give.
Help stamp out iliturcy.
The Zdnet article compares an internal apple memo relating to a brand new piece of malware that they're still figuring out how to deal with to Microsoft's stated policy which can be found on their website. It's not exactly a fair or meaningfull comparison, since what Apple will end up doing in the end is not yet known. The Apple memo is just a stop gap measure.
There is a reason for this that most people eager to hate will conveniently overlook, Applecare does not cover malware. Apple is not bound by any agreement to diagnose or remove malware or repair problems caused by an an infected program or file. Also, if a Apple employee were to remove a file from an end user's computer and the computer stopped functioning in any way, Apple would be liable. They don't do it. Don't confuse their unwillingness to do stupid shit that leaves them at risk of a lawsuit as them "skirting" an issue.
...instructing users to perform rituals which include special attire, dance-like moves and chanting in strange forgotten languages?
You know... the usual for such an "institution".
Mit der Dummheit kämpfen Götter selbst vergebens
No, not necessarily. I've run a lot of Windows boxes, and the ones that other people do not touch do not get infected. I've had to remove exactly one malware infestation on a machine that only I use, but plenty of them for friends, family, and work. This is distinct from servers, which are public, stationary targets.
And no, I'm not a Windows apologist. I dislike almost everything Microsoft stands for, but I dislike ignorant haters who decide to spout nonsense simply for the sake of seeing their words on a screen just as much.
It was swamp gas from a weather balloon that got trapped in a thermal pocket and reflected the light from Venus. Your Macintosh is fine. Trust Our Father Saint Jobs.
If you ever got support for some PC, you would know that after 3 minutes of tinkering they would default to the Factory reset, procedure. Something that might solve the problem (and remove alll custormer data... but hey... you got a backup not?).
Most helpdesks do not support 3th party software anyway, even if that software was installed via a exploit. You could call malware 3th party software. And then, there is software that is not clearly malware (like browser bars), that are installed with a question, but only make clear what they do if you manage the 10 page TOS.
So the consensus seems to be that Apple has convinced its users that they can't get viruses and don't need anti-virus, which is bad.
In fact, these users are apparently so convinced that they don't need anti-virus and can't get a virus, that the minute a web page tells them they do have a virus (which they believe they can't get), they download the fake anti-virus package (possibly paying for it first even though they believe they don't need it), double-click on the installer, click on "OK" to get past the "this may be malware" warning, click through the installer prompts and finally type in the administrator account user name and password to allow installation to proceed. You know, proceed to install that anti-virus package that Apple, being evil, convinced them they didn't need to install.
Seriously, is this some kind of new low? Asserting that people are convinced they don't need anti-virus and that's why they're installing anti-virus? :-)
Apple are indeed *so* desperate to deny that anti-virus is needed that they allow Intego AntiVirus to be sold through the Mac App Store of all places. That app's description even has headlines warning about this particular trojan, so it's up to date.
http://itunes.apple.com/gb/app/virusbarrier-plus/id430337549
Two obvious suggestions:
http://www.zdnet.com/blog/security/apple-adds-malware-blocker-in-snow-leopard/4104
That so called OS X integrated antivirus is just a basic tool that can discover... hold your pants on... 4 viruses. FOUR!!!
For United States and Canada
The computer safety team is available for computer virus and for other security-related support 24 hours a day in the United States and in Canada.
To obtain computer virus and security-related support, follow these steps:
1.Before you contact a support engineer, make sure that you run updated antivirus software and updated spyware removal software on the infected computer.For more information about how to obtain a free computer safety scan, visit the following Microsoft Web site: http://www.microsoft.com/security/scanner/(http://www.microsoft.com/security/scanner/) For more information about antispyware software, visit the following Microsoft Web site:http://www.microsoft.com/protect/computer/spyware/as.mspx(http://www.microsoft.com/protect/computer/spyware/as.mspx)
2.Call 1-866-PCSAFETY or call 1-866-727-2338 to contact security support.
http://www.reddit.com/r/technology/comments/hfydw/macdefender_just_had_a_mac_checked_in_for_it_will/
Any further questions, Applefags?
That guy has ZERO certifications *I know him personally* and he just owned your entire paid-for support team.
Enjoy buying useless services that Apple can *NEVER* live up to.
Still waiting on Serviscope_minor to wake up to fucking reality and realize that Jessica Price isn't going to fuck him.
A car manufacturer being held responsible and having to find a solution to someone
who fills their petrol car with diesel..It's not their fault that people do silly things.
3rd party problems (Malware or not) issues affecting users are not Apples problem.
If it is an OS / Hardware issue then yes they need to attend to their customers technical
issues. They didn't create the problem - they are trying to deal with it best they can.