Slashdot Mirror
AppleCare Reps Told To Skirt Malware Questions
Dominare writes with this bit from ZDnet: "'A confidential internal Apple document tells the company's front-line support people how to handle customers who call about malware infections: Don't confirm or deny that an infection exists, and whatever you do, don't try to remove it.' So basically, now that Macs have their own equivalent to XP Antivirus the best you can hope for is to be pointed at the store where you can buy something that may or may not fix your problem ... nice."
From the article: "Microsoft provides free telephone support for security issues to all customers, regardless of whether the software was purchased at retail or as part of a new PC. Microsoft Support Article 129972 (last updated May 17, 2011) contains these instructions:"
Everyone that disagrees with me is a paid shill
Microsoft Malicious Software Removal Tool? Microsoft Security Essentials?
All you have to do is go into Safe Mode. http://support.apple.com/kb/HT1455 Then go into the Applications Folder > Choose MacDefender.app > Move to Trash. (in Safe Mode) Reboot normally and reset Safari.
hey, this is a web page claiming that your infected, click ok!!
umm, you clicked cancel, you really want to click ok, ok??
you know, it doesn't matter which button you push, both result
in the continuation of this racter like discussion.
wow, you clicked ok, wait while I install some software to 'help' you.
oh, while installing I noticed that I will need your password to continue....
wow, you gave me your password, can you google pwn3d ?
works on PC, works on Mac, likely works on every other modern OS.
this isn't an exploit via bug, its an exploit via user, if you drop your pants in front of a glory hole......
that said Apple isn't really helping by avoiding the topic.
Unix, an obscure operating system developed by bored researchers in an attempt to get a better game playing experience.
They gave me a free GigE card (at their suggestion) when I had problems with the built in ethernet on the logic board on a Powermac G5 and didn't have the time to take it in for repair because it was an edit machine.
They replaced my brother's iBook, 3 days out of warranty, because it was close to the expiry date and it was unfortunate.
They shipped a fresh set of Universal Binary Final Cut Studio disks to me for postage cost when the Intel switch came about, so we wouldn't have to buy the newer version of the suite to be able to run it natively.
Oh I'm sure I have a few more.
They also do "Macs form [sic] dummies" for those who yank their power cord from the wall socket by the cable and wonder why it frays and catches fire, or who throw their laptop in a bag with no case and wonder why the surface gets all scratched and so on.
They also deal with regular people who have hardware and software problems.
The crux of the current problem is a setting in Safari that allows the computer to open"safe" documents automatically. The issue with that checkbox has been known for over a year and its one of the things I remember to do is to uncheck it (as it has been defaulted to checked, open those documents.)
Apple could have done an update to uncheck that box, or better yet remove the feature, but it sadly remained and now they are going to have to pay for thier ignorance of the issue.
"Enjoy what you're doing! If it becomes drudgery, you're doing it wrong!" - Jim Butterfield
And if you RTFA, you'll find that Apple and MS do the same damned thing: Tell the user to get some antimalware software to get it out.
The problem is Apple is NOT an OS maker, they are a system maker. In particular they make a unified system where they do it all. If you talk to a Mac head this is one of the things they talk about being so great, that Apple creates a "unified experience" and supports everything. They push the model of "Just bring it to the Mac store," as how you handle support and all that.
Fine but that means that you are going to get questions about malware and the like. They can't play it off with "But MS doesn't help!" They are selling the "We are the company that takes care of you and makes everything," they get to deal with the support calls.
Also, MS DOES in fact help with that shit. If nothing else they publish the malicious software removal tool (which Windows get automatically) and make Microsoft Security Essentials available for free. While they don't do everything, they do provide free tools to help.
Apple is trying to protect themselves from becoming a helpdesk, which is something they are not. They are very clear about this. The Genius Bar is also, very clear about this. They are not a help desk, and in advanced cases support comes at a price. Just as apple is not on the other side of the phone to teach you what each keyboard shortcut does, they're not there to fix every little computer problem you have. You can't call apple if you delete a photo, and all the same you can't call apple if you clicked a link and had your system violated.
The major problem is that we now have to recognize exactly what this means. This does not mean that the mac is more or less vulnerable, because it's not - it is exactly as vulnerable as it was before. The problem is that as the total users of Apple computers grows, the ratio of of (minority) secure users to (majority) vulnerable users grows in distance. As the Apple becomes more popular, the chance of the user interacting with the system is likely to follow a malicious link, open a malicious email, or fall for a malicious ad, is greater; there is a higher chance that this user is the type of user interacting with the system, as these are the most common users on the internet.
This is a trend that was not witnessed with PCs, as by the time Malware became a heavy component of the PC/Internet world, PCs had penetrated every aspect of the general public. Mom and little brother would follow any link to their hearts content, would want to help the Nigerian Prince, and would feel obligated to save the Penguins of North Africa. Apple has now begun penetrating this market as well, and it can only be assumed that the same ignorance will also affect the Apple community.
You can secure a computer all you want, it's very difficult to keep most people from clicking the latest joke link and falling for any one of the thousands of ads they'll see in a 5 minute time period. The only perfect solution, is to not let them on the computer at all.
A confidential internal Apple document
Speaking of security...
Apple has NEVER denied that any computer, including it's own, is potentially vulnerable to exploits. Their position is the same as it's always been ... users should take appropriate precautions. At times in the past they've offered for free commercial anti-virus apps as part of AppleCare and DotMac.
Current users should download Sophos Antivirus for Mac. It's free.
Except this isn't a virus. It's a Trojan. It cannot spread/replicate itself, and it cannot infect a Mac unless you willingly install it by giving it your admin password. If you don't know the difference between the two, then you probably shouldn't be posting here.
Apple has NEVER denied that any computer, including it's own, is potentially vulnerable to exploits. Their position is the same as it's always been ... users should take appropriate precautions. At times in the past they've offered for free commercial anti-virus apps as part of AppleCare and DotMac.
Current users should download Sophos Antivirus for Mac. It's free.
So Apple have never said Mac's don't get viruses.
Even if that is true, they've inferred it plenty of times. I remember these ad's where they had one guy acting as a Mac and the other acting as a PC when only the PC got sick...
That is pretty much saying Mac's don't get viruses.
Calling someone a "hater" only means you can not rationally rebut their argument.
Yup. And Linux's dominant market share in the server space means that it's an even juicier target. Which is why you hear about so many pwnt Linux boxes on the web.
http://www.zone-h.org/news/id/4737
Last year the Zone-H archived a sad record number, we archived 1.419.203 websites defacements. Why and how this is happening? [...] Since many years ago, Linux became the most used OS for webservers and of course the preferred target for the defacers. Last year we archived 1.126.987 attacks against websites running on the Linux systems. The most used exploit by the defacers is the CVE-2010–3301, that was fixed in 2007 and was mysteriously reintroduced in 2008, in a large pile of kernel versions x86_64.
You are obviously right - 80% of website defacements last year all dues to rooted Linux servers - and you don't hear about it, so it must not have happened.
Fandroids hate facts.