Slashdot Mirror
AppleCare Reps Told To Skirt Malware Questions
Dominare writes with this bit from ZDnet: "'A confidential internal Apple document tells the company's front-line support people how to handle customers who call about malware infections: Don't confirm or deny that an infection exists, and whatever you do, don't try to remove it.' So basically, now that Macs have their own equivalent to XP Antivirus the best you can hope for is to be pointed at the store where you can buy something that may or may not fix your problem ... nice."
All you have to do is go into Safe Mode. http://support.apple.com/kb/HT1455 Then go into the Applications Folder > Choose MacDefender.app > Move to Trash. (in Safe Mode) Reboot normally and reset Safari.
hey, this is a web page claiming that your infected, click ok!!
umm, you clicked cancel, you really want to click ok, ok??
you know, it doesn't matter which button you push, both result
in the continuation of this racter like discussion.
wow, you clicked ok, wait while I install some software to 'help' you.
oh, while installing I noticed that I will need your password to continue....
wow, you gave me your password, can you google pwn3d ?
works on PC, works on Mac, likely works on every other modern OS.
this isn't an exploit via bug, its an exploit via user, if you drop your pants in front of a glory hole......
that said Apple isn't really helping by avoiding the topic.
Unix, an obscure operating system developed by bored researchers in an attempt to get a better game playing experience.
The crux of the current problem is a setting in Safari that allows the computer to open"safe" documents automatically. The issue with that checkbox has been known for over a year and its one of the things I remember to do is to uncheck it (as it has been defaulted to checked, open those documents.)
Apple could have done an update to uncheck that box, or better yet remove the feature, but it sadly remained and now they are going to have to pay for thier ignorance of the issue.
"Enjoy what you're doing! If it becomes drudgery, you're doing it wrong!" - Jim Butterfield
The problem is Apple is NOT an OS maker, they are a system maker. In particular they make a unified system where they do it all. If you talk to a Mac head this is one of the things they talk about being so great, that Apple creates a "unified experience" and supports everything. They push the model of "Just bring it to the Mac store," as how you handle support and all that.
Fine but that means that you are going to get questions about malware and the like. They can't play it off with "But MS doesn't help!" They are selling the "We are the company that takes care of you and makes everything," they get to deal with the support calls.
Also, MS DOES in fact help with that shit. If nothing else they publish the malicious software removal tool (which Windows get automatically) and make Microsoft Security Essentials available for free. While they don't do everything, they do provide free tools to help.
Apple is trying to protect themselves from becoming a helpdesk, which is something they are not. They are very clear about this. The Genius Bar is also, very clear about this. They are not a help desk, and in advanced cases support comes at a price. Just as apple is not on the other side of the phone to teach you what each keyboard shortcut does, they're not there to fix every little computer problem you have. You can't call apple if you delete a photo, and all the same you can't call apple if you clicked a link and had your system violated.
The major problem is that we now have to recognize exactly what this means. This does not mean that the mac is more or less vulnerable, because it's not - it is exactly as vulnerable as it was before. The problem is that as the total users of Apple computers grows, the ratio of of (minority) secure users to (majority) vulnerable users grows in distance. As the Apple becomes more popular, the chance of the user interacting with the system is likely to follow a malicious link, open a malicious email, or fall for a malicious ad, is greater; there is a higher chance that this user is the type of user interacting with the system, as these are the most common users on the internet.
This is a trend that was not witnessed with PCs, as by the time Malware became a heavy component of the PC/Internet world, PCs had penetrated every aspect of the general public. Mom and little brother would follow any link to their hearts content, would want to help the Nigerian Prince, and would feel obligated to save the Penguins of North Africa. Apple has now begun penetrating this market as well, and it can only be assumed that the same ignorance will also affect the Apple community.
You can secure a computer all you want, it's very difficult to keep most people from clicking the latest joke link and falling for any one of the thousands of ads they'll see in a 5 minute time period. The only perfect solution, is to not let them on the computer at all.
Except this isn't a virus. It's a Trojan. It cannot spread/replicate itself, and it cannot infect a Mac unless you willingly install it by giving it your admin password. If you don't know the difference between the two, then you probably shouldn't be posting here.