Slashdot Mirror
Why You Shouldn't Panic Over Mac Malware
Earlier this week, we discussed reports that Mac malware was finally becoming a significant problem. Now, reader wiredmikey points out an editorial arguing that everyone should slow down and analyze the situation more calmly so the threat can be accurately assessed. Quoting:
"According to Apple, the Mac installed base is approximately 50 million users. But according to Gartner, the number of Android handsets sold in 2010 alone exceeded 67 million units, giving it an installed base that is larger, and growing much faster, than the Mac base. If a large numbers of eyeballs is indeed the lure that causes criminals to write malware for a given operating system, surely Android is a more tempting target than Mac OS. ... I predict that the increase in perceived risks to Mac customers will give Apple the excuse it needs to increase its control over the Mac software ecosystem, by moving ISVs to the Mac App Store. It is no accident that the theme of the upcoming Lion desktop operating system is 'Back to the Mac': taking concepts that Apple employed successfully with the mobile version of OS X (iOS) and back-porting them to the desktop OS. One of those features is the introduction of the Mac App Store, an Apple-controlled storefront for selling and distributing applications. ... This provides buyers some assurance that their apps are from known points of origin and that they don’t contain malware, such as the Mac Defender Trojan horse.
Safari browser exploits and other app exploits can still lead to installing malware on a machine.
These are the most twisted arguments I've ever read to be honest.
It goes like this:
1) hackers, malware makers will not find Apple interesting as they are too busy with android.
2) Apple's further monopoly on the distribution mechanisms for content and applications, creating an unphantomed money making machine, is their antivirus solution.
"...will give Apple the excuse it needs to increase its control over the Mac software ecosystem, by moving ISVs to the Mac App Store" Really? So, the most insanely controlled software monoculture is getting attacked maliciously and the response is to become MORE anal? Yea, that's gonna work. Move along people ... nothing to see here.
Now they even stole microsofts excuses.
My -1 Troll is actually a +1 funny. And my -1 flame is actually a +1 insightfull.
So it's not a significant problem because another platform might have a bigger problem.
Right.
I'll admit I bought a macbook in 2009 with likelihood of system vulnerabilities in mind. I *did* consider a number of other things, so I'm not a bad person, I swear.
Some say it's a case of going to a FOSS operating system... or specifically a BSD family kernel... or even of going to OpenBSD exclusively. Some say it's a case of knowing our OpenBSD software inside out and testing thouroughly *and* putting various in safeguards.
However, they're all missing a piece of the puzzle. Qubes OS should be on everyone's radar, especially since it's starting to progress. Sadly, it's one of those things that unless you give it some time to read up about you'll only hear bits and pieces about and then sadly ignore it.
Qubes, with Joanna Rutkowska at the helm no less, is a solid framework of ideas that results in the security we should all expect of an operating system. Fear that you'll have input sniffed or root compromised? Have your system disconnected from the internet - "what?", you say, before you read on and realise how silly it is in the first place.
Everything is in a VM instance, each VM instance can boot from the same image and run a (single, if you feel like it) program. The data that instance *thinks* was written to disk was instead pushed to a copy-on-write block device which can be thrown away when you're done.want files between different VMs? Message dom0 with the request from inside the VM and then accept the dialogue box that your isolated dom0 greets you with.
Sadly, I'm not the best ambassador. Sadly, I'm in a rush and haven't supplied my best effort in communicating how significant Qubes will be. Sadly, it's taken until now to have decent security on a desktop. But now I can be confident.
The universe is smiling down on me for this post with a captcha of "secure", and rightly so if you hop aboard.
"Why You Shouldn't Panic Over Mac Malware"
Nope. I don't worry at all, and I guess that few do.
Because I and most other don't own a mac. That must be the obvious answer...
(Too lazy/not interested to read the summery or the article)
There's no need to deflect attention,, this is not about Android, this is about Apple computers having the type of issues for which PCs have always been made fun of.
The reason Mac users are now targetted is because they are less computer savvy, have deep pockets and have been educated to open their wallet on command.
because I don't own one...
Unless Apple makes it mandatory for all applications on Macs be installed using the new app store, then it doesn't prevent anything. It's not like Mac users are going to immediately stop installing stand-alone programs the moment the store comes out. And if they're installing standalone programs, then the people who get tricked into installing fake anti-virus software won't give it a second thought about installing what that fake system message pop-up told them.
...because you don't have a Mac?
That covers most people - many of whom actually should panic over Windows malware. But nobody should be too smug, not even Linux-only or BSD-only users, since every compromised machine (Windows or Mac or whatever) pollutes the internet commons.
Those who can make you believe absurdities can make you commit atrocities. - Voltaire
The funny thing is, iOS outnumbers Android by well over 2:1. There are over 200 million iOS devices out there now, over 100 million of which are iPhones alone. Android might be a lightning rod for malware, but it's not because of its numbers.
Nice bit of Astroturf there.
So, we shouldn't worry about malware on the Mac because Oh LOOK here's some speculation about a completely different OS so don't pay attention to this story anymore!!!
And then the inevitable push from Apple to have total control over you system by the eventual restriction of apps to Apple market-approved programs only. Well that's sure a nice idea, too bad some of the Official apps like Safari also contain security weaknesses. So much for the safety of the walled garden approach. But it's not stopping them from trying, apparently.
No, I don't panic over Malware on my Mac. It has nothing to do with Android, or any other OS, or the App Market, or anything else this shit-for-an-article is talking about.
The story has the correct title but rather misses the point. Yes, it's not time to panic. There is a set of malicious tojan horse programs out there for MacOS. The current crop require the user to authorise their installation. i.e. the security weakest link (at the moment) being exploited is the one behind the keyboard. Very often this is the places where security is the weakest, just watch WarGames if you doubt this. MacOS is by design, with a greater degree of privilege and OS/Application separation, more resistant to attack than Microsoft Windows has been. However, this is not to say that it is not vulnerable. All systems are, be it design flaws or merely implementation flaws. Yes, I'm looking at you Linux, FreeBSD, OpenBSD, Solaris, HP/UX and AIX. No-one can rest on their laurels.
Agrajag: "Oh no, not again!"
And you'll see why 2011 will be like "1984."
"National Security is the chief cause of national insecurity." - Celine's First Law
How brain dead is that? The install base of OS X is 50+ Million and climbing. The install base of iOS is 120+ Million and climbing. What's your point?
The person who most passionately appears to criticise some ideology in his youth is most likely to follow it in his old age.
(Politicians doubly so.)
" If a large numbers of eyeballs is indeed the lure that causes criminals to write malware " Not very good to base your security practices on an IF! Just because the majority of hackers think this way, doesn't mean they all do. All it takes is one to say "I don't like Macs, I'm gonna hack it." And "boom goes the dynamite!" It's the 'most people think this, So all people think this' mentality that ticks me off
But of course, none should panic because the usual Apple astroturfing/deflection suggests so...
There are *no* tanks in Bagdad, I repeat: there are *no* tanks in Bagdad....
Ceterum censeo Carthaginem delendam esse
Well, for me -- not being an artist, but a mathematician -- a Mac just perfoms best. Great huge screen, an OS which just works the way it should, a great TeX distribution, and good choice of programs for surfing the web, reading e-mails and organising my BibTeX references. I for myself have used Linux before and it does a great job but by now I feel more comfortable with my iMac...
So far, the OS X AppStore couldn't be called 'wildly popular' since its inception on January this year. Regularly, I checked my installed apps for availability in the App Store, because it allows for such easy updating. Lo and behold, only fairly trivial apps are there, the following list is not available in the App Store:
Now I agree that stuff like a bittorrent client (Vuze) and a network sniffing tool (KisMAC) would probably be refused in the App Store. But all in all, the OS X App Store could be called a disappointment so far.
Note that the Opera browser (which contains a bittorrent client) is in the App Store.
8 of 13 people found this answer helpful. Did you?
Don't worry, huh? There are more Androids than Apple computers out there... While I believe some people store pretty important information on their phones and "pads", I tend to think that malware in a deskptop is a much more serious threat to people - maybe because most people store their most personal and sensitive information in desktops?
There's no need to deflect attention,, this is not about Android, this is about Apple computers having the type of issues for which PCs have always been made fun of.
Except an important aspect of the "type of issues for which PCs have always been made fun of" was the lack of a credible security model in "old" Windows, combined with Windows' huge albatross of "legacy" software. Even after the deficiency was rectified in NT and XP, this leads to users running as "admin" and/or being so bombarded with security warnings that they ignore them.
OSX and Linux use a "sudo" model which is fundamentally more secure than "old" windows or even XP in its typical "all users are superuser" mode. That ought to be becoming less of an issue with Win7.
None of them are immune to "social engineering" that tricks the user into manually installing, authorizing and running malware. The only solution to that, as TFA suggests, is iPad style lock-down. Personally, I can live with that on a phone or tablet, but if Apple try and impose it on "proper" computers, I'm out.
In a survey of 100 programmers, 111111 thought that duck-typing was a good idea.
You fed the troll! Never feed the troll! But yeah, there indeed is "absolutely no reason to own an apple" for sure. Dammit, just feed the troll...
Just an education to those "happy-go-lucky" fanbois who believe their beloved Macs are somehow immune to malware:
1. Malware can appear on any system - yes, even my beloved Linux is not totally immune from the threats.
2. Defending computing devices against malware is as much about your own common sense as it is about someone else's anti-walware software or handing over your responsibilities in their entirety to Lord Jobs The Almighty. That means understanding *how* malware can enter through a web-site, email attachment, etc. and not going to sulubrious websites or opening emails where you don't necessarily trust the source. Yes, fanbois, it may be beneath your designer "pay someone else to do it lifestyles" but it all comes down to not being naive plonkers and learning how a computer works.
3. Apple has become an "evil company" in the eyes of many, just like Microsoft and Sony did. When that's the case, subsets of malware authors who consider themselves to be Internet Robin Hoods will consider that they are doing the world a favour by targetting Apple over and over again. Whether they do that or not is irrespective of how many Macs are out there, it's more on just how big and evil they perceive Apple to be.
4. Apple moving all software under the App Store banner is *precisely* what Apple wants to do because it makes them more money - it has *nothing* to do with anti-malware measures apart from giving them a good excuse to do it amongst the faithful. As that lockdown gets more and more, you will see a recurrence of exactly what has plagued Windows for many years - namely that not every fanboi has millionnaire parents and whilst some will buy every piece of software they use, most will get cracked copies which will be infected with all manner of malware because they won't or can't pay for the software.
5. Yes, Android will also be targetted and non-techie Android users will suffer as a result. But anyone who is tech-savvy knows where the legitimate sources for software are and how to do as many checks as possible before installing anything. I've run Windows XP alongside Linux for years, for about 5 years now I went totally legitimate in the software that I use (I gave up with cracks and warez, I use Open Source programs and legitimately licensed and paid-for software) and I've not seen a piece of malware or virus in years - and that's running freebie virus checkers and anti-malware programs.
6. I've not used Vista or Windows 7 because I've found no good reason to - but as I understand it, in Windows 7 Microsoft have put in much better layered security that takes into account people who don't know what they're doing and, as a result, it's having a positive effect on reducing malware spread on Windows 7. Yet at the same time, Apple leaves a ridiculous amount of unpatched flaws (especially in that Safari garbage) on their systems. The net result is malware creators will ultimately find it easier to target Apple than Microsoft, as Microsoft gets better and better at holding them back. (Nope, I'm not an MS fanboi, I use Linux more than Windows but I tell it like I see it as a security techie in my day job.)
So stop with the defensive posturing, get your heads out of your assholes and READ THE FUCKING MANUALS like the rest of us do.
Gentoo Linux - another day, another USE flag.
Mac OS X gives me a UNIX system with a good quality GUI. Show me any other operating system that comes with apache, ruby, perl, and so on pre-installed, and allows me to run microsoft office, and allows me to play a bit of Star Craft from time to time?
It doesn't exist outside the mac. I would have to buy two PC's, one for windows and one for Linux. Or one PC and run the other OS in a slow/buggy virtual machine.
I paid $2,000 for my mac a few years ago and it's still nice and fast now. I'll probably still be using it in another three years. As someone who earns ~$50,000 per year creating websites, a computer that costs a bit over $1 per day is hardly expensive. Is it the cheapest system available? Probably not, but it's not expensive.
For you, maybe Mac OS X is not a good choice. But you're blind if you honestly think there is no reason at all to use it.
Opps ... mea culpa... ;-)
[citation needed].
Dilbert RSS feed
For OSX its the opposite. For every small task that i want to accomplish, i seem to need to pony up. Every small time programmer tries to make a buck with his little program. Nothing wrong with that, but where are the Free/Libre alternatives?
Well, OS X is still a vastly smaller community than Windows, and I suspect that although Linux (desktop) users outnumber OSX users a disproportionate number of Linux users are also programmers. So its not surprising there's less choice. That also means that the money to be made from true "honesty box" shareware is probably smaller, so developers are more likely to require payment. Also, historically, Mac OS "Classic" developer tools and documentation cost an arm and a leg - of course, since OS X they've been free (or very cheap, for iOS), but the early days may have set community expectation. Finally - I don't think OS X is the easiest platform to develop for (however elegant) and OS X users tend to demand nice GUIs on everything.
However - its not all bad: First, OS X is Unix: Install "fink" or "macports" and you'll get access to a huge number of Free/Libre packages from the Linux/Unix world - albeit most of these are command-line or X11. If you don't want to roll your own, lots of major "free" projects offer OSX versions: (off the top of my head and at random: LibreOffice, Eclipse, InkScape, VirtualBox, PostgreSQL, MySQL, Mozilla) not to mention the stuff that is already present in OS X (Apache, PHP, Ruby, Python, Samba, CUPS...) I hope the latter list doesn't diminish too much as projects move to GPLv3.
In a survey of 100 programmers, 111111 thought that duck-typing was a good idea.
Let's suppose for a minute that the original author's basic supposition is true: that Apple is looking for a good excuse to herd ISVs into a lucrative [my term, not the original author's] Mac App Store. And that malware would be that good excuse. Where do you suppose that malware could be coming from? Could it be from . . . wait for it, wait for it . . . none other than our beloved Apple Inc.? Before you dismiss this out of hand, consider it wouldn't be the first time a big corporation "invented" a problem for which they just happened to have a solution. (and the mafia has been doing it for countless years!)
1) hackers, malware makers will not find Apple interesting as they are too busy with android.
2) Apple's further monopoly on the distribution mechanisms for content and applications, creating an unphantomed money making machine, is their antivirus solution.
3) ...
4) Profit!
The three laws of thermodynamics:(1) You can't win. (2) You can't break even. (3) You can't even quit.
As I understand the current rules, lots of the products you mention can't be delivered in the App Store because they need to be installed system-wide. E.g. you can get TextWrangler on the AppStore, if you want to install the command-line tools you have to download it from the website. Maybe these will go away with OS 10.7 (since the scuttlebutt is that 10.7 itself will be sold over the app store).
Also - GPL software is effectively barred from the App store.
OTOH, the App Store terms - use on any Mac computer you own - might be a bit generous for the likes of Microsoft and Adobe. Plus, until they get a "corporate App Store" and educational discounts sorted out its not much of a solution (I get Office under the "home use program" via my employer's site license, and I'm sure as hell not buying CS5 with my own cash!)
In a survey of 100 programmers, 111111 thought that duck-typing was a good idea.
I'm not really sure how Apple can lock down their systems without actually crippling them. Sure, the App Store will be there in Lion (it's already there in 10.6), but that doesn't mean you have to use it. Unless, of course, Apple plans on canning access to their development tools, which would be stupid.
Given that their current strategy is to include most of the facilities one would expect to find on a typical *nix box (of any stripe), that would be a big step to take. Since my use and support for Macs is based on the fact that I happily use a second-hand MacBook (inherited from my wife) that offers nearly all of the functionality of my Linux machines without having to diddle with it, that would be a marketing mistake. I quite like the compactness and reliability of the hardware, but not so much that I will accept being told how I may or may not use it.
Then why did you waste your time (and ours) with your asinine post?
Allow me to match my personal anecdote with yours. Since the Mac App Store opened I have been able to discover several new apps and also pick up a few for a much cheaper price than what was listed before they were posted on the store. I found the following apps I never knew where out there:
BarCalander
Numbers ($12 on the app store, was $70 in a box)
Mixxx
MonsterTrucksNitro
Pangea Arcade
Ringtones (got this for $1.99, was listed as $12.99 on their website)
VVVVVV (a very entertaining retro text-based game)
VirtualDJ Home
True, not everything was a home run but for all the essentials you listed that I think most savvy Mac users already have the App Store allowed me to discover some new things that turned out to be worth my time.
andLinux doesn't need a VM to run on Windows. Not that it doesn't make sense to get a Mac (I wouldn't know, almost never touched the thing, it's not even in my price range).
Dilbert RSS feed
There are more Android handsets therefore no-one could possibly want to write Mac malware? Nice "logic".
Heh. And they completely forgot about Windows.
"I like to lick butts!" by MobileTatsu-NJG (#32700246) (Score:5, Informative)
Information Purification App Devices.
Some drink at the fountain of knowledge. Others just gargle.
Yea that would make sense if there were actually a large number of viruses in the phone market. Compared to traditional viruses mobile viruses are still in the "Hello World!" stage.
Malware. The word you tried to avoid is "malware" - you can get some from the regular Android Marketplace, and a lot more from the open markets.
Fandroids hate facts.
The funny thing is, iOS outnumbers Android by well over 2:1. There are over 200 million iOS devices out there now, over 100 million of which are iPhones alone. Android might be a lightning rod for malware, but it's not because of its numbers.
Citation needed.
"To prevent this day from getting any worse, I'll just read ERROR as GOOD THING" 1GJU8xLuDKDxEs4KLf8fAGyptoDsqvEsBT
Because somehow a replaced iPod vanishes? Also, it's the exact same way Android devices are tallied. Well, not quite. Android tallies are not directly counted, like iOS device sales, but are estimated from various metrics. Even so, they don't consider those replaced either.
Either way, iOS devices vastly outnumber Android, which is my point. The idea that Android, which outnumbers the Mac, will be a lightning rod because of this, is pure fandroid fantasy. iOS outsells and outnumbers Android.
Don't let facts ruin your fanboy jerkoff session though, I've know you've been working very hard to look even more of an irrational, nonsensical Apple zealot than SuperKendall so I guess you wouldn't want to spoil that.
Which "facts" would this be? The fact that iOS outnumbers Android? The fact that even just iPhones outnumber Android? It would seem you are rather confused.
Apple sold it's 160 millionth iOS device in January, and sells around 10 million per month. Apple sold their 100 millionth iPhone in February/March.
These numbers come from Apple press releases and quarterly financial reports, all easily found via Google.
This wasn't my contention, it was the so-called "tech writer's". His claim was, in part, that Android would sap away viruses from Mac OS X, because Android outnumbers the Mac. This conveniently ignores the fact that iOS *vastly* outnumbers Android. Yet somehow Android malware vastly outnumbers iOS malware...
In a strange way it does bolster his argument, but not in a way that flatters Android.
Nope? Hmmmm. Guess that makes you an idiot.
If you are willing to install the OS, why can't you install "apache, ruby, perl, and so on" on Windows?
Also, VMs are quite good now. In fact they are good (that is, fast and not buggy) enough for servers (that usually need to be more reliable than a desktop PC) and are a real alternative to running multiple physical servers and not just because you save space and power by consolidation.
Yeah, I don't see Adobe giving up 30% of their income to get PS on the mac app store. I also don't see users perceiving Photoshop as dangerous to install. The app store is a vehicle to rape developers. If developers are free to go around it, they will.
They don't have to. They are free to post where/how they please. And that ain't gonna change. The genie is out of that bottle, and has been for decades, and Apple is simply not stupid enough to even attempt to put it back in. And besides, that isn't their goal.
The Mac App Store is simply a way to give the hordes of NEW Mac-Users, many of who's initial exposure to Apple was through the iPod or an iOS device, a "One-Stop-Shop" for applications for their new Macs, in a format that they are familiar with.
Afterall, considering the still-much-higher marketshare of Windows, the average non-computer-savvy user is much more likely to be able to ask a family member, neighbor, or friend where they might go on the internet to find "safe" applications; but, the percentage of Mac users is still low enough that that kind of "word of mouth" advertising doesn't so much drive a NEW Mac user to the likes of Macupdate.com, et al.
Remember, one of the major whines of Windows users were "There's no software for the Mac!" Everyone on slashdot knows that is patently false, as does everyone who has owned a Mac for more than a few months. But in that critical "Did I make a mistake?" period, the Mac App Store helps the NEW Mac User to realize that there is an (often better) equivalent, or even a direct OS X version of, their favorite app(s). The likes of Adobe and Microsoft will never need that kind of marketing help; and so will not be in the App Store. But for every one of those mega-publishers, there are ten-thousand independent software publishers who have (up until now) only two choices: 1) Put up a website, and hope they can drive potential customers to it; and/or, 2) Get listed on a software-aggregator site, like MacUpdate, C|Net, where there is a fairly poor organization, and even poor-er search facilities (the dear, departed VersionTracker.com being particularly bad in that regard). Instead, anyone familiar with the iOS App Store (and that is a LOT of people) now has a familiar-looking (and acting) place to look for their Mac software, too.
It isn't evil. It's just an extension of Apple's former (and very poorly advertised) "MadeForMac" database. As to your ridiculous claim of Apple "raping the developers", the fact that Apple is charging a fee for the VOLUNTARY listing (which is in line with EVERY. SINGLE. CATALOG.) should not be surprising, and is not at all unusual. For example, to be listed in a large U.S. industrial distributor catalog, like Grainger's, McMaster-Carr, etc. typically costs $10,000 PER YEAR, PER PAGE. Apple's deal of 30% of gross sales is quite fair by comparison; particularly because, if YOU price your application at zero dollars; then that is what your fee is... FOREVER, and REGARDLESS OF SALES VOLUME. Even hosting a free app on your own website isn't going to be a better deal. And if you're sales are so massive (think Angry Birds) that that 30% becomes a big number, your remaining 70% is a correspondingly bigger number. So AGAIN it doesn't really matter.
Let's look at a brick-and-mortar distributor for comparison: Most, if not all, b&m distribution chains have a 100% markup PER TIER. In other words, each "hand" that that product falls into along the way from you to the end customer basically DOUBLES the price to that consumer. And what that ends up meaning, is that you have to DEPRESS your "wholesale" price, so that the end product will still sell for what you think the consumer will pay.
In contrast, Apple's deal is pretty sweet. And remember, for the Mac, it is NOT a requirement. And is likely never to be. There are already far too many other ways to acquire Mac software. Apple is in no way stupid enough to think that they wouldn't be in court until the end of time if t
It's not that I think my Mac is invulnerable to malware, I just don't see malware authors learning objective-c
Non impediti ratione cogitationus.
I suspect that although Linux (desktop) users outnumber OSX users a
Whoops - the backwards virus obviously got to that sentence. I meant the other way round, of course (but probably a much higher proportion of Linux users are also developers).
But it still got +5 so that's OK (can I mod myself down?)
In a survey of 100 programmers, 111111 thought that duck-typing was a good idea.
Yea that would make sense if there were actually a large number of viruses in the phone market. Compared to traditional viruses mobile viruses are still in the "Hello World!" stage.
Boy, and they call Apple fans "apologists".
They got nothin' on Android fanbois!
Face it: Android's "security" is as broken as iOS' is robust.
That's not flamebait; it's simply a fact. And even a lot of Android owners admit it, right here on slashdot, and as recently as yesterday.
Not your fault; you didn't design the OS. But please don't insult our collective intelligence by claiming that Android isn't the Windows XP (SP 0) of the mobile world, security-wise.
And here's a clue from the clue-box: It ain't got nothin' to do with "marketshare".
You seem to have made the god awful mistake of adding up iOS device sales to date (and even there appear to have overshot the mark by about 50mill, possibly more) without taking into account the fact that many iOS devices replaced other iOS devices taking many of those out of the loop as "active" devices. iPod touches, replaced by iPhones, iPhones replaced by iPhone 3G, iPhone 3G replaced by iPhone 3GS and so on. Many people will have the old devices out of use in a cupboard somewhere or in many cases simply binned them, because the lack of easily replaceable battery and the cost of getting it replaced regardless leaves it little more than a brick.
Don't let facts ruin your fanboy jerkoff session though, I've know you've been working very hard to look even more of an irrational, nonsensical Apple zealot than SuperKendall so I guess you wouldn't want to spoil that.
And so, Android devices don't get replaced in the same manner?
So, what was your point, again?
BTW, given the fact that a lot of Android devices are cheap, and cheaply-made, I would submit there are a LOT more of them in the trash than there are iOS devices.
But don't let facts despoil your nonsensical Android fanboi rant. Both platforms have a "replacement" cycle. But you conveniently ignore that fact when it comes to Android. That's what makes your argument nonsensical, and thus you appear to be ignorant, and/or disingenuous. Exactly the qualities you ascribe to "the other side".
Yet a user can still browse to a web page on a default install MS Windows 7 and pick up malware without any warning box to click on or any other indication until the scareware starts redirecting them to different parts of the net, asking for money to clean off a virus and blocking access to anything on it's list of tools to help remove it.
There are so many breaks in the chain of security that many machines are getting infected.
Now while you and I know that the main user should not have Admin rights and that there should be third party antivirus in the hope that some poor sucker got infected by the malware and reported it more than a day before your machine ran into it. Some people listened to the fanboys that scream about how perfect it is and that antivirus is no longer required - so then you get exposed to a lot of trouble. Even though I'm a *nix guy the sheer volume of infected machines means that I get to see a few and wade through the malware swamp to attempt to remove it when the sane approach is to nuke it and reinstall - various programs where the user "lost the install disk" and the braindead concept of the registry mean that to give them the same sort of system back I just have to look for unusual stuff and hope I've got it all.
There's really not much point comparing it as a superior security model when it's not actually being used. Yes the *nix model could be better but sadly it's still vastly better than all the little cases where developers on the MS platform decided to completely ignore the NT security model and leave big holes for malware to get in.
For this bit of Apple-hater BS to get modded up as "insightful" should be deeply embarrassing to anyone who still thought intelligent discussions happened here.
Sorry if I messed with your religious experience.
There are several way to install software remotely (instead of re-plugging the storage to some running machine) on a non powered machine :
- various debug ports (like the above mentioned JTAG), which can be used to rewrite firmware, BIOS, etc. (and they are much useful, because the flash chip itself can't be reconnected to another machine, as the once-upon-a-time socketed ROM)
- remote administration tools like wake-on-lan which can turn a machine on, and then subsequently allow remote installation of software.
- more recent remote administration tools like on high end servers and Intel motherboards can even enable some administration on a machine which is powered down (the tools run on a separate chip. The main CPU and GPU don't need to be up).
Note that, these method a most of the time used to install legitimate software on powered off machines. As far as I konw, I haven't heard about them being used by virus to propagate to turned off machines.I guess the parent poster wanted to stay on the sage side of assumption when saying "almost 100%".
"Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]