Slashdot Mirror
Apple Acknowledges MacDefender
Trailrunner7 writes with an article in threatpost "Apple is planning to release an update specifically designed to protect users against the MacDefender malware that has been circulating for the last couple of weeks. The update for Mac OS X will automatically find and remove the malware on an infected machine and also will warn users if another infection attempt is detected.
IMHO, Apple is taking the bull by the horns and not only fixing the problem personally but also not charging an annual fee for the privilege of cleaning your system. Well done.
But retards will call it such ("virus", to the layman, is "any software what breaks my computer", regardless of distribution method). And thus, all the retards claiming "macs don't get viruses" will now be countered.
But hey, at least we still have Linux. No viruses (by either definition) on that, right?
"Hey you there, you look like you might have STUPAIDS. Quick! Inject yourself with this hypodermic needle who's contents are unknown to you!"
That might work?
Invaders must die
"Apple is planning to release an update specifically designed to protect users against the MacDefender malware that has been circulating for the last couple of weeks. The update for Mac OS X will automatically find and remove the malware on an infected machine and also will warn users if another infection attempt is detected"
What defence is there against the end users downloading and running MacDefender and giving up the Admin password?
There are worms for Linux. Not sure about OSX. Certainly "CLICK HERE!! EMERGENCY!!"-type malware can exist for any platform.
Trolling is a art,
My wife supports a lot of Mac users who literally say stuff like "I don't have to worry about security because I have a Mac." In their minds, they can literally just wash their hands of all security considerations because Apple will do everything for them like a bodyguard from Blackwater. Apple has ridden a wave of anti-Microsoft sentiment in no small part by creating or at least encouraging the impression that if you buy a Mac, you'll never have to think again about taking care of your computer except maybe once a blue moon.
No magic box is protected from stupid. This wasn't a drive by install, the users had to choose to install it.
statistics say you still made the right choice.
You can't, but you can release one that tells the user they're stupid if they choose to run this piece of malware.
"I use a Mac because I'm just better than you are."
When your entire marketing approach is, "Everything we make JUST WORKS!" you really cannot have these kinds of malware floating around, and you certainly cannot try to charge people to fix things. It is not that I am criticizing Apple here, I am just saying that in their position, the only thing they could do is to erase the malware at no cost to their customers, or risk damage to their entire marketing machine.
Palm trees and 8
I saw this on a laptop this week, and it was laughably easy to get rid of (under 5 minutes)
Compared with the kind of stuff targeting PCs, this is/was a joke.
top -u
kill -9 [pid#]
Drag to trash
No magic box is protected from stupid. This wasn't a drive by install, the users had to choose to install it.
A lot of places do not allow users to run programs in their home directories, to help mitigate this exact problem. This is not necessarily the best approach for home users, but it certainly is possible to provide some protection from user stupidity in certain contexts.
Palm trees and 8
Does Linux do anything (or at least anything more than MacOS) to protect against this type of attack?
We're finally a big enough target to steal from!
We're relevant! We're relevant!
I liked them better when their motto was "proudly going out of business for twenty years"...
the preceding comment is my own and in no way reflects the opinion of the Joint Chiefs of Staff
1) It encourages users to just get software from the repositories which is very unlikely to have malware in it.
2) It discourages people from using it that are likely to fall for these kinds of things.
So it does not have real protection beyond what osx has other then the culture that goes with it. On Windows and OSX it is FAR more common to download and install software from random locations.
Computer modeling for biotech drug manufacturing is HARD!
My approach is cheaper: lock down the system. Install Fedora, give my mother a user that has type user_u in SELinux, and breath a little easier now that I know she cannot accidentally run some random program she downloaded. There are still vulnerabilities, but it would take a far more sophisticated attack than what one normally sees.
Kid Proofing a Mac With Parental Controls
s/Kid/Parent/
Allows you to limit the applications a user can execute.
If all else fails, immortality can always be assured by spectacular error.
Call it an infection then, using the generic term, instead of viral infection if you really want to, but that's just being pedantic. The "but macs don't get viruses" contingent has always truly meant and implied, if not outright stated, that OSX was not subject to the same malicious software infections that windows was. You know it, I know it, everybody knows it. This isn't a presidential impeachment, we're not required to define what "is" means. Everybody knows what "viruses" in this context means.
Just like with humans, be it a viral infection, a bacterial infection, or even a fungal infection, the general layperson doesn't care what is causing the problem. They just want it fixed. The only person who cares exactly what is causing the problem is the person (doctor for humans, technician for computers) who is trying to fix it. The layperson just knows that they are "sick'. Likewise, the mac user just knows that their computer is "sick" and "this sort of thing isn't supposed to happen to macs".
The only platforms where this kind of attack would be extremely difficult are the locked-down ecosystems, like (unjailbroken) iOS or most games consoles. Whilst I'm sure that iOS isn't 100% guaranteed malware free (there's always going to be something exploitable somewhere), it's going to be a whole lot more difficult to do that than simply writing a noddy "Run Me" app that wipes all your data.
I would think "Bloody hell" is always a poor choice of gift. But then, I don't know your mother.
Early PC stuff was a joke too. Give it some time to get going.
It encourages people to only get software from the repository that The Steve says they should get software from.
But that's not a problem, generally, because Mac users are trained to know they have to pay for every little anything they install on their system.
Eventually some smart malware creator will create a trojan that has some nominal fee the Mac user has to pay to get the malware.
It'll wipe all Macs from the web in short order.
s/who\'s/whose/
FTFY
Lets see: Apple learns about problem, researches possible fixes, determines best fix, and then releases said fix. No histrionics, no stupid hand flailing. I'm failing to see the problem. Hell, I wish other companies did it this well.
"My brand of comfort isn't so much 'There-there' as it is 'There's a boot, pardon me while I connect it with your ass!'"
Being that it took 11 years for one to come for OS X. That method just might work.
If something is so important that you feel the need to post it on the internet... It probably isn't that important.
Supposedly this doesn't require the password. It just installs to the user directory. It pops up a image that says click here to disinfect, the user clicks and it runs in the background.
-]Phreak Out[-
I'd suggest that operating system security patches should be delivered via ads that utilize security flaws... except a lot of malware programs do upgrade security patches after infecting.
That is really not what I was referring to. I really just want to stop a particular user from running setuid/setgid programs and from running programs in their home directory. With Fedora that is literally a matter of clicking on 3 things, or equivalently running three commands in a terminal. It is not even clear to me that the Mac parental controls feature actually prevents users from executing programs in their home directories (e.g. a program they downloaded from some website).
In any case, the real point here was that there is no reason to pay the Apple premium if your goal is to protect an unsophisticated user from malware.
Palm trees and 8
it's cool. If you RTFA Apple is going to patch and remove this crap from your mom's machine soon.
When you have a stupid user, you don't give them the admin password.
Problem solved
From The Customer is Not Always Right:
Me: “Good afternoon, [Software Company] Tech Support. How can I help you?”
Customer: “I have a complaint about your software. My employees keep exiting the files without saving. I need you to fix that problem with your software.”
Me: “Sir, when you pick to exit the application, it asks you if you are sure you want to exit without saving.”
Customer: “I know. I think they are just hitting enter at the question.”
Me: “Sir, the default is no.”
Customer: “Well, they must be answering yes.”
Me: “Im not sure how we can change the software to make it easier for your employees to understand.”
Customer: “Can you add a second box after the first box, asking if they are really sure they want to lose what they just entered?”
Me: “I can put that request in, sir. But I doubt that development will change the software.”
Customer: “Why not?! Its a bug in your software! I want it fixed!”
I really just want to stop a particular user from running setuid/setgid programs and from running programs in their home directory.
But how long until computer makers start doing the same to even the computer's primary user, requiring end users to either A. go through the computer maker's app store or B. pay per year to unlock the privilege to run unapproved applications? Such cryptographic lockdown has been happening since 1985 in some markets.
Being that it took 11 years for one to come for OS X. That method just might work.
And it works OK for WIndows, right? (That's how I know it's Tuesday when I'm at work)
Faster! Faster! Faster would be better!
No, that is not true. It downloads a disk image, and if Safari is configured as default, it will mount it and execute the installer. At that point it requires the user to actively continue with the installation, which involves clicking "next" or "continue" and entering his admin password.
-dZ.
Carol vs. Ghost
You can do the same with a Mac. Just set up a user account without administrative rights.
If I used a sig over again, would anyone notice?
Wrong.
If I used a sig over again, would anyone notice?
Wrong. Needs an admin password.
Faster! Faster! Faster would be better!
That's a little FUD-y. It's a drive-by download, and once it's down, it has to install like any other application, user password and all. If you have "open safe files" off, you'll just end up with a few copies of a .zip called "mac-antispyware" or something to that effect, depending on the variant.
I hope Apple doesn't take your advice! It would probably be best to nip this problem in the bud. That may discourage malware developers from choosing the platform.
This is the idea behind the walled garden approach they've taken to the iPhone and iPad. All the software they run has to be approved by apple first. They seem to be heading this direction with their desktops as well.
I figured I would finally get my mom a computer that even *she* couldn't get infected, so guess what I got her for Mother's Day?
The solution is very simple: When the computer is first started, you choose a user name and password, and then _you don't tell your mother the password_.
Disadvantage: If there is any maintenance that needs doing that requires the admin password, you'll have to visit your mother. Advantage: If there is any maintenance that needs doing that requires the admin password, you'll can to visit your mother, which should at least be good for some nice home-cooked dinner. And if she runs into MacDefender, that app may get downloaded and start an installer, but then it is stuck with a user who doesn't know the admin password. No admin password, no install.
You may change "Software Update" and the iTunes updater and updaters for other software to not check for new versions automatically, because they will likely require a password which she doesn't have.
Yay!
Then I will stop buying from those computer makers. The lock down has to be under my control, and nobody else' -- I am the one who owns and administers the computer.
Palm trees and 8
Give the Mac OS X Malware market time to mature. Mac OS X only recently became a "recognized target." Now Apple is trying to make it a "moving target" and a "reactive target" meaning they are essentially taking the Windows approach to security -- which is reactive. This means that with each new threat, a new response will be devised.
They had an opportunity, early on, to create a heirarchical system that might protect the OS and, actually, I think they did... but we will see how it all works out. But when it comes to users installing and running programs at user level access? That's pretty much every OS, otherwise, such a system would not be usable at home or at the office.
What makes malware laughably easy or difficult to remove is usually determined by how deep into the OS it can embed itself. With Windows, it happens a lot with increasing sophistication that targets not only the core OS, but also the countermeasures commonly deployed. So initially, in the absence of countermeasures, malware will target and run as the local users. When that stops working, it will find ways to embed itself into user applications (within those *.app folders that pretend to be entire programs) and then in the binaries that reside in the *.app folders... and then in user-accessible details in the OS and then in the OS itself as local exploits are discovered and run.
So give it time for the war to heat up. It's coming.
Apple does not have a setting that automatically downloads files when visiting a website. There is a setting that automatically opens downloaded files, but it's debatable whether they should turn it off or not, since you usually want to open something once you've downloaded it. As others have said before, installing software (any software) on a mac requires your administrator password. You discription can't get much farther from the truth than that You are pretty much completely wrong about everything you've said.
"Does Linux do anything (or at least anything more than MacOS) to protect against this type of attack?"
It doesn't as far as I am aware of which is one of the few things I do not like about Linux. There is ClamAntivus but it is just a scanner and does not offer a shield or active protection.
To be fair, as much as Cannical wants to make Ubuntu a friendly consumer OS, Linux remains a server OS where it mostly sits on servers in a computer room in a rack somewhere or run from a VM on a developers machine. MacOSX is a consumer OS run by average Joe's and artists who are not I.T. professionals mostly.
Also, most MacOSX users became users because they were lied too as MacOSX is sooo secure and will never get viruses etc. So these same people click thinking they were safe. That is more harm than good as MacOSX has no active protection unlike Windows. Windows was terrible but they at least addressing it and the tools are far ahead. All users need protection these days.
http://saveie6.com/
This is certainly true to an extent but another thing is that while no OS is 100% secure, the whole security model of UNIX/Linux/OS X (which is derived from UNIX) is generally better than Windows. Now to be honest, it is my understanding Windows 7 is much better (I jumped ship after XP) but classically, Windows being Windows was a problem and not just Windows being a majority, if I am not mistaken.
That's not to mention that this requires user intervention to work.
Um, so does the average Windows virus...
Even my Windows users know better than to install something that says "OMG u has a virusz!! Instal our L33t anitvirus!!!!!!!1!!1!1111111oneoneone"
All the stories I saw about AntiVirus 2010 (or whatever it was) shed some doubt on that claim.
That's not true. One of the thing that throws users for a loop is that it opens up a dialog box that says "scan" instead of download. They could change the settings so that any window is obviously a website (so that users can't get confused about whether they are seeing a webpage, or a dialogue box from their computer). The users trust their computer, but they wouldn't trust some random website. The trick is presenting information to the user so that they can understand what is going on. It's not like they're trusting some random website to install shit on their computer. They think MacDefender is a security feature on their own computer and trust if tor that reason. As with anything, the man thing that causes the stupid behavior is a lack of information. So the solution is providing the user with the right information.
That is really not what I was referring to. I really just want to stop a particular user from running setuid/setgid programs and from running programs in their home directory. [...] It is not even clear to me that the Mac parental controls feature actually prevents users from executing programs in their home directories (e.g. a program they downloaded from some website).
That can be emulated by not giving them the admin password + enabling parental controls, it's an application whitelist.
In any case, the real point here was that there is no reason to pay the Apple premium if your goal is to protect an unsophisticated user from malware.
My point was that there's no reason to inflict Linux on them either ;-) The user might be more comfortable with an OS other than Linux.
If all else fails, immortality can always be assured by spectacular error.
Well played sir, you might want to seek a position in politics.
XML is a known as a key material required to create SMD: Software of Mass Destruction
Yeah. It's difficult enough to use that you actually need both brain cells working, and a basic grasp of the English language. Linux is idiot-proof by virtue of being impenetrable to idiots.
I figured I would finally get my mom a computer that even *she* couldn't get infected, so guess what I got her for Mother's Day?
MacDefender?
There's never enough when you have too little
Most Mac users
with fedora this won't happen... it is open source and therefore cannot 'lock' someone into paying
I don't see how one implies the other. Android is open source, yet AT&T locks out installing applications from "Unknown sources" and requires registration as a developer before handing out the drivers needed for adb install.
They've been updating anti-malware definitions since 10.4. The threats that the built-in system protects against are listed in System/Library/Core Services/CoreTypes.bundle/Contents/Resources/XProtect.plist
Not... necessarily. There is a way for most users to be happy, giving them software to install, without installing arbitrary software, and Apple even DOES this on one of their platforms.
It's called locking the system down so that Apple approves every piece of software that runs, and not giving users admin.
Problem is, it also means that, as you don't have admin rights on your own machine, you don't own your own machine.
My point was that there's no reason to inflict Linux on them either ;-) The user might be more comfortable with an OS other than Linux.
In my experience, the only time users become uncomfortable with GNU/Linux is when they start doing exactly the sort of things that a lock downed account should prevent them from doing. When all a user knows or cares about is launching a few programs -- a web browser, an email client, and a word processor -- then it hardly makes a difference what OS they are running. Once users start doing things like installing "cool little applications" that actually leave them worse off, or trying to fiddle with settings they need guidance for, things can become a problem -- but the great thing about locking down their accounts is that they are forced to contact you when they try to do that, before it can become a problem, and you have a chance to either teach them or at least explain why they cannot do what they were trying to do (e.g. because of malware or because it would make their system unusable).
The argument that users are "uncomfortable with GNU/Linux" is predicated on the belief that users are not uncomfortable with some other system. When you are talking about moving someone from a Windows system to a GNU/Linux system, why do you think they will be more comfortable if instead you move them to a Mac OS X system? If they need to be given a locked down account for their own good, then it sounds like they are not very adept with computers to begin with, and GNOME would be no worse for them.
Palm trees and 8
Is it also asshat to set Automatic Updates to download updates automatically and ask me when I'm ready to install them? Because I've had unsaved changes destroyed by automatic installation of updates and automatic restart of the computer under Windows XP, and I'm considering buying a computer with Windows 7.
Win 7 is pretty good about that; while there is a nag dialog, it can be dismissed for up to 4 hours (select from drop down, dismiss), and the nag dialog doesn't count down and reboot automatically.
Yeah, is that so hard to believe?
Palm trees and 8
I frankly don't see how Linux (or any OS for that matter) can protect from this, as it is a classic social engineered 'ZOMG! You HAVE to run this RIGHT NOW or you will die ZOMG!" style infection, which we Windows repair guys have seen quite often through the "Security Tool" and Antivirus 20xxx variants.
Since Vista I have noticed less and less malware are going after the OS anymore, and instead are either going after third party software with serious flaws (such as anything Adobe along with Java, both of which rarely gets updated on a machine) along with social engineering. on the social engineering front they can usually be divided into these categories. the 'ZOMG! You got teh virus! Run Iz_Not_Viruz_Iz_Fixer.exe to kill it ZOMG!' the 'Want teh hot lesboz? We give u teh hot lezboz for teh free! Jusr run Iz_Not_Viruz_Iz_Codex.exe' so you can play teh moviez!' and the ever popular "My BFF Kim sent me a (insert screensaver,LOLCat Video,zip full of pictures) and it says I need to click this email link and run Iz_Not_Viruz_Iz_Goodie.exe to enjoy them!"
Notice how in NONE of the above does the underlying OS have a damned thing to do with making the attack successful? I've found a good 90%+ of new malware I'm finding on machines are using social engineering because it is easier to pwn a machine if the user helps and by appealing to their greed, desire, gullibility, or fear, one can easily solicit their aid in infecting their machine.
So frankly I don't see how anyone can expect Apple, Canonical, MSFT, or anybody else for that matter to magically stop the user without taking away the rights of ownership ala sticking them in a walled sandbox where someone else decides what they can and can't have. Now what you CAN do is to pop up warnings like UAC or in this case like Apple asking for the password, and if they are foolish enough to give it have a cleaning tool for after the fact like MSRT.
But unfortunately there simply isn't a way to patch stupid, and most of us I'm sure wouldn't like to give up our rights to control our machines just to keep the Forest Gumps out there from doing dumb shit. Hell just a couple of weeks ago I had to deal with an angry customer who was infected less than a week after I handed him his new machine. did I miss an attack vector? Nope he ignored every word I said and went so far as to disable his AV because it wouldn't let him install "the new Limewire" (Iz_Not_Viruz_Iz_New_Limewirez.exe) and then got pissed because there wasn't some way for the box to magically protect him from his own stupidity. I finally just told him "You ignored everything I said, you disabled your AV, all because you didn't want to pay for some cheap pop crap. Well TNSTAAFL and if you walk out in front of a truck after everyone has warned you it is coming? Well then you deserve to be hit, sorry". Sometimes you just have to be blunt with the stupid, otherwise they are just too dumb to fucking get it.
I'm sure the tidal wave of new malware coming to Macs thanks to the success of MacDefender will weed out the retarded soon enough. The question will be just how much does Apple's business model depend on the stupid, and how many of them will end up going to Windows when they find out Macs can't magically protect them from being total dumbasses. Frankly after dealing with some of the braintrusts that argued up and down with me that "Macs can NOT get infected!" while the DNSChanger bug was happily sending all their machines to porn sites? If the ones I have dealt with are typical you are looking at a minimum of 30% of mac users being dumb as stumps. Whether they will get pissed and leave or stay because Macs are more expensive (and yes I've seen plenty of folks buy Macs because they have money and wish to show it off. How do you think that "I am rich" app was able to sell?) is anybody's guess.
ACs don't waste your time replying, your posts are never seen by me.
"Only download software from repositories" is a very flaky solution-- all you're doing is translating your trust from a website to a repo maintainer. The repo maintainer obviously is a good third-party that has a strong incentive to only provide clean software, but what if he gets hacked? It's no better or worse than a top-down App Store then, with the added complication that there are no repos for any Linux distro I'm aware of that allow for developers to charge money for installation, which drives away a lot of commercial retail development.
Don't blame me, I voted for Baltar.
And you have been able to do the same thing in Windows for a decade, by simply setting them up as a normal user and not handing them the password for admin. your point? in the end the simple fact is if a user has rights, they have the right to be stupid and there is no way to take away the "right to be stupid" part without taking away ALL of their rights.
This is why you see much more infections on home users than corporate networks (well run networks that is) as the admins take away their rights, including the right to be stupid. But unless you want to trust the two Steves or the head of the repo or anybody else in charge of "doing no evil" and give away your rights you simply have to give them the right to be stupid. Because no matter how "smart" you make the OS in the end the user actually has to THINK occasionally and not abuse their rights.
In the end you will see more and more "MacDefender" style infections, same as here in the shop I've seen infections go from Windows exploits to third party software to social engineering. Because at the end of the day the user will always be the weakest link and no amount of OS planning or protection will stop the user if they truly want the carrot the malware writer is offering, or simply refuses to think. it is the classic dancing bunnies problem and has been going on nearly as long as there have been PCs. Hell some of the first bugs I had to clean were boot sector floppy bugs, which spread by people copying warez. You offer the dancing bunny and the malware is just an added 'bonus" or in this case you spook the user into thinking they MUST have the malware to protect them from...what else? Malware! In the end you just can't stop stupid, sooner or later the user has to think or you have to take away ALL their rights, there really is no in between.
ACs don't waste your time replying, your posts are never seen by me.
Yes, since OS 8.6, actually. I ran OS X 10.0, back when most Mac users today didn't even know what the heck it was. Not that that makes me an expert on OS X security, but I'm hardly a neophyte Mac user.
And this is how a significant amount of Windows viruses are spread as well. In fact, how many Windows viruses are spread strictly because of Windows security flaws rather than because of IE, Flash and other apps?
You've managed to completely miss the point, just like King_TJ below you in this thread. The problem with their attitude is that it is a license to be stupid. They treat their Mac like it's a rubber-padded room where they can't hurt themselves. Even if it is safer, and I never said it wasn't safer, that is no license to say blatantly stupid things like "I don't have to worry about security because I have a Mac."
Yeah? And how is your Mac going to protect you against a phishing attack? How is it going to protect you when you think you're invincible, download a trojan and run it? These people don't understand that when they enter their password to install an app, they're doing a GUI version of "sudo" to do it. So yes, the ability to get infected by trojans is lessened, but the attitude makes it more likely that they'll confidently run one thinking it's ok because some magic property of their Mac will stop it from hurting them.
Traditionally mainframes are very secure from this type, or any type, of malware. The administrators are generally competent and have good controls on what get installed. Also, mainframe admins are used to paying for software have very high expectations on the quality.You never hear about virus on IBM system Z10's
Not sure who's been doing the lying about MacOS being 100% secure (it clearly isn't), but it it far, far safer for the average user than Windows is. The "running random application you've downloaded and typing in your password" threat is pretty much the same for any OS out there (except for the IOS-style walled gardens), and is only smaller on MacOS and Linux due to there being less users to target, and potentially the level of intelligence of the average user. The virus/drive-by malware threat, OTOH, is much lower on MacOS and Linx than on Windows - both due to the smaller target, but also due to there being far less exploitable holes - or at least far less that have ever been discovered.
The difference for me is that MacOS/Linux look to be far less susceptable to the virus/drive-by issues that Windows has been plagued with over the years. There's a big difference between running a random app from the internet to get infected, and happening to stumble across a dodgy site exploiting a buffer overrun in IE. It's certainly getting a lot better with Win7, but things like MS's desire to support the huge range of legacy apps on Windows mean that there's likely to be many more security holes to come in the Windows space.
I didn't get her a Linux box because a Macbook has a much more user-friendly GUI, much better support, and a much better chance of being supported by the software she uses (including some obscure software she uses to interface with her sewing machine, which only comes in Windows and Mac flavors).
Linux is frustrating as hell even for *me*. The first time she calls with a problem and I tell her to open the command line interface, she's going to disown me (and then no more Christmas presents for me).
SJW: Someone who has run out of real oppression, and has to fake it.
I don't think you know what a security model is.
If you don't know where you are going, you will wind up somewhere else.
What defence is there against the end users downloading and running MacDefender and giving up the Admin password?
A big part of the problem is Safari's default settings. Safari will automatically download and run the MacDefender installer. This, in itself, is harmless (you can quit the installer), but that default behavior in Safari makes it that much easier for malware authors.
Apple needs to acknowledge that Safari's default setting to automatically download "safe content" needs to be disabled.
Bingo. I remember when they included "safe content" auto-run in Safari, and thinking to myself... this is just begging for an exploit (OSX does have layers of security, but this was a barn-door through an important security layer).
They need to do a bit more thinking about that whole concept and produce their equivalent of "iPhone cut and paste" that solves major dilemmas (usability vs. security) while also being default secure (and optionally allowing lockdown for the paranoid).
Gruber aside (he posed Mac App Store as the "solution" to these kind of trojans), Apple needs to acknowledge that 90% of users download potentially-executable stuff from the internet, and OSX needs to get savvy security-wise on that... growing pains and all.
Make sure everyone's vote counts: Verified Voting
Malware writers don't choose target platform based on how hard it is to write malware for it. They choose it based on what is the target of malware.
Windows has been the obvious target because of its market share. As Mac OS market share grows, so does its attractiveness as target for malware.
Otherwise, let the OS do what it needs to do and complain to your software vendors for their buggy software.
To what Microsoft support channel should I complain that Windows Notepad (or any other application included with Windows) doesn't automatically save and restore an unsaved document across a restart?
Then I will stop buying from those computer makers [who lock down the owner of a computer from installing software].
Let me guess: You've stopped buying from [all the console makers].
Yeah, is that so hard to believe?
It is when there are entire genres of games that are underrepresented on PCs and Macs compared to consoles. Statistically nobody wants to connect a PC or Mac to a television to play a video game, so very few games for PC or Mac support a use case with multiple gamepads.
ObMac: And how long until Apple starts using lockdown on new APIs in Mac OS X so that only applications in the Mac App Store and applications built with a $99/year Mac App Store developer program certificate can access them?
I hope you were joking about that... or did you mean to say you got her an OpenBSD system??? :P
My abilities are only limited by my imagination
Windows 7 has application whitelisting as part of its parental controls as well.
Redundancy is good And also good.
how does your mom feel about how you treat her like a child?
-- Flame me and I will happily flame you back. Bring it!
She is glad to not have to deal with malware, and since she generally called me up to ask for help with things before, there really is not much of a change. It is not like I failed to inform her of what I was doing to her system, and I am entirely willing to explain to her whatever it is that she asks. Really it is not as big of an issue as you seem to think -- in no way is there any disrespect and nobody is being treated as if they are unintelligent. We are not talking about a censorship/parental control program, we are talking about the equivalent of mounting home directories with the noexec flag.
Palm trees and 8
You never, ever hear people say, "I have a Mac, but if it had viruses, I'd switch to a PC". NEVER. That's a fantasy that people who sell PCs tell themselves. What you are calling "stupid" is simply a lack of knowledge and a lack of either desire or enthusiasm for getting to know technology the way nerds do. This is not "stupidity", it's just being a person with different interests than you.
You also keep building the same old straw man, that Mac users think Macs somehow magically can't possibly get viruses. When people say this, they all but universally mean that they don't have to worry about viruses, not that they are impossible. Any time a Mac user talks about this online, they *ALWAYS* point out some variation of "but it's not impossible", to appease PC nerds like yourself who are so quick with a bag of straw.
Right now, even with MacDefender, Mac users don't have to worry about viruses. This may change. This is really the first somewhat interesting malware for the Mac, and only time will tell how this is going to pan out, but even assuming this is the beginning of a virus "tidal wave", people aren't going to all of a sudden switch to Windows. Why would they? It's not like the virus situation there is any better. In fact, even if this is the start of a "tidal wave" (which has been predicted for a decade now, and is not something you can reliably predict anyway), it would have to be a tidal wave of a *PHENOMENALLY IMPOSSIBLE* magnitude for it to be worse than on Windows.
More and more people are buying Macs at an ever increasing rate. Lack of viruses is just one part of their reasoning.
There is ClamAntivus but it is just a scanner and does not offer a shield or active protection.
BitDefender for Linux...
will scan mounted Windows partitions as well.
very nice to have on a live CD. While you are
disinfecting your (insert relationship here)'s
computer you can also show them the benefits
of using Linux.
-AI
For me, it is far better to grasp the Universe as it really is than to persist in delusion
I figured I would finally get my mom a computer that even *she* couldn't get infected, so guess what I got her for Mother's Day?
Bloody hell.
Or you could have given her a nice, older
machine and just put a Live CD of Ubuntu
on there.
There, now was that so hard?
-AI
For me, it is far better to grasp the Universe as it really is than to persist in delusion
If they need to be given a locked down account for their own good, then it sounds like they are not very adept with computers to begin with
Is it unimaginable to think that your mom could learn how to improve her computer skills, or maybe even enjoy trying new things? Or maybe she gets a kick out of silly web stuff that you find childish. Or maybe, like so many people here, she wants some agency over the devices she uses. Maybe she resents your assumption that somebody needs to hold her hand all the time. I'm sure there would still be malware and other problems, but isn't it better to learn through your mistakes than being scolded for breaking a box?
-- Flame me and I will happily flame you back. Bring it!
Early PC stuff was a joke too. Give it some time to get going.
How is that comment interesting???
Early PC stuff a joke? The early PC stuff I remember was
some of the worst stuff out there! You usually found out
you were infected when you had to take the HD out, put
it in another machine and find out all of your files were gone.
While I dislike the notion of a PC of mine turning into a
zombie... I sure dislike it LESS than the early boot sector
infectors and file and hard drive erasers of the early years.
Stuff nowadays is less like a virus with intent on killing
you and more of a parasite that requires it's host be alive.
-AI
For me, it is far better to grasp the Universe as it really is than to persist in delusion
Like I said, whenever she has a question, she asks. She also does, in fact, have full control over her computers -- at any time, she can have anything changed by myself or by others (I left single-user-mode available) if the security settings become a problem. It has never been a problem, and I have never "scolded" anyone -- a gentle explanation of why some action is being prevented is more than enough. If she wants to learn about her computer, she is entirely free to do so -- I have not actually done anything that prevents her from removing the security, and like I have repeatedly stated, I am entirely willing to explain anything that she asks about.
Palm trees and 8
a gentle explanation of why some action is being prevented is more than enough.
the only way to learn is to learn by breaking things then cleaning them up. No manner of safety glass / training wheels / cushioned corners / walled gardens is a replacement for that.
-- Flame me and I will happily flame you back. Bring it!
Yes, if my mother was cleaning up the computer and not just calling me and having me do it (or worse yet, paying someone else to do what I would have done), then yes, I would agree. Like I said, if she wants to start, the SELinux could be put into permissive mode or even disabled at any time -- the security is only mandatory to the point of booting into single user mode. I would even give her step-by-step instructions on how to do it, if she wanted or expressed even the slightest bit of interest.
I became the family IT guy over a decade ago, and in that time, I have been the one who gets called in to clean up when things go bad. With malware getting nastier and me getting busier, that really cannot continue; things cannot go bad as often as they used to, and that is where SELinux comes in.
Just so the message is clear, since you seem to thing that I have set up some kind of iOS clone: all anyone would have to do is boot into single user mode and run three commands, and the system has the same SELinux policy it had when it was freshly installed. There is really no effort to stop anyone from learning if they want to, this is just a way to get more time between phone calls asking for help.
Palm trees and 8
Early stuff was crappy viruses like Format A, that did absolutely nothing but replicate themselves. You could run f-prot from inside the infected OS and catch everything.
What are you talking about? The early viruses from the 1980's and 1990's were nasty. They'd trash your partition table and MBR, erase your files, corrupt your files, modify your executables, and render your floppies unreadable. Basically kiss your data goodbye. The ones nowadays are relatively benign. They can be nasty to get rid of if you try and go with the clean up route, but it's easy to back up your data files, nuke the installation, and start over.
Of course, with that said, I do remember a few viruses from back in the day that did silly stuff like play music from the beeper and were otherwise harmless.
If you were any more full of shit I could squeeze you and solve the energy crisis! You accuse me of building straw men while you desperately jump through logic hoops and split hairs with a fucking laser! I don't give a wet fart whether you call it malware, trojan, fucking STD and you know what? i'll let you in on a little secret...here it comes...to the user it is ALL viruses all the way down, kay?
And whether you stick your head in the sand and go "tra la la" ain't no concern of mine friend, if you want to think all mac owners are Harvard educated CS grads, go right ahead. i'll tell you you're completely full of shit,. but don't let me stop your delusions none. Whether you refuse to accept it or not many believe Macs are immune to ALL viruses and Yes Virginia they consider this a virus. Get your panties in a twist if you want, but folks decided anything nasty is a bug a while back, right around when they decided there wasn't a difference between "hacker and cracker'. And I have seen sales guys in Worst Buy feed that very same lie to sell Macbooks.
So whether you choose to see that this is a bug, or that many Mac owners believe they can do whatever they want on the net is YOUR business, but as a guy that has been in the trenches for damned near 25 years I can tell you its a fact. I'm betting right now there is a shitload of VERY pissed off mac owners who had their little bubble burst on Macs being immune. Will that get them to switch to Linux or Windows? Who knows, but I doubt it. People are lazy and stick with what they know and nobody markets boutique slick like old Jobs. But what I CAN tell you is the malware writers are gonna have a field day, because they already have seen blood in the water, and they know the Macs are like sheep waiting for the wolves to descend. so many have convinced themselves they have no reason to ever worry they don't even think.
How else do YOU explain a trojan that needs a password spreading like wildfire? Were all those Mac owners just bored and wanted the "fun" of dealing with malware? Give me a break! .
ACs don't waste your time replying, your posts are never seen by me.
First off, you're engaging in another straw man, I never played the "it's not a virus" word game. And no one says viruses are impossible on the Mac. They say you don't have to worry about them, which is true. When one of your victims says, "I don't need antivirus, I have a Mac, Macs can't get viruses," they don't mean it's impossible, they mean it's not possible right now, and although there are a very small handful of trojans (which I'm including as viruses, you idiot), it's still true in the way people mean it, which is that they don't need AV software.
There isn't a single Mac user who will tell you that Macs will never need antivirus software.
Second, it's not "spreading like wildfire". It's the most successful Mac malware to date, but it's still insignificant.
And finally, you may have been "in the trenches" for 25 years, but that clearly hasn't imparted any actual knowledge beyond the PC. You are too set in your ways to understand how different things might work differently. To, it's already a foregone conclusion that Mac malware is going to explode... Funny, jackasses like yourself have been claiming that for a DECADE now, to no avail. Sure, it's *possible* that it will happen, but it's not necessarily coming any time soon.
Will that get them to switch to Linux or Windows? Who knows, but I doubt it.
That was YOUR point. This is a perfect example of PC jackasses making up bullshit claims. You pose a question that you don't even think is likely? That's an extremely dishonest way to try to bolster your point.
You also try to pain Mac users as stupid and arrogant rich people. That is just another example of your pathetic inability to understand people who aren't just like you.
*cough* Ahem. http://arstechnica.com/apple/news/2011/05/new-mac-defender-malware-variant-drops-admin-password-requirement.ars
-]Phreak Out[-
No password required. User interaction to begin, sure. http://arstechnica.com/apple/news/2011/05/new-mac-defender-malware-variant-drops-admin-password-requirement.ars
-]Phreak Out[-
The user still needs to click through dialogs, but doesn't have to give admin password in the new version: http://www.computerworld.com/s/article/9217061/Newest_MacDefender_scareware_installs_without_a_password?taxonomyId=89
Why is only 2/3rd of that terminal commands? There's something called rm, you know...
I am not devoid of humor.
1. Virus authors like to pick on the most popular platform, hence Windows (currently, anyway). But you're clueless if you think that's the ONLY reason we don't see more problems with malware on the Mac. Attacking a Windows system has traditionally been like shooting fish in a barrel. All your users could be expected to be running with the equivalent of "root user privileges" at all times, and the design of the OS with a "system registry" made it incredibly easy to secretly run programs at startup. (How many places did they conclude you were able to tell Windows to run a program during bootup by way of registry entries? I believe someone said at least 14?)
2. I was simply writing about the experience from off the top of my head. Yes, .scr is the extension for a Windows screen-saver (often a malware vector though anyway, as they know people can't resist allowing the download of a file that promises to give you a cool new screen-saver of something or other that's pretty/shiny). However, it's ALSO the default for script files in AutoCAD if you have it installed, and it's used in several other ways as well. Substitute "download a script (.vbs extension)" if it pleases you... whatever. The point is, you'll see all sorts of lame attempts to send you filetypes which OS X won't even use when you surf "questionable" web pages.
3. Your "better idea" stinks, and sounds to me more like what I'd hear spouted off by some low-wage Geeksquad loser..... I'm asking people to try using a Mac to do things that typical Windows users do every day, causing them virus infections, so they can learn a little bit about what's going on out there and see for themselves if the Mac really handles itself any better in that scenario (and yes, it does). You're suggesting that for whatever reason, it would somehow be more "useful" for me to ask hackers from all over the world to target my specific IP address, trying to hack into my Mac sitting at that address. Whatever method(s) they'd eventually come up with to hack in, they'd have little to nothing to do with the reasons why it's safer to surf Internet web sites on a Mac than in a browser on a Windows platform! I probably wouldn't even get the opportunity to really see what they were doing either.
This isn't about saying it's IMPOSSIBLE to put a virus on a Mac (or hack into it, which wasn't even the topic of discussion). This is about current REALITY.... what your average user experience really will be if they take home a Mac running OS X and use it tonight to get on the Internet, vs. what it'll be for a Windows user doing the same thing. And yes, if they used a Linux machine to go online, they'd have pretty much an equally "virus/malware resistant" result. That's because BOTH Linux and OS X are versions of Unix.
Eight seconds according to this InformationWeek story. So make sure to have the Service Pack 3 disc handy if you'll be providing PC repair service to someone who might have Windows XP RTM or SP1 discs, so that you can install the service pack before connecting the computer to the Internet.