Slashdot Mirror
Flashback Trojan Hits 600,000 Macs and Counting
twoheadedboy writes "A Flashback variant dubbed Backdoor.Flashback.39 has infected over 600,000 Macs, according to Russian security firm Dr Web. The virulent Flashback trojan infecting Apple machines sparked interest earlier this week after it was seen exploiting a Java vulnerability, although it was actually first discovered back in September last year. The Trojan has a global reach after Dr Web found infected Macs in most countries. More than half of the Macs infected are in the US (56.6 percent), while another 19.8 percent are in Canada. The UK has 12.8 percent of infected Macs."
Is it just wrong if I laugh a little?
Seven puppies were harmed during the making of this post.
Is there any way to check whether your Mac is infected?
It's only been a matter of time. Many people think that since the common knowledge is that Macs don't get viruses, they are immune to everything else (including trojans). Only the computer nerds differentiate between viruses, trojans, and malware you get by clicking on something on the internet.
it used to be magic pixie dust protected Macs but in the last 6 months i've been using the Spirit of Steve
time to find some new protection
The users just surfed wrong.
But seriously, Apple screwed the pooch really good on this one. Looks like it's time that their corporate culture goes through the same "trustworthy computing" initiative that Microsoft went through over the last few years.
thats nice
http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml
See here: http://www.f-secure.com/v-descs/trojan-downloader_osx_flashback_i.shtml
Summary:
If you open Terminal and run
defaults read /Applications/Safari.app/Contents/Info LSEnvironment
and
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
and see:
The domain/default pair of [...] does not exist
for each, you are not infected. Also, if you run nearly any AV software or other tools like Little Snitch, you are not infected as it checks for these and deletes itself if found.
Also, no sensible person ever said "Macs don't get [infected/hacked/whatever]." It just a lot less likely, and has historically been, even accounting for differences in marketshare. As Mac share increases, it only makes sense they'll be targeted more with malware. But Macs, as a whole, are indeed "more secure", in that still, to this day, you are far less likely — even with the complacency or, if you prefer, ignorance, of Mac users — to become impacted with any malware than with Windows. Maybe someday this will change. But it's never been true to date, and isn't true now. The fact that single instances of Mac malware get so blown out of proportion, STILL, is ridiculous. (Though, Apple could do better with patching known vulnerabilities in Java on Mac OS X...)
The same advice and best practices for avoiding malware apply to Macs as well as any other desktop platform, and Mac users would do well to run current AV software. The Sophos free edition is nice.
Gizmodo's article shows how to determine if your machine is infected. http://www.gizmodo.co.uk/2012/04/mac-flashback-trojan-find-out-if-youre-one-of-the-600000-infected/
Can we please end the madness where people claim that since an OS is a variant of unix it can't get a virus? Users do stupid things, stupid things have consequences, doesn't matter the make of the car you are driving if you are a drunk moron soon enough you'll crash into something. Similarly if you are a horny moron eventually you'll browse to a site that will find a way to get you to install some junk that will trash your computer all in the name of some desperately needed friction motivation.
HAHA HAHAHHAHAHAHHA Hahahahahahhaahha
hahahahahhahahhahahahhahahahh
HAHAHAHAHAHAHahahahahahahaha
while those of us with more than two brain cells to rub together will continue to use the best of the best
See, I question if you really do have those two brain cells.
;P
Because most people who do? Know that there is no "best of the best".
As much as most slashdot readers love to hate on windows/apple and love on linux, the only "best" operating system is the one that suits the customers needs the most.
For you? It's mac. And that's great! I'm glad you found an OS you're happy with.
But that does not prove true for everyone.
Also, immediately dismissing the issue as a "hoax" before even reading the article isn't a sign of intelligence.
Especially so if you use a mac and should probably learn how to check if you're infected.
So what you are telling me is they managed to get all of them?
So, Linux has NEVER had a java exploit?
There are two types of people in the world: Those who crave closure
This is the problem with the web. When the first DBI ( Drive By Infection ) happened the code that allowed this sort of thing to happen was not ripped out "with extreme prejudice" and in an old /. post I asked why and there was damn little in the way of a response.
So I ask once again, why has this not been fixed? Why are there so god damn many ways to do this and how come that ability has not been removed?
It seems to me that in the insanity of try to make the browser everything instead of a piece of software that renders text, there is nothing but vulnerability after vulnerability and I really don't see any end in sight since in trying to make the browser do everything it needs more and more access to the core functions of the OS it is running on. How can this not lead to more and more attack vectors?
Hey KID! Yeah you, get the fuck off my lawn!
Can't be laid at the feet of Microsoft.
Mac users have long embraced a culture of denial; "I'm safe, I use a Mac." Gloating Linux users should take note. Yes, Linux is among the best, but it isn't invincible. Due diligence in firewalls and vetting app sources is a requirement on ALL platforms. (Yes, you too, BSD folks.)
LOL I'll have to remember that one.
And btw, http://lmgtfy.com/?q=screwing+the+pooch+origin
^_^
I hope for your sake that you're not living in Arizona.
Market share has something to do with it, as does a pretty good track record of security, but the type of users that use Linux is also a significant reason that we don't see widespread malware affecting desktop Linux. Your typical Linux user is generally more nerdy, computer literate and security concious.
If you did a survey of how many users clicked on pop-up banners, opened PDFs from spam email, granted permission to untrusted Java applets, etc, I bet the percentage of Linux users who fell in the traps would be smaller than the other OS users.
This is a drive-by trojan, not a virus.
Trolling is a art,
It's not a virus. It's a trojan. Ain't no Mac viruses. But, good one!
Correct
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
You wish.
Too bad Apple is selling 4+M Macs per quarter.
There are two types of people in the world: Those who crave closure
Wrong.
Here, step by step directions on how you can make one:
http://www.offensive-security.com/metasploit-unleashed/SET_Java_Applet_Attack
There are two types of people in the world: Those who crave closure
Before we rehash the same old comments - and effectively clone a number of threads that have gone before, shouldn't we examine the claim of 600,000 infections?
That's the remarkable thing about this story. I'm not overly familiar with Dr.Web as a security company, but I'm more than a little skeptical about the distribution of infections.
The website gives little information about how the research was carried out http://news.drweb.com/?i=2341&c=5&lng=en&p=0.
How is it that the UK has seen 12.8% of worldwide infections, while Ireland has seen just 0.1% of infections? The UK has a population ten times bigger than Ireland, so given roughly equal market share (5 to 6%), you'd expect a tenth of number of infections or thereabouts.
Switzerland has a much higher market share than Ireland (17%) and a larger population, but comes out with the same 0.1%.
I'd like to understand how these numbers were arrived at and verfied. If they are genuine and valid, I'd love to know how Switzerland is staying safe, because we should probably all adopt their methodology.
I tried to read your post on my Mac, but all I could see was a picture of a snake and something about raptors.
In a survey of 100 programmers, 111111 thought that duck-typing was a good idea.
There are over 100 million Macs in use in the world*. So what we have here is some random Russian anti-virus firm is claiming that 0.6% of them are infected with a trojan due to a vulnerability in Oracle's Java engine (for which Apple has already sent out an update to patch the vulnerability). And that Russian firm would love to sell you the cure.
Yeah, that totally proves that Macs are just as unsafe as PCs.
* http://wiki.answers.com/Q/How_many_Macintosh_computers_are_in_use_worldwide
Does anybody know if Gatekeeper which is touted for the next OSX release would have prevented this? And if so how does it stack up against pending changes in windows and Linux?
The piece said 50% of infected machines were in the US, not 50% of US machines were infected.
And actually I do see linux boxes with old vulnerabilities pretty often. One of the problems with OSS is that updating often breaks libraries... which if you have compiled 3rd party software installed can be a real barrier to updating. We have one machine that has not been updated with any patches for 2-3 years now because they will break installed apps.
by at least an order of magnitude.
The users just surfed wrong.
Windows infection vectors these days are either through Flash or Java VM. Slashdot previously ran a story on how windows gets infected with malware back on Oct 5, 2011 with an included source link in the summary.
Life is not for the lazy.
Good catch. How dare they be so misleading, with the title of "Flashback trojan hits 600,000 Macs and Counting"? It's a trojan people, not a virus.
I do have to take exception with this statement, however: "There has not been a single virus on the Mac in the wild, ever."
Some of the first viruses ever (but not THE first), back in the early 80s, were Mac viruses spread over the Texas A&M network. Not to mention Elk Cloner, AutoStart 9805, OSX.Oomp, and others. You have either a very selective or very limited memory.
Macs still Just Work. That's because it's Unix with a fancy hat on.
I used to have a Mac, and I know from a deeply personal experience that Mac is more like UNIX with a ball-gag on and its hands tied behind its back. It is the best platform if all you want is to get reamed by Zombie Steve.
So
Chas - The one, the only.
THANK GOD!!!
OSX has not had a single virus in the wild since its introduction. The first person to get a virus to spread from machine to machine on OSX will be world famous. And it's not like people don't try.
Viruses are self replicating code that spread themselves via the network or sneakernet. Since OSX, Linux, Solaris, FreeBSD and all other sane OSes strip the execute bit from files coming in off the wire, this is a major hurdle to get over, and is why virus and worm propagation on OSX, other Unices, and Unix like OSes like Linux sucks.
This was a trojan. Trojans are different. They typically need to trick the user into installing them, and they do not self-propagate.
But the distinction is lost on people, such as yourself who refuse to believe there is any difference between the Bagel worm and a program that tricks the user to deltree c:\*.* or rm -rf /*
With that said, there is a way to make certain well-behaved Windows viruses and worms spread cross-platform, and that is to run wine. But then the requirement is that the virus or worm be well behaved and not depend on undocumented Windows features. These are few and far between, and even then, it runs in userspace and the cure is to rm -rf .wine.
"even if you want to write a virus for iOS you can't" and "there is zero malware in the app store".
That's because your code is up for review if you want Apple to sell your program for you in the Apple store. They check it for bad stuff and vet the program. The Apple Store is much like the trusted repositories you see in the Linux world. The repo system for Linux has proven time and again this is a good way to go. The only difference with the Apple store is that there is only one repo, theirs.
>implying that third party software vulnerabilities are suddenly the OS vendor's fault
This is not even true in the Windows world. Nobody blames Microsoft for an Adobe Reader or Flash vulnerability. Adobe certainly does attract enough blame themselves.
--
BMO
Thank you.
It's a sad day when the reddit thread is having a mature and helpful discussion about this, while Slashdot (with the exception of your above post) is having a circlejerk making fun of Mac users.
"Mind, as manifested by the capacity to make choices, is to some extent present in every electron." -Freeman Dyson
Only on slashdot.
Damn stupid signon...
As I was going to say. Malicious software is malicious software. REGARDLESS OF ATTACK VECTOR.
You can continue to rant and cry about how your precious little "lifestyle choice" isn't at fault for this.
The fact remains that Macs are vulnerable to malicious software. And the head-in-the-sand (or up-ass, depending on whom you speak to) attitude displayed by all the elitist prats in the Mac community doesn't help this.
Chas - The one, the only.
THANK GOD!!!
Please RTFA, it's a drive-by attack and does not require user interaction.
It would really be useful if there was an easy way for the Mac user to run downloaded programs in a sandbox or in another user account that has very few permissions.
The biggest dangers to Mac users these days from what I have seen are:
1) Hard disk dies and you don't have a bootable image. Even with Time Machine it was not easy for Mom to restore her apps, and had decided not to buy two extra hard disks, 1 for time machine and 1 for full image backup like superduper. I have a feeling this is more common than one would expect.
2) You download a malicious app that trashes your user's home directory.
In either case Macs can have many user accounts but nobody is using this facility much, and it could be quite useful.
What sort of retarded package manager does not know to retain older versions of a library, as required by installed apps? If you are not using package management, why have you not sandboxed the troublesome apps yet?
Something bad is coming when people are suddenly anxious to tell the truth.
I recommend not going to /. for advice when it comes to Macs and anti-virus software :)
Obvious exits are NORTH, SOUTH, and DENNIS.
One of the problems with OSS is that updating often breaks libraries...
I haven't had that happen in years and years. Debian 3.0 era (though I suppose jumping distro releases in RHEL has the tendency to break RPMs on occasion).
which if you have compiled 3rd party software installed can be a real barrier to updating.
That's your problem. You've got crap not built from packages. Why didn't you package them? There's a good case for doing so. (Either you need to build things from source and package them, use packages, or drop your binaries fully outside the system tree - eg. /opt - and modify the $PATH.)
We have one machine that has not been updated with any patches for 2-3 years now because they will break installed apps.
Are there no updates for those apps? I've not yet seen an app which wouldn't deal with the newer versions of a library, not even proprietary stuff.
~/ssh slashdot.org ssh: connect to host slashdot.org port 22: too many beers
Not all apps go through package management, and sometimes they depend on libraries that other system components also depend on.
Unfortunately 'sandboxing' sometimes requires so much of the system that the only solution is to set up a VM, which puts you right back in the 'old distribution' category'
I can't speak for GP, but for my home computer, NVidia drivers, VMWare, Flash and the fragile sound system are the worst offenders. On every kernel / core libraries update, there is a good chance some of these will break. So I'm sometimes reluctant about updating, too.
*shrug* not everything comes with source or has source available, and not all vendors are happy (or willing) to keep providing new binaires over the years, esp if you are not paying them for it.
Which gets back to the issue with OSS in this specific domain. OSX and Windows do a pretty good job of maintaining backward binary compatibility. You install an app, that app will probably keep working across many updates. OSS tends to assume that you have the ability to rebuild form source or your app is being maintained through the packaging system of that distribution. For most people this is indeed the case, but when it is not such systems can become a real headache and it is not always possible (or at least not always easy) to isolate large parts of the system in order for the app to use some system libraries while everything else uses another. It gets even worse when you are talking about things that need kernel modules.
It kinda come back to 'to each their strengths and weaknesses', and this is a weakness of OSS when it comes to deploying exotic 3rd party applications.
The users just surfed wrong.
Windows infection vectors these days are either through Flash or Java VM. Slashdot previously ran a story on how windows gets infected with malware back on Oct 5, 2011 with an included source link in the summary.
Don't forget Adobe Reader.
What a piece of shit.
You are correct. However, what detects both of those? Antivirus software! By differentiating the two for the average user, you are doing them a disservice, in that they won't bother to run antivirus because they will see it as ineffective against these vere real threats, when it would actually benefit them.
APK quotes people (including myself) without context and should not be trusted. Just thought you should know.
Oh yes. Indeed. It's a massive piece of shit. I hate everything about Acrobat Reader from how the browser plugin fucks up reading bank statements in PDF format, the bloat, and slowness despite 2D acceleration features. And to make it all worse, it makes a nice web browser vector by which to get infected by. Ta daaa!
Life is not for the lazy.
A couple weeks ago, while taking my asian girlfriend shopping at the local mall, I had to take a piss. As I entered the john, Steve Jobs -- the messiah himself -- came out of one of the booths. I stood at the urinal looking at him out of the corner of my eye as he washed his hands. He didn't once look at me. He was busy and in any case I was sure the security guards wouldn't even let me shake his hand.
As soon as he left I darted into the booth he'd vacated, hoping there might be a lingering smell of shit and even a seat still warm from his sturdy ass. I found not only the smell but the shit itself. He'd forgotten to flush. And what a treasure he had left behind. Three or four beautiful specimens floated in the bowl. It apparently had been a fairly dry, constipated shit, for all were fat, stiff, and ruggedly textured. The real prize was a great feast of turd -- a nine inch gastrointestinal triumph as thick as his cock -- or at least as I imagined it!
I knelt before the bowl, inhaling the rich brown fragrance and wondered if I should obey the impulse building up inside me. I'd always been a liberal thinker and had been an Apple customer since 1984. Of course I'd had fantasies of meeting Jobs, sucking his cock and balls, not to mention sucking his asshole clean, but I never imagined I would have the chance. Now, here I was, confronted with the most beautiful five-pound turd I'd ever feasted my eyes on, a sausage fit to star in any fantasy and one I knew to have been hatched from the asshole of Steve Jobs, the chosen one.
Why not? I plucked it from the bowl, holding it with both hands to keep it from breaking. I lifted it to my nose. It smelled like rich, ripe limburger (horrid, but thrilling), yet had the consistency of cheddar. What is cheese anyway but milk turning to shit without the benefit of a digestive tract?
I gave it a lick and found that it tasted better then it smelled.
I hesitated no longer. I shoved the fucking thing as far into my mouth as I could get it and sucked on it like a big half nigger cock, beating my meat like a madman, and thrusting my pink iPod Shuffle into my ass. I wanted to completely engulf it and bit off a large chunk, flooding my mouth with the intense, bittersweet flavor. To my delight I found that while the water in the bowl had chilled the outside of the turd, it was still warm inside. As I chewed I discovered that it was filled with hard little bits of something I soon identified as peanuts. He hadn't chewed them carefully and they'd passed through his body virtually unchanged. I ate it greedily, sending lump after peanutty lump sliding scratchily down my throat. My only regret was that Steve Jobs wasn't there to see my loyalty and wash it down with his piss.
I soon reached a terrific climax. I caught my cum in the cupped palm of my hand and drank it down. Believe me, there is no more delightful combination of flavors than the hot sweetness of cum with the rich bitterness of shit. It's even better than reading an Apple press release!
Afterwards I was sorry that I hadn't made it last longer. But then I realized that I still had a lot of fun in store for me. There was still a clutch of virile turds left in the bowl. I tenderly fished them out, rolled them into my handkerchief, and stashed them in my briefcase. In the week to come I found all kinds of ways to eat the shit without bolting it right down. Once eaten it's gone forever unless you want to filch it third hand out of your own asshole. Not an unreasonable recourse in moments of desperation or simple boredom.
I stored the turds in the refrigerator when I was not using them but within a week they were all gone. The last one I held in my mouth without chewing, letting it slowly dissolve. I had liquid shit trickling down my throat for nearly four hours. I must have had six orgasms in the process.
I often think of Steve Jobs dropping solid gold out of his sweet, pink asshole every day, never knowing what joy it could, and at least once did, bring to a grateful Apple customer.
C|N>K
I'm a Mac user for about 27 years, but I LOL'd.
I won't be buying any more Apple products (I have only bought used for years anyway; saves thousands) until they change their supply chain to be environmentally sustainable and not abusive of workers (a problem which is not unique to Apple, of course). Which is unlikely to ever be resolved in China. So...
you had me at #!
Marketshare has an effect, but the pro-Microsoft crowd vastly oversells it when excusing the prevalence of malware on a given platform (Windows).
Mac marketshare dropped precipitously well over a decade ago, yet malware was a very big concern on pre-OSX systems. Even though Mac marketshare has recovered these days, the severity of infection rates on OS X doesn't even approach how bad it was in the pre-Unix days.
I would assume so if Apple doesn't support Mac OS X 10.5.x anymore. I hope disabling Java in web browsers is enough since there's no way to uninstall it because Mac OS X came with it. :(
Ant(Dude) @ Quality Foraged Links (AQFL.net) & The Ant Farm (antfarm.ma.cx / antfarm.home.dhs.org).
AV vendors would certainly like to claim otherwise. But some OSes are better at protection than others.
The lack of any expectation of OS protection is what made Windows the festering cesspit that the general population associates with pain. Regardless of whether its attached to a PC or not, there isn't a single MS product today with the 'Windows' moniker that isn't either losing money or in decline. (And thank goodness for that!)
PS - The article is about a trojan (user-installed) which you are mistakenly confusing with a virus.
How do you get those numbers, unless you wrote the software yourself?
Coincidentally, the originators of the information (a Russia based firm called Dr Web) have a virus scanner they can sell you. You'll probably need root to install it...
Nope! Nothing suspect here...
http://news.drweb.com/?i=2341&c=5&lng=en&p=0
MYTHS!
https://vms.drweb.com/myths/
Does anyone have any suggestions for getting rid of the damn thing?
Instead of flaming each other maybe we can skip to the part where we say how to remove it completely. Same goes for Windows Malware. If we put in one tenth of the energy documenting the removal of these things that we do into flaming there wouldn't be malware to speak of. Removing the stuff is a pain and every tech I know has a different set of tools they use to do the job.
In regard to this piece of malware I have scanned computers with Integro's VirusBarrier X6 and it takes days to complete a scan and doesn't seem to be able to remove it anyway. How it takes days is beyond me, there's only a handful of malware for macs and it seems like a full scan would take seconds, but hey, that's just me.
You mean OSX/Leap-A from 2006 isn't technically a virus? Are you going to explain how a worm is not a virus? Or did you just not know?
"Our two-party system is like a bowl of shit looking at itself in a mirror." - Lewis Black
Leave your computer on and at 3am ish it'll install the updates and reboot, if needed. For regular update cycles it is a bit lax about what day it happens on, presumably to keep load down, but for really important ones it forces it Tuesday.
If you leave Windows in its default setting, it'll mind after itself quite well.
Gawdam, it's really too bad that wouldn't fit readably on a T-Shirt.
Is this was actually a Big Mac Attack?
--- If the bible proves the existence of God, then Superman comics prove the existence of Superman.
I said [trojans] do not self-propagate.
You said Sorry to break your bubble, but this was a drive-by exploit using a hole in Java.
That's not self-propagation. It also pretends to be a Flash update. That's not a virus. That's a trojan.
Hope this helps.
--
BMO
OSX has not had a single virus in the wild since its introduction.
You should have bolded "in the wild" as well -- the MachoMan virus has been around for years -- although it likely wouldn't work on modern Intel macs under OS X 10.7.
The first person to get a virus to spread from machine to machine on OSX will be world famous.
Surprisingly, they liked being anonymous even though they were a researcher -- likely because releasing such a piece of malware would make them extraditable to most developed western countries.
And it's not like people don't try.
Viruses are self replicating code that spread themselves via the network or sneakernet. Since OSX, Linux, Solaris, FreeBSD and all other sane OSes strip the execute bit from files coming in off the wire, this is a major hurdle to get over, and is why virus and worm propagation on OSX, other Unices, and Unix like OSes like Linux sucks.
Actually, it's really simple: you can either create an installer package (like last year's Mac FakeAV did) that automatically sets +x, or you can just drop and run shellcode that does chmod +x. Flashback, which we're talking about now, just takes advantage of launch services. In any case, a virus, under the most limited of definitions, wouldn't need to set +x, as it would already have attached itself to an existing process that is already executable.
This was a trojan. Trojans are different. They typically need to trick the user into installing them, and they do not self-propagate.
But the distinction is lost on people, such as yourself who refuse to believe there is any difference between the Bagel worm and a program that tricks the user to deltree c:\*.* or rm -rf /*
This wasn't a trojan; it started off as a trojan, but has morphed into a piece of spyware installed via a third party plugin exploit.
With that said, there is a way to make certain well-behaved Windows viruses and worms spread cross-platform, and that is to run wine. But then the requirement is that the virus or worm be well behaved and not depend on undocumented Windows features. These are few and far between, and even then, it runs in userspace and the cure is to rm -rf .wine.
Or, you could do what these guys did, and exploit Java. Or, you could exploit Flash. Or one of a myriad of other executable platforms common to multiple platforms.
"even if you want to write a virus for iOS you can't" and "there is zero malware in the app store".
That's because your code is up for review if you want Apple to sell your program for you in the Apple store. They check it for bad stuff and vet the program.
This is overly simplistic. Did you miss the piece of software that made it into the app store that was created by a threat researcher a few months back? It captured user data and sent it back to him. He did it to show how easy it was to bypass Apple's vetting process.
The Apple Store is much like the trusted repositories you see in the Linux world. The repo system for Linux has proven time and again this is a good way to go. The only difference with the Apple store is that there is only one repo, theirs.
No, there's another difference too: All self-respecting Linux repos vet and compile their own source code; Apple vets the compiled binaries. This means it's MUCH easier to slip something by, as it's not sitting there for the world to see -- just in an obfuscated form for a small number of Apple reviewers to possibly catch.
>implying that third party software vulnerabilities are suddenly the OS vendor's fault
This is not even true in the Windows world. Nobody blames Microsoft for an Adobe Reader or Flash vulnerability. Adobe certainly does attract enough blame themselves.
Oh look, a reasoned response instead of spittle-flecked text.
Thanks...honestly.
>me being simplistic
There is only so much time I can put into a post and I ain't perfect.
--
BMO
I'm afraid you don't have a clue. To start with, that would not be a Linux exploit. As you pointed out it would be a Java exploit. A Java exploit on Linux, Windows, or OS X is not a Linux, Windows, or OS X exploit. Obviously if I run software you have written on my machine that software will have vulnerabilities. On most Windows boxen in the wild (i.e. horribly and wrongfully configures out of the box), once I exploit your app I can own your OS. On almost all Linux distributions, however, you may access local user data and screw up the local users stuff, but you will not own the OS.
Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
Just to play devil's advocate here, AV2012 probably infects that many each day, or hour for that matter.
Sigh. Stay classy slashdot.
"-1 Troll" does not mean "I disagree".
If you're going to discuss technology, definitions matter especially when those definitions describe the vectors for malware.
Also, learn to write English. Phone-speak is the sign of a moron whether you are or not.
--
BMO
You really shouldn't speak about yourself in that way. Such a lack of self-esteem.
Seven puppies were harmed during the making of this post.
Even on desktops, I find the standard windows automatic updates schedules to be insufficient.
At work, most people shut down their computers overnight, missing update windows. Other people never log off, so you can not expect the computers to install updates at shutdown. People can not be relied on to notice the Automatic Updates icon and click to allow updates either. I am reluctant to force a computer to reboot when someone is logged on, in case they have unsaved work.
I have found to well is to have updates install overnight, but if the update window is missed, the computers will install patches 15 minutes after booting. If someone is logged when patches are installed, then the computers will prompt the user once per hour to reboot the computer after patching if a reboot is required. I configure this through Active Directory at work and through group policy on stand alone computers at home and for friends and relatives.
You can set the delay after booting to whatever you want. When this option is turned on, the default is 5 minutes, but that can create a new problem. It seems that the Automatic Update service checks to see if someone is logged in when it starts patching, not when it is finished. So if someone logs in after patching has started, the computer may reboot on them without warning. If the delay is longer, say an hour, computers that are only turned on for short periods may never get patched.