Apple Developing Tool To Remove Flashback

← Back to Stories (view on slashdot.org)

Apple Developing Tool To Remove Flashback

Posted by Unknown on Wednesday April 11, 2012 @01:31AM from the macs-can't-get-viruses dept.

Trailrunner7 writes, quoting Threatpost: "Apple is planning to release a software fix that will find and remove the Flashback malware that has been haunting Mac users for several months now. ... Apple said on Tuesday that it was in the process of developing a tool that would detect and remove Flashback, but the company did not specify when the fix would be available. Security researchers and customers have been questioning why Apple hasn't yet provided a fix for the malware even though Flashback has been around in one form or another for more than six months now."

212 comments

Min score:

Reason:

Sort:

if steve jobs was still here by alen · 2012-04-11 01:35 · Score: 5, Funny

he would hire elite apple assasins to kill these supposed security researchers to stop the bad news
1. Re:if steve jobs was still here by Anonymous Coward · 2012-04-11 02:41 · Score: 0
  
  Begin, the cat and mouse game has.
2. Re:if steve jobs was still here by Anonymous Coward · 2012-04-11 02:54 · Score: 2, Funny
  
  If Jobs was still here he would tell you that you are "holding it wrong".
3. Re:if steve jobs was still here by cant_get_a_good_nick · 2012-04-11 02:57 · Score: 5, Funny
  
  Begun. the cat and mouse game has.
  Proper grammar, Yoda would speak with.
4. Re:if steve jobs was still here by shugah · 2012-04-11 03:12 · Score: 1
  
  I'm going to get a bracelet that says "WWSD"
  
  --
  If you aren't part of the solution, then there is good money to be made prolonging the problem
5. Re:if steve jobs was still here by Anonymous Coward · 2012-04-11 03:49 · Score: 0
  
  That's hilarious. Where do you come up with them? /sarcasm
6. Re:if steve jobs was still here by Eponymous+Hero · 2012-04-11 04:02 · Score: 0
  
  for proper grammar, don't end your sentence with a preposition like "with."
  
  --
  insensitive clod overlords obligatory xkcd car analogy russian reversals whoosh pedant fanbois ftfy in 3...2...1..PROFIT
7. Re:if steve jobs was still here by CAIMLAS · 2012-04-11 04:03 · Score: 2
  
  That may be modded funny, but their response has probably closer to that right now than it is any actual sincere security response.
  It's really quite embarrassing (for them). I'd expect this from a small company, not a multibillion (trillion?) dollar international corporation. It does not make me have faith in their ability to effectively and safely maintain their software stack.
  
  --
  ~/ssh slashdot.org ssh: connect to host slashdot.org port 22: too many beers
8. Re:if steve jobs was still here by oodaloop · 2012-04-11 04:08 · Score: 1, Flamebait
  
  If I feel like it, a preposition is something I will end a sentence with, asshole.
  
  There, is that better?
  
  --
  Tic-Tac-Toe, Global Thermonuclear War, and relationships all have the same winning move.
9. Re:if steve jobs was still here by Eponymous+Hero · 2012-04-11 04:23 · Score: 1, Flamebait
  
  hey fuck off, i was attacking the gNazi too.
  
  --
  insensitive clod overlords obligatory xkcd car analogy russian reversals whoosh pedant fanbois ftfy in 3...2...1..PROFIT
10. Re:if steve jobs was still here by Anonymous Coward · 2012-04-11 06:52 · Score: 0
  
  So we have to worry about gnazi gnomes now?
  1) correct speech
  2) ???
  3) Profit
  4) Take over the world
11. Re:if steve jobs was still here by Anonymous Coward · 2012-04-11 07:29 · Score: 0
  
  Umm, the 2 teenagers were off-whacking then?
12. Re:if steve jobs was still here by AmiMoJo · 2012-04-11 08:48 · Score: 1
  
  Reminds me of Microsoft about 10 years ago. Now there's a scary thought.
  
  --
  const int one = 65536; (Silvermoon, Texture.cs)
  SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
13. Re:if steve jobs was still here by Sketchly · 2012-04-11 09:45 · Score: 1
  
  I reckon he'd charge people for Flashback. Then patent it. Then attempt to patent all the malware in the world. And the future world.
14. Re:if steve jobs was still here by Sketchly · 2012-04-11 09:47 · Score: 1
  
  But think about Microsoft 10 years in the future. Feel better?
15. Re:if steve jobs was still here by Anonymous Coward · 2012-04-11 20:21 · Score: 0
  
  That's hilarious. Where do you come up with them? /sarcasm
  I could show you a picture, but they filter the links out.
How good is it? by rishistar · 2012-04-11 01:36 · Score: 1

I'm still having flashbacks to the time I saw the Goatse image. Will it work on that too?

--
Professor Karmadillo Songs of Science
1. Re:How good is it? by SJHillman · 2012-04-11 01:51 · Score: 5, Funny
  
  Would probably help if you didn't make it your desktop wallpaper.
2. Re:How good is it? by gl4ss · 2012-04-11 02:21 · Score: 1
  
  I thought flashback was a pretty good game for a 2d platformer.
  btw what do you think about this =o=
  
  --
  world was created 5 seconds before this post as it is.
3. Re:How good is it? by Canazza · 2012-04-11 02:29 · Score: 2
  
  It's a tired Koala!
  
  --
  It pays to be obvious, especially if you have a reputation for being subtle.
Slow is good by Sarten-X · 2012-04-11 01:37 · Score: 4, Informative

Security researchers and customers have been questioning why Apple hasn't yet provided a fix for the malware even though Flashback has been around in one form or another for more than six months now.
Because they're doing the same thing Microsoft does with its slow-as-molasses patches: testing for side effects, on every major application, on every piece of hardware they can get their hands on.

--
You do not have a moral or legal right to do absolutely anything you want.
1. Re:Slow is good by FudRucker · 2012-04-11 01:40 · Score: 4, Informative
  
  if it was Linux based malware a patch would have been out within 24 to 48 hours, six months is enough time to create a new version of the entire operating system,
  
  --
  Politics is Treachery, Religion is Brainwashing
2. Re:Slow is good by JDG1980 · 2012-04-11 01:42 · Score: 0, Troll
  
  if it was Linux based malware a patch would have been out within 24 to 48 hours
  And it would have required editing a text configuration file and then running the patch from the command line, and it wouldn't work on a wide variety of common hardware, and whenever someone brought up these issues the response would be "RTFM n00b."
3. Re:Slow is good by ledow · 2012-04-11 01:47 · Score: 2
  
  Meanwhile, all those applications are running in your large corporation while riddled with malware that's difficult to detect, isolate and remove.
  Put out a patch and EVERYONE can test, and those for whom it is critical can TELL you what it did to their machines and/or choose to apply it or not.
  Meanwhile, every home user is typing in their bank details into a computer that's reading their every move because some obscure application on the other side of the planet "might crash".
  And, to be honest, any application that is affected by an external tool that clears a malware infection was either a) infected or b) poorly designed and implemented. That's what an OS is FOR - to isolate programs from each other and the hardware.
4. Re:Slow is good by Coisiche · 2012-04-11 01:48 · Score: 4, Funny
  
  ...on every piece of hardware they can get their hands on...
  But it's Apple, isn't there just one bit of hardware to check?
5. Re:Slow is good by Anonymous Coward · 2012-04-11 01:49 · Score: 1
  
  Yes, because Apple will have to test on such a VAST range of hardware...
6. Re:Slow is good by Anonymous Coward · 2012-04-11 01:50 · Score: 0
  
  Apple is still in disbelief that that Flasback is real.
7. Re:Slow is good by Anonymous Coward · 2012-04-11 01:50 · Score: 5, Informative
  
  Actually the quote is quite opinionated and wrong. Apple provided java patches that basically close the hole and make the malware issue mute. Flashback HAS existed for months, but its also using a new vulnerability each time it comes up (its used a Flash hole, a PDF hole and a Java hole, three things not even developed BY Apple.) Likewise they have been patching the OS to flag Flashback in previous versions of the trojan.
  The whole quote both shows the writers complete lack of knowledge of whats been done about Flashback that any competent system administrator knows already (hell we even have scripts developed to flag machines that MAY be infected and have had them for months this is ON TOP OF the info Apple has been providing us) as well as his bias in trying to spin this as if this thing is a huge issue (honestly is not, its not even the first real vulnerability on the Mac OS, there were numerous worms for Quicktime back in the 90's that abused Quicktimes autoplay feature, AND THOSE didnt require you to authenticate as admin since pre-osX you ran as root.)
8. Re:Slow is good by Sarten-X · 2012-04-11 01:50 · Score: 4, Funny
  
  If you're running Linux, you're probably competent to fix things if a patch breaks them.
  If you're running OS X, you're probably confused enough by the patch in the first place.
  If you're running Windows, you're probably just going to complain to some IT guy when the report looks slightly different.
  Disclaimer: I triple-boot, with more VMs. I can make fun of everybody.
  
  --
  You do not have a moral or legal right to do absolutely anything you want.
9. Re:Slow is good by csumpi · 2012-04-11 01:51 · Score: 1
  
  However they missed Autodesk Maya with the Lion upgrade. Maya still doesn't run on it, which is one of the most popular 3d packages (if not the most popular 3d package).
  So I'm not necessarily buying your argument. It has as much ground as saying that providing a fix would acknowledge that the problem existed in the first place.
10. Re:Slow is good by Richard_at_work · 2012-04-11 01:52 · Score: 1
  
  A patch might have been out within 48 hours, but how long until it made its way into every distributions patch repository?
11. Re:Slow is good by Theophany · 2012-04-11 01:53 · Score: 4, Interesting
  
  Whilst I'd like to believe you, I fear that it is more to do with Apple spending so long in flat out denial that an issue ever existed.
  
  Don't get me wrong, I'm no hater and I'm no shill. I used to exclusively use Macs, now I don't use them at all (although I do use an iPhone/iPad) purely because their support practices in terms of viruses or serious issues are disgraceful. Whilst they do have an excellent support system whilst you're covered by AppleCare, they also have a culture of denying widespread hardware and software failures that most other companies would acknowledge quickly and get fixed quickly too.
  
  Case in point, I bought a batch of Macbook Airs a few years back for the company I was then working for. After two years, every_single_one_ died within a few days of each other from the same catastrophic hardware failure. Apple refused to acknowledge that there was any link, no matter how tenuous, of a manufacturer failure. They said it was pure coincidence.
  
  Like I said, I'm no hater. I know that corporations have to be ruthless to make money, but once I realised just how often they bury their heads in the sand (and how infuriating it can be) that was the day I ceased to buy big ticket items from them.
12. Re:Slow is good by Sarten-X · 2012-04-11 01:53 · Score: 0
  
  Nope. Apple has a range of products, and each has had many iterations of hardware revisions and possible upgrades.
  
  --
  You do not have a moral or legal right to do absolutely anything you want.
13. Re:Slow is good by JohnBailey · 2012-04-11 01:53 · Score: 5, Funny
  
  Apple is still in disbelief that that Flasback is real.
  No.. Apple is still trying to figure out if this is from Adobe or not.
  
  --
  It is difficult to get a man to understand something when his job depends on not understanding it.
14. Re:Slow is good by binarylarry · 2012-04-11 01:55 · Score: 1
  
  Most of the world uses Linux everyday.
  Far more people than the Mac userbase.
  
  --
  Mod me down, my New Earth Global Warmingist friends!
15. Re:Slow is good by Theophany · 2012-04-11 01:56 · Score: 1
  
  As an addendum to this: There's a problem with our software, we will fix it ASAP.
16. Re:Slow is good by Anonymous Coward · 2012-04-11 01:58 · Score: 0
  
  Case in point, I bought a batch of Macbook Airs a few years back for the company I was then working for. After two years, every_single_one_ died within a few days of each other from the same catastrophic hardware failure. Apple refused to acknowledge that there was any link, no matter how tenuous, of a manufacturer failure. They said it was pure coincidence.
  Do tell us what this mysterious failure was, and how many of them you had. Why be so coy?
17. Re:Slow is good by Anonymous Coward · 2012-04-11 02:03 · Score: 2, Informative
  
  they also have a culture of denying widespread hardware and software failures that most other companies would acknowledge quickly and get fixed quickly too.
  Really? Because I have never in 15 years of being a tech or system administrator who worked exclusively with Macs EVER had a issue with Apple admitting a hardware issue. Maybe a tech once in a while who didnt want to go through paperwork, but not my executive contacts who have replaced systems even when it WAS our fault, and we didnt have AppleCare on it.
18. Re:Slow is good by Anonymous Coward · 2012-04-11 02:05 · Score: 0
  
  He didn't say mysterious, he said catastrophic.
  To aid in explaining the difference:
  A mysterious hardware failure: "Every part tests as OK, but for some reason it doesn't work together."
  A catastrophic hardware failure: "The hard drive just started making a loud clicking noise, the screen went lavender, and something in there is smoking."
19. Re:Slow is good by Anonymous Coward · 2012-04-11 02:06 · Score: 2, Informative
  
  Yes, because Apple will have to test on such a VAST range of hardware...
  Actually yes, they do. They currently offer support on 3 different OSs (10.5-10.7) and close to a hundred different platforms with different configurations going back 4 years.
  You can even rent their test lab as a developer if you wanted to as well.
20. Re:Slow is good by schnikies79 · 2012-04-11 02:08 · Score: 2
  
  And they have no idea they are using it and have no direct interaction with the OS or it's file system. We are talking about actively used computers, mainly desktops/laptops.
  Don't be douche.
  
  --
  Gone!
21. Re:Slow is good by Anonymous Coward · 2012-04-11 02:10 · Score: 0
  
  Dual booting is a sign of non-commitment. Look at your hand, does it have a ring on it? Maybe you should marry the other hand simply out of years of devotion to your needs.
  One OS. Use it.
22. Re:Slow is good by Anonymous Coward · 2012-04-11 02:11 · Score: 0
  
  You are joking right, you honestly think its Apple's responsibility to bug test a developers product? Its Autodesk's responsibility to get Maya to run. Trust me on this one, you are better off finding a better program as anyone who has actually worked with Autodesk knows THEY DONT GIVE A FLYING FUCK ABOUT MAKING IT WORK. Seriously Their products are like Quark, industry standards but full of bugs because the company is run by board members not developers.
23. Re:Slow is good by Idbar · 2012-04-11 02:13 · Score: 3, Funny
  
  Did you just compared Apple to... Microsoft!!??
  
  Run for your lives!
24. Re:Slow is good by Anonymous Coward · 2012-04-11 02:13 · Score: 0
  
  Because in the Linux world, it doesn't matter if it works reliably. They just tell any upset users whose computer is now broken due to the patch that they don't care about them, because "Hey, it works on my computer." So, I'd much rather have a slow patch from a company that cared enough to actually test it, vs a hobbyist who doesn't care enough to produce quality robust code.
25. Re:Slow is good by Anonymous Coward · 2012-04-11 02:18 · Score: 2, Insightful
  
  From what I understand is that Apple up keeps it's own version of Java that runs on the Mac. So in fact they own the problems that come with allowing it on their systems. Here is a link about that pretty much says that http://www.nl-tech.com/apple-users-download-malware.html
  
  "Oracle, which develops Java, issued a critical patch update in February 2012 to correct the problem, but because Apple controls Java updates in its computers, it did Apple users no good."
  
  and here http://whatculture.com/technology/mac-flashback-virus-what-it-is-and-how-to-remove-it.php
  
  "The reason Apple computers were still at risk was Apple develops its own version of Java, and does so at a slower pace."
  
  I expect to see more of this. Apple wants to keep a tight grip on everything so anything that slips thorough their fingers are fair game to allow blame on them. Look at Microsoft I don't remember Microsoft ever writing a virus/mal-ware to attack their own system but they get blamed for everything. Now that Apple is at the top of the game people will target it more so. So your opinionated comment that they are opinionated is just wrong when you look at the facts.
26. Re:Slow is good by Anonymous Coward · 2012-04-11 02:20 · Score: 0
  
  Yes, yes, almost no one in the real world cares about Linux.
  Go add some useless widget to an open source project.
  Aye up i see the apple crapple fan boys are out in force again tell me does the i in the apple range stand for iDIOTIC DICKHEADS
27. Re:Slow is good by Anonymous Coward · 2012-04-11 02:22 · Score: 0
  
  Cygwin
28. Re:Slow is good by Anonymous Coward · 2012-04-11 02:23 · Score: 0
  
  If the Autodesk developers blow (which they do) it's not Apple's fault. Why don't you use something that doesn't suck instead, Cinema 4D for example.
29. Re:Slow is good by Anonymous Coward · 2012-04-11 02:26 · Score: 2, Informative
  
  And it would have required editing a text configuration file and then running the patch from the command line,.
  Bit of a pathetic troll given there's been gui package managers where you click on 'apply' or similar to bring your entire system up to date for more than 10 years.
30. Re:Slow is good by Anonymous Coward · 2012-04-11 02:26 · Score: 0
  
  How long do you think it takes to make sure Final Cut Pro works on like 6 machines?
31. Re:Slow is good by Theophany · 2012-04-11 02:30 · Score: 3, Informative
  
  Logic board went kaput on each on of them. IIRC there were 8 machines in total. Despite my many attempts to reason with them, they wouldn't even give us a discount on the repair costs as a show of goodwill.
32. Re:Slow is good by trnk · 2012-04-11 02:32 · Score: 1
  
  Whooosh!
33. Re:Slow is good by Anonymous Coward · 2012-04-11 02:33 · Score: 0
  
  And they have no idea they are using it and have no direct interaction with the OS or it's file system. We are talking about actively used computers, mainly desktops/laptops.
  Don't be douche.
  Why are we talking about actively used computers? A server isn't a computer anymore? Surely a server is more actively used than any normal desktop computer.
  You are talking about the computers that fit your perspective nicely. Think about it this way, if Apache or similar would have unpatched security issues for so long, how would you react then? You'd be preaching that it's just not acceptable for something thats used by so many people daily.
34. Re:Slow is good by Theophany · 2012-04-11 02:35 · Score: 1
  
  I'm talking in more general terms. I.e. a thousand or so Macs started exhibiting this weird behaviour - everybody is taking to the Internet to complain. Apple are denying this is a widespread issue.
35. Re:Slow is good by Anonymous Coward · 2012-04-11 02:39 · Score: 0
  
  pretty fast, esp on most distros.
36. Re:Slow is good by olau · 2012-04-11 02:41 · Score: 4, Funny
  
  So, I'd much rather have a slow patch from a company that cared enough to actually test it, vs a hobbyist who doesn't care enough to produce quality robust code.
  True. That's why I run a mix of Windows ME and Apple MacOS 9 on all my servers. I'm not letting that Linux distro run entirely by volunteers, what's it called, Debbi's Ian? near any of my good stuff. When was the last time Microsoft or Apple released a security fix for those two systems? See. Flawless software.
37. Re:Slow is good by Anonymous Coward · 2012-04-11 02:44 · Score: 0
  
  He didn't say mysterious, he said catastrophic.
  My point is he is being mysterious (and coy) about what actually happened.
  To aid in explaining the difference:
  A mysterious hardware failure: "every_single_one_ died within a few days of each other from the same catastrophic hardware failure"
  A non-mysterious hardware failure: "every_single_one_ had its logic board die"
  or "every_single_one_ had its battery explode"
  or "every_single_one_ had its power supply catch fire."
  OP went out of his/her way to write a good long post with no details.
38. Re:Slow is good by Anonymous Coward · 2012-04-11 02:44 · Score: 0
  
  Nah, that's ok buddy, my business is pretty successful, no need to cut corners, Mac Pros easily fit my budget.
39. Re:Slow is good by CharlyFoxtrot · 2012-04-11 02:45 · Score: 4, Insightful
  
  if it was Linux based malware a patch would have been out within 24 to 48 hours, six months is enough time to create a new version of the entire operating system,
  The vulnerability has been patched. This is about removing the malware from infected systems.
  
  --
  If all else fails, immortality can always be assured by spectacular error.
40. Re:Slow is good by Anonymous Coward · 2012-04-11 02:45 · Score: 1
  
  If you're a tech or SA working exclusively with Macs, I can say with high certainty that your productions were of low merit and no complexity. For real - 5 "home users" and a Belkin switch does not constitute enterprise experience - and your anecdote at best demonstrates how tiny your experience set is.
41. Re:Slow is good by oh_my_080980980 · 2012-04-11 02:45 · Score: 1, Flamebait
  
  What!?! Yeah because there are more servers than desktop computers. We're talking about infection on desktop computers.
  
  don't be a douche.
42. Re:Slow is good by amiga3D · 2012-04-11 02:46 · Score: 1
  
  Don't confuse the issue with facts.
43. Re:Slow is good by Anonymous Coward · 2012-04-11 02:49 · Score: 0
  
  It looks like it takes more then 6 months ... :) no worryz 'till they fix it , ppl will find a new bug/feature/ :)
44. Re:Slow is good by oh_my_080980980 · 2012-04-11 02:50 · Score: 4, Informative
  
  Actually no that's not correct. Apple and Oracle are working together on it:
  
  "In November, Apple and Oracle announced that they would collaborate on a Mac-based incarnation of OpenJDK, an open source version of Java."
  
  http://www.theregister.co.uk/2011/02/27/no_java_in_mac_os_x_lion/
45. Re:Slow is good by oh_my_080980980 · 2012-04-11 02:53 · Score: 3, Informative
  
  And this
  
  Oracle Previews Java SE 7 for Mac OS X, Unveils Java SE Roadmap
  Oracle is releasing a technology preview of Java SE 7 on Mac OS X and said it plans to release Java SE 7 on Mac OS X for developers in the second quarter of 2012 and a consumer version later that year.
  
  http://thejournal.com/articles/2011/10/06/oracle-previews-java-se-7-for-mac-os-x-unveils-java-se-roadmap.aspx
46. Re:Slow is good by CharlyFoxtrot · 2012-04-11 02:53 · Score: 5, Informative
  
  A) Vulnerability has been patched.
  B) It's not that difficult to detect and remove.
  This is strictly about helping non technical users that might be infected in an easy way. It's these users that were specifically targetted by the way since the malware targets old versions of Java and even checks for the existence of "power user" tools installed and doesn't install if they are :
  "4. You do not have certain security tools installed on your Mac that Flashback checks for, including Little Snitch, Xcode, and a few anti-malware tools.'
  
  --
  If all else fails, immortality can always be assured by spectacular error.
47. Re:Slow is good by Anonymous Coward · 2012-04-11 03:01 · Score: 0
  
  I'm using slackware ,so less then 36 hours for ciritcal stuff (after the patch has been publicly released) Worst case scenario - 72h (thou i dont rember this ever happening) ..... 4320h ....72h ....... my math sux but this is 60 times faster ? :) and apple hasnt even release anything yet ....they're just talking about it .... :)
  So ...... even in worst case my distro gets me patches 60 times faster :)
  Even debian (witch is really slow when it comes to this) will get the patch in 2-3 days..... :) soo ...what distro r u using witch gets the patch slowly?!
48. Re:Slow is good by CharlyFoxtrot · 2012-04-11 03:02 · Score: 1
  
  From what I understand is that Apple up keeps it's own version of Java that runs on the Mac. So in fact they own the problems that come with allowing it on their systems. Here is a link about that pretty much says that http://www.nl-tech.com/apple-users-download-malware.html
  
  Apple wants to get rid of Java. It's no longer installed by default from Lion onward. That also means that users on the latest version of the OS would not have been vulnerable using the OS as shipped.
  
  --
  If all else fails, immortality can always be assured by spectacular error.
49. Re:Slow is good by Theophany · 2012-04-11 03:03 · Score: 1
  
  Replied below, what's the issue? :/
  
  The type hardware failure is irrelevant, the fact that Apple said there was no link and that it was coincidental was the issue.
  
  If it had been something as straightforward as a hard disk fail, that would be fine. It's not their fault as they didn't manufacture it and I'd have backups of the disks anyway. That is not a catastrophic failure (although it is a major inconvenience with the sealed body and 1.8" HDDs used in those models).
  
  You're focusing on unimportant details and coming across as a blatant shill.
50. Re:Slow is good by Anonymous Coward · 2012-04-11 03:06 · Score: 0
  
  About another 48hours, ** if it was critical?
  **alright, not for *every* distro if we're being picky; for current supported versions of proper distros, i.e. not one guy's hobby distro that no-one uses except him.
51. Re:Slow is good by Anonymous Coward · 2012-04-11 03:06 · Score: 0
  
  Why are we talking about actively used computers?
  The flashback malware affects desktop machines, not servers. So unless you are logged onto a graphical terminsl on your server while you surf the web for "chicks with sticks", or whatever else it is that cranks your engine, your server is ulikely to be vulnerable.
52. Re:Slow is good by DJRumpy · 2012-04-11 03:21 · Score: 1
  
  Odd. I had a MacBook affected by a bad nvidia card and Apple replaced the motherboard free of charge on hardware long out of warranty (4 years old). This is not a refusal to acknowledge an issue to my mind.
  They lead the industry in satisfaction. Reality would tend to differ with your example.
53. Re:Slow is good by Anonymous Coward · 2012-04-11 03:28 · Score: 0
  
  Seriously Windows ME? That has to be the most unstable and worst operating system that was produced to date.
54. Re:Slow is good by Anonymous Coward · 2012-04-11 03:36 · Score: 0
  
  Hey! The word is "iDouche", okay? An iDouche is someone who wanders around with their head down, peering into a mobile device and not watching where they are going. An iDouche is someone who turns away from you in mid conversation when their mobile device rings. An iDouche is someone who thinks what he/she owns is what he/she is. An iDouche is someone who speaks way, way too loudly on their cellphone. Most iDouches use apple products, hence the name.
  Yesterday I saw an iDouche wandering around blindly and I steeled myself. I hardened up my shoulder and arm and slightly spread my stance. When we collided the iDouche got taken right off his feet. Thing 'o beauty it was!
  PS. Yes I own a mobile device. I also know what manners are.
55. Re:Slow is good by hairyfeet · 2012-04-11 03:38 · Score: 5, Funny
  
  Bah Ur doin it wrong, let the old Hairyfeet show you how to REALLY insult all three OSes!
  1.-if the patch comes out on linux it will be 14 pages of CLI and a tarball that will need a specific version of GCC, if they put it in the repo upon application it will throw you into single user mode on first boot. you DO know how to edit your config files, right?
  2.-If the patch comes out on Windows it will take 2 hours to install, followed by an hour on the "waiting to shutdown' screen and ANOTHER hour on the "Please wait, configuring Windows" boot up and may God have mercy upon your tortured soul if the power goes out while that is happening!
  3.-If the patch comes out on Apple it will be a year behind, but it will come in a cool silver look and everyone will talk about how truly wonderful it is. it doesn't actually patch anything "bad" it just brings sprinkles of Steve's magic to your poor pathetic life because "hey Apple never gets viruses' so everything you've read here? Total lie spread by those Windoze and Lunix luzers because they can't afford magic sprinkles, poor bastards.
  Now THAT is how you insult all three boy! I'd insult the BSD guys while I was at it but they'd be so damned grateful that anybody even mentioned them at all they'd probably thank me for doing it which just takes all the fun out, its like kicking a really stupid puppy that just smiles and wags its tail at you.
  
  --
  ACs don't waste your time replying, your posts are never seen by me.
56. Re:Slow is good by Theophany · 2012-04-11 03:39 · Score: 2
  
  Reality would tend to differ with your example.
  As I said, I used to use Macs exclusively and had never had an issue with their tech support. My first Mac was a TiBook back in 2001 (which I still have and is still working perfectly). I'm not saying that their service sucks on the individual level (which, I hasten to add is not what I was talking about in my example), but the level of service I received in the example given was appalling.
  
  Am I trying to boycott them? No. Am I saying their service sucks universally? No. In my experience with them as a big customer (15x expensive laptops) was I pleased with the service I received? Hell no.
  
  So when you tell me about your ONE laptop with a graphics card issue and make it out to be directly comparable to a situation totally different, I have to think that you're missing the point somewhat.
57. Re:Slow is good by tqk · 2012-04-11 03:49 · Score: 2
  
  if it was Linux based malware a patch would have been out within 24 to 48 hours ...
  The vulnerability has been patched. This is about removing the malware from infected systems.
  Yeah, and how hard is that? Is this about malware that magically attaches itself to existing executables, or does it just drop itself into a system directory and run itself?
  Both are pretty bloody old problems and easily mitigated. How is it that OSX can be owned by a driveby exploit trojan that adds it to a botnet? I thought its underlying guts were Unix. How is it that Windows can't notice that something new has been installed and executed without the user's instigation?
  What have Apple and Microsoft OS developers been spending their time on for the last decade? Surfing pr0n? Posting "you guys suck" on web forums? Making Clicky spin more gracefully?
  Meanwhile, their users are unwittingly added to botnets and their machines run keyloggers that phone home to crackers. And they get to pay for these "privileges"?!? Gee, what a great deal.
  $DEITY help them if their shareholders ever wise up.
  
  --
  "Tongue tied and twisted, just an Earth bound misfit ..." -- Pink Floyd.
58. Re:Slow is good by Beelzebud · 2012-04-11 03:50 · Score: 1
  
  Honest question: Why do you visit this site?
59. Re:Slow is good by Sarten-X · 2012-04-11 03:52 · Score: 1
  
  I bow before your offensive mastery.
  
  --
  You do not have a moral or legal right to do absolutely anything you want.
60. Re:Slow is good by Beelzebud · 2012-04-11 03:53 · Score: 1
  
  Going from Arch Linux experience it would probably be in their repo in 50 hours, going by your 48 hour example.
61. Re:Slow is good by Anonymous Coward · 2012-04-11 03:55 · Score: 0
  
  Is this considered fragmentation? Is this a good thing now?
62. Re:Slow is good by CAIMLAS · 2012-04-11 04:04 · Score: 1
  
  Really? Then why does Windows Security Essentials get an update for some things within a day or so of new malware making the rounds?
  You're comparing a vulnerability patch (long cycle reactive) with a detection and removal tool (short cycle reactive). It's not even an intelligent argument.
  
  --
  ~/ssh slashdot.org ssh: connect to host slashdot.org port 22: too many beers
63. Re:Slow is good by Anonymous Coward · 2012-04-11 04:08 · Score: 0
  
  Whooooooosh
  That's the sound of the sarcasm missing you entirely.
64. Re:Slow is good by Bucky24 · 2012-04-11 04:14 · Score: 1
  
  A lot of server farms at major companies run linux/unix operating systems. So some pretty important entities care.
  
  Heh, I dunno why I'm even bothering to reply to a troll... Must be bored.
  
  --
  All the world's a CPU, and all the men and women merely AI agents
65. Re:Slow is good by Bucky24 · 2012-04-11 04:19 · Score: 1
  
  Xcode is a security tool? Man I've been using it totally wrong-I thought it was a development environment.
  
  --
  All the world's a CPU, and all the men and women merely AI agents
66. Re:Slow is good by edremy · 2012-04-11 04:20 · Score: 1
  
  Disclaimer: I triple-boot, with more VMs. I can make fun of everybody.
  Bah- neophyte. I ran Doom the other day in a DOS emulator under Linux running in VirtualBox under Windows which was running on my Mac in Parallels.
  Yes, it ran- it was even playable. Next up I'm going to run VICE on the DOS machine and see if I can play Bard's Tale on a C64. I loved that game...
  
  --
  "Seven Deadly Sins? I thought it was a to-do list!"
67. Re:Slow is good by Richard_at_work · 2012-04-11 04:22 · Score: 1
  
  So if its an issue with GCC or glibc, then its good to know theres a lot of regression testing going on...
  It would be terrible if the GlibC guys introduced another bug such as this one https://bugzilla.redhat.com/show_bug.cgi?id=638477 (read the entire thread for it to make sense - a change in memcpy had major repercussions).
68. Re:Slow is good by Guy+Harris · 2012-04-11 04:34 · Score: 2
  
  Actually yes, they do. They currently offer support on 3 different OSs (10.5-10.7)
  Actually, they're not offering security updates for 10.5 any more. They're offering security updates for 10.6 and bug-fix and security updates for 10.7; "bug-fix and security updates for the current major release, security updates for the previous major release" has been the policy for many years.
69. Re:Slow is good by BitZtream · 2012-04-11 04:37 · Score: 1
  
  I had atleast 6 months to test my apps on lion before release and I'm just a normal developer. Auto desk probably gets access before mOst people due to their popularity. It's not Apples fault, it's yours for bending over and continuing to use products from a company openly hostile and abusive to its customers like autodesk
  What you need to realize is that auto desk is no different than adobe, if you use a Mac and you haven't migrated off those tools that still think It's the late 80s it's your problem.
  
  --
  Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
70. Re:Slow is good by dintech · 2012-04-11 04:37 · Score: 1
  
  Well, at least now people might stop pretending that Apple products are magically more secure than the competition.
71. Re:Slow is good by toadlife · 2012-04-11 04:42 · Score: 5, Funny
  
  If it came out for BSD, the dependency check would trigger a complete recompile of KDE 4.x, bogging down your desktop for 34 hours. After it was done, everything would work fine, but in all practicality, you wouldn't be any safer because face it, you're running BSD; no one gives shit about you.
  
  --
  I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.
72. Re:Slow is good by Anonymous Coward · 2012-04-11 04:43 · Score: 0
  
  And when you upgrade windows to a higher version, stuff not working is Microsoft's fault. Love the double standard.
73. Re:Slow is good by Anonymous Coward · 2012-04-11 04:46 · Score: 0
  
  You seem confused.
  Current versions of OS X = Apple maintained Java
  Future versions of OS X = Oracle Java
74. Re:Slow is good by Anonymous Coward · 2012-04-11 04:57 · Score: 0
  
  How is it that OSX can be owned by a driveby exploit trojan that adds it to a botnet? I thought its underlying guts were Unix. How is it that Windows can't notice that something new has been installed and executed without the user's instigation? What have Apple and Microsoft OS developers been spending their time on for the last decade?
  Apple has actually been building some pretty cool anti malware tech, mostly following the ideas of Ivan Krsti (who they hired). The problem is, they've been rolling them out very, very slowly for business reasons. Currently, it applies just to software where developers opt in or sell through the Mac App store. The level of MAC restrictions, if applied globally, would stop just this sort of nonsense. So far the pain to users and developers still outweighs the security risk for users, in their estimation.
  That said, Apple clearly dropped the ball here. They should have blacklisted the original Flashback trojan long, long ago and should be aggressivly working with Oracle to sandbox JVMs.
75. Re:Slow is good by Anonymous Coward · 2012-04-11 05:03 · Score: 0
  
  (its used a Flash hole, a PDF hole and a Java hole, three things not even developed BY Apple.)
  But if we can't count those as security holes in the OS anymore, then it's only fair you return the favor in regards to Windows. No more using the argument of "But a secure OS would sandbox the applications and make it impossible to infect!"
  Karma's a Bitch, and there are a few specific OS fanboys out there who have a pile of crow to eat.
  Now, quit fucking crying about it so we can have a serious chat about security which applies to every platform. You've got a smartphone, right? Maybe you should start by thinking about that thing's security a little harder.
76. Re:Slow is good by Anonymous Coward · 2012-04-11 05:18 · Score: 0
  
  Dual booting is a sign that your behind the times. Learn to use a Virtual Machine.
  Dual booting is also a sign that you work for a living. I use many operating systems, many tools and needs lots of practice. Using different OS's is not a lack of commitment... it's a sign of the times.
77. Re:Slow is good by helix2301 · 2012-04-11 05:23 · Score: 1
  
  This virus has already been patched this is just a removal tool for the 600,000 computers that got infected. 600,000 out of how many millions of machines Apple sells a year it is small in comparison to Windows viruses. Oracle released a patch for Windows while ago Apple is just getting around to it they were slow on getting this patch out but the negative press has really been at minimum.
  
  --
  http://www.thetechnologygeek.org
78. Re:Slow is good by CharlyFoxtrot · 2012-04-11 05:27 · Score: 1
  
  Yeah, and how hard is that? Is this about malware that magically attaches itself to existing executables, or does it just drop itself into a system directory and run itself?
  "As with previous variants of the malware, the latest variant of the Flashback malware, called OSX/Flashback.I, works by modifying code within Web browsers that causes it to launch when the browsers are opened and result in modified Web pages being displayed."
  Removal instructions
  
  Both are pretty bloody old problems and easily mitigated. How is it that OSX can be owned by a driveby exploit trojan that adds it to a botnet? I thought its underlying guts were Unix. How is it that Windows can't notice that something new has been installed and executed without the user's instigation?
  What have Apple and Microsoft OS developers been spending their time on for the last decade? Surfing pr0n? Posting "you guys suck" on web forums? Making Clicky spin more gracefully?
  Meanwhile, their users are unwittingly added to botnets and their machines run keyloggers that phone home to crackers. And they get to pay for these "privileges"?!? Gee, what a great deal.
  $DEITY help them if their shareholders ever wise up.
  Actually the problems ARE all solved in the latest versions of OSX. The attack vector is a Java applet displayed in the browser, Lion no longer includes Java by default, malware detection was added in Snow Leopard and starting in Lion processes are sandboxed. From what I've read the malware seems to target older computers and versions of OSX. As always the best protection is remaining up to date.
  
  --
  If all else fails, immortality can always be assured by spectacular error.
79. Re:Slow is good by Anonymous Coward · 2012-04-11 05:28 · Score: 0
  
  I put out 6000 machines for one of the largest cities in NJ, and currently work for a company who basically owns IP on EVERY DEVICE you use and manage over 200 servers, many of whom run Red Hat or OS X server due to what they are used for.
  I also provide on demand tech support for 9 executives including the CIO, COO, CFO, and CMO for said company in leu of the technicians who focus on the other 2000 employees.
  You don't know what a high production environment is.
80. Re:Slow is good by CharlyFoxtrot · 2012-04-11 05:34 · Score: 1
  
  the negative press has really been at minimum.
  Probably a "Let He Who Is Without Sin Cast The First Stone" kind of thing.
  
  --
  If all else fails, immortality can always be assured by spectacular error.
81. Re:Slow is good by Anonymous Coward · 2012-04-11 05:45 · Score: 0
  
  Actually no that's not correct. Apple and Oracle are working together on it:
  "In November, Apple and Oracle announced that they would collaborate on a Mac-based incarnation of OpenJDK, an open source version of Java."
  http://www.theregister.co.uk/2011/02/27/no_java_in_mac_os_x_lion/
  
  No, it is correct. The keyword from your quote is "would," indicating a past projection of a future event. OpenJDK on OS X is still incomplete.
  At present, the only publicly released, supported version of Java on OS X (Lion or Snow Leopard) is Java 6, provided by Apple alone and based on licensed Oracle code, not OpenJDK.
  Oracle fixed the Java issue exploited by Flashback on Feb 14. Apple released a developer preview build the very next day. Apple did not release the final, public version until Apr 5, after the Flashback malware was already spreading in the wild, over a month and a half after Oracle fixed it and gave the code to Apple.
82. Re:Slow is good by Anonymous Coward · 2012-04-11 05:52 · Score: 0
  
  You realize that 1000 or so is less than 1% of the machines from a given platform Apple has put out in the last 4 years which means it IS infact a insignificant number.
83. Re:Slow is good by mcgrew · 2012-04-11 06:40 · Score: 2
  
  They aren't facts, troll. I've been using Linux for ten years. Never compiled a program for it, never needed to edit one of its text files (although the fact that I can is a nice feature, another reason Linux is superior to Windows), and only use the command line if I forget the root password and need to reset it. A software patch has nothing to do with the hardware it runs on. Linux does sometimes have issues with drivers for new hardware, but that's a separate issue, and Windows has issues with drivers for older hardware.
  As to "RTFM n00b" I never encountered that, either. Every Linux question I ever asked on the internet garnered me at least an attempt to help, including which FM to R and where to find it. But I can see why you and the GP get treated harshly by Linux people, if someone with an attitude like yours asked a question in that tone I wouldn't say "RTFM n00b" I'd say "go fuck yourslef, asshole". Nice begets nice, hostility begets hostility. Only an idiot treats someone he needs help from badly.
  
  --
  Free Martian Whores!
84. Re:Slow is good by Em+Adespoton · 2012-04-11 07:58 · Score: 1
  
  I've run Bard's Tale on the old Apple ][ emulator on my Mac Plus emulator on my 68K Mac emulator on my PPC Mac emulator on my VirtualBox install of 10.4.11 on 10.7.
  Interestingly, it actually runs at speed. Too bad there was no decent IIgs emulator for the Plus, or I'd run Dark Castle on it :)
  I've also had every major version of the Mac OS (except 10.0 and 10.1, for obvious reasons) running in parallel on the same hardware (from the original Macintosh System 0.3 through to 10.7). Of course THAT tends to slow some of the more recent versions down.
85. Re:Slow is good by Em+Adespoton · 2012-04-11 08:02 · Score: 1
  
  If Xcode is installed, that means gdb is installed (and vice versa).
86. Re:Slow is good by Moldiver · 2012-04-11 08:13 · Score: 1
  
  RTFM is not nice, it's highly aggressive....
87. Re:Slow is good by drkstr1 · 2012-04-11 10:02 · Score: 1
  
  Highly aggressive? Hells, RTFM was the best advice I've ever gotten!
  
  Programmers have often suggested that in some situations, "RTFM" is actually the best advice that an aspiring programmer can receive. They posit that programming is a dynamic art that requires independence and drive on the part of the programmer, and see "RTFM" as more of a long-term advisement than it is a response to any single query.
  
  --
  Fanboy Status: Apache Flex, C#, Eclipse, KDE, Pirate Party, Ron Paul, Slackware, Windows 7
88. Re:Slow is good by Anonymous Coward · 2012-04-11 10:04 · Score: 0
  
  WTH !! have i been doing wrong then ?? every install of linux i have come across i have had to go to a text editor of some type and edit something .
  whether it be the x config the pon and the poff the smb.conf .ssh/config and god knows what else i had to change .
  damn i hate when i am doing it wrong and there is no clear indication thats it is being done wrong . except when you see that , one person who has been doing it right for 10 freaking years and has not touched 1 config file ever !!!
89. Re:Slow is good by Anonymous Coward · 2012-04-12 00:05 · Score: 0
  
  if it was Linux based malware a patch would have been out within 24 to 48 hours, six months is enough time to create a new version of the entire operating system,
  The previous versions of "Flashback [that] has been around in one form or another for more than six months now" used no vulnerabilities that could be patched, they were pure Trojans. And the updates to Xprotect have been blocking those variants for about as long as they exist.
Flashback? by Vinegar+Joe · 2012-04-11 01:38 · Score: 2, Funny

It's not a bug.....it's a feature.

--
"The average reporter we talk to is 27 years old......They literally know nothing." - Ben Rhodes
1. Re:Flashback? by Anonymous Coward · 2012-04-11 02:02 · Score: 0
  
  Sure they're not using it wrong??
2. Re:Flashback? by Anonymous Coward · 2012-04-11 02:23 · Score: 1
  
  Isn't Flashback something you get from using Time Machine?
I know why by BlastfireRS · 2012-04-11 01:41 · Score: 2

Unfortunately, security isn't that big of a deal to Apple...yet. With the increase in market penetration the bulls-eye on Macs is getting larger and a lot more tempting; hopefully they realize this before something very serious happens and take steps to bolster their in-house security research (or hell, outsource it).
First time takes much longer. by Anonymous Coward · 2012-04-11 01:45 · Score: 0

"Security researchers and customers have been questioning why Apple hasn't yet provided a fix for the malware even though Flashback has been around in one form or another for more than six months now."
Here's a possibility:
In the past, marketing and the Jobs Reality Distortion Field (TM) have prevented the need for an anti-malware team at Apple. Now, Apple has a malware problem and no team ready to deal with malware - essentially caught with ripped pants and no backup pair.
They will have a assemble a team and come up with a comprehensive action plan to fix this, as it has never been done before at Apple. In the corporate world, these things take a lot of time the first time around.
1. Re:First time takes much longer. by binarylarry · 2012-04-11 01:57 · Score: 1
  
  No, you are *completely* mistaken.
  This forthcoming Apple "Anti-Viral Technology" is going to be amazing.
  Imagine being able to remove viruses off of infected computers without buying a whole new one! Another Apple innovation and Mac OSX first!
  
  --
  Mod me down, my New Earth Global Warmingist friends!
2. Re:First time takes much longer. by BitZtream · 2012-04-11 04:44 · Score: 1
  
  I would pay extra for that as I've never seen any virus other than Stoned being completely removed.
  With rootkits and such you really have to reinstall from clean readout media regardless of OS.
  Sorry your so ignorant that you think mcafee actually works.
  
  --
  Persistent Volume manager for Kubernetes - https://github.com/dwimsey/openshift-pvmanager
APPLE = SECURITY FAIL by sproketboy · 2012-04-11 01:57 · Score: 0

ntr
Hadn't you heard? by Karl+Cocknozzle · 2012-04-11 01:57 · Score: 0

Security researchers and customers have been questioning why Apple hasn't yet provided a fix for the malware even though Flashback has been around in one form or another for more than six months now.
Duh... They haven't fixed it yet because Macs don't get viruses, worms, and malware, that's a Windows problem... Hadn't you heard?

--
Who did what now?
Cult of personality by Anonymous Coward · 2012-04-11 02:01 · Score: 0

They had to wait for Steve to die before they could admit there was a problem.
Antivirus? by Anonymous Coward · 2012-04-11 02:08 · Score: 0

"Apple is planning to release a software fix that will find and remove the Flashback malware"
Did you mean Apple is planning to release a antivirus?
Manually Detect & Remove by guttentag · 2012-04-11 02:12 · Score: 5, Informative

Running Software Update today to update Java will prevent you from getting flashback going forward, but that's not going to do anything if you already have it.

Here's how to figure out if you have it (from Gizmodo):

1.Run the following command in Terminal:
defaults read /Applications/Safari.app/Contents/Info LSEnvironment
2. Take note of the value, DYLD_INSERT_LIBRARIES
3. Proceed to step 8 if you got the following error message:
"The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist"

If you don't get that error message, well, time to head to F-Secure for your fix. If you're clean so far, you can move on to step eight:

8. Run the following command in Terminal:
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
9. Take note of the result. Your system is already clean of this variant if you got an error message similar to the following:
"The domain/default pair of (/Users/joe/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist"

In other words: "does not exist" means you've got a healthy rig. Anything else, just keep following F-Secure's instructions to vanquish the intruder.
1. Re:Manually Detect & Remove by Anonymous Coward · 2012-04-11 03:22 · Score: 0
  
  >>In other words: "does not exist" means you've got a healthy rig.....
  In other words: "does not exist" means you do not have the Flashback infection; doesn't mean you don't have others that have not been found/publicized.
  Apple users claiming "Apple products have the most secure software!" need to be aware of two things:
  1. Perfect crime: A crime that is ongoing or has been committed without any indications whatsoever. Or in other words: People who are "in the machine" are intelligent enough to keep their trap shut.
  2. Rolls Royce (or any other brand of exorbitantly priced car) and safety: Just because you are in a Rolls Royce doesn't mean that you shouldn't/wouldn't wear seat belts. A head-on collision at significant speed would still maim or kill you.
  Or in other words: Get some sort of security solution. Like a seatbelt, it is not going to prevent accidents or damage, but like a seatbelt, it could mean the difference between life and death.
2. Re:Manually Detect & Remove by Anonymous Coward · 2012-04-11 03:56 · Score: 0
  
  Apple users claiming "Apple products have the most secure software!"
  Where did that myth come from? The only people saying that Macs are malware proof are a few misguided idiots. I have met way more non-Apple users claiming that Apple users think Macs are malware proof than I have met actual Mac users who make that claim. Even the marketing weasels at Apple have never gone farther than just implying Macs are 'Virus proof' but they never explicitly claimed any kind of blanket malware proofing. Most Mac users I know are perfectly aware of the possibility of infections which is not surprising since a lot of them are migrants from Windows where malware infection is an ever present danger. In fact a few of the Wndows switchers bought some security package along with their Mac.
3. Re:Manually Detect & Remove by Anonymous Coward · 2012-04-11 09:44 · Score: 0
  
  These are only the instructions for removing the keylogger. The botnet portion will show up as a hidden process of varying name running in your home directory. rsrv,rserv,flserv,mkeeper are examples of the trojan file name.
  You can see the launchd component used to start the trojan as a file named com.adobe.reader in ~/Library/LaunchAgents/
  There has been some confusion about whether or not this is actually adobe software, but I believe if it were real, it would be named com.Adobe.Reader.
4. Re:Manually Detect & Remove by Anonymous Coward · 2012-04-11 17:01 · Score: 0
  
  These instructions became outdated about two days ago. They will now return "healthy" even when the system is infected, on "sv:5" versions.
5. Re:Manually Detect & Remove by Inda · 2012-04-11 21:52 · Score: 1
  
  Terminal? This ain't an airport buddy.
  
  Isn't there of picture of Steve's head I can click instead?
  
  --
  This post contains benzene, nitrosamines, formaldehyde and hydrogen cyanide.
flaws already patched. by Anonymous Coward · 2012-04-11 02:18 · Score: 0

Apple already patched the security flaws in Java that Flashback exploits. Yes, they were months behind Microsoft in doing so. http://www.macworld.com/article/1166195/apple_releases_java_security_updates.html
Why isnt the fix out? by Anonymous Coward · 2012-04-11 02:34 · Score: 0

"customers have been questioning why Apple hasn't yet provided a fix for the malware even though Flashback has been around in one form or another for more than six months now."
Customers should be reminded not to blaspheme and that everything is part of the lord Apple's plan.
1. Re:Why isnt the fix out? by CharlyFoxtrot · 2012-04-11 03:04 · Score: 1
  
  The fix was upgrading to Lion which doesn't have Java by default.
  
  --
  If all else fails, immortality can always be assured by spectacular error.
2. Re:Why isnt the fix out? by Anonymous Coward · 2012-04-11 03:51 · Score: 0
  
  You mean Apple customers actually have to apply updates and upgrades just like Microsofties?
  That's totally unacceptable.
3. Re:Why isnt the fix out? by Eponymous+Hero · 2012-04-11 04:20 · Score: 1
  
  nobody told this guy: http://www.youtube.com/watch?v=Ef9XsOgjIQU
  
  --
  insensitive clod overlords obligatory xkcd car analogy russian reversals whoosh pedant fanbois ftfy in 3...2...1..PROFIT
4. Re:Why isnt the fix out? by Em+Adespoton · 2012-04-11 08:14 · Score: 1
  
  Apple hasn't provided the fix because they detect and block most variants with XProtect (soon to be Gatekeeper). However, some variants got through before they pushed out their detection update -- and so now they've got a cleanup issue and no tools to perform automated cleanup. Added to this, static cleanup is non-trivial as the infection changes a bit depending on which version it was and how the victim's computer was configured.
  Before the variant that leveraged the Java exploit, infection numbers were low, and protection was high. Within a week, that changed.
  Also worth noting that Apple blocks the malicious sites that serve up the malware too, as it finds them (via code analysis and in-the-wild reports).
has been around by Anonymous Coward · 2012-04-11 02:45 · Score: 0

"Flashback has been around in one form or another for more than six months now."
And Apple's File Quarantine System has found the old versions since shortly after.
Even Apple must believe that their own stuff by nhat11 · 2012-04-11 02:51 · Score: 0

is impervious to malware even though they know it's not, lol.
Steve Jobs: Ninja Assasin by Guppy · 2012-04-11 02:56 · Score: 5, Funny

he would hire elite apple assasins to kill these supposed security researchers to stop the bad news
You fools, don't you realize Steve Jobs himself was the elite apple assassin?
Concealed under his black shinobi-shzoku-turtleneck was a lethal array of ninja weapons; many an unlucky Samsung executive or uncooperative tech-journalist has met their end at his hands, dispatched by a Firewire-cable garrot or iShuriken (they're like regular Shuriken, but with patented rounded corners). Gates himself has only survived thanks to the vigilant guard of his hulking 'roid-enhanced genetically engineered gorilla henchman.
He was a shinobi of un-matched caliber, until his fateful battle against Google-fu masters Page and Brin, when he was felled by the Pancreas Death-Strike technique.
1. Re:Steve Jobs: Ninja Assasin by Anonymous Coward · 2012-04-11 03:23 · Score: 1
  
  You fools, don't you realize Steve Jobs himself was the elite apple assassin?
  I like what you did there.
  Most probably didn't even notice that your lips were not synchronized as you said the above.
2. Re:Steve Jobs: Ninja Assasin by mybecq · 2012-04-11 03:51 · Score: 2
  
  Gates himself has only survived thanks to the vigilant guard of his hulking 'roid-enhanced genetically engineered gorilla henchman.
  And here I was thinking it was because he was some kind of Borg creature. My mistake.
3. Re:Steve Jobs: Ninja Assasin by pckl300 · 2012-04-11 04:56 · Score: 1
  
  You fools, don't you realize Steve Jobs himself was the elite apple assassin?
  If he was, he wasn't very good. His throwing stars were confiscated by the Japanese.
  
  --
  In the beginning, there was null.
Disappointed... by Anonymous Coward · 2012-04-11 02:58 · Score: 0

For a split seocond there i misread the headline:
Apple Developing Tool To Remove Facebook
Well... hope springs eternal.
Why apple waited so long... by wjcofkc · 2012-04-11 03:02 · Score: 2

Because they are working on the next version of OS X: Honey badger. It don't give a shit.

http://www.youtube.com/watch?v=4r7wHMg5Yjg&feature=player_detailpage

--
Brought to you by Carl's Junior.
haha, quote! by Anonymous Coward · 2012-04-11 03:06 · Score: 0

"Security researchers and customers have been questioning why Apple hasn't yet provided a fix for the malware even though Flashback has been around in one form or another for more than six months now."
because they are shit!
Has Flashback done any damage? by alispguru · 2012-04-11 03:33 · Score: 2

Casual web searches don't turn up anything other than exploiting a vulnerability to get onto your machine (bad enough!).
Did anyone successfully command it to do anything?

--

To a Lisp hacker, XML is S-expressions in drag.
1. Re:Has Flashback done any damage? by Anonymous Coward · 2012-04-11 04:59 · Score: 0
  
  but it will cost 9$ lol
2. Re:Has Flashback done any damage? by Anonymous Coward · 2012-04-11 17:04 · Score: 0
  
  The malware is exclusively used to redirect some Google searches to another search engine with more ads.
Re:Security researchers and customers have been... by Anonymous Coward · 2012-04-11 03:50 · Score: 0

Task: fix Apple malware.
Difficulty: Apple users
Yeah, this'll take a while.
you upgrade your Apple equip every year, don't you by Anonymous Coward · 2012-04-11 04:06 · Score: 0

Because they're [...] testing [...] on every piece of hardware they can get their hands on.
Testing on equipment that's more than a year or so old is, unlike Microsoft, decidedly not Apple's modus operandi.
One of Apple's distinguishing characteristics is that they unashamedly drop support for anything they consider outdated ... regardless of its age. Heck, they don't even support (let alone test) Apple's email services on 4-5 year old Mac's that are incapable of running Lion.
hey fanboi by Eponymous+Hero · 2012-04-11 04:19 · Score: 1

no need to waste slashdot's time with this old non-news. take it to the friend bar: http://www.youtube.com/watch?v=q9ZnwvyAk8k

--
insensitive clod overlords obligatory xkcd car analogy russian reversals whoosh pedant fanbois ftfy in 3...2...1..PROFIT
they will offer this as a fix by vonshavingcream · 2012-04-11 04:24 · Score: 1

buy the "new" ibook, it will be virus free.
The Joke you are not getting by RobertLTux · 2012-04-11 04:26 · Score: 1

when speaking in "yoda" you use correct grammar but swap words around (mostly putting them backwards)
check this out http://www.yodaspeak.co.uk/index.php

--
Any person using FTFY or editing my postings agrees to a US$50.00 charge
1. Re:The Joke you are not getting by Eponymous+Hero · 2012-04-11 04:42 · Score: 2
  
  i got the joke, idiot. the joke YOU'RE not getting is that i'm attacking his grammar nazi attack with one of my own. also, he didn't need to use the word "with" at all. "Proper grammar, Yoda would speak," makes just as much sense and has better grammar. adding the word "with" in his case really does make it sound awkward. if you don't like crow, you can always eat a shit taco and die. everyone knows how Yoda speak works, like everyone knows pig latin. we don't need a primer on that either. douchebag.
  
  --
  insensitive clod overlords obligatory xkcd car analogy russian reversals whoosh pedant fanbois ftfy in 3...2...1..PROFIT
2. Re:The Joke you are not getting by IKnwThePiecesFt · 2012-04-11 11:53 · Score: 1
  
  Woah woah woah.
  You mad bro?
3. Re:The Joke you are not getting by Eponymous+Hero · 2012-04-11 11:57 · Score: 1
  
  nah, not at all. i call this move, The Kabosh. at the least he won't respond to me anymore. best case scenario he makes me a foe.
  
  --
  insensitive clod overlords obligatory xkcd car analogy russian reversals whoosh pedant fanbois ftfy in 3...2...1..PROFIT
Real Flashbacks by Anonymous Coward · 2012-04-11 04:29 · Score: 0

The only flashback I ever got was from the blotter.
Reality Distortion Field by ThatsNotPudding · 2012-04-11 05:24 · Score: 1

It's not a bug.....it's a feature.
"And we think you're going to love it."
Get Dr. Web to do it by TheRealGrogan · 2012-04-11 06:41 · Score: 1

I'm surprised that Dr. Web hasn't come out with a tool for this. (They are pretty damned good at that sort of thing)
Actually, not a specific tool, but...
http://news.drweb.com/show/?i=2354&lng=en&c=14
"Rather than employ special tools provided by other vendors to delete BackDoor.Flashback.39, Doctor Web offers you to make use of the time-tested Dr.Web Light for Mac OS X rated among the top free applications in the Mac App Store. It will easily find and neutralize the Trojan horse and other malicious programs posing threat to your Mac." (quote from article)
I don't imagine this would be that difficult to ferret out on MacOS. It's not a complex morass of liquishit like Windows. Does the botnet trojan even run as root to be able to dig itself in? You don't need root to do normal user things like open network connections to participate in a botnet. I don't think there is any "rootkit" behaviour here.
Not fixed yet because .... by PPH · 2012-04-11 07:29 · Score: 1

.... Apple developers were distracted reminiscing about the good old days when Apple products didn't get viruses.

--
Have gnu, will travel.
How/Why (but not on my Windows 7 64-bit setup) by Anonymous Coward · 2012-04-11 19:44 · Score: 0

"How is it that Windows can't notice that something new has been installed and executed without the user's instigation?" - by tqk (413719) on Wednesday April 11, @11:49AM (#39644863)
Windows is setup to "just work" and easily for non-techie end users, first of all (which is also, imo @ least, WHY it gets "hit" so much, not just because it's the most used on its platform (which ANDROID illustrates that concept on smartphones, another computing platform, Linux roots or not))...
HOWEVER:
With a couple minutes of work?
It's NOT LIKE IT CAN'T BE MADE SO & with just a few registry edits, and, to behave JUST LIKE MacOS X does when you install things (or something TRIES to install itself for that matter).
I setup myself up that way in fact, & it's VERY easy - but as I said above? Windows does NOT come this way "oem stock outta the box" but it could!
The settings to examine & change are as follows in gpedit.msc &/or regedit.exe:
---
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\User Account Control: Admin Approval Mode for the Built-in Administrator account
OR
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v FilterAdministratorToken
(Set as ENABLED)
---
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\User Account Control: Behavior of the elevation prompt for administrators in Admin Approval Mode
OR
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v ConsentPromptBehaviorAdmin
(Set as PROMPT FOR CREDENTIALS)
---
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\User Account Control: Behavior of the elevation prompt for standard users
OR
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v ConsentPromptBehaviorUser
(Set as Automatically deny elevation requests)
---
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\User Account Control: Detect application installations and prompt for elevation
OR
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v EnableInstallerDetection
(Set as ENABLED)
---
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\User Account Control: Only elevate UIAccess applications that are installed in secure locations
OR
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v EnableSecureUIAPaths
(Set as ENABLED)
---
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\User Account Control: Run all administrators in Admin Approval Mode
OR
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA
(Set as ENABLED)
---
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\User Account Control: Switch to the secure desktop when prompting for elevation
OR
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v PromptOnSecureDesktop
(Set as ENABLED)
---
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\User Account Control: Virtualize file and registry write failures to per-user locations
OR
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System /v EnableVirtualization
(Set as ENABLED)
---
Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options\User Account Control: Allow UIAccess applications to prompt for elevation without using the secure desktop
OR
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableUIADesktopToggle
(Set DISABL
1. Re:How/Why (but not on my Windows 7 64-bit setup) by Sarten-X · 2012-04-13 01:11 · Score: 1
  
  I hear you can also drop in a hosts file...
  
  --
  You do not have a moral or legal right to do absolutely anything you want.
No need to wait, F-Secure has a free tool ready by kaitsu · 2012-04-12 03:55 · Score: 1

They now have a automated tool available at http://www.f-secure.com/weblog/archives/00002346.html
The Flashback attack has been fixed! by Anonymous Coward · 2012-04-12 05:43 · Score: 0

Where has everyone been for the past week? Apple released a new version of Java a week ago to fix this problem. If you want to check your own Mac to see if it's infected, you can do so using the Terminal Utility in the Applications Folder by following the instructions here:
http://osxdaily.com/2012/04/05/how-to-check-for-the-flashback-trojan-in-mac-os-x/
Re:DrWeb & a tale of "false positives"... apk by Anonymous Coward · 2012-04-12 06:08 · Score: 0

cry some more, little bitch. your shitware got flagged as malware.
Re:Funny how they're saying it's NOT, 1 by 1... ap by Anonymous Coward · 2012-04-12 07:00 · Score: 0

is not. keep crying.
Why. Apple? Why?? by Anonymous Coward · 2012-04-12 07:03 · Score: 0

"Security researchers and customers have been questioning why Apple hasn't yet provided a fix for the malware..."
Perhaps they're still in shock that any of their precious systems could be compromised.
Re:Not cryin (happy actually): As I stated before? by Anonymous Coward · 2012-04-12 07:48 · Score: 0

ha. i'm not very impressed with companies that lie on their press releases.
http://www.malwarebytes.org/press_center/malwarebytes-industry-momentum-intensifies
"Malwarebytes recently completed the acquisition of hpHosts, a popular and trusted blacklist of malicious websites, ad servers and tracking servers. The acquisition ensures that Malwarebytes protects against the newest malevolent internet protocol (IP) addresses"
you cannot protect against malevolent ip addresses with a hosts file. a hosts file can only block host names, not ip addresses. you need a firewall to block ip addresses.
so - lying? not impressive.
Re:Tell that to Mr. Burn (good guy, he'll write ba by Anonymous Coward · 2012-04-12 08:37 · Score: 0

"twisting the words"?
they clearly said that hpHosts (the acquisition) ensures that Malwarebytes protects against "the newest" malevolent ip addresses. i'm not twisting their words at all. that's what they explicitly said. a hosts file can't do that.
URA Software Engineer for 16 yrs? Bull! by Anonymous Coward · 2012-04-13 06:18 · Score: 0

I read your profile per my subject above: I think you're FULL OF it, & this proves it below...
You state You've been a software engineer for 16 yrs.? 1 yr. less professionally than I in fact!
(30++ yrs. total time though here since 1982 coding computers from midrange/mainframes into Client Server designs currently/professionally)
That said?
How could you BLATANTLY OVERLOOK these points on HOSTS files I used vs. your "experts" @ the link you posted?
(Especially since I can justify them via how device drivers work vs. usermode apps AND basic CSC-101 file access/parsing)?
To wit "point-by-point" as is my usual style backed by facts AND EXACTLY WHAT I USED vs. the fools in your link you posted (some 'experts', lol - not! More like noobs or techies trying to play "smart"):
---
First of all - You've made VERY FUNDAMENTAL "rookie" mistake's here on hosts files above! I welcome ANYONE to dispute these points on benefits hosts files give the end user of them in:
1.) Diskcaching taking over for "in memory speed of access" for larger hosts files vs. the faulty DNS clientside cache service in Windows
2.) How hosts files can aid security via "layered-security"/"defense-in-depth"
3.) How hosts files can lessen tracking & aid "anonymity" to an extent (DNS request logs)
4.) How hosts files can circumvent DNSBL's
5.) How hosts files aid speed
6.) Added reliability hosts files can give you vs. DOWNED dns servers
7.) Added security vs. DNS poisoned redirected DNS servers (a huge RECURRING problem the past few years done via port 51/53 iirc & "bum rushing" DNS servers set into recursive mode)
8.) The fact that HOSTS can do several things noted above for anonymity, & reliability AdBlock especially + even software firewalls cannot
9.) LASTLY & POSSIBLY MOST IMPORTANTLY FOR EFFICIENCY VS. OTHER SOLUTIONS SUGGESTED HERE BY PDUBS:
The fact hosts files are merely a kernelmode/ring 0/rpl 0 FILTER for the IP stack (far faster operations than occurs in usermode/Ring 3/RPL 3 programs like AdBlock)...
A fact of life in coding gentleman, & ONE YOU'D KNOW if you'd have programmed device drivers, vs usermode apps.
---
* Once more, I read your profile, and your claim of being a 'software engineer' isn't 'cutting it' vs. the above... & like your experts in the link below you posted? I welcome debate on the above - I'll take GREAT PLEASURE in 'ripping you in 1/2' for trolling me in fact!
So, either you're NOT MUCH OF A "software engineer" your profile claims & I DOUBT after the above?
OR
You need to actually get a degree in CSC - based on the above, because any 101 CSC class and file access methods + datastructures classes would have educated you on (as well as device driver programming)!
EXACTLY how I 'dusted' the "wannabe experts" in the link you posted here:
http://security.stackexchange.com/questions/9795/any-additional-security-with-large-blacklisting-hosts-file
?
No, I don't think so on your end... as to your CLAIM of being a "software engineer" and for 16 yrs... no way.
APK
P.S.=> In fact, after what I posted there? Again:
I challenge you to disprove its points "Mr. Bullshitter", because if you don't KNOW those points?
NO WAY You are A SOFTWARE ENGINEER... period (or you never had any classical CSC education training or you're just stupid - take your pick!)... apk
Re:Cardinal Richelieu (lol): JUST 4 U! apk by Anonymous Coward · 2012-04-16 00:42 · Score: 0

I didn't notice that because I didn't read more than six lines of the shitflood you posted, you little cunt. That was a page and a half down.
-_- by SuperfastComcast · 2012-04-16 08:44 · Score: 1

About Time.
Re:Yet ANOTHER 'effete downmod' retaliation? LMAO! by Anonymous Coward · 2012-04-20 01:41 · Score: 0

Yeah, go ahead and keep crying about the moderation. You're a troll, and a lousy one at that, and the new "Flag" feature makes it really easy to get your posts admin-bombed. So go ahead and keep refreshing that IP address.
I got the "last laugh", troll... apk by Anonymous Coward · 2012-04-21 00:48 · Score: 0

So, "Read 'em & WEEP" -> http://apple.slashdot.org/comments.pl?sid=2779659&cid=39661811
APK
I got the "last laugh" as usual troll... apk by Anonymous Coward · 2012-04-21 00:50 · Score: 0

So, "Read 'em & WEEP" -> http://apple.slashdot.org/comments.pl?sid=2779659&cid=39661811
APK
P.S.=> All the downmods in the WORLD can't hide it, so keep blowing your mod points... apk
Another bogus downmod? by Anonymous Coward · 2012-04-21 10:42 · Score: 0

Trying 2 hide the post parent to this reply, trolls? I won't allow it.
17 bogus moddowns & counting by Anonymous Coward · 2012-04-21 10:45 · Score: 0

Trying to hide my posts, trolls, by downmodding them -> http://apple.slashdot.org/comments.pl?sid=2779659&cid=39666615 ? I won't allow it, no way.. lol, keep blowing those mod points!
Cardinal Richelieu: 18th effete bogus downmod? by Anonymous Coward · 2012-04-21 10:46 · Score: 0

Trying 2 hide my posts trolls, by downmods od 'em -> http://apple.slashdot.org/comments.pl?sid=2779659&cid=39666615 ? I won't allow it, no way.. lol, keep blowing those mod points!
19th bogus downmod, Cardinal Richelieu? LMAO! by Anonymous Coward · 2012-04-21 10:48 · Score: 0

Trying 2 hide my posts by downmoddin 'em -> http://apple.slashdot.org/comments.pl?sid=2779659&cid=39666615 ? I won't allow thatt, no way.. lol, keep blowing those mod points trolls!
21st bogus moddown? LMAO! by Anonymous Coward · 2012-04-21 10:51 · Score: 0

Trying 2 hide my posts by downmoddin 'em -> http://apple.slashdot.org/comments.pl?sid=2779659&cid=39666615 ? I won't allow that, no way.. lol, keep blowing those mod points trolls - I'll just drag them back into view, and you'll exhaust all your mod points. Can't do that to the next person, now can you, if that happens... lol!
LMAO - 22nd bogus moddown! by Anonymous Coward · 2012-04-21 10:53 · Score: 0

Trying 2 hide my posts by downmoddin 'em -> http://apple.slashdot.org/comments.pl?sid=2779659&cid=39666615 ? I won't allow that, no way.. lol, keep blowing those mod points trolls - I'll just drag them back into view, and you'll exhaust all your mod points. Can't do that to the next person, now can you, if that happens... lol!
23rd bogus moddown & counting by Anonymous Coward · 2012-04-21 10:54 · Score: 0

Trying 2 hide my posts by downmoddin 'em -> http://apple.slashdot.org/comments.pl?sid=2779659&cid=39666615 ? I won't allow that, no way.. lol, keep blowing those mod points trolls - I'll just drag them back into view, and you'll exhaust all your mod points. Can't do that to the next person, now can you, if that happens? Nope... lol!
24th bogus moddown & counting by Anonymous Coward · 2012-04-21 10:56 · Score: 0

Trying 2 hide my posts by downmoddin 'em -> http://apple.slashdot.org/comments.pl?sid=2779659&cid=39666615 ? I won't allow that, no way.. lol, keep blowing those mod points trolls! Me? Well - I'll just drag them back into view, and you'll exhaust all your mod points. Can't do that to the next person, now can you, if that happens? Nope... lol!
25th bogus moddown & counting by Anonymous Coward · 2012-04-21 10:59 · Score: 0

Trying 2 hide my posts by downmoddin 'em -> http://apple.slashdot.org/comments.pl?sid=2779659&cid=39666615 ? I won't allow that, no way.. lol, keep blowing those mod points trolls! Me? Well - I'll just drag them back into view, and you'll exhaust all your mod points. Can't do that to the next person, now can you, if that happens? Nope... lol! http://apple.slashdot.org/comments.pl?sid=2779659
Keep blowin ur mod points troll by Anonymous Coward · 2012-04-21 11:02 · Score: 0

Trying 2 hide my posts by downmoddin 'em -> http://apple.slashdot.org/comments.pl?sid=2779659&cid=39666615 ? I won't allow it, no way.. lol, keep blowing those mod points troll!
Me? Well - I'll just drag them back into view, and you'll exhaust all your mod points.
Can't do that to the next person, now can you, if that happens? Nope... lol!