Apple Developing Tool To Remove Flashback

Trailrunner7 writes, quoting Threatpost: "Apple is planning to release a software fix that will find and remove the Flashback malware that has been haunting Mac users for several months now. ... Apple said on Tuesday that it was in the process of developing a tool that would detect and remove Flashback, but the company did not specify when the fix would be available. Security researchers and customers have been questioning why Apple hasn't yet provided a fix for the malware even though Flashback has been around in one form or another for more than six months now."

if steve jobs was still here

[alen]

he would hire elite apple assasins to kill these supposed security researchers to stop the bad news

Re:if steve jobs was still here

If Jobs was still here he would tell you that you are "holding it wrong".

Re:if steve jobs was still here

[cant_get_a_good_nick]

Begun. the cat and mouse game has.

Proper grammar, Yoda would speak with.

Re:if steve jobs was still here

[shugah]

I'm going to get a bracelet that says "WWSD"

Re:if steve jobs was still here

[CAIMLAS]

That may be modded funny, but their response has probably closer to that right now than it is any actual sincere security response.

It's really quite embarrassing (for them). I'd expect this from a small company, not a multibillion (trillion?) dollar international corporation. It does not make me have faith in their ability to effectively and safely maintain their software stack.

Re:if steve jobs was still here

[oodaloop]

If I feel like it, a preposition is something I will end a sentence with, asshole.

There, is that better?

Re:if steve jobs was still here

[Eponymous+Hero]

hey fuck off, i was attacking the gNazi too.

Re:if steve jobs was still here

[AmiMoJo]

Reminds me of Microsoft about 10 years ago. Now there's a scary thought.

Re:if steve jobs was still here

[Sketchly]

I reckon he'd charge people for Flashback. Then patent it. Then attempt to patent all the malware in the world. And the future world.

Re:if steve jobs was still here

[Sketchly]

But think about Microsoft 10 years in the future. Feel better?

How good is it?

[rishistar]

I'm still having flashbacks to the time I saw the Goatse image. Will it work on that too?

Re:How good is it?

[SJHillman]

Would probably help if you didn't make it your desktop wallpaper.

Re:How good is it?

[gl4ss]

I thought flashback was a pretty good game for a 2d platformer.

btw what do you think about this =o=

Re:How good is it?

[Canazza]

It's a tired Koala!

Slow is good

[Sarten-X]

Security researchers and customers have been questioning why Apple hasn't yet provided a fix for the malware even though Flashback has been around in one form or another for more than six months now.

Because they're doing the same thing Microsoft does with its slow-as-molasses patches: testing for side effects, on every major application, on every piece of hardware they can get their hands on.

Re:Slow is good

[FudRucker]

if it was Linux based malware a patch would have been out within 24 to 48 hours, six months is enough time to create a new version of the entire operating system,

Re:Slow is good

[ledow]

Meanwhile, all those applications are running in your large corporation while riddled with malware that's difficult to detect, isolate and remove.

Put out a patch and EVERYONE can test, and those for whom it is critical can TELL you what it did to their machines and/or choose to apply it or not.

Meanwhile, every home user is typing in their bank details into a computer that's reading their every move because some obscure application on the other side of the planet "might crash".

And, to be honest, any application that is affected by an external tool that clears a malware infection was either a) infected or b) poorly designed and implemented. That's what an OS is FOR - to isolate programs from each other and the hardware.

Re:Slow is good

[Coisiche]

...on every piece of hardware they can get their hands on...

But it's Apple, isn't there just one bit of hardware to check?

Re:Slow is good

Yes, because Apple will have to test on such a VAST range of hardware...

Re:Slow is good

Actually the quote is quite opinionated and wrong. Apple provided java patches that basically close the hole and make the malware issue mute. Flashback HAS existed for months, but its also using a new vulnerability each time it comes up (its used a Flash hole, a PDF hole and a Java hole, three things not even developed BY Apple.) Likewise they have been patching the OS to flag Flashback in previous versions of the trojan.

The whole quote both shows the writers complete lack of knowledge of whats been done about Flashback that any competent system administrator knows already (hell we even have scripts developed to flag machines that MAY be infected and have had them for months this is ON TOP OF the info Apple has been providing us) as well as his bias in trying to spin this as if this thing is a huge issue (honestly is not, its not even the first real vulnerability on the Mac OS, there were numerous worms for Quicktime back in the 90's that abused Quicktimes autoplay feature, AND THOSE didnt require you to authenticate as admin since pre-osX you ran as root.)

Re:Slow is good

[Sarten-X]

If you're running Linux, you're probably competent to fix things if a patch breaks them.

If you're running OS X, you're probably confused enough by the patch in the first place.

If you're running Windows, you're probably just going to complain to some IT guy when the report looks slightly different.

Disclaimer: I triple-boot, with more VMs. I can make fun of everybody.

Re:Slow is good

[csumpi]

However they missed Autodesk Maya with the Lion upgrade. Maya still doesn't run on it, which is one of the most popular 3d packages (if not the most popular 3d package).

So I'm not necessarily buying your argument. It has as much ground as saying that providing a fix would acknowledge that the problem existed in the first place.

Re:Slow is good

[Richard_at_work]

A patch might have been out within 48 hours, but how long until it made its way into every distributions patch repository?

Re:Slow is good

[Theophany]

Whilst I'd like to believe you, I fear that it is more to do with Apple spending so long in flat out denial that an issue ever existed.

Don't get me wrong, I'm no hater and I'm no shill. I used to exclusively use Macs, now I don't use them at all (although I do use an iPhone/iPad) purely because their support practices in terms of viruses or serious issues are disgraceful. Whilst they do have an excellent support system whilst you're covered by AppleCare, they also have a culture of denying widespread hardware and software failures that most other companies would acknowledge quickly and get fixed quickly too.

Case in point, I bought a batch of Macbook Airs a few years back for the company I was then working for. After two years, every_single_one_ died within a few days of each other from the same catastrophic hardware failure. Apple refused to acknowledge that there was any link, no matter how tenuous, of a manufacturer failure. They said it was pure coincidence.

Like I said, I'm no hater. I know that corporations have to be ruthless to make money, but once I realised just how often they bury their heads in the sand (and how infuriating it can be) that was the day I ceased to buy big ticket items from them.

Re:Slow is good

[JohnBailey]

Apple is still in disbelief that that Flasback is real.

No.. Apple is still trying to figure out if this is from Adobe or not.

Re:Slow is good

[binarylarry]

Most of the world uses Linux everyday.

Far more people than the Mac userbase.

Re:Slow is good

[Theophany]

As an addendum to this: There's a problem with our software, we will fix it ASAP.

Re:Slow is good

they also have a culture of denying widespread hardware and software failures that most other companies would acknowledge quickly and get fixed quickly too.

Really? Because I have never in 15 years of being a tech or system administrator who worked exclusively with Macs EVER had a issue with Apple admitting a hardware issue. Maybe a tech once in a while who didnt want to go through paperwork, but not my executive contacts who have replaced systems even when it WAS our fault, and we didnt have AppleCare on it.

Re:Slow is good

Yes, because Apple will have to test on such a VAST range of hardware...

Actually yes, they do. They currently offer support on 3 different OSs (10.5-10.7) and close to a hundred different platforms with different configurations going back 4 years.

You can even rent their test lab as a developer if you wanted to as well.

Re:Slow is good

[schnikies79]

And they have no idea they are using it and have no direct interaction with the OS or it's file system. We are talking about actively used computers, mainly desktops/laptops.

Don't be douche.

Re:Slow is good

[Idbar]

Did you just compared Apple to... Microsoft!!??

Run for your lives!

Re:Slow is good

From what I understand is that Apple up keeps it's own version of Java that runs on the Mac. So in fact they own the problems that come with allowing it on their systems. Here is a link about that pretty much says that http://www.nl-tech.com/apple-users-download-malware.html

"Oracle, which develops Java, issued a critical patch update in February 2012 to correct the problem, but because Apple controls Java updates in its computers, it did Apple users no good."

and here http://whatculture.com/technology/mac-flashback-virus-what-it-is-and-how-to-remove-it.php

"The reason Apple computers were still at risk was Apple develops its own version of Java, and does so at a slower pace."

I expect to see more of this. Apple wants to keep a tight grip on everything so anything that slips thorough their fingers are fair game to allow blame on them. Look at Microsoft I don't remember Microsoft ever writing a virus/mal-ware to attack their own system but they get blamed for everything. Now that Apple is at the top of the game people will target it more so. So your opinionated comment that they are opinionated is just wrong when you look at the facts.

Re:Slow is good

And it would have required editing a text configuration file and then running the patch from the command line,.

Bit of a pathetic troll given there's been gui package managers where you click on 'apply' or similar to bring your entire system up to date for more than 10 years.

Re:Slow is good

[Theophany]

Logic board went kaput on each on of them. IIRC there were 8 machines in total. Despite my many attempts to reason with them, they wouldn't even give us a discount on the repair costs as a show of goodwill.

Re:Slow is good

[trnk]

Whooosh!

Re:Slow is good

[Theophany]

I'm talking in more general terms. I.e. a thousand or so Macs started exhibiting this weird behaviour - everybody is taking to the Internet to complain. Apple are denying this is a widespread issue.

Re:Slow is good

[olau]

So, I'd much rather have a slow patch from a company that cared enough to actually test it, vs a hobbyist who doesn't care enough to produce quality robust code.

True. That's why I run a mix of Windows ME and Apple MacOS 9 on all my servers. I'm not letting that Linux distro run entirely by volunteers, what's it called, Debbi's Ian? near any of my good stuff. When was the last time Microsoft or Apple released a security fix for those two systems? See. Flawless software.

Re:Slow is good

[CharlyFoxtrot]

if it was Linux based malware a patch would have been out within 24 to 48 hours, six months is enough time to create a new version of the entire operating system,

The vulnerability has been patched. This is about removing the malware from infected systems.

Re:Slow is good

If you're a tech or SA working exclusively with Macs, I can say with high certainty that your productions were of low merit and no complexity. For real - 5 "home users" and a Belkin switch does not constitute enterprise experience - and your anecdote at best demonstrates how tiny your experience set is.

Re:Slow is good

[oh_my_080980980]

What!?! Yeah because there are more servers than desktop computers. We're talking about infection on desktop computers.

don't be a douche.

Re:Slow is good

[amiga3D]

Don't confuse the issue with facts.

Re:Slow is good

[oh_my_080980980]

Actually no that's not correct. Apple and Oracle are working together on it:

"In November, Apple and Oracle announced that they would collaborate on a Mac-based incarnation of OpenJDK, an open source version of Java."

http://www.theregister.co.uk/2011/02/27/no_java_in_mac_os_x_lion/

Re:Slow is good

[oh_my_080980980]

And this

Oracle Previews Java SE 7 for Mac OS X, Unveils Java SE Roadmap
Oracle is releasing a technology preview of Java SE 7 on Mac OS X and said it plans to release Java SE 7 on Mac OS X for developers in the second quarter of 2012 and a consumer version later that year.

http://thejournal.com/articles/2011/10/06/oracle-previews-java-se-7-for-mac-os-x-unveils-java-se-roadmap.aspx

Re:Slow is good

[CharlyFoxtrot]

A) Vulnerability has been patched.
B) It's not that difficult to detect and remove.

This is strictly about helping non technical users that might be infected in an easy way. It's these users that were specifically targetted by the way since the malware targets old versions of Java and even checks for the existence of "power user" tools installed and doesn't install if they are :

"4. You do not have certain security tools installed on your Mac that Flashback checks for, including Little Snitch, Xcode, and a few anti-malware tools.'

Re:Slow is good

[CharlyFoxtrot]

From what I understand is that Apple up keeps it's own version of Java that runs on the Mac. So in fact they own the problems that come with allowing it on their systems. Here is a link about that pretty much says that http://www.nl-tech.com/apple-users-download-malware.html

Apple wants to get rid of Java. It's no longer installed by default from Lion onward. That also means that users on the latest version of the OS would not have been vulnerable using the OS as shipped.

Re:Slow is good

[Theophany]

Replied below, what's the issue? :/

The type hardware failure is irrelevant, the fact that Apple said there was no link and that it was coincidental was the issue.

If it had been something as straightforward as a hard disk fail, that would be fine. It's not their fault as they didn't manufacture it and I'd have backups of the disks anyway. That is not a catastrophic failure (although it is a major inconvenience with the sealed body and 1.8" HDDs used in those models).

You're focusing on unimportant details and coming across as a blatant shill.

Re:Slow is good

[DJRumpy]

Odd. I had a MacBook affected by a bad nvidia card and Apple replaced the motherboard free of charge on hardware long out of warranty (4 years old). This is not a refusal to acknowledge an issue to my mind.

They lead the industry in satisfaction. Reality would tend to differ with your example.

Re:Slow is good

[hairyfeet]

Bah Ur doin it wrong, let the old Hairyfeet show you how to REALLY insult all three OSes!

1.-if the patch comes out on linux it will be 14 pages of CLI and a tarball that will need a specific version of GCC, if they put it in the repo upon application it will throw you into single user mode on first boot. you DO know how to edit your config files, right?

2.-If the patch comes out on Windows it will take 2 hours to install, followed by an hour on the "waiting to shutdown' screen and ANOTHER hour on the "Please wait, configuring Windows" boot up and may God have mercy upon your tortured soul if the power goes out while that is happening!

3.-If the patch comes out on Apple it will be a year behind, but it will come in a cool silver look and everyone will talk about how truly wonderful it is. it doesn't actually patch anything "bad" it just brings sprinkles of Steve's magic to your poor pathetic life because "hey Apple never gets viruses' so everything you've read here? Total lie spread by those Windoze and Lunix luzers because they can't afford magic sprinkles, poor bastards.

Now THAT is how you insult all three boy! I'd insult the BSD guys while I was at it but they'd be so damned grateful that anybody even mentioned them at all they'd probably thank me for doing it which just takes all the fun out, its like kicking a really stupid puppy that just smiles and wags its tail at you.

Re:Slow is good

[Theophany]

Reality would tend to differ with your example.

As I said, I used to use Macs exclusively and had never had an issue with their tech support. My first Mac was a TiBook back in 2001 (which I still have and is still working perfectly). I'm not saying that their service sucks on the individual level (which, I hasten to add is not what I was talking about in my example), but the level of service I received in the example given was appalling.

Am I trying to boycott them? No. Am I saying their service sucks universally? No. In my experience with them as a big customer (15x expensive laptops) was I pleased with the service I received? Hell no.

So when you tell me about your ONE laptop with a graphics card issue and make it out to be directly comparable to a situation totally different, I have to think that you're missing the point somewhat.

Re:Slow is good

[tqk]

if it was Linux based malware a patch would have been out within 24 to 48 hours ...

The vulnerability has been patched. This is about removing the malware from infected systems.

Yeah, and how hard is that? Is this about malware that magically attaches itself to existing executables, or does it just drop itself into a system directory and run itself?

Both are pretty bloody old problems and easily mitigated. How is it that OSX can be owned by a driveby exploit trojan that adds it to a botnet? I thought its underlying guts were Unix. How is it that Windows can't notice that something new has been installed and executed without the user's instigation?

What have Apple and Microsoft OS developers been spending their time on for the last decade? Surfing pr0n? Posting "you guys suck" on web forums? Making Clicky spin more gracefully?

Meanwhile, their users are unwittingly added to botnets and their machines run keyloggers that phone home to crackers. And they get to pay for these "privileges"?!? Gee, what a great deal.

$DEITY help them if their shareholders ever wise up.

Re:Slow is good

[Beelzebud]

Honest question: Why do you visit this site?

Re:Slow is good

[Sarten-X]

I bow before your offensive mastery.

Re:Slow is good

[Beelzebud]

Going from Arch Linux experience it would probably be in their repo in 50 hours, going by your 48 hour example.

Re:Slow is good

[CAIMLAS]

Really? Then why does Windows Security Essentials get an update for some things within a day or so of new malware making the rounds?

You're comparing a vulnerability patch (long cycle reactive) with a detection and removal tool (short cycle reactive). It's not even an intelligent argument.

Re:Slow is good

[Bucky24]

A lot of server farms at major companies run linux/unix operating systems. So some pretty important entities care.

Heh, I dunno why I'm even bothering to reply to a troll... Must be bored.

Re:Slow is good

[Bucky24]

Xcode is a security tool? Man I've been using it totally wrong-I thought it was a development environment.

Re:Slow is good

[edremy]

Disclaimer: I triple-boot, with more VMs. I can make fun of everybody.

Bah- neophyte. I ran Doom the other day in a DOS emulator under Linux running in VirtualBox under Windows which was running on my Mac in Parallels.

Yes, it ran- it was even playable. Next up I'm going to run VICE on the DOS machine and see if I can play Bard's Tale on a C64. I loved that game...

Re:Slow is good

[Richard_at_work]

So if its an issue with GCC or glibc, then its good to know theres a lot of regression testing going on...

It would be terrible if the GlibC guys introduced another bug such as this one https://bugzilla.redhat.com/show_bug.cgi?id=638477 (read the entire thread for it to make sense - a change in memcpy had major repercussions).

Re:Slow is good

[Guy+Harris]

Actually yes, they do. They currently offer support on 3 different OSs (10.5-10.7)

Actually, they're not offering security updates for 10.5 any more. They're offering security updates for 10.6 and bug-fix and security updates for 10.7; "bug-fix and security updates for the current major release, security updates for the previous major release" has been the policy for many years.

Re:Slow is good

[BitZtream]

I had atleast 6 months to test my apps on lion before release and I'm just a normal developer. Auto desk probably gets access before mOst people due to their popularity. It's not Apples fault, it's yours for bending over and continuing to use products from a company openly hostile and abusive to its customers like autodesk

What you need to realize is that auto desk is no different than adobe, if you use a Mac and you haven't migrated off those tools that still think It's the late 80s it's your problem.

Re:Slow is good

[dintech]

Well, at least now people might stop pretending that Apple products are magically more secure than the competition.

Re:Slow is good

[toadlife]

If it came out for BSD, the dependency check would trigger a complete recompile of KDE 4.x, bogging down your desktop for 34 hours. After it was done, everything would work fine, but in all practicality, you wouldn't be any safer because face it, you're running BSD; no one gives shit about you.

Re:Slow is good

[helix2301]

This virus has already been patched this is just a removal tool for the 600,000 computers that got infected. 600,000 out of how many millions of machines Apple sells a year it is small in comparison to Windows viruses. Oracle released a patch for Windows while ago Apple is just getting around to it they were slow on getting this patch out but the negative press has really been at minimum.

Re:Slow is good

[CharlyFoxtrot]

Yeah, and how hard is that? Is this about malware that magically attaches itself to existing executables, or does it just drop itself into a system directory and run itself?

"As with previous variants of the malware, the latest variant of the Flashback malware, called OSX/Flashback.I, works by modifying code within Web browsers that causes it to launch when the browsers are opened and result in modified Web pages being displayed."
Removal instructions

Both are pretty bloody old problems and easily mitigated. How is it that OSX can be owned by a driveby exploit trojan that adds it to a botnet? I thought its underlying guts were Unix. How is it that Windows can't notice that something new has been installed and executed without the user's instigation?

What have Apple and Microsoft OS developers been spending their time on for the last decade? Surfing pr0n? Posting "you guys suck" on web forums? Making Clicky spin more gracefully?

Meanwhile, their users are unwittingly added to botnets and their machines run keyloggers that phone home to crackers. And they get to pay for these "privileges"?!? Gee, what a great deal.

$DEITY help them if their shareholders ever wise up.

Actually the problems ARE all solved in the latest versions of OSX. The attack vector is a Java applet displayed in the browser, Lion no longer includes Java by default, malware detection was added in Snow Leopard and starting in Lion processes are sandboxed. From what I've read the malware seems to target older computers and versions of OSX. As always the best protection is remaining up to date.

Re:Slow is good

[CharlyFoxtrot]

the negative press has really been at minimum.

Probably a "Let He Who Is Without Sin Cast The First Stone" kind of thing.

Re:Slow is good

[mcgrew]

They aren't facts, troll. I've been using Linux for ten years. Never compiled a program for it, never needed to edit one of its text files (although the fact that I can is a nice feature, another reason Linux is superior to Windows), and only use the command line if I forget the root password and need to reset it. A software patch has nothing to do with the hardware it runs on. Linux does sometimes have issues with drivers for new hardware, but that's a separate issue, and Windows has issues with drivers for older hardware.

As to "RTFM n00b" I never encountered that, either. Every Linux question I ever asked on the internet garnered me at least an attempt to help, including which FM to R and where to find it. But I can see why you and the GP get treated harshly by Linux people, if someone with an attitude like yours asked a question in that tone I wouldn't say "RTFM n00b" I'd say "go fuck yourslef, asshole". Nice begets nice, hostility begets hostility. Only an idiot treats someone he needs help from badly.

Re:Slow is good

[Em+Adespoton]

I've run Bard's Tale on the old Apple ][ emulator on my Mac Plus emulator on my 68K Mac emulator on my PPC Mac emulator on my VirtualBox install of 10.4.11 on 10.7.

Interestingly, it actually runs at speed. Too bad there was no decent IIgs emulator for the Plus, or I'd run Dark Castle on it :)

I've also had every major version of the Mac OS (except 10.0 and 10.1, for obvious reasons) running in parallel on the same hardware (from the original Macintosh System 0.3 through to 10.7). Of course THAT tends to slow some of the more recent versions down.

Re:Slow is good

[Em+Adespoton]

If Xcode is installed, that means gdb is installed (and vice versa).

Re:Slow is good

[Moldiver]

RTFM is not nice, it's highly aggressive....

Re:Slow is good

[drkstr1]

Highly aggressive? Hells, RTFM was the best advice I've ever gotten!

Programmers have often suggested that in some situations, "RTFM" is actually the best advice that an aspiring programmer can receive. They posit that programming is a dynamic art that requires independence and drive on the part of the programmer, and see "RTFM" as more of a long-term advisement than it is a response to any single query.

Flashback?

[Vinegar+Joe]

It's not a bug.....it's a feature.

Re:Flashback?

Isn't Flashback something you get from using Time Machine?

I know why

[BlastfireRS]

Unfortunately, security isn't that big of a deal to Apple...yet. With the increase in market penetration the bulls-eye on Macs is getting larger and a lot more tempting; hopefully they realize this before something very serious happens and take steps to bolster their in-house security research (or hell, outsource it).

Re:First time takes much longer.

[binarylarry]

No, you are *completely* mistaken.

This forthcoming Apple "Anti-Viral Technology" is going to be amazing.

Imagine being able to remove viruses off of infected computers without buying a whole new one! Another Apple innovation and Mac OSX first!

Manually Detect & Remove

[guttentag]

Running Software Update today to update Java will prevent you from getting flashback going forward, but that's not going to do anything if you already have it.

Here's how to figure out if you have it (from Gizmodo):

1.Run the following command in Terminal:
defaults read /Applications/Safari.app/Contents/Info LSEnvironment
2. Take note of the value, DYLD_INSERT_LIBRARIES
3. Proceed to step 8 if you got the following error message:
"The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist"

If you don't get that error message, well, time to head to F-Secure for your fix. If you're clean so far, you can move on to step eight:

8. Run the following command in Terminal:
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
9. Take note of the result. Your system is already clean of this variant if you got an error message similar to the following:
"The domain/default pair of (/Users/joe/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist"

In other words: "does not exist" means you've got a healthy rig. Anything else, just keep following F-Secure's instructions to vanquish the intruder.

Re:Manually Detect & Remove

[Inda]

Terminal? This ain't an airport buddy.

Isn't there of picture of Steve's head I can click instead?

Steve Jobs: Ninja Assasin

[Guppy]

he would hire elite apple assasins to kill these supposed security researchers to stop the bad news

You fools, don't you realize Steve Jobs himself was the elite apple assassin?

Concealed under his black shinobi-shzoku-turtleneck was a lethal array of ninja weapons; many an unlucky Samsung executive or uncooperative tech-journalist has met their end at his hands, dispatched by a Firewire-cable garrot or iShuriken (they're like regular Shuriken, but with patented rounded corners). Gates himself has only survived thanks to the vigilant guard of his hulking 'roid-enhanced genetically engineered gorilla henchman.

He was a shinobi of un-matched caliber, until his fateful battle against Google-fu masters Page and Brin, when he was felled by the Pancreas Death-Strike technique.

Re:Steve Jobs: Ninja Assasin

You fools, don't you realize Steve Jobs himself was the elite apple assassin?

I like what you did there.

Most probably didn't even notice that your lips were not synchronized as you said the above.

Re:Steve Jobs: Ninja Assasin

[mybecq]

Gates himself has only survived thanks to the vigilant guard of his hulking 'roid-enhanced genetically engineered gorilla henchman.

And here I was thinking it was because he was some kind of Borg creature. My mistake.

Re:Steve Jobs: Ninja Assasin

[pckl300]

You fools, don't you realize Steve Jobs himself was the elite apple assassin?

If he was, he wasn't very good. His throwing stars were confiscated by the Japanese.

Why apple waited so long...

[wjcofkc]

Because they are working on the next version of OS X: Honey badger. It don't give a shit.

http://www.youtube.com/watch?v=4r7wHMg5Yjg&feature=player_detailpage

Re:Why isnt the fix out?

[CharlyFoxtrot]

The fix was upgrading to Lion which doesn't have Java by default.

Has Flashback done any damage?

[alispguru]

Casual web searches don't turn up anything other than exploiting a vulnerability to get onto your machine (bad enough!).

Did anyone successfully command it to do anything?

hey fanboi

[Eponymous+Hero]

no need to waste slashdot's time with this old non-news. take it to the friend bar: http://www.youtube.com/watch?v=q9ZnwvyAk8k

Re:Why isnt the fix out?

[Eponymous+Hero]

nobody told this guy: http://www.youtube.com/watch?v=Ef9XsOgjIQU

they will offer this as a fix

[vonshavingcream]

buy the "new" ibook, it will be virus free.

The Joke you are not getting

[RobertLTux]

when speaking in "yoda" you use correct grammar but swap words around (mostly putting them backwards)

check this out http://www.yodaspeak.co.uk/index.php

Re:The Joke you are not getting

[Eponymous+Hero]

i got the joke, idiot. the joke YOU'RE not getting is that i'm attacking his grammar nazi attack with one of my own. also, he didn't need to use the word "with" at all. "Proper grammar, Yoda would speak," makes just as much sense and has better grammar. adding the word "with" in his case really does make it sound awkward. if you don't like crow, you can always eat a shit taco and die. everyone knows how Yoda speak works, like everyone knows pig latin. we don't need a primer on that either. douchebag.

Re:The Joke you are not getting

[IKnwThePiecesFt]

Woah woah woah.

You mad bro?

Re:The Joke you are not getting

[Eponymous+Hero]

nah, not at all. i call this move, The Kabosh. at the least he won't respond to me anymore. best case scenario he makes me a foe.

Re:First time takes much longer.

[BitZtream]

I would pay extra for that as I've never seen any virus other than Stoned being completely removed.

With rootkits and such you really have to reinstall from clean readout media regardless of OS.

Sorry your so ignorant that you think mcafee actually works.

Reality Distortion Field

[ThatsNotPudding]

It's not a bug.....it's a feature.

"And we think you're going to love it."

Get Dr. Web to do it

[TheRealGrogan]

I'm surprised that Dr. Web hasn't come out with a tool for this. (They are pretty damned good at that sort of thing)

Actually, not a specific tool, but...

http://news.drweb.com/show/?i=2354&lng=en&c=14

"Rather than employ special tools provided by other vendors to delete BackDoor.Flashback.39, Doctor Web offers you to make use of the time-tested Dr.Web Light for Mac OS X rated among the top free applications in the Mac App Store. It will easily find and neutralize the Trojan horse and other malicious programs posing threat to your Mac." (quote from article)

I don't imagine this would be that difficult to ferret out on MacOS. It's not a complex morass of liquishit like Windows. Does the botnet trojan even run as root to be able to dig itself in? You don't need root to do normal user things like open network connections to participate in a botnet. I don't think there is any "rootkit" behaviour here.

Not fixed yet because ....

[PPH]

.... Apple developers were distracted reminiscing about the good old days when Apple products didn't get viruses.

Re:Why isnt the fix out?

[Em+Adespoton]

Apple hasn't provided the fix because they detect and block most variants with XProtect (soon to be Gatekeeper). However, some variants got through before they pushed out their detection update -- and so now they've got a cleanup issue and no tools to perform automated cleanup. Added to this, static cleanup is non-trivial as the infection changes a bit depending on which version it was and how the victim's computer was configured.

Before the variant that leveraged the Java exploit, infection numbers were low, and protection was high. Within a week, that changed.
Also worth noting that Apple blocks the malicious sites that serve up the malware too, as it finds them (via code analysis and in-the-wild reports).

No need to wait, F-Secure has a free tool ready

[kaitsu]

They now have a automated tool available at http://www.f-secure.com/weblog/archives/00002346.html

Re:How/Why (but not on my Windows 7 64-bit setup)

[Sarten-X]

I hear you can also drop in a hosts file...

-_-

[SuperfastComcast]

About Time.