Slashdot Mirror
Apple Developing Tool To Remove Flashback
Trailrunner7 writes, quoting Threatpost: "Apple is planning to release a software fix that will find and remove the Flashback malware that has been haunting Mac users for several months now. ... Apple said on Tuesday that it was in the process of developing a tool that would detect and remove Flashback, but the company did not specify when the fix would be available. Security researchers and customers have been questioning why Apple hasn't yet provided a fix for the malware even though Flashback has been around in one form or another for more than six months now."
he would hire elite apple assasins to kill these supposed security researchers to stop the bad news
Actually the quote is quite opinionated and wrong. Apple provided java patches that basically close the hole and make the malware issue mute. Flashback HAS existed for months, but its also using a new vulnerability each time it comes up (its used a Flash hole, a PDF hole and a Java hole, three things not even developed BY Apple.) Likewise they have been patching the OS to flag Flashback in previous versions of the trojan.
The whole quote both shows the writers complete lack of knowledge of whats been done about Flashback that any competent system administrator knows already (hell we even have scripts developed to flag machines that MAY be infected and have had them for months this is ON TOP OF the info Apple has been providing us) as well as his bias in trying to spin this as if this thing is a huge issue (honestly is not, its not even the first real vulnerability on the Mac OS, there were numerous worms for Quicktime back in the 90's that abused Quicktimes autoplay feature, AND THOSE didnt require you to authenticate as admin since pre-osX you ran as root.)
Would probably help if you didn't make it your desktop wallpaper.
Apple is still in disbelief that that Flasback is real.
No.. Apple is still trying to figure out if this is from Adobe or not.
It is difficult to get a man to understand something when his job depends on not understanding it.
Here's how to figure out if you have it (from Gizmodo):
1.Run the following command in Terminal: /Applications/Safari.app/Contents/Info LSEnvironment
defaults read
2. Take note of the value, DYLD_INSERT_LIBRARIES
3. Proceed to step 8 if you got the following error message:
"The domain/default pair of (/Applications/Safari.app/Contents/Info, LSEnvironment) does not exist"
If you don't get that error message, well, time to head to F-Secure for your fix. If you're clean so far, you can move on to step eight:
8. Run the following command in Terminal:
defaults read ~/.MacOSX/environment DYLD_INSERT_LIBRARIES
9. Take note of the result. Your system is already clean of this variant if you got an error message similar to the following:
"The domain/default pair of (/Users/joe/.MacOSX/environment, DYLD_INSERT_LIBRARIES) does not exist"
In other words: "does not exist" means you've got a healthy rig. Anything else, just keep following F-Secure's instructions to vanquish the intruder.
A) Vulnerability has been patched.
B) It's not that difficult to detect and remove.
This is strictly about helping non technical users that might be infected in an easy way. It's these users that were specifically targetted by the way since the malware targets old versions of Java and even checks for the existence of "power user" tools installed and doesn't install if they are :
"4. You do not have certain security tools installed on your Mac that Flashback checks for, including Little Snitch, Xcode, and a few anti-malware tools.'
If all else fails, immortality can always be assured by spectacular error.
he would hire elite apple assasins to kill these supposed security researchers to stop the bad news
You fools, don't you realize Steve Jobs himself was the elite apple assassin?
Concealed under his black shinobi-shzoku-turtleneck was a lethal array of ninja weapons; many an unlucky Samsung executive or uncooperative tech-journalist has met their end at his hands, dispatched by a Firewire-cable garrot or iShuriken (they're like regular Shuriken, but with patented rounded corners). Gates himself has only survived thanks to the vigilant guard of his hulking 'roid-enhanced genetically engineered gorilla henchman.
He was a shinobi of un-matched caliber, until his fateful battle against Google-fu masters Page and Brin, when he was felled by the Pancreas Death-Strike technique.
Bah Ur doin it wrong, let the old Hairyfeet show you how to REALLY insult all three OSes!
1.-if the patch comes out on linux it will be 14 pages of CLI and a tarball that will need a specific version of GCC, if they put it in the repo upon application it will throw you into single user mode on first boot. you DO know how to edit your config files, right?
2.-If the patch comes out on Windows it will take 2 hours to install, followed by an hour on the "waiting to shutdown' screen and ANOTHER hour on the "Please wait, configuring Windows" boot up and may God have mercy upon your tortured soul if the power goes out while that is happening!
3.-If the patch comes out on Apple it will be a year behind, but it will come in a cool silver look and everyone will talk about how truly wonderful it is. it doesn't actually patch anything "bad" it just brings sprinkles of Steve's magic to your poor pathetic life because "hey Apple never gets viruses' so everything you've read here? Total lie spread by those Windoze and Lunix luzers because they can't afford magic sprinkles, poor bastards.
Now THAT is how you insult all three boy! I'd insult the BSD guys while I was at it but they'd be so damned grateful that anybody even mentioned them at all they'd probably thank me for doing it which just takes all the fun out, its like kicking a really stupid puppy that just smiles and wags its tail at you.
ACs don't waste your time replying, your posts are never seen by me.
If it came out for BSD, the dependency check would trigger a complete recompile of KDE 4.x, bogging down your desktop for 34 hours. After it was done, everything would work fine, but in all practicality, you wouldn't be any safer because face it, you're running BSD; no one gives shit about you.
I don't always use unix-like operating systems; but when I do, I prefer FreeBSD.