or Connect
AppleInsider › Forums › Software › Mac OS X › Apple quietly includes malware prevention update in Mac OS X 10.6.4
New Posts  All Forums:Forum Nav:

Apple quietly includes malware prevention update in Mac OS X 10.6.4

post #1 of 59
Thread Starter 
Apple silently updated its Snow Leopard malware protection in this week's Mac OS X 10.6.4 update, targeting a Trojan that disguises itself as iPhoto.

Though the new protection wasn't specifically listed in any of Apple's documentation accompanying Mac OS X 10.6.4, security firm Sophos discovered the update in the XProtect.plist file, which contains signatures of potential Mac threats. The new threat, dubbed HellRTS by Apple, has been distributed by hackers since April in the form of iPhoto.

Referred to as OSX/Pinhead-B by Sophos, the Trojan monitors browser activity unbeknownst to Mac users. It also makes a machine remotely accessible to the attacker, who can take complete control of the computer.

"If you did get infected by this malware then hackers would be able to send spam email from your Mac, take screenshots of what you are doing, access your files and clipboard and much more," said Graham Cluley, senior technology consultant with Sophos.

Cluley took a negative response to Apple's secrecy, suggesting that the Cupertino, Calif., company should instead make note that the latest update to Snow Leopard helps to thwart a potentially dangerous Trojan.

"You have to wonder whether their keeping quiet about an anti-malware security update like this was for marketing reasons," he wrote on the company's blog.

Last September, Cluley also made note that users upgrading to Snow Leopard would see their version of Flash for Mac downgraded to an older, less secure version. Apple addressed the issue with an update a week later.



Released last August, Snow Leopard came with a built-in antimalware feature. While the previous version of Mac OS X, Leopard, flagged Internet downloads with metadata that alerted users when downloading files from the Web, Snow Leopard added an additional warning when disk images containing known malware installers are opened.

Apple released its latest update for Snow Leopard, Mac OS X 10.6.4, on Tuesday. The security and maintenance update fixed issues that could cause a Mac keyboard or trackpad to become responsive, and also resolved a problem that could prevent some Adobe Creative Suite 3 applications from opening.
post #2 of 59
AppleInsider continues to used the word "quietly". It doesn't fit.

They can't do anything quietly with you guys reporting everything they do. Here, I'll rewrite the title for you:

Quote:
Apple includes malware prevention update in Mac OS X 10.6.4
Citing unnamed sources with limited but direct knowledge of the rumoured device - Comedy Insider (Feb 2014)
Reply
Citing unnamed sources with limited but direct knowledge of the rumoured device - Comedy Insider (Feb 2014)
Reply
post #3 of 59
So was this patched into a torrent version of iPhoto?

I don't get it..
post #4 of 59
Quote:
Originally Posted by Ireland View Post

AppleInsider continues to used the word "quietly". It doesn't fit.

They can't do anything quietly with you guys reporting everything they do. Here, I'll rewrite the title for you:

they try to give off this idea that Apple just does all their stuff silently like a cool person would do. Like "hey, no biggie, I only prevented malware. Here you go. Thats how I do"
post #5 of 59
I have been using virus/malware protection for about a year now on my Apple computers for that very reason, nothing will stay immune form this junk for long.

I am running a version from ESET NOD32, it's amazingly easy on system resources, we have also been testing it on two segregated OS X servers and it's been bullet proof for 6 months now, there is also a remote manager that can manage installations across your complete network PC's & Mac's

It's worth check it out just the same, there is a free public beta open right now.

Code:

http://www.eset.com/mac


post #6 of 59
Quote:
Originally Posted by chronster View Post

they try to give off this idea that Apple just does all their stuff silently like a cool person would do. Like "hey, no biggie, I only prevented malware. Here you go. Thats how I do"

Call a press conference at Moscone Center and announce "thank-you all for coming! First some updates - in spite of our continued growth in the marketplace the incidence of virus infection and general malware incursions has stayed relatively flat. We are justly proud of that fact. However, we have patched a potential malware threat in our OS, and to satisfy our friends at Sophos we are giving you this opportunity to be among the first to enjoy the fruits of our labor and openness. By the way, in related news, one of the Apple Campus security guards picked up a drunk who was taking a piss on one of our shrubs, and we remanded him to the proper authorities. We have also developed a program for our roving engineers to have their prototype devices hermetically tethered to their bodies when out drinking. We feel this is the only responsible way to help our journalist friends avoid the obvious temptation to obtain and abuse our devices. Thanks for coming!"


post #7 of 59
Quote:
Originally Posted by Ireland View Post

AppleInsider continues to used the word "quietly". It doesn't fit.

They can't do anything quietly with you guys reporting everything they do.

"Quietly" is an adverb modifying the action that Apple did (including the update), not AppleInsider's action of reporting.

Apple indeed acted quiet about the matter. It is AppleInsider who did not.
post #8 of 59
Quote:
Originally Posted by Market_Player View Post

I have been using virus/malware protection for about a year now on my Apple computers for that very reason, nothing will stay immune form this junk for long.

I am running a version from ESET NOD32, it's amazingly easy on system resources, we have also been testing it on two segregated OS X servers and it's been bullet proof for 6 months now, there is also a remote manager that can manage installations across your complete network PC's & Mac's

It's worth check it out just the same, there is a free public beta open right now.

Code:

http://www.eset.com/mac



I used an antivirus when I first switched to Mac from Windows years back. After a years or so of no problems I decided that it is not worth it and removed it. You don't need virus/malware protection on Mac if you actually buy your software and not get them through torrents.
post #9 of 59
Quote:
Originally Posted by NasserAE View Post

I used an antivirus when I first switched to Mac from Windows years back. After a years or so of no problems I decided that it is not worth it and removed it. You don't need virus/malware protection on Mac if you actually buy your software and not get them through torrents.

The most secure way to use a computer is to not be connected to the Internet. Otherwise, anything is possible.

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #10 of 59
I love the last name of the Sophos guy: Cluley.
Not to be confused with his evil hacker twin, Clueless.
post #11 of 59
[I]
Quote:
Originally Posted by Solar View Post

So was this patched into a torrent version of iPhoto?

I don't get it..

If one reads that article too fast, the conclusion would be - the good old days party is over, there are viruses on Mac...

Then I read Comments, and saw this:

So was this patched into a torrent version of iPhoto?


So, if I understood this correctly - Apple is ••• protecting ••• those who download iPhoto Application from Torrent, which is obviously Pirated Apple Product! How nice of Apple! In that case, of course they wouldn't want to mention that, and thus promote Pirated Products that include Apple's own Products!

As to:

" security firm Sophos discovered the update in the XProtect.plist file"

and

"You have to wonder whether their keeping quiet about an anti-malware security update like this was for marketing reasons," he wrote on the company's blog."

I wonder if they are truly "wondering", or opining loud enough to get themselves into the news for extra pr...

So, maybe the Article's Title should be:

Apple's Anti-Virus for Pirated Software?

or

Apple's Anti-Virus for Pirated Software?

Peace of Mind for those who steal software!

Mac OS - a safe way to download stolen software!


!?!?!?!?

Of course, I am only basing all that on that Q:

So was this patched into a torrent version of iPhoto?


Either way, we can all wonder what and why Apple does! If someday Apple feels the need to get more vocal about viruses, they will... Till then, the 3rd party Anti Virus Software Makers will make as much noise as they can, so to sell their products! I feel that, if Apple wanted us to buy those products, they'd sell them, or endorse them aloud, as a hint for us to buy them! Until then, I think we can feel safe, as long as we don't open the attachments from unknown senders, etc..., or download stuff from questionable sites...

Go  Apple!!!

Reply

Go  Apple!!!

Reply
post #12 of 59
Quote:
Originally Posted by Market_Player View Post

I have been using virus/malware protection for about a year now on my Apple computers for that very reason, nothing will stay immune form this junk for long.

I am running a version from ESET NOD32, it's amazingly easy on system resources, we have also been testing it on two segregated OS X servers and it's been bullet proof for 6 months now, there is also a remote manager that can manage installations across your complete network PC's & Mac's

It's worth check it out just the same, there is a free public beta open right now.

Code:

http://www.eset.com/mac



It was just a matter of time before Apple has to worry and start patching for malware.
The more market share they gain and the more headlines and buzz they get the more the probabability is that malware will start to be directed at Apple products.......

Tallest Skil:


"Eventually Google will have their Afghanistan with Oracle and collapse"

"The future is Apple, Google, and a third company that hasn't yet been created."


 


 

Reply

Tallest Skil:


"Eventually Google will have their Afghanistan with Oracle and collapse"

"The future is Apple, Google, and a third company that hasn't yet been created."


 


 

Reply
post #13 of 59
Its ironic that announcing this malware prevention is letting the Trojan makers to work around the patch by changing their binary signatures making the malware prevention useless.

Sometimes Apple want to be hush-hush about things but technews spread it like wildfire.

At least Anti-virus/malware for Macs is finally making some business.
post #14 of 59
Good to know apple is not ignoring the threats to their platform. Let's hope malware continues to be a virtual non issue for us mac users.

On a side not I head WinMo7 already has some malware apps for it. I think Android is next in line.
--SHEFFmachine out
Da Bears!
Reply
--SHEFFmachine out
Da Bears!
Reply
post #15 of 59
So it thwarts the malware, but does it remove the malware should one already have it on their system? How would I know (short of spam email sent from my email account) that I'd actually been infected and should do something about it?
dano
if it is to be, it is up to me...
Reply
dano
if it is to be, it is up to me...
Reply
post #16 of 59
Quote:
Originally Posted by geekdad View Post

It was just a matter of time before Apple has to worry and start patching for malware.
The more market share they gain and the more headlines and buzz they get the more the probabability is that malware will start to be directed at Apple products.......

I don't know that this is necessarily true. We've been hearing about how OSX is on the verge of becoming vulnerable for more than ten years now. Even so, thus far the only "malware" that's occurred for OSX are trojans, which are 100% social engineering exploits. If someone is willing to install pirated software on their Mac, then Apple isn't under any obligation to protect them. I'm surprised they even bothered in this case.
Please don't be insane.
Reply
Please don't be insane.
Reply
post #17 of 59
Quote:
Originally Posted by stonefingers View Post

So it thwarts the malware, but does it remove the malware should one already have it on their system? How would I know (short of spam email sent from my email account) that I'd actually been infected and should do something about it?

If you aren't installing pirated software then you have no worries.
Please don't be insane.
Reply
Please don't be insane.
Reply
post #18 of 59
The best malware protection is common sense. Here's this PDF thingie from UPS saying I have a new package. Let me open it to see if I did order it.

LIke condoms, nothing is 100% however.
post #19 of 59
Quote:
Originally Posted by ghostface147 View Post

The best malware protection is common sense.

That used to be the case five years ago, however common sense is not enough today. Why? Drive-by infections when sites hosted by reputable companies get compromised.

http://news.cnet.com/8301-27080_3-20000898-245.html
post #20 of 59
Quote:
Originally Posted by Ireland View Post

AppleInsider continues to used the word "quietly". It doesn't fit.

They can't do anything quietly with you guys reporting everything they do. Here, I'll rewrite the title for you:

Like it. Classy.
I was thinking the same thing.
The true measure of a man is how he treats someone that can do him absolutely no good.
  Samuel Johnson
Reply
The true measure of a man is how he treats someone that can do him absolutely no good.
  Samuel Johnson
Reply
post #21 of 59
Apple often does things quietly. I remember reading "Apple quietly reinstates swimwear iPhone application" somewhere. In fact I have read it over and over again.

The good news in the article is:

"Apple released its latest update for Snow Leopard, Mac OS X 10.6.4, on Tuesday. The security and maintenance update fixed issues that could cause a Mac keyboard or trackpad to become responsive."

There's nothing worse than a responsive input device.
post #22 of 59
Quote:
Originally Posted by Market_Player View Post

I have been using virus/malware protection for about a year now on my Apple computers for that very reason, nothing will stay immune form this junk for long.

I am running a version from ESET NOD32, it's amazingly easy on system resources, we have also been testing it on two segregated OS X servers and it's been bullet proof for 6 months now, there is also a remote manager that can manage installations across your complete network PC's & Mac's

It's worth check it out just the same, there is a free public beta open right now.

Code:

http://www.eset.com/mac



And in that year, did it catch anything?

The only malware ever found for Macs was included with illegal content in the form of a trojan. Nothing close to a self-installing virus that you need special protection for. Common sense is good enough until things start spreading and automatically installing. You don't have to waste your money until you hear such a headline.
post #23 of 59
Quote:
Originally Posted by Dr Millmoss View Post

I don't know that this is necessarily true. We've been hearing about how OSX is on the verge of becoming vulnerable for more than ten years now. Even so, thus far the only "malware" that's occurred for OSX are trojans, which are 100% social engineering exploits. If someone is willing to install pirated software on their Mac, then Apple isn't under any obligation to protect them. I'm surprised they even bothered in this case.

I agree with you for the most part. But Apple has never had the market share they do now. The Security(hackers) convention that took place a couple of months ago the Mac was very easily compromised. It seems to be getting easier for them to break Safari on a Mac. The social engineering part is getting easier for them for them. It is just as matter of time before Apple product will have to have malware protection running on them fulltime. this might be a few more years away but it will happen. Once the hackers or what ever you want to call them direct their attention to Apple product they will be compromised.
The technology to do so already exists. It just has not been profitable and the target audience has not been latge enough but that will change..... it is just a matter of time.

Tallest Skil:


"Eventually Google will have their Afghanistan with Oracle and collapse"

"The future is Apple, Google, and a third company that hasn't yet been created."


 


 

Reply

Tallest Skil:


"Eventually Google will have their Afghanistan with Oracle and collapse"

"The future is Apple, Google, and a third company that hasn't yet been created."


 


 

Reply
post #24 of 59
Quote:
Originally Posted by Ireland View Post

AppleInsider continues to used the word "quietly". It doesn't fit.

They can't do anything quietly with you guys reporting everything they do. Here, I'll rewrite the title for you:

Just because one is quiet doesn't mean they aren't heard.


Quote:
Originally Posted by Market_Player;1656099It's worth check it out just the same, there is a free public beta open right now.
[CODE


http://www.eset.com/mac[/CODE]

Best to use the URL markup than the CODE markup, assuming you want users to actually click on the link you provided.
http://www.eset.com/mac
Dick Applebaum on whether the iPad is a personal computer: "BTW, I am posting this from my iPad pc while sitting on the throne... personal enough for you?"
Reply
Dick Applebaum on whether the iPad is a personal computer: "BTW, I am posting this from my iPad pc while sitting on the throne... personal enough for you?"
Reply
post #25 of 59
Quote:
Originally Posted by Dr Millmoss View Post

If you aren't installing pirated software then you have no worries.

If you never installed pirated software you would have no worries about getting a virus/trojan from pirated software but there are many other vectors that can potentially harm you via the Internet. The whole purpose of hacking is to attempt identity theft, and pirated software is just one method. There are a multitude of others. There have even been cases where software disturbed by the publisher has been infected. No worries? I don't think I would go along with that.

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #26 of 59
Quote:
Originally Posted by macosxp View Post

And in that year, did it catch anything?

The only malware ever found for Macs was included with illegal content in the form of a trojan. Nothing close to a self-installing virus that you need special protection for. Common sense is good enough until things start spreading and automatically installing. You don't have to waste your money until you hear such a headline.

I agree about the common sense part...but when does everyone use common sense?
Do you still have car insurance even though you have never had an auto accident?
You are correct there is not a malware that I know of that will auto install on a Mac.
EDIT: I have also had anti virus software running on my Win 7 PC and it has never found a virus.......

Tallest Skil:


"Eventually Google will have their Afghanistan with Oracle and collapse"

"The future is Apple, Google, and a third company that hasn't yet been created."


 


 

Reply

Tallest Skil:


"Eventually Google will have their Afghanistan with Oracle and collapse"

"The future is Apple, Google, and a third company that hasn't yet been created."


 


 

Reply
post #27 of 59
Quote:
Originally Posted by Market_Player View Post

I have been using virus/malware protection for about a year now on my Apple computers for that very reason, nothing will stay immune form this junk for long.

I am running a version from ESET NOD32, it's amazingly easy on system resources, we have also been testing it on two segregated OS X servers and it's been bullet proof for 6 months now, there is also a remote manager that can manage installations across your complete network PC's & Mac's

It's worth check it out just the same, there is a free public beta open right now.

Code:

http://www.eset.com/mac



Right now there's hardly a need for anti-malware software for the sort of folks who follow these sites—especially if they don't download illegal software (or even if they do, they're probably in good shape as long as they exercise due diligence). There's not really a need for near-computer-illiterate OS X users to use anti-malware as the vectors used for malicious software to date have generally been along the lines of illegal software sites. When a real threat does come along (and none have since 10.0) you can rest assured that it will be plastered all over the internet.

That said, Nod32 makes phenomenal security software for Windows (I've never bothered with their Mac software because it is useless to me), and one of its greatest traits is how resource friendly it is. I suppose I'd turn to them if I needed something reliable to check for Windows viruses in files.
The true measure of a man is how he treats someone that can do him absolutely no good.
  Samuel Johnson
Reply
The true measure of a man is how he treats someone that can do him absolutely no good.
  Samuel Johnson
Reply
post #28 of 59
Quote:
Originally Posted by macosxp View Post

And in that year, did it catch anything?

The only malware ever found for Macs was included with illegal content in the form of a trojan. Nothing close to a self-installing virus that you need special protection for. Common sense is good enough until things start spreading and automatically installing. You don't have to waste your money until you hear such a headline.

It has only been catching potentially dangerous files for Windows, however the company which I work for has made the choice to move all mission critical applications over to OS X Server after we had preformed a security & cost analysis of our implementation of Windows Server, it was not fiscally responsible to keep Windows in the loop any-longer with regard security, maintenance related to security costs & exploits.

We have significantly added to our OS X install base, to the point if it's catching Windows only stuff for now great, and the day it catches something for OS X, wonderful.

Small price to pay to have chance knocked down a few percentage points in my opinion.
post #29 of 59
Quote:
Originally Posted by Market_Player View Post

It has only been catching potentially dangerous files for Windows, however the company which I work for has made the choice to move all mission critical applications over to OS X Server after we had preformed a security & cost analysis of our implementation of Windows Server, it was not fiscally responsible to keep Windows in the loop any-longer with regard security, maintenance related to security costs & exploits.

We have significantly added to our OS X install base, to the point if it's catching Windows only stuff for now great, and the day it catches something for OS X, wonderful.

Small price to pay to have chance knocked down a few percentage points in my opinion.

Very well said..... also what malware/virus definitions are they running on the Mac side? Where does it get the info from? How do they know they have the most updated threat info if the threat is not detected or publicised?

Tallest Skil:


"Eventually Google will have their Afghanistan with Oracle and collapse"

"The future is Apple, Google, and a third company that hasn't yet been created."


 


 

Reply

Tallest Skil:


"Eventually Google will have their Afghanistan with Oracle and collapse"

"The future is Apple, Google, and a third company that hasn't yet been created."


 


 

Reply
post #30 of 59
Quote:
Originally Posted by geekdad View Post

I agree with you for the most part. But Apple has never had the market share they do now. The Security(hackers) convention that took place a couple of months ago the Mac was very easily compromised. It seems to be getting easier for them to break Safari on a Mac. The social engineering part is getting easier for them for them. It is just as matter of time before Apple product will have to have malware protection running on them fulltime. this might be a few more years away but it will happen. Once the hackers or what ever you want to call them direct their attention to Apple product they will be compromised.
The technology to do so already exists. It just has not been profitable and the target audience has not been latge enough but that will change..... it is just a matter of time.

With this line of thought - for the following reasons:

While you have literally billions of Windows PCs in use you also have millions of Apple hardware in use as well. It is not protection via obscurity that is at work here - it is the nature of the mach kernel and the OS built around it. There are enough Macs out there to entice a hacker trying to build a bot army. But They are largely unsuccessful.

If you go back to the pre-OSX days you find that the Apple platform easily had as many virus, hacks and trojan issues as Windows did - in fact didn't Apple offer a copy of Norton's antivirus when you bought a machine? With the introduction of OSX the incident of virus incursion declined dramatically.

The exploits you see demonstrated at the hacking conference are not "same-day" exploits - they are exploits that have been developed over the preceeding year or two and trotted out at ensuing hacking conferences to win the prizes. And the vulnerabilities are generally in the open-source sections of code that Apple uses. So when Apple patches those it goes out to the open source community as well.

I do tend to agree with you however that as more "less cautious" or naive users start using Macs, there will probably be an increase in social hacking like this trojan - but I am OK with torrenters absorbing the risk in my place.

Remember, hacking is, by it's very nature a "low-hanging fruit" effort. And harkers tend to be a little ont he lazy side. No one goes after the hardened targets if there are soft targets with easy shot. Now (if) once Microsoft sandboxes their OS better, the hacking will spread to other platforms as they run out of low-hanging fruit in Windows and are forced to make more effort at hacking. OTOH, it will disqualify a lot of the script-kiddie hackerz who are riding the work of earlier and more aggressive hackers from hacking - but that means that you are left with truely serious and tenacious hackers.

post #31 of 59
SJ. And Apple are making us MONEEEEEEEEeeeeeeee
post #32 of 59
Quote:
Originally Posted by geekdad View Post

I agree with you for the most part. But Apple has never had the market share they do now. The Security(hackers) convention that took place a couple of months ago the Mac was very easily compromised. It seems to be getting easier for them to break Safari on a Mac. The social engineering part is getting easier for them for them. It is just as matter of time before Apple product will have to have malware protection running on them fulltime. this might be a few more years away but it will happen. Once the hackers or what ever you want to call them direct their attention to Apple product they will be compromised.
The technology to do so already exists. It just has not been profitable and the target audience has not been latge enough but that will change..... it is just a matter of time.

We've been hearing exactly this for many years now, but to date all of the exploits are theoretical only, which is a long way from them becoming real. Social engineering isn't getting easier. If anything, it's become more difficult with Snow Leopard, which asks before allowing downloaded software to be installed even when a password isn't required. Even a novice user who isn't stealing software has a chance to say no.

Apple hasn't been under the radar for a long time, assuming they ever were. Just listen to how much the beanie-copter crowd hates Apple and everything they stand for. They've had a big target painted on their back for as long as I can remember -- and yet, nobody has been able to create an attack that doesn't require the complete cooperation of the victim. The motivation is there, but the ability apparently is not. The track record is such that I don't expect this to change any time soon, if at all.
Please don't be insane.
Reply
Please don't be insane.
Reply
post #33 of 59
Quote:
Originally Posted by mstone View Post

If you never installed pirated software you would have no worries about getting a virus/trojan from pirated software but there are many other vectors that can potentially harm you via the Internet. The whole purpose of hacking is to attempt identity theft, and pirated software is just one method. There are a multitude of others. There have even been cases where software disturbed by the publisher has been infected. No worries? I don't think I would go along with that.

Sure and I suppose I could worry about getting hit by a meteorite and remain indoors, but I've decided that the risk is too remote to consider.
Please don't be insane.
Reply
Please don't be insane.
Reply
post #34 of 59
Quote:
Originally Posted by masternav View Post

With this line of thought - for the following reasons:

While you have literally billions of Windows PCs in use you also have millions of Apple hardware in use as well. It is not protection via obscurity that is at work here - it is the nature of the mach kernel and the OS built around it.

If you go back to the pre-OSX days you find that the Apple platform easily had as many virus, hacks and trojan issues as Windows did - in fact didn't Apple offer a copy of Norton's antivirus when you bought a machine? With the introduction of OSX the incident of virus incursion declined dramatically.

The exploits you see demonstrated at the hacking conference are not "same-day" exploits - they are exploits that have been developed over the preceeding year or two and trotted out at ensuing hacking conferences to win the prizes. And the vulnerabilities are generally in the open-source sections of code that Apple uses. So when Apple patches those it goes out to the open source community as well.

I do tend to agree with you however that as more "less cautious" or naive users start using Macs, there will probably be an increase in social hacking like this trojan - but I am OK with torrenters absorbing the risk in my place.

Remember, hacking is, by it's very nature a "low-hanging fruit" effort. No one goes after the hardened targets if there are soft targets with easy shot. Now (if) once Microsoft sandboxes their OS better, the hacking will spread to other platforms as they run out of low-hanging fruit in Windows and are forced to make more effort at hacking. OTOH, it will disqualify a lot of the script-kiddie hackerz who are riding the work of earlier and more aggressive hackers from hacking - but that means that you are left with truely serious and tenacious hackers.


Very good points..... I like your "low hanging fruit" anaolgy! :-)
But what was compromised at the Sec Convention was not OSX but rather the browser as a front door to the machine. I agree with everyone about OSX being very very secure. But given the techno skills of the people out in the world....it is just a matter of time....... they can hack an iPhone the day the new systems are released. I don't know guys I think if they turn their attention to Macs they will fall....

Tallest Skil:


"Eventually Google will have their Afghanistan with Oracle and collapse"

"The future is Apple, Google, and a third company that hasn't yet been created."


 


 

Reply

Tallest Skil:


"Eventually Google will have their Afghanistan with Oracle and collapse"

"The future is Apple, Google, and a third company that hasn't yet been created."


 


 

Reply
post #35 of 59
Quote:
Originally Posted by geekdad View Post

Very well said..... also what malware/virus definitions are they running on the Mac side? Where does it get the info from? How do they know they have the most updated threat info if the threat is not detected or publicised?

Our main screening facility is pulling direct updates for testing from ESET, we generally have them tested in a few hours and released. (Mac & PC) side of things

I could not answer for ESET when it comes to their definitions even for the OS X side of things.

As for your last question, I am unsure weather anyone could ever be sure of staying ahead of the curve when it comes to detection rules & definitions, as I understand when ESET was looking for business partners to give this specific installation a trial period for OS X, they were really pitching their ability to stay ahead of in the wild infections, how they do that I have no idea mate
post #36 of 59
now that apple is getting (supposedly) more hacker attention, then the fbi will be able to try and put some more hackers in jail.

anybody who uses torrent software has been warned about the possibilities. both receiving and sending
post #37 of 59
Quote:
Originally Posted by Dr Millmoss View Post

We've been hearing exactly this for many years now, but to date all of the exploits are theoretical only, which is a long way from them becoming real. Social engineering isn't getting easier. If anything, it's become more difficult with Snow Leopard, which asks before allowing downloaded software to be installed even when a password isn't required. Even a novice user who isn't stealing software has a chance to say no.

Apple hasn't been under the radar for a long time, assuming they ever were. Just listen to how much the beanie-copter crowd hates Apple and everything they stand for. They've had a big target painted on their back for as long as I can remember -- and yet, nobody has been able to create an attack that doesn't require the complete cooperation of the victim. The motivation is there, but the ability apparently is not. The track record is such that I don't expect this to change any time soon, if at all.

Yes we have been hearing of doom and gloom for Apple for a LONG time! They still remain strong! To my knowledge all malware requires co operation from the client. They cannot install on their own no matter what the operating system.
I think OSX is very very secure. But I think eventually they will figure ways to compromise any software that is written.

Tallest Skil:


"Eventually Google will have their Afghanistan with Oracle and collapse"

"The future is Apple, Google, and a third company that hasn't yet been created."


 


 

Reply

Tallest Skil:


"Eventually Google will have their Afghanistan with Oracle and collapse"

"The future is Apple, Google, and a third company that hasn't yet been created."


 


 

Reply
post #38 of 59
Quote:
Originally Posted by geekdad View Post

Yes we have been hearing of doom and gloom for Apple for a LONG time! They still remain strong! To my knowledge all malware requires co operation from the client. They cannot install on their own no matter what the operating system.
I think OSX is very very secure. But I think eventually they will figure ways to compromise any software that is written.

We've been hearing the "security by obscurity" argument forever now, as if that's the only reason why OSX is a less desirable target than Windows. I think the first hacker who manages to create a successful exploit for OSX is going to get all sorts of kudos from his compatriots in the hacker underground. That's reward enough for them. I'm not saying it will never happen, but I'm not going to worry about it until such time, and I'm certainly not going to starting running antivirus software or otherwise alter my use habits based on such theoretical and currently non-extant threats.
Please don't be insane.
Reply
Please don't be insane.
Reply
post #39 of 59
Quote:
Originally Posted by Dr Millmoss View Post

Sure and I suppose I could worry about getting hit by a meteorite and remain indoors, but I've decided that the risk is too remote to consider.

Now you are just being silly. As many as 10 million Americans a year are victims of identity theft. I couldn't find any statistics on people being hit by meteorites.

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #40 of 59
Quote:
Originally Posted by macologist View Post

[I]
Either way, we can all wonder what and why Apple does! If someday Apple feels the need to get more vocal about viruses, they will... Till then, the 3rd party Anti Virus Software Makers will make as much noise as they can, so to sell their products! I feel that, if Apple wanted us to buy those products, they'd sell them, or endorse them aloud, as a hint for us to buy them! Until then, I think we can feel safe, as long as we don't open the attachments from unknown senders, etc..., or download stuff from questionable sites...

There are a great many times when secrecy is in everyone's best interest. The U.S. is still cracking codes from the Germans and from the Soviet Union, and every time they crack one, they keep it to themselves. The idea is to always be one step ahead of your enemy.

Why would Apple broadcast the fact that they'd killed an existing trojan attacking their systems? If Sophos hadn't reported it, the people who made this malware might simply keep trying to use it, to almost no effect. Now that the secret is out, they will almost certainly modify the program and the whole process starts over again. THANKS SOPHOS!

It's times like this that I wish certain fanatics wouldn't pore over every single like of code in an Apple update. They've almost certainly egged these hackers on.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Mac OS X
AppleInsider › Forums › Software › Mac OS X › Apple quietly includes malware prevention update in Mac OS X 10.6.4