Just like Windows.... Oh, wait, I mean, just like Windows could have done and should have done years ago.
FTR, why don't Google, Bing and other search sites quarantine sites which enable malware like this. Particularly when the sites allow themselves to be a regular transport mechanism for malware. As long as search sites like Google, Bing and others don't help to stop it, more people will continue to visit these same sites over and over and over again. By helping to stop it, instead of making it easier, search sites can make distribution of malware more difficult.
It won't solve the problem, but anything that makes it more difficult for malware or educates users to be more careful makes it better for the rest of us.
There is a wonderful application called WOT(web of trust) that systematically flags websites with ratings based on embedded code. It allows you to preview sites without endagering your computer/mac.
I have ClamX just for funsies, but have not updated that thing in months. Use it to check USB sticks that are given to me, mostly from Windows Users. I dunno, it sucks that someone released this in the wild, on the other hand it is so easy to neutralize it almost does not count.
Running an out of date antivirus software will do more harm than good, in the fact that it may give one a false sense of security.
There is a wonderful application called WOT(web of trust) that systematically flags websites with ratings based on embedded code. It allows you to preview sites without endagering your computer/mac.
You should try it some time. /end sarcasm
The information is appreciated. However, your sarcasm was neither necessary nor appreciated. Instead, responses like yours tend to cut off discussion. And, FWIW, once WOT gets big enough, it will be be perverted by dishonest and greedy people just like everything else on the web is once it attracts enough attention. The basic problem needs to be fixed and not just avoided by finding (for now) safe alternatives.
That said, your reply fails to address the larger issue of why search engines leave their users out in the cold by not helping to stop the crap. Makes one wonder if, perhaps, they don't derive some of their revenue from malware developers. Perhaps like those who suck off legitimate searches to get their bogus sites at the top of key word searches perhaps?
When the latest 10.6.8 beta appeared with the MAC Defender check and removal I thought it odd this wasn't part of a Security Update. Are we to assume that those 10.6.8 developers were not aware of the impending Security Update or that 10.6.8 will just be a backup measure for those that oddly don't get the Security Update?
Previous security updates are always included in major point releases.
Sure would be nice if this article provided some useful information about File Quarantine and where the executables reside, customization, etc. Here's one for starters:
Scientists generally use "platypuses" or simply "platypus". Colloquially the term "platypi" is also used for the plural, although this is technically incorrect and a form of pseudo-Latin
Regardless... if Google starts quarantining malicious sites, they'll force other search engines to do the same or risk having Google become the Safe Search.
I ran software update. Restarted my Mac as the installer states an admin has to log in to make the Security Update effective.
I launch avSetup.pkg which opens up to installer that says "Install Mac Guard Setup" at the top of the installer window but it isn't flagged by the OS.
It's an assumption but I thought this variant would be included in the definitions.
Any thoughts?
Did you move the file out of quarantine previously (i.e. did you dismiss the dialog warning you that the file is downloaded from the internet and to confirm if you want to run it?). If so you will not be asked again, you will have to reset the warnings.
Regardless... if Google starts quarantining malicious sites, they'll force other search engines to do the same or risk having Google become the Safe Search.
According to the Sophos link, legitimate web content is often compromised.
Quote:
By hosting the SEO attack within a legitimate site, the attackers are able to piggyback on the reputation of that site, making it harder for the search engines to identify and remove the rogue links. Additionally, distributing attacks across multiple compromised host sites provides increased resilience against URL filtering and other defensive mechanisms.
Did you move the file out of quarantine previously (i.e. did you dismiss the dialog warning you that the file is downloaded from the internet and to confirm if you want to run it?). If so you will not be asked again, you will have to reset the warnings.
Thanks, Mario.
I believe I dismissed the dialog box when I downloaded it several days ago. I don't know how to reset the warnings. If you would be so kind to educate me.
I did take the file, put it on a keychain drive, dropped the avSetup.pkg file into the Download folder on a different Mac that I had just updated and restarted. I then launched avSetup.pkg and there was no warning.
I guess it actually has to download the file for the Security update to work?
Doesn't seem that effective to me if that's a requirement. Or do you think the OS modifies the installer somehow?
Comments
The plural of virus is viruses. There is no such word as virii.
So does that mean there's no Elvii either? Or should we ask a few souls in Vegas? (If Vegas still has any souls)
Just like Windows.... Oh, wait, I mean, just like Windows could have done and should have done years ago.
FTR, why don't Google, Bing and other search sites quarantine sites which enable malware like this. Particularly when the sites allow themselves to be a regular transport mechanism for malware. As long as search sites like Google, Bing and others don't help to stop it, more people will continue to visit these same sites over and over and over again. By helping to stop it, instead of making it easier, search sites can make distribution of malware more difficult.
It won't solve the problem, but anything that makes it more difficult for malware or educates users to be more careful makes it better for the rest of us.
There is a wonderful application called WOT(web of trust) that systematically flags websites with ratings based on embedded code. It allows you to preview sites without endagering your computer/mac.
You should try it some time. /end sarcasm
And myself,
I'll Kick All Your ASSES !!!!
I have ClamX just for funsies, but have not updated that thing in months. Use it to check USB sticks that are given to me, mostly from Windows Users. I dunno, it sucks that someone released this in the wild, on the other hand it is so easy to neutralize it almost does not count.
Running an out of date antivirus software will do more harm than good, in the fact that it may give one a false sense of security.
There is a wonderful application called WOT(web of trust) that systematically flags websites with ratings based on embedded code. It allows you to preview sites without endagering your computer/mac.
You should try it some time. /end sarcasm
The information is appreciated. However, your sarcasm was neither necessary nor appreciated. Instead, responses like yours tend to cut off discussion. And, FWIW, once WOT gets big enough, it will be be perverted by dishonest and greedy people just like everything else on the web is once it attracts enough attention. The basic problem needs to be fixed and not just avoided by finding (for now) safe alternatives.
That said, your reply fails to address the larger issue of why search engines leave their users out in the cold by not helping to stop the crap. Makes one wonder if, perhaps, they don't derive some of their revenue from malware developers. Perhaps like those who suck off legitimate searches to get their bogus sites at the top of key word searches perhaps?
Today, for the first time in history, Apple has begin to actively maintain a virus database and quarantine software that is download.
It seems like a big deal to me.
No, they've done that for a while.
Today, for the first time in history, Apple has begin to actively maintain a virus database and quarantine software that is download.
It seems like a big deal to me.
I don't think we are dealing with a virus, but a piece of malware.
The plural of virus is viruses. There is no such word as virii.
This!
It would have to be spelled 'virius' for the option of dropping the 'us' and replacing it with 'i' would work.
This!
It would have to be spelled 'virius for the option of dropping the us and replacing it with 'i' would work.
If more than one Pope Pius get together they would be Popes Pii?
When the latest 10.6.8 beta appeared with the MAC Defender check and removal I thought it odd this wasn't part of a Security Update. Are we to assume that those 10.6.8 developers were not aware of the impending Security Update or that 10.6.8 will just be a backup measure for those that oddly don't get the Security Update?
Previous security updates are always included in major point releases.
For example, 10.6.7 includes all security updates before it. http://support.apple.com/kb/ht4472
http://www.mactricksandtips.com/2010...ing-files.html
The plural of virus is viruses. There is no such word as virii.
Ok, what's the plural of Platypus?
If more than one Pope Pius get together they would be Popes Pii?
I believe they would be called Popes Priōra, regardless of what Toyota wants you to think.
Ok, what's the plural of Platypus?
Scientists generally use "platypuses" or simply "platypus". Colloquially the term "platypi" is also used for the plural, although this is technically incorrect and a form of pseudo-Latin
*ahem*
It's not a problem specific to Google. Any search engine can deliver "poisoned" results.
http://www.sophos.com/security/techn...o-insights.pdf
Regardless... if Google starts quarantining malicious sites, they'll force other search engines to do the same or risk having Google become the Safe Search.
I ran software update. Restarted my Mac as the installer states an admin has to log in to make the Security Update effective.
I launch avSetup.pkg which opens up to installer that says "Install Mac Guard Setup" at the top of the installer window but it isn't flagged by the OS.
It's an assumption but I thought this variant would be included in the definitions.
Any thoughts?
Did you move the file out of quarantine previously (i.e. did you dismiss the dialog warning you that the file is downloaded from the internet and to confirm if you want to run it?). If so you will not be asked again, you will have to reset the warnings.
Regardless... if Google starts quarantining malicious sites, they'll force other search engines to do the same or risk having Google become the Safe Search.
According to the Sophos link, legitimate web content is often compromised.
Quote:
By hosting the SEO attack within a legitimate site, the attackers are able to piggyback on the reputation of that site, making it harder for the search engines to identify and remove the rogue links. Additionally, distributing attacks across multiple compromised host sites provides increased resilience against URL filtering and other defensive mechanisms.
...
UPDATE:
Setting seems to "stick" after a Restart.
Did you move the file out of quarantine previously (i.e. did you dismiss the dialog warning you that the file is downloaded from the internet and to confirm if you want to run it?). If so you will not be asked again, you will have to reset the warnings.
Thanks, Mario.
I believe I dismissed the dialog box when I downloaded it several days ago. I don't know how to reset the warnings. If you would be so kind to educate me.
I did take the file, put it on a keychain drive, dropped the avSetup.pkg file into the Download folder on a different Mac that I had just updated and restarted. I then launched avSetup.pkg and there was no warning.
I guess it actually has to download the file for the Security update to work?
Doesn't seem that effective to me if that's a requirement. Or do you think the OS modifies the installer somehow?