MAC Defender variant quickly thwarts Apple's Mac OS X security update

12357

Comments

  • Reply 81 of 123
    snovasnova Posts: 1,281member
    Quote:
    Originally Posted by AdonisSMU View Post


    Who said anything about giving up rights? I think people should have the option of the walled garden approach and the open approach. There are benefits to both approaches. To not acknowledge that is disingenuous. People should have the option of choosing what's best for them and when it's best for them on their mac laptops and computers.



    exactly.. for people who do not know what the right decision is for them, don't care, or trust Apple to make the safe choice for them.. the default should be to only allow App from the App store unless this setting is explicitly changed by the user via aGUI toggle in "Settings"...



    fair?
  • Reply 82 of 123
    cycomikocycomiko Posts: 716member
    Quote:
    Originally Posted by snova View Post


    exactly.. for people who do not know what the right decision is for them, don't care, or trust Apple to make the safe choice for them.. the default should be to only allow App from the App store unless this setting is explicitly changed by the user via aGUI toggle in "Settings"...



    fair?



    yep, it makes sense to have apple as the default supplier of everything. it will have no negatives at all.
  • Reply 83 of 123
    snovasnova Posts: 1,281member
    Quote:
    Originally Posted by solipsism View Post


    1) Several years ago I implemented a strict no more Windows policy among family and friends that relied upon me for support. All current Windows-based systems were grandfathered in but all new PCs had to Macs. Despite ample moaning everyone is happy with the change.



    2) I was in a UPS store today and the Win7 PC was so bogged down that IE took minute(s) to load a pages despite the internet being a commercial "high-speed connection. I had one PDF from Shure to print! I was going to offer my services for a free mail box since I'm a box holder but I was so frustrated with the experience that I'm only now remembering.



    the "grandfathered in" part was hilarious.



    I will actually help with support of both kinds of OS's on the Desktop/Laptop.









    Mac OS X and Linux.
  • Reply 84 of 123
    nicolbolasnicolbolas Posts: 254member
    Quote:
    Originally Posted by Pennywse View Post


    If you're ignorant enough to install something on you computer that just 'pops up', then you deserve the outcome. What boggles my mind is how people get crap on their Macs ... YOU HAVE TO INSTALL IT! It's not like Window's where crap can seep through from many holes.



    well yes, the problem is this: many users who use windows have learned to not take obvious scams/bad things to install like this, at least users who know what they are doing, there people then advise their friends/family on what to do on Windows, preventing a lot of this stuff... and, not very many holes in windows 7.



    problem with a lot of people using OSX is that they are used to not having to be worried about security, etc.



    before people flame this, lets put it this way.



    out of 10 people using windows, maybe 1 understands it and understands whats not good to install. This person will tell many friends/family to watch for certain programs, or they will contact said person for advice of what to do. so maybe 5/10 people in the end don't have to deal with those problems



    i would assume on the other hand, DUE to how OSX works, a much smaller percent (and 10% of windows was probably to many) less people are aware that this is an obvious attempt to get a program installed. This is due towards Apple talking about having no viruses probably. As well due to OSX easy of use, people don't consult family and friends who understand the tech very well.



    so over probably 2-3/10 people don't fall for it, on OSX, vs 5/10 people on windows who do not fall for it.



    these numbers are just examples. please don't flame, because this is just a probable thing that happens
  • Reply 85 of 123
    snovasnova Posts: 1,281member
    Quote:
    Originally Posted by nicolbolas View Post


    well yes, the problem is this: many users who use windows have learned to not take obvious scams/bad things to install like this, at least users who know what they are doing, there people then advise their friends/family on what to do on Windows, preventing a lot of this stuff... and, not very many holes in windows 7.



    problem with a lot of people using OSX is that they are used to not having to be worried about security, etc.



    before people flame this, lets put it this way.



    out of 10 people using windows, maybe 1 understands it and understands whats not good to install. This person will tell many friends/family to watch for certain programs, or they will contact said person for advice of what to do. so maybe 5/10 people in the end don't have to deal with those problems



    i would assume on the other hand, DUE to how OSX works, a much smaller percent (and 10% of windows was probably to many) less people are aware that this is an obvious attempt to get a program installed. This is due towards Apple talking about having no viruses probably. As well due to OSX easy of use, people don't consult family and friends who understand the tech very well.



    so over probably 2-3/10 people don't fall for it, on OSX, vs 5/10 people on windows who do not fall for it.



    these numbers are just examples. please don't flame, because this is just a probable thing that happens



    I think there is some validity to what you are saying. However, I am not sure where you are going with this. Maybe I missed it. Could you clarify please?
  • Reply 86 of 123
    nicolbolasnicolbolas Posts: 254member
    Quote:
    Originally Posted by snova View Post


    I think there is some validity to what you are saying. However, I am not sure where you are going with this. Maybe I missed it. Could you clarify please?



    look at who i quoted



    but also, to go further, Apple needs to start telling people that indeed OSX does get viruses, just it has 1 for every 100,000 than windows has
  • Reply 87 of 123
    hill60hill60 Posts: 6,989member


    By your reasoning, neither is Apple.
  • Reply 88 of 123
    goldenclawgoldenclaw Posts: 263member
    This is a dangerous cat and mouse game now.



    Apple should have just tinkered with Safari to remove the Open Safe Files as the default.
  • Reply 89 of 123
    2 cents2 cents Posts: 307member
    IVK = troll. That's what the ignore list is for people. Use it and spare us reading his mindless blather in quoted text.
  • Reply 90 of 123
    docno42docno42 Posts: 3,285member
    Quote:
    Originally Posted by solipsism View Post


    That's a shortsighted and ignorant comment. Do you really expect people not to use PCs until they are experts at using PCs?



    No, since most people don't want to know anything about running PC's. Which is why I think within the next five years iOS will be the dominant general purpose computing platform at choice for the non-techies. It's a no-brainer. General purpose OS's like Windows, Mac OSX and Linux have great power - and with that great responsibility.



    They all have far more power than the vast majority of non-technical users need - and want.



    Windows dominates home users not because it's necessarily what they want, but because there was no real alternative and it was familiar because it's probably what they used at work. With the iPhone, Apple has broken through that barrier and gotten exposure to people that would have never considered owning an Apple product previously. Laying the perfect groundwork for the iPad and whatever else they have up their sleeves.



    I think it's telling that Apple developed the iPad first, but released the iPhone first.



    If anything, Apple isn't a company known for doing things in a haphazard or accidental way.



    And BTW, I think it's equally ridiculous to expect Windows, Mac OSX or Linux to disappear. There's plenty of room for both models of computing.
  • Reply 91 of 123
    djmikeodjmikeo Posts: 178member
    Quote:
    Originally Posted by quinney View Post


    He's a lot like Jesse Owens.



    That was TOO funny. Great play on words!
  • Reply 92 of 123
    xsuxsu Posts: 401member
    Quote:
    Originally Posted by Goldenclaw View Post


    This is a dangerous cat and mouse game now.



    Apple should have just tinkered with Safari to remove the Open Safe Files as the default.





    Apple should educate people on what NOT to install instead. Because uninformed people will download that file and double click it thinking their Mac actually need this AV software.
  • Reply 93 of 123
    solipsismsolipsism Posts: 25,726member
    Quote:
    Originally Posted by DocNo42 View Post


    Windows dominates home users not because it's necessarily what they want, but because there was no real alternative and it was familiar because it's probably what they used at work. With the iPhone, Apple has broken through that barrier and gotten exposure to people that would have never considered owning an Apple product previously. Laying the perfect groundwork for the iPad and whatever else they have up their sleeves.



    I was presented with a gentlemen's bet today that MS' stock would out perform Apple's in the next 12 months. His reasoning was that Macs aren't as configurable and when he wants to play a video game on a 'PC' he can turn off processes and adjust drivers to suit his needs. He's one of my oldest friends, works for Fortune 500 company in IT, and has absolutely no idea what the average consumer does with a computer.



    My mentioning of MS' apex position for the major products, Apple's growth in all major product categories, Activity Monitor in Mac OS allowing you to delete processes (or the silliness of having to in Windows), or his preference for playing games on mostly a console, iPad or iPhone(WwF) couldn't make him reconsider his position that MS was ripe to outperform Apple. I guess we shall see. Note, he's made a killing off my AAPL recommendations years ago.
  • Reply 94 of 123
    hill60hill60 Posts: 6,989member
    Quote:
    Originally Posted by blecch View Post


    Windows actually does have some good features (browser sandboxing) which OS X should implement (actually OS X supports sandboxing, but only Chrome uses it at the moment.) I believe that Windows also introduced ASLR (which it still does better), signed executables, and no-execute permission for data pages before OS X did.



    On the other hand, OS X (and iOS, Linux, Android, etc.) never had things like the Windows Registry or ActiveX, which have been major sources of security issues.



    OS X was also way ahead of Windows for many years in terms of limiting the open network ports in a fresh install of the OS. Installing Windows 2000 or XP while directly connected to the internet (i.e. not behind a firewall) was a recipe for disaster. For that matter, buying a new XP laptop and connecting it to the internet was also a recipe for disaster. Basically you need to connect from behind a firewall and get all of the Windows updates before it's safe to connect to the actual internet.



    Cookie jacking exploits.



    Windows is STILL vulnerable to worse than MACDefender, even with IE9.
  • Reply 95 of 123
    docno42docno42 Posts: 3,285member
    Quote:
    Originally Posted by enjourni View Post


    lol. Your "insecure deployment platform" is also called the internet, which relies on downloading to do anything for anyone. Web pages? Downloaded. Email? Downloaded. Chat? Downloaded. Draconian security measures like locking out the entire internet are what they do in China. Here, I actually want to be able to run what I download.



    What an ignorant statement and a real indication of why "computer science" in general is such a joke. Unfortunately your's is a common sentiment. Rather than throwing your hands up in despair, or trying to secure all content, how about looking for companies that design systems that are inherently secure due to diligent design decisions?



    That's what iOS is.



    Quote:

    And if you think the App Store keeps you safe, wait till hackers create poisoned apps that after you install bypass app store restrictions.



    And as soon as they do, Apple pulls them and also recalls them from users phones. Yup, just like Google has, Apple has the ability to remove apps in just such a situation from users phones.



    Unlike Google, Apple charges a nominal fee for developers to access the App store and also does some cursory vetting of said apps. Yes, someone could probably create malware for iOS, but there is a cost associated with each app created - and it's non trivial since you have to set up a new account which means a fake credit card, email, etc. plus the $100 fee which will add up quickly because, again, once detected the app can be removed not only from the store but from the entire ecosystem.



    This is where the cost/benefit for malware on iOS will be incredibly steep compared to Windows or Mac OSX. The entire iOS ecosystem is inherently unfriendly to the traditional malware that is overwhelming Windows and knocking at the gates of Mac OSX.



    Quote:

    You are "saved" by using your mind and THINKING before you install something, not by apple putting you behind a walled garden.



    And that's where you are wrong. Curation will win over "open" since not everyone can afford (nor desires) to be an expert in everything. As I outlined above, Apple's iOS ecosystem (walled garden as you try to label it derisively) is inherently malware resistant, and if it is proffered, it can be effectively removed from the iOS ecosystem as a whole.
  • Reply 96 of 123
    jexusjexus Posts: 373member
    Quote:
    Originally Posted by hill60 View Post


    By your reasoning, neither is Apple.



    Please point out where I was blaming Apple for this...You specifically mentioned Google and google alone in causing this. I was merely pointing out that any major search engine is as vulnerable. I am specifically laying the blame on the end user.



    EVERY OS is only as secure as the user is intelligent.



    The most secure OS isn't going to do anything if the user has no clue what they are doing.
  • Reply 97 of 123
    snovasnova Posts: 1,281member
    Quote:
    Originally Posted by nicolbolas View Post


    look at who i quoted



    but also, to go further, Apple needs to start telling people that indeed OSX does get viruses, just it has 1 for every 100,000 than windows has



    so let me get this straight. You are saying Mac OS X users are more vulnerable to catching viruses then Windows users because they trust their OS environment more than Windows users?



    Is this like saying married individual is more vulnerable to catching STDs then an unmarried person because they trust their sexual partner(s) more?



    If so then yes, I agree, Mac OS X are more vulnerable due to this trusting relationship. However, don't confuse vulnerability with likelihood of infection. Even when Windows users run a Virus scanner (i.e. STD condom) they are still more LIKELY to get infected then Mac user.



    Also having Apple stand on the roof top saying there is a slim chance you could get infected is not going to serve any great purpose. IMHO. Just like having the CDC tell you about the dangers of having unprotected sex with your spouse.



    I would prefer that Apple keep their house in order with a walled garden approach then update the OS to support virus/trojan scanner. Virus/Trojan scanner is a losing proposition long term. Its a cat and mouse game than never ends and just effectively makes your computer spend all its time doing Virus/Trojan projection instead of actually allowing the user to get something accomplished, fully utilizing available CPU cycles.



    Besides, I personally prefer unprotected sex with someone I trust.
  • Reply 98 of 123
    snovasnova Posts: 1,281member
    Quote:
    Originally Posted by DocNo42 View Post


    What an ignorant statement and a real indication of why "computer science" in general is such a joke. Unfortunately your's is a common sentiment. Rather than throwing your hands up in despair, or trying to secure all content, how about looking for companies that design systems that are inherently secure due to diligent design decisions?



    That's what iOS is.







    And as soon as they do, Apple pulls them and also recalls them from users phones. Yup, just like Google has, Apple has the ability to remove apps in just such a situation from users phones.



    Unlike Google, Apple charges a nominal fee for developers to access the App store and also does some cursory vetting of said apps. Yes, someone could probably create malware for iOS, but there is a cost associated with each app created - and it's non trivial since you have to set up a new account which means a fake credit card, email, etc. plus the $100 fee which will add up quickly because, again, once detected the app can be removed not only from the store but from the entire ecosystem.



    This is where the cost/benefit for malware on iOS will be incredibly steep compared to Windows or Mac OSX. The entire iOS ecosystem is inherently unfriendly to the traditional malware that is overwhelming Windows and knocking at the gates of Mac OSX.







    And that's where you are wrong. Curation will win over "open" since not everyone can afford (nor desires) to be an expert in everything. As I outlined above, Apple's iOS ecosystem (walled garden as you try to label it derisively) is inherently malware resistant, and if it is proffered, it can be effectively removed from the iOS ecosystem as a whole.



    DocNo42 thank you for taking the time to articulate this. well done.
  • Reply 99 of 123
    solipsismsolipsism Posts: 25,726member
    Quote:
    Originally Posted by snova View Post


    Is this like saying married individual is more vulnerable to catching STDs then an unmarried person because they trust their sexual partner(s) more?



    Great analogy.
  • Reply 100 of 123
    nvidia2008nvidia2008 Posts: 9,262member
    Thank you evil hackers for proving my point (and user PXT's various posts) on the other thread:



    Quote:
    Originally Posted by PXT View Post


    A couple of things I thing Apple should have done differently here.



    (1) The malware definitions list should be streamed into OSX from Apple as a data update not requiring an OS update.



    (2) Uninstalling apps, including stopping all its processes, should be a single button click as is its installation, and therefore should also not require an OS update. This way Apple support *would* be able to tell people how to get rid of it plus already-infected users can have a little window pop-up saying that they have downloaded some malware from the blacklist and may we click the delete button for you.



    There are no novice users; they are customers.



    Yeah I don't understand. How would one scan their computer for it if they have downloaded it? This appears to just check upon download. What if you already have it? How do you know if you have it? I don't, but switchers from Windows will be wondering about all of the above.



    Repeat, HOW DO I SCAN FOR MALWARE ON THE MAC?



    Edit: I suppose one can try http://www.bleepingcomputer.com/viru...move-mac-guard, the removal script/app that you download is considered "Safe"



    WE ARE IN A BOLD NEW WORLD OF MAC ANTIVIRUS. Welcome.



    Apple says "In the coming days, Apple will deliver a Mac OS X software update that will automatically find and remove Mac Defender malware and its known variants." http://support.apple.com/kb/HT4650



    But there is no notification upon installing the software update that it scanned anything... Like I said, new users, ie. customers as someone pointed out, will be confused.
Sign In or Register to comment.