I take issue with Apple's position above. This is akin to a doctor finding cancer in a patient and being instructed by his hospital employer not to say anything. It's malpractice. Perhaps he's not allowed to operate on the cancer but it's a duty to inform a patient that something is wrong if they are unaware. Apple is pure fail on this point.
Malware is not fatal. I can see Apple's position on this. Apple service personnel are not trained in diagnosing or removing viruses and malware. In this case even investigating the problem might expose the technician to explicit images that they probably would rather not be required to view.
I think the password screen could be improved significantly - including info about WHAT is being installed - or WHERE - etc - not that the writer of the virus couldn't get creative with it - but some sort of way to see more info - or maybe even some sort of Verify button that would check a security certificate or something.
Not saying that I have an answer here - but if a browser can block phising and alerts me when there are missing or invalid certificates - then the installer ought to be able to do something to at least provide more information about what it is doing.
i'm surprised NOT ONE PERSON here even mentioned this: APPLE IS REMOVING JAVA from the OS when LION is released in the WILD!!! so these types of Java Runtime apps will not get installed on to your MAC ANYMORE!! see the link at the bottom of this post:
No Java runtime
Also missing from Lion is a preinstalled Java runtime capable of executing "100% pure" Java apps. There are few examples of Java desktop apps in the wild, so most users won't notice. Not bundling the runtime will erase a large number of security vulnerabilities from the reported list of issues related to Mac OS X going forward however, as Java exists as a parallel platform to Apple's native Cocoa.
When users attempt to run a Java app, Lion offers to look online for a version it can install, and will download and install a slightly newer version than is currently available for Snow Leopard today (1.6.0_24-b07-329, rather than 1.6.0_22-b04-307).
Apple announced earlier that it would be working with Oracle to divest itself of maintenance of the Java platform on Macs, setting up a new OpenJDK Project for Java on Mac OS X going forward, starting with the release of Java SE 7.
Apple noted that the Java runtime may be removed from future versions of its operating system, and it appears that will be the case with Lion, albeit with a rather painless install option for users who need it.
Ok, I apologize for saying you were trolling. I've just seen a lot of people making remarks that fit the pattern "Isn't that what so-and-so was for", in an attempt to snidely say it failed at that, when it really wasn't for that. I made a mistake in thinking you were doing the same thing. Sorry about that.
Apology accepted. I'm an iOS user (iPhone, iPad), but don't yet have a desktop Mac, though I will with my next purchase when my current PC (piece of crap) expires. I honestly thought that one of the reasons given for the Mac moving to an app store model was to curb the potential for this kind of mischief. I wasn't implying at all that it failed.
Like many vendors, Apple does some verification that the apps sold in their store meets their minimum quality standards. That's a far cry from doing any deep investigation or making any strong guarantees about the software. No vendor will ever guarantee you won't get malware from something in their store.
You say that Apple only does minimum quality checks. I'm not sure how you know this. I have heard they do quite vigorous automated checks of the executables to look for suspicious API calls. Whatever they're doing I have never heard of Malware appearing on the App Store.
Quote:
But more importantly, that isn't the only way to put software on your computer. There many ways to get software on your computer besides the Mac App Store, so even if it were perfect, it wouldn't stop malware from getting on your computer. Apple will never block other channels, because the Mac is a general purpose computer. This MACDefender is a case in point. It wasn't installed from the Mac App Store.
Yes there are many ways to get apps on your computer, but what are the typical malware vectors? Not CD/DVD which are typically commercial apps. Web downloads and email attachments are the main sources, and Safari and Mail already have knowledge of certain Mac Malware and block it.
Quote:
Malware is a consumer-centric problem, not a provider-centric problem. To even attempt to stop malware from getting installed on your computer, you need a solution that surrounds your computer. You need anti-virus software designed to run on your computer and monitor it, like all the traditional anti-virus programs out there. Even then, it is a never-ending battle between the virus makers and the virus defenders that must be vigilantly fought.
The Mac is not and will never be immune to malware because of the nature of general purpose computers. The battle just hasn't heated up yet on the Mac.
It could come to that, with the Mac requiring as full and invasive security software as Windows. But let's not jump the gun. So far the Mac has had very few exploits actually exploited in the wild. The main problem seems to be Trojans like this popping up every few months. So far things have been controlled by Apple making Safari recognise them. Let's see how things develop with the App Store in the next few years.
Apple's statement is perfectly correct. Mac OS X still has no known viral threats, and as this incident demonstrates you are pretty much only going to damage your machine if you explicitly tell the computer it's okay for it to do something it probably shouldn't.
Well over half of all the malware exploits on OS X are the result of vulnerabilities not in OS X itself, but in Adobe's Flash and also in Java. Hence, Apple has taken steps to ensure the latest version is in use (When it comes to Flash) and to simply remove the runtime altogether (At least as part of a native install) in the case of Java.
I don't recall if that is on or off by default, but that still does not solve the problem. <...>
Maybe the REAL problem is that switchers think they need anti-virus software and are so conditioned to believe it that they run this. So in effect, this is Microsoft's fault.
The fundamental problem is that computers are just machines - they don't understand the software they're running in the way a human understands things, so they can't tell what's malware and what isn't. Existing security software uses signatures and heuristics to identify malware but this is only as good as your virus definitions file which is why the industry is in a constant cat and mouse battle.
Apple has decided to fundamentally tackle the problem by putting a human in the loop. The user is not an acceptable candidate since they may be a layman, but a person on the server side (App Store) whose profession it is to do this type of activity has a much better chance.
This is a fundamentally better solution than a virus program.
Well over half of all the malware exploits on OS X are the result of vulnerabilities not in OS X itself, but in Adobe's Flash and also in Java. Hence, Apple has taken steps to ensure the latest version is in use (When it comes to Flash) and to simply remove the runtime altogether (At least as part of a native install) in the case of Java.
I do not believe there is any evidence to support your assertion. In fact, this article suggests that user error is probably the biggest security threat on the OS X platform and I would think javascript to be the second most exploited attack vector.
Lion has included a very minor, but important change to the windows you input your admin credentials. It won’t stop the ignorant from foolishly installing items but having the button now state the action it will take is a good movie, albeit a minor one.
They should change the wording of this - it sounds like your computer is telling you that you should go ahead and type your password. They should make it more neutral, or even more of a warning: "A program is trying to install software on your computer. If you are sure the software is safe and wish to install it, type in your password." And they could change the icon to a skull and crossbones with a question mark over it.
i'm surprised NOT ONE PERSON here even mentioned this: APPLE IS REMOVING JAVA from the OS when LION is released in the WILD!!! so these types of Java Runtime apps will not get installed on to your MAC ANYMORE!! see the link at the bottom of this post: ...
It's javascript that's the culprit here. Javascript has nothing to do with Java.
Lion will not be safer in this respect because javascript is used in every modern website, it's one of the pillars of the new web. Java on the other hand will die a slow death.
And they could change the icon to a skull and crossbones with a question mark over it.
That dialog is rather useless in my opinion. It's not actually asking the user for their password, it's asking for an admin password - the assumption being that the admin is a guru who will know what is safe.
But it's just a holdover from the server origins of OS X - in reality there never is an admin, so you are trusting a layman to decide what's safe to install which is a flawed model. In that sense the App Store gives every Apple customer access to an admin.
I work in the UK for a large PC repair shop. We see tons of malware on windows machines daily, which is incredibly difficult to get rid of or remove.
This piece of malware/virus is a complete joke. A few weeks ago we had our first customer come in with this. I was pretty shocked, but then when i looked at how stupid this program was compared to the ones you get in windows, I just shook my head.
To remove the malware you simply bring up activity monitor, disable "Macdefender", go to finder, drag the "MacDefender" app into the trash and restart the computer. You might want to take it out of login items from users as well. But that's it.
It's so easy to remove.
It's not a virus. It's simply another app, which the user agrees to install and then it comes up and pretends you are infected. It really makes me LOL.
I do not believe there is any evidence to support your assertion. In fact, this article suggests that user error is probably the biggest security threat on the OS X platform and I would think javascript to be the second most exploited attack vector.
If I'm not mistaken, it was the infamous Charlie Miller that stated that Flash was the largest security threat on any platform... or maybe one of his compatriots at SecCom? Too lazy to Goggle it myself...be my guest.
I work in the UK for a large PC repair shop. We see tons of malware on windows machines daily, which is incredibly difficult to get rid of or remove.
This piece of malware/virus is a complete joke. A few weeks ago we had our first customer come in with this. I was pretty shocked, but then when i looked at how stupid this program was compared to the ones you get in windows, I just shook my head.
To remove the malware you simply bring up activity monitor, disable "Macdefender", go to finder, drag the "MacDefender" app into the trash and restart the computer. You might want to take it out of login items from users as well. But that's it.
It's so easy to remove.
It's not a virus. It's simply another app, which the user agrees to install and then it comes up and pretends you are infected. It really makes me LOL.
Yes, I was trying to remove malware from my Mom's PC and it was very cunning in hiding itself compared to the amateur stuff coming Apple's way. This slightly supports the security through obscurity argument, but only time will tell.
One things that's missing here is for the OS to be doing its real job - both OSX and Windows.
The OS must know the provenance of every object in its system. So if we point at an app, then we can grab all its files, processes, etc without having to google it and hope someone has been there before.
Apple could do a *lot* to protect its users, through good OS design, long before we get to anti-malware tools.
Isn't this the kind of problem the Mac App Store is designed to defend against?
Exactly, the same people fighting the app store & ragging on it are the same people that hate the closed ecosystem of iPhone/iPad/iPod. Spyware & malware can be easily avoided if users take some time to actually care about what they do on the web, unfortunately most people are to busy to educate themselves until it is too late.
In addition drag & drop apps should be outright banned, it's time companies like Mozilla learned to use the package builder that comes free with every single OS X install disk!
Comments
Executable files are never considered safe and are never automatically launched. So NO this feature is NOT asking for this kind of attack.
As others have said, it's a dmg with an installer script, and Safari trusts both of those (since they're essentially data).
I take issue with Apple's position above. This is akin to a doctor finding cancer in a patient and being instructed by his hospital employer not to say anything. It's malpractice. Perhaps he's not allowed to operate on the cancer but it's a duty to inform a patient that something is wrong if they are unaware. Apple is pure fail on this point.
Malware is not fatal. I can see Apple's position on this. Apple service personnel are not trained in diagnosing or removing viruses and malware. In this case even investigating the problem might expose the technician to explicit images that they probably would rather not be required to view.
Not saying that I have an answer here - but if a browser can block phising and alerts me when there are missing or invalid certificates - then the installer ought to be able to do something to at least provide more information about what it is doing.
No Java runtime
Also missing from Lion is a preinstalled Java runtime capable of executing "100% pure" Java apps. There are few examples of Java desktop apps in the wild, so most users won't notice. Not bundling the runtime will erase a large number of security vulnerabilities from the reported list of issues related to Mac OS X going forward however, as Java exists as a parallel platform to Apple's native Cocoa.
When users attempt to run a Java app, Lion offers to look online for a version it can install, and will download and install a slightly newer version than is currently available for Snow Leopard today (1.6.0_24-b07-329, rather than 1.6.0_22-b04-307).
Apple announced earlier that it would be working with Oracle to divest itself of maintenance of the Java platform on Macs, setting up a new OpenJDK Project for Java on Mac OS X going forward, starting with the release of Java SE 7.
Apple noted that the Java runtime may be removed from future versions of its operating system, and it appears that will be the case with Lion, albeit with a rather painless install option for users who need it.
http://www.appleinsider.com/articles...e_rosetta.html
just my 2 cents.. BITZANDBITEZ @ your service... ; )
I realized this was posted on a Saturday so maybe most of you were out for the weekend and didn't see this..
(this includes the TROLLS up in here and U know who U R...)
Ok, I apologize for saying you were trolling. I've just seen a lot of people making remarks that fit the pattern "Isn't that what so-and-so was for", in an attempt to snidely say it failed at that, when it really wasn't for that. I made a mistake in thinking you were doing the same thing. Sorry about that.
Apology accepted. I'm an iOS user (iPhone, iPad), but don't yet have a desktop Mac, though I will with my next purchase when my current PC (piece of crap) expires. I honestly thought that one of the reasons given for the Mac moving to an app store model was to curb the potential for this kind of mischief. I wasn't implying at all that it failed.
Like many vendors, Apple does some verification that the apps sold in their store meets their minimum quality standards. That's a far cry from doing any deep investigation or making any strong guarantees about the software. No vendor will ever guarantee you won't get malware from something in their store.
You say that Apple only does minimum quality checks. I'm not sure how you know this. I have heard they do quite vigorous automated checks of the executables to look for suspicious API calls. Whatever they're doing I have never heard of Malware appearing on the App Store.
But more importantly, that isn't the only way to put software on your computer. There many ways to get software on your computer besides the Mac App Store, so even if it were perfect, it wouldn't stop malware from getting on your computer. Apple will never block other channels, because the Mac is a general purpose computer. This MACDefender is a case in point. It wasn't installed from the Mac App Store.
Yes there are many ways to get apps on your computer, but what are the typical malware vectors? Not CD/DVD which are typically commercial apps. Web downloads and email attachments are the main sources, and Safari and Mail already have knowledge of certain Mac Malware and block it.
Malware is a consumer-centric problem, not a provider-centric problem. To even attempt to stop malware from getting installed on your computer, you need a solution that surrounds your computer. You need anti-virus software designed to run on your computer and monitor it, like all the traditional anti-virus programs out there. Even then, it is a never-ending battle between the virus makers and the virus defenders that must be vigilantly fought.
The Mac is not and will never be immune to malware because of the nature of general purpose computers. The battle just hasn't heated up yet on the Mac.
It could come to that, with the Mac requiring as full and invasive security software as Windows. But let's not jump the gun. So far the Mac has had very few exploits actually exploited in the wild. The main problem seems to be Trojans like this popping up every few months. So far things have been controlled by Apple making Safari recognise them. Let's see how things develop with the App Store in the next few years.
Yeah right!
Apple's statement is perfectly correct. Mac OS X still has no known viral threats, and as this incident demonstrates you are pretty much only going to damage your machine if you explicitly tell the computer it's okay for it to do something it probably shouldn't.
Well over half of all the malware exploits on OS X are the result of vulnerabilities not in OS X itself, but in Adobe's Flash and also in Java. Hence, Apple has taken steps to ensure the latest version is in use (When it comes to Flash) and to simply remove the runtime altogether (At least as part of a native install) in the case of Java.
I don't recall if that is on or off by default, but that still does not solve the problem. <...>
Maybe the REAL problem is that switchers think they need anti-virus software and are so conditioned to believe it that they run this. So in effect, this is Microsoft's fault.
Apple has decided to fundamentally tackle the problem by putting a human in the loop. The user is not an acceptable candidate since they may be a layman, but a person on the server side (App Store) whose profession it is to do this type of activity has a much better chance.
This is a fundamentally better solution than a virus program.
Well over half of all the malware exploits on OS X are the result of vulnerabilities not in OS X itself, but in Adobe's Flash and also in Java. Hence, Apple has taken steps to ensure the latest version is in use (When it comes to Flash) and to simply remove the runtime altogether (At least as part of a native install) in the case of Java.
I do not believe there is any evidence to support your assertion. In fact, this article suggests that user error is probably the biggest security threat on the OS X platform and I would think javascript to be the second most exploited attack vector.
Lion has included a very minor, but important change to the windows you input your admin credentials. It won’t stop the ignorant from foolishly installing items but having the button now state the action it will take is a good movie, albeit a minor one.
They should change the wording of this - it sounds like your computer is telling you that you should go ahead and type your password. They should make it more neutral, or even more of a warning: "A program is trying to install software on your computer. If you are sure the software is safe and wish to install it, type in your password." And they could change the icon to a skull and crossbones with a question mark over it.
And they could change the icon to a skull and crossbones with a question mark over it.
And they could enact the ?Brady Bill? into new app installations that require you to wait several days before the app is usable.
i'm surprised NOT ONE PERSON here even mentioned this: APPLE IS REMOVING JAVA from the OS when LION is released in the WILD!!! so these types of Java Runtime apps will not get installed on to your MAC ANYMORE!! see the link at the bottom of this post: ...
It's javascript that's the culprit here. Javascript has nothing to do with Java.
Lion will not be safer in this respect because javascript is used in every modern website, it's one of the pillars of the new web. Java on the other hand will die a slow death.
J.
And they could change the icon to a skull and crossbones with a question mark over it.
That dialog is rather useless in my opinion. It's not actually asking the user for their password, it's asking for an admin password - the assumption being that the admin is a guru who will know what is safe.
But it's just a holdover from the server origins of OS X - in reality there never is an admin, so you are trusting a layman to decide what's safe to install which is a flawed model. In that sense the App Store gives every Apple customer access to an admin.
This piece of malware/virus is a complete joke. A few weeks ago we had our first customer come in with this. I was pretty shocked, but then when i looked at how stupid this program was compared to the ones you get in windows, I just shook my head.
To remove the malware you simply bring up activity monitor, disable "Macdefender", go to finder, drag the "MacDefender" app into the trash and restart the computer. You might want to take it out of login items from users as well. But that's it.
It's so easy to remove.
It's not a virus. It's simply another app, which the user agrees to install and then it comes up and pretends you are infected. It really makes me LOL.
I do not believe there is any evidence to support your assertion. In fact, this article suggests that user error is probably the biggest security threat on the OS X platform and I would think javascript to be the second most exploited attack vector.
If I'm not mistaken, it was the infamous Charlie Miller that stated that Flash was the largest security threat on any platform... or maybe one of his compatriots at SecCom? Too lazy to Goggle it myself...be my guest.
http://www.appleinsider.com/articles...rotection.html
I work in the UK for a large PC repair shop. We see tons of malware on windows machines daily, which is incredibly difficult to get rid of or remove.
This piece of malware/virus is a complete joke. A few weeks ago we had our first customer come in with this. I was pretty shocked, but then when i looked at how stupid this program was compared to the ones you get in windows, I just shook my head.
To remove the malware you simply bring up activity monitor, disable "Macdefender", go to finder, drag the "MacDefender" app into the trash and restart the computer. You might want to take it out of login items from users as well. But that's it.
It's so easy to remove.
It's not a virus. It's simply another app, which the user agrees to install and then it comes up and pretends you are infected. It really makes me LOL.
Yes, I was trying to remove malware from my Mom's PC and it was very cunning in hiding itself compared to the amateur stuff coming Apple's way. This slightly supports the security through obscurity argument, but only time will tell.
One things that's missing here is for the OS to be doing its real job - both OSX and Windows.
The OS must know the provenance of every object in its system. So if we point at an app, then we can grab all its files, processes, etc without having to google it and hope someone has been there before.
Apple could do a *lot* to protect its users, through good OS design, long before we get to anti-malware tools.
Isn't this the kind of problem the Mac App Store is designed to defend against?
Exactly, the same people fighting the app store & ragging on it are the same people that hate the closed ecosystem of iPhone/iPad/iPod. Spyware & malware can be easily avoided if users take some time to actually care about what they do on the web, unfortunately most people are to busy to educate themselves until it is too late.
In addition drag & drop apps should be outright banned, it's time companies like Mozilla learned to use the package builder that comes free with every single OS X install disk!