"adware/spyware" Is this a problem on Macs?
I was reading the announcement of AOL's software to include anti-adware/spyware software to combat sneaky marketing companies as they try to track peoples' internet habits. I haven't heard anything about these being a problem on the Mac. Has anyone else? Is this just a Windows problem? Thanks
Mark
Mark
Comments
I don't ever think there are *any* evil titles like that for Mac.
www.securitymac.com
Originally posted by Paul
there IS spyware for the mac
www.securitymac.com
Paul, that link isn't working.
BuonRotto, cookies aren't spyware. They're just misunderstood.
the correct link is
www.securemac.com
relevant bits are in the right hand column...
The OpenSSL example at the end of that thread is a good example. As you may know, Theo de Raadt is one of the most paranoid OS developers out there. For a trojan-horse to infiltrate the OpenSSL source tarball AND get uploaded to the official OpenBSD FTP server speaks volumes about how pervasive the problem can be.
Originally posted by Eugene
Yes, as long as open-source software with huge numbers of anonymous contributors can be built for the Mac, spyware is a certainty. Nowhere on the scale of Windows, but still... Of course some people may continue to deny it.
The OpenSSL example at the end of that thread is a good example. As you may know, Theo de Raadt is one of the most paranoid OS developers out there. For a trojan-horse to infiltrate the OpenSSL source tarball AND get uploaded to the official OpenBSD FTP server speaks volumes about how pervasive the problem can be.
The question the original poster asked, Eugene, was "Is this a problem on Macs?" NOT "Could it be a problem on Macs?" Of course the potential is there. This isn't the NBA draft, so potential means not a whole lot.
Of course, you're going to continue to pretend like you know what you're talking about and avoid answering the questions that are asked. I think we know one another too well...
Originally posted by torifile
The question the original poster asked, Eugene, was "Is this a problem on Macs?" NOT "Could it be a problem on Macs?" Of course the potential is there. This isn't the NBA draft, so potential means not a whole lot.
Of course, you're going to continue to pretend like you know what you're talking about and avoid answering the questions that are asked. I think we know one another too well...
Is OpenSSL installed on your computer?
"Potential" is the problem, because spyware doesn't just announce itself.
"Hi, I'm spyware! Just letting you know!"
In case you haven't noticed, Mac's don't have spyware.
Do they or do they not have spyware? I already showed you an instance of a highly-trusted software distribution carrying a Trojan Horse which created network connections to a remote client.
Originally posted by Paul
hah my bad, brain fart...
Please! Cast off those vulgar words! Call it a "blain gritch" instead!
Originally posted by torifile
BuonRotto, cookies aren't spyware. They're just misunderstood.
I didn't mean to say they were necessarily spyware, just that they're the closest thing to it when they're abused on the vast majority of Macs.
On the main subject, theory and practice are two different things, BTW. Spyware isn't a problem on the platform which isn't to say it can't be done. The weakest point of attack for any adware, spyware, virii ,worms, etc is the user. It's easier to fool the user than it is to attack a system's security holes directly, no matter the platform. That said, I've had my fair share of unauthorized adware installed on my work PC without me doing anything to allow it (except browsing the web, and no, I didn't click any ads or unknown links
Example:
I created a new document in Word.
I wrote "Original contents in document."
I saved the file as spyware.doc.
I opened it again.
I deleted the line "Original contents in document."
I replaced it with "I deleted some stuff."
I saved it again.
I ran the document through the unix tool strings.
[18] ceugene@duet:~> strings spyware.doc
jbjbq
I deleted some stuff.
Original contents in document
Eugene Chan
Normal
Eugene Chan
Microsoft Word 10.1
Original contents in document
Title
_PID_LINKBASE
Microsoft Word Document
NB6W
Word.Document.8
Originally posted by Eugene
Is OpenSSL installed on your computer?
"Potential" is the problem, because spyware doesn't just announce itself.
"Hi, I'm spyware! Just letting you know!"
OpenSSL is spyware?!? Gimme a break, Eugene. You're obfuscating the issue. There's a difference between spyware and security vulnerabilities.
Originally posted by Eugene
Or the Microsoft Office apps which slip a hidden unique ID in your documents along with the name of the author of the document?
Example:
I created a new document in Word.
I wrote "Original contents in document."
I saved the file as spyware.doc.
I opened it again.
I deleted the line "Original contents in document."
I replaced it with "I deleted some stuff."
I saved it again.
I ran the document through the unix tool strings.
Code:
[18] ceugene@duet:~> strings spyware.doc
jbjbq
I deleted some stuff.
Original contents in document
Eugene Chan
Normal
Eugene Chan
Microsoft Word 10.1
Original contents in document
Title
_PID_LINKBASE
Microsoft Word Document
NB6W
Word.Document.8
How is that spyware? Where does this info get sent to and who's profiting from it? That's the point of spyware.
Originally posted by torifile
OpenSSL is spyware?!? Gimme a break, Eugene. You're obfuscating the issue. There's a difference between spyware and security vulnerabilities.
You're saying a malicious Trojan Horse implanted into the source code that sends a remote mothership network packets isn't spyware?
Yes, OpenSSL was compromised by spyware, along with many other apps you may be unaware of.
Originally posted by torifile
How is that spyware? Where does this info get sent to and who's profiting from it? That's the point of spyware.
The unique ID's are trackable. If you distributed a document under the assumption of what you see is what you get, you're in bad shape, especially if you don't know it's also sending your personal info and stuff you *thought* you deleted.