Secure Macs might not be so

photolady95 · 10-20-2011, 07:40 PM

secure any more.

Technolog - Malware can cripple your Mac's built-in security tools

Quote:

Security blog Sophos reports that a new variant of a backdoor trojan — malware which disguises itself as a benevolent piece of software — called Flashback is floating around the Internet and crippling Xprotect, the anti-malware system built into Mac OS X.

**boriscleto** · 10-20-2011, 08:50 PM

Until Apple fixes Xprotect. My policy is to never install anything I don't know the origin of. If Flash tries to automatically upgrade, I will cancel and download from Flash.com. Nothing can infect a Mac unless you give it permission to. Nobody even knows what this Trojan is trying to do, right now it doesn't do anything other than disable automatic updating in Xprotect. It's also pretty easy to spot. The installer looks nothing like an Adobe installer. Little Snitch helps too.

Little Snitch

The best policy may be to get rid of Flash altogether.

photolady95 · 10-20-2011, 09:34 PM

I just thought you Mac users would like a heads up.

My PC doesn't get bad things either because I'm careful where I go on the net and I don't download stuff I don't know about, plus my nothing gets past my firewall or security software.

Not every MAC or PC owner is as careful as you and I though and that's the reason I posted the above. I'm a computer tech also, so I like computers that run as they should without all the malware/spyware and junk on them.

séamuis · 10-21-2011, 01:58 AM

I don’t have flash installed on my mac anymore so I guess I’m safe. thanks for the heads up though.

bimjo · 10-21-2011, 06:12 AM

It was bound to happen eventually. As OS X gets more and more popular, the virus writing twits get more and more interested. I'd like to catch me one sometime.

reeftool · 10-21-2011, 07:49 AM

Security is an illusion. The lack of malware attacking Macs was simply because few were using them. Now that a much larger percentage of people are on Macs, we will see just as much problems.

**boriscleto** · 10-21-2011, 08:01 AM

Originally posted by reeftool

Security is an illusion. The lack of malware attacking Macs was simply because few were using them. Now that a much larger percentage of people are on Macs, we will see just as much problems.

Sigh...

The Mac OS X Malware Myth Continues - Seeking Alpha

When this article was written in 2007 there were 2 in the wild exploits of OS X and there were 50,000,000 users. It is now 2011, there are even more Mac users, and the number of exploits in the wild can still be counted with your fingers. Any malware infection on OS X requires three explicit actions on the part of the user. You have to download it, you have to run the installer, and you have to enter an administrator password. The second step is facilitated by what I have always considered a curious decision by Apple (to make open "safe" files after downloading on by default in Safari). Other than the handful of malware that has popped up in the last 4 years most security exploits on OS X require physical access to the computer.

Last edited by boriscleto; 10-21-2011 at 08:07 AM.

Don From The Radio · 10-21-2011, 02:15 PM

Mac OS X is less vulnerable than Windows, even when considering the lack of malware written for them. Doesn't make them immune. No operating system is ever completely safe. Macs CAN and DO get viruses. They always will. Same for Linux and same for Windows.

**boriscleto** · 10-21-2011, 03:18 PM

Originally posted by Don From The Radio

Mac OS X is less vulnerable than Windows, even when considering the lack of malware written for them. Doesn't make them immune. No operating system is ever completely safe. Macs CAN and DO get viruses. They always will. Same for Linux and same for Windows.

Quote:

A computer virus is a computer program that can replicate itself[1] and spread from one computer to another. The term "virus" is also commonly but erroneously used to refer to other types of malware, including but not limited to adware and spyware programs that do not have the reproductive ability. A true virus can spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive.[2]

Name one computer virus on Mac OS X. The last virus on Mac OS was in the 1990s. OS X has had a handful of Trojan Horses but no viruses. The bottom line is that if you end up with malware on your Mac you are an idiot.

Don From The Radio · 10-21-2011, 08:59 PM

Originally posted by boriscleto

Name one computer virus on Mac OS X. The last virus on Mac OS was in the 1990s. OS X has had a handful of Trojan Horses but no viruses. The bottom line is that if you end up with malware on your Mac you are an idiot.

I use malware and virus as interchangeable terms. I'm sure it's not correct, but that's how I roll.

Macs get malware. Not often, but it CAN happen. No system is secure. NONE. If you want a 100% secure system, write one yourself, then don't let anyone else ever even know it exists, or someone will find a way to break in.

I'm a Mac lover. I've owned dozens of them. Literally. My next computer purchase will likely be a Mac. But the claim that they never get viruses or malware is a semantics game.

And I'd say if you end up with malware on a Windows or Linux computer, you're also an idiot. Ad block, not going to suspect sites and a free scanner is all that's needed. I've had probably 100 PCs and Macs over the past 20 years, and none of them have ever gotten a major infection that affected the performance of the machine. It's not rocket science. Don't download keygens for illegal software, stay away from porn, rap lyrics and video game cheat code websites, and you won't get a virus.

Adam · 10-21-2011, 09:14 PM

How can they be secure to begin with if they can be wiped remotely with via iCloud?

Don From The Radio · 10-21-2011, 09:47 PM

Originally posted by Adam

How can they be secure to begin with if they can be wiped remotely with via iCloud?

I hate to go off on a tangent, but I can't be the only one here concerned with the idea of all computing being cloud based.

Clicker · 10-22-2011, 07:18 AM - **1 Like**

Time to stock up on crayons and paper.

magkelly · 10-22-2011, 10:58 AM

Originally posted by Don From The Radio

I hate to go off on a tangent, but I can't be the only one here concerned with the idea of all computing being cloud based.

No, you are not. I've already made up my mind that it won't be happening around here. As if I wanted all my software and files to be online where anything can be hacked. I think the whole concept of cloud computing is crazy, a complete ploy on the part of the software companies to be able to watch and control every move the user makes. They can keep it. I will not go there. I will drop any company that forces me to, doesn't give me traditional software. If need be I'll run my older software on an older type of PC for as long as it's humanly possible to make one that will run it. The whole idea of cloud computing, particularly when it comes to using money software and office software just makes me cringe. There's a reason I run a firewall and AV program on my machines.

I have enough trouble now just keeping away from malware on google. FYI, you don't have to be doing anything illicit to get a trojan these days. I got three variants on the same trojan last year from reading a news story on Google and Yahoo. I clicked a link to go see the story and the next thing you know I was infected. There was no chance to respond, or get away, no button to mistakenly click, the link itself was the trap and for the record not having flash enabled et all didn't save me from it. I have my machine completely set up to avoid malware and yet that particular nasty got me like three times in 4 months. Now, my AV software sees it and blocks it, but it took them several months to get to the point of being able to catch it when it comes up.

The people who spread malware are more and more beginning to use legit sites to spread their nasties. You go shopping online, you can click the wrong link. You're looking up info for a restaurant in your area, you can get caught. Looking for a pic of a particular actor on google? Better watch what pics you try to look at because they've actually tagged some links to those with nasty crap too lately. I nearly got caught last week just because I wanted to look at some pics of some vintage handbags. I was looking for some info on this vintage carpet bag and hat I want to put in my store. Trying to figure out more on the designer who wasn't someone I knew. I saw a photo of something under that name that looked a bit like the bag I had so I clicked it. Instead of the link leading me to the pics listed on Google it led me to some porn website and tried to dl a trojan onto my machine while I was it. Fortunately my AV program caught it and deleted it before it could do any damage but it was a darn close call.

I have enough trouble keeping crap off my system as it is and I run some good programs for that kind of thing. Didn't used to be that way. All I needed was a decent AV program and a firewall, but not lately. Cloud computing? Yeah, sure I really want to be directly connected to the internet to work for my entire day with all my business and financial files available in a cloud drive. Not in this lifetime. No way, no how. They can't even keep the front door to a bank or my debit card from being hacked now and I'm supposed to just put all my most sensitive data online sans qualms?

Uhuh....

**boriscleto** · 10-22-2011, 12:30 PM - **1 Like**

Interesting the way this bit of data was spun by two different sources.

Windows 7's malware infection rate climbs, XP's falls - Computerworld

Windows 7 malware infection rate significantly lower than Windows XP | WinRumors

A short history of Mac Malware by a company that has a vested interest in malware.

The short history of Mac malware: 1982 – 2011 | Naked Security

Major overhaul makes OS X Lion king of security ? The Register

There have been a few exploits already in 10.7, the LDAP one is most likely the fault of OpenLDAP, but most were fixed by the 10.7.2 update.

Quote:

Vulnerabilities of note include:

Improper storage and handling of web cookies
File Vault 2 leaving 250MB of unencrypted data accessible if system used before encrypting
Screen lock password bypass for Cinema Display users
Firewire DMA access allowed password recovery during boot/shutdown
Open Directory flaws allowed reading other users password hashes
Open Directory flaws allowed changing password without old password
Open Directory flaws allowed logging in without a password
Additionally Apple notes that Disk Image (.dmg) and installer packages (.pkg) files are no longer included in "safe" file types.

By taking .dmg and .pkg files out of the "safe" file types you will have to be an even bigger idiot to install a Trojan Horse.

10-20-2011, 07:40 PM	#1
photolady95 Otis Memorial Pentaxian Join Date: May 2009 Location: Cruising the forum watching his back Photos: Gallery \| Albums Posts: 12,712	Secure Macs might not be so secure any more. Technolog - Malware can cripple your Mac's built-in security tools Quote: Security blog Sophos reports that a new variant of a backdoor trojan — malware which disguises itself as a benevolent piece of software — called Flashback is floating around the Internet and crippling Xprotect, the anti-malware system built into Mac OS X.

10-21-2011, 09:14 PM	#11
Adam Administrator Site Webmaster Join Date: Sep 2006 Location: Arizona Photos: Gallery \| Albums Posts: 51,595	How can they be secure to begin with if they can be wiped remotely with via iCloud? Adam PentaxForums.com Webmaster (Site Usage Guide \| Site Help \| My Photography) PentaxForums.com server and development costs are user-supported. You can help cover these costs by donating or purchasing one of our Pentax eBooks. Or, buy your photo gear from our affiliates, Adorama, B&H Photo, KEH, or Topaz Labs, and get FREE Marketplace access - click here to see how! Trusted Pentax retailers:

10-22-2011, 12:30 PM - 1 Like	#15
boriscleto Loyal Site Supporter Join Date: Dec 2009 Location: North Syracuse, NY Photos: Gallery Posts: 16,475	Interesting the way this bit of data was spun by two different sources. Windows 7's malware infection rate climbs, XP's falls - Computerworld Windows 7 malware infection rate significantly lower than Windows XP \| WinRumors A short history of Mac Malware by a company that has a vested interest in malware. The short history of Mac malware: 1982 – 2011 \| Naked Security Major overhaul makes OS X Lion king of security ? The Register There have been a few exploits already in 10.7, the LDAP one is most likely the fault of OpenLDAP, but most were fixed by the 10.7.2 update. Quote: Vulnerabilities of note include: Improper storage and handling of web cookies File Vault 2 leaving 250MB of unencrypted data accessible if system used before encrypting Screen lock password bypass for Cinema Display users Firewire DMA access allowed password recovery during boot/shutdown Open Directory flaws allowed reading other users password hashes Open Directory flaws allowed changing password without old password Open Directory flaws allowed logging in without a password Additionally Apple notes that Disk Image (.dmg) and installer packages (.pkg) files are no longer included in "safe" file types. By taking .dmg and .pkg files out of the "safe" file types you will have to be an even bigger idiot to install a Trojan Horse. Last edited by boriscleto; 10-22-2011 at 12:38 PM.

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
Image editing for Macs	monarcmarc	Troubleshooting and Beginner Help	24	07-06-2011 05:37 PM
RAW support for K-r (and K-5) now available on Macs	djb21au	Pentax K-r	16	03-31-2011 02:37 PM
Buying tips for Macs	Damn Brit	General Talk	37	10-03-2008 01:08 PM
New Macs Coming...	benjikan	General Talk	12	08-03-2008 07:15 PM
Macs and PP Popularity...	jmdeegan	Digital Processing, Software, and Printing	33	11-17-2007 01:10 PM

10-20-2011, 08:50 PM	#2
boriscleto Loyal Site Supporter Join Date: Dec 2009 Location: North Syracuse, NY Photos: Gallery Posts: 16,475	Until Apple fixes Xprotect. My policy is to never install anything I don't know the origin of. If Flash tries to automatically upgrade, I will cancel and download from Flash.com. Nothing can infect a Mac unless you give it permission to. Nobody even knows what this Trojan is trying to do, right now it doesn't do anything other than disable automatic updating in Xprotect. It's also pretty easy to spot. The installer looks nothing like an Adobe installer. Little Snitch helps too. Little Snitch The best policy may be to get rid of Flash altogether.

10-20-2011, 09:34 PM	#3
photolady95 Otis Memorial Pentaxian Join Date: May 2009 Location: Cruising the forum watching his back Photos: Gallery \| Albums Posts: 12,712 Original Poster	I just thought you Mac users would like a heads up. My PC doesn't get bad things either because I'm careful where I go on the net and I don't download stuff I don't know about, plus my nothing gets past my firewall or security software. Not every MAC or PC owner is as careful as you and I though and that's the reason I posted the above. I'm a computer tech also, so I like computers that run as they should without all the malware/spyware and junk on them.

10-21-2011, 01:58 AM	#4
séamuis Banned Join Date: Oct 2007 Location: Savannah, U.S./Baguio City, P.H. Posts: 5,979	I don’t have flash installed on my mac anymore so I guess I’m safe. thanks for the heads up though.

10-21-2011, 06:12 AM	#5
bimjo Veteran Member Join Date: Jan 2008 Location: Pasco, WA Posts: 967	It was bound to happen eventually. As OS X gets more and more popular, the virus writing twits get more and more interested. I'd like to catch me one sometime.

10-21-2011, 07:49 AM	#6
reeftool Pentaxian Join Date: Dec 2007 Location: Upstate New York Photos: Gallery \| Albums Posts: 9,554	Security is an illusion. The lack of malware attacking Macs was simply because few were using them. Now that a much larger percentage of people are on Macs, we will see just as much problems.

10-21-2011, 08:01 AM	#7
boriscleto Loyal Site Supporter Join Date: Dec 2009 Location: North Syracuse, NY Photos: Gallery Posts: 16,475	Originally posted by reeftool Security is an illusion. The lack of malware attacking Macs was simply because few were using them. Now that a much larger percentage of people are on Macs, we will see just as much problems. Sigh... The Mac OS X Malware Myth Continues - Seeking Alpha When this article was written in 2007 there were 2 in the wild exploits of OS X and there were 50,000,000 users. It is now 2011, there are even more Mac users, and the number of exploits in the wild can still be counted with your fingers. Any malware infection on OS X requires three explicit actions on the part of the user. You have to download it, you have to run the installer, and you have to enter an administrator password. The second step is facilitated by what I have always considered a curious decision by Apple (to make open "safe" files after downloading on by default in Safari). Other than the handful of malware that has popped up in the last 4 years most security exploits on OS X require physical access to the computer. Last edited by boriscleto; 10-21-2011 at 08:07 AM.

10-21-2011, 02:15 PM	#8
Don From The Radio Veteran Member Join Date: Jul 2011 Location: Delaware Photos: Gallery \| Albums Posts: 344	Mac OS X is less vulnerable than Windows, even when considering the lack of malware written for them. Doesn't make them immune. No operating system is ever completely safe. Macs CAN and DO get viruses. They always will. Same for Linux and same for Windows.

10-21-2011, 03:18 PM	#9
boriscleto Loyal Site Supporter Join Date: Dec 2009 Location: North Syracuse, NY Photos: Gallery Posts: 16,475	Originally posted by Don From The Radio Mac OS X is less vulnerable than Windows, even when considering the lack of malware written for them. Doesn't make them immune. No operating system is ever completely safe. Macs CAN and DO get viruses. They always will. Same for Linux and same for Windows. Quote: A computer virus is a computer program that can replicate itself[1] and spread from one computer to another. The term "virus" is also commonly but erroneously used to refer to other types of malware, including but not limited to adware and spyware programs that do not have the reproductive ability. A true virus can spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive.[2] Name one computer virus on Mac OS X. The last virus on Mac OS was in the 1990s. OS X has had a handful of Trojan Horses but no viruses. The bottom line is that if you end up with malware on your Mac you are an idiot.

10-21-2011, 08:59 PM	#10
Don From The Radio Veteran Member Join Date: Jul 2011 Location: Delaware Photos: Gallery \| Albums Posts: 344	Originally posted by boriscleto Name one computer virus on Mac OS X. The last virus on Mac OS was in the 1990s. OS X has had a handful of Trojan Horses but no viruses. The bottom line is that if you end up with malware on your Mac you are an idiot. I use malware and virus as interchangeable terms. I'm sure it's not correct, but that's how I roll. Macs get malware. Not often, but it CAN happen. No system is secure. NONE. If you want a 100% secure system, write one yourself, then don't let anyone else ever even know it exists, or someone will find a way to break in. I'm a Mac lover. I've owned dozens of them. Literally. My next computer purchase will likely be a Mac. But the claim that they never get viruses or malware is a semantics game. And I'd say if you end up with malware on a Windows or Linux computer, you're also an idiot. Ad block, not going to suspect sites and a free scanner is all that's needed. I've had probably 100 PCs and Macs over the past 20 years, and none of them have ever gotten a major infection that affected the performance of the machine. It's not rocket science. Don't download keygens for illegal software, stay away from porn, rap lyrics and video game cheat code websites, and you won't get a virus.

10-21-2011, 09:47 PM	#12
Don From The Radio Veteran Member Join Date: Jul 2011 Location: Delaware Photos: Gallery \| Albums Posts: 344	Originally posted by Adam How can they be secure to begin with if they can be wiped remotely with via iCloud? I hate to go off on a tangent, but I can't be the only one here concerned with the idea of all computing being cloud based.

10-22-2011, 07:18 AM - 1 Like	#13
Clicker Veteran Member Join Date: May 2008 Photos: Gallery Posts: 3,241	Time to stock up on crayons and paper.

10-22-2011, 10:58 AM	#14
magkelly Veteran Member Join Date: May 2010 Photos: Gallery Posts: 5,901	Originally posted by Don From The Radio I hate to go off on a tangent, but I can't be the only one here concerned with the idea of all computing being cloud based. No, you are not. I've already made up my mind that it won't be happening around here. As if I wanted all my software and files to be online where anything can be hacked. I think the whole concept of cloud computing is crazy, a complete ploy on the part of the software companies to be able to watch and control every move the user makes. They can keep it. I will not go there. I will drop any company that forces me to, doesn't give me traditional software. If need be I'll run my older software on an older type of PC for as long as it's humanly possible to make one that will run it. The whole idea of cloud computing, particularly when it comes to using money software and office software just makes me cringe. There's a reason I run a firewall and AV program on my machines. I have enough trouble now just keeping away from malware on google. FYI, you don't have to be doing anything illicit to get a trojan these days. I got three variants on the same trojan last year from reading a news story on Google and Yahoo. I clicked a link to go see the story and the next thing you know I was infected. There was no chance to respond, or get away, no button to mistakenly click, the link itself was the trap and for the record not having flash enabled et all didn't save me from it. I have my machine completely set up to avoid malware and yet that particular nasty got me like three times in 4 months. Now, my AV software sees it and blocks it, but it took them several months to get to the point of being able to catch it when it comes up. The people who spread malware are more and more beginning to use legit sites to spread their nasties. You go shopping online, you can click the wrong link. You're looking up info for a restaurant in your area, you can get caught. Looking for a pic of a particular actor on google? Better watch what pics you try to look at because they've actually tagged some links to those with nasty crap too lately. I nearly got caught last week just because I wanted to look at some pics of some vintage handbags. I was looking for some info on this vintage carpet bag and hat I want to put in my store. Trying to figure out more on the designer who wasn't someone I knew. I saw a photo of something under that name that looked a bit like the bag I had so I clicked it. Instead of the link leading me to the pics listed on Google it led me to some porn website and tried to dl a trojan onto my machine while I was it. Fortunately my AV program caught it and deleted it before it could do any damage but it was a darn close call. I have enough trouble keeping crap off my system as it is and I run some good programs for that kind of thing. Didn't used to be that way. All I needed was a decent AV program and a firewall, but not lately. Cloud computing? Yeah, sure I really want to be directly connected to the internet to work for my entire day with all my business and financial files available in a cloud drive. Not in this lifetime. No way, no how. They can't even keep the front door to a bank or my debit card from being hacked now and I'm supposed to just put all my most sensitive data online sans qualms? Uhuh....