|
|
GET FETCH 5 FOR FREE! Fetch Softworks makes Fetch, the original
Macintosh FTP client, free for educational and charitable use.
Fetch 5.3 includes a new look and Leopard technology support.
Apply today at <http://fetchsoftworks.com/edapply>!
|
![[F]](/Images/i7/site.gif) TidBITS  TidBITS TidBITS Talk
New Mac threats?![[patrosh]](/webx/?30@@1) patrosh (apparently) - 02:52am Jul 4, 2008 PSTvia emailThe following article by Louisa Hearn was published in the Sydney Morning Herald today.
July 3, 2008
- 10:44AM
The
anti-virus vendors have begun circling over Apple as the legendary virus-free
status of its Mac OS begins to fade.
A
victim of its own success, the global install base of OS X is now estimated by
some to be approaching 8 per cent. Double that figure for developed countries,
and it makes for a far juicier proposition for virus writers.
In
addition, industry experts say the nature of malware is shifting, with the new
breed of "socially engineered" threats far more effective at
penetrating even the Mac's robust defences.
PC
Tools is the latest anti-virus company to bring a Mac-flavoured solution to the
market with a lightweight but highly targeted anti-virus and spyware tool that
it says will offer an alternative to the bloated offerings currently available.
Now
available in beta, the company said the product had been created to address the
misconception that the Mac OS was inherently secure - which was not being
backed up by its own internal research.
"Up
until the end of last year there were only a handful of threats, but in
calendar 2008 we have seen more threats that have both Windows and Mac
variants," said Simon Clausen, PC Tools chief executive.
Research
conducted by the company in the first quarter found that 95 per cent of all
identified Mac malware threats were OS X related. Of these, 38 per cent were
keyloggers, 30 per cent were hacking tools, 11 per cent were backdoors, and
only 2 per cent were viruses.
Apple
itself, which has built a number of security safeguards into the operating
system, officially acknowledged the role of anti-virus software for the first
time in its latest OS X Security Configuration Guide released in May, and even
provides a link to a list of third-party suppliers.
According
to Mr Clausen, the main type of malware targeting Mac users gets around OS X
security by tricking the user into taking some seemingly harmless action such
as installing a video. "That is an easier way of spreading threats because
they don't have to go searching for holes in the operating system."
But
a small proportion of this malware is actually targeting vulnerabilities in the
Mac OS. Last week, anti-virus companies reported the release of a new Trojan
targeting a flaw in the remote management of OS X versions 10.4 and 10.5.
According
to anti-virus company, Symantec, the Trojan contains a piece of AppleScript
that can be unwittingly picked up while transacting online, and is also
circulating as a compiled script disguised as a poker game that downloads when
the game is launched.
"I
think the popularity of Mac platforms continues to grow in the context of there
being no need for anti-virus software - and the product does do considerably
well there," said Robert Pregnell, technical product manager for Symantec
Australia. He confirmed, however, that the majority of new threats were now
targeting user interactions more than computing devices themselves - making
them less platform specific.
"On
both platforms we should be thinking about more than just anti-virus protection
- we should also be thinking about a client firewall, intrusion prevention, and
anti-spam as a minimum."
Check our comprehensive Salary Centre Overpaid or Underpaid?
ShawnKing (apparently)
-
Jul 16, 2008 3:59 am
(#57 Total: 76)
|
 |
|
|
|
| Posts: 78 |
Re: New Mac threats?
On 7/15/08 1:06 PM, "Randy B. Singer" <randy  macattorney.com> wrote:
> Many members of the Macintosh community have expressed a blind hatred
> of the AV companies.
As soon as the "AV companies" treat the Mac Community openly, honestly and
with respect instead of trying to trick people into purchasing their
software through FUD, that hatred will go away.
--
Shawn King
|
|
 | |
Steve McCabe (apparently)
-
Jul 16, 2008 3:59 am
(#58 Total: 76)
|
|
|
|
|
| Posts: 34 |
Re: New Mac threats?
> Unless you consider Walmart (by any spelling), the British government,
There are few agencies less trustworthy and secure with data than my
government, unless one wishes to redefine ones understanding of "secure" to
include "sending millions of peoples' private medical records on CDs through
the post, which then got lost," or, even better, "leaving data on the
train;" frankly, I'd consider Her Majesty's government to be less
trustworthy with my data than a pimply twentytwo-year-old with a stack of
cup ramen pots next to him in a dimly-lit room with the word "hacker"
tattooed across his forehead.
> and Homeland Security among others to be suspicious sites.
Oh, not, the Department of Fatherland Security are not in any way
suspicious, as I'm sure the nice gentlemen reading this message will be
happy to assure us all.
Steve
|
|
| |
George Wade (apparently)
-
Jul 16, 2008 4:04 am
(#59 Total: 76)
|
|
|
|
|
| Posts: 187 |
Re: New Mac threats?
Judge frees teenage hacker
On 15-Jul-08, at 10:06 AM, Randy B. Singer wrote:
>
> On Jul 15, 2008, at 4:51 AM, Lewis Gmail wrote:
>
>>> Actually, I agree with Kirk. It's true that some of the AV
>>> companies' press releases sound somewhat overblown, but I WANT an AV
>>> company that is incredibly aggressive...
>> There's nothing useful about FUD.
>
> What IS useful is having an organization that finds and dissects a
> malware threat at the earliest possible moment...
Teen accused of stealing millions may even be asked to work with
police to tackle online crime
<www.guardian.co.uk/technology/2008/jul/15/walker.hacking>
> Many members of the Macintosh community have expressed a blind hatred
> of the AV companies. ...
That is a useful way to deal with youthful inquisitiveness. Putting
the kid in jail would have been making him an honoured, but terrified
prof for the bad guys. Kiwi justice keeps him on our side. Could
Apple donate a Mac for "AKILL's" new office ? Of course: this is
not logical or right; but it is practical...;-)
George
|
|
| |
Kirk McElhearn (apparently)
-
Jul 17, 2008 3:24 am
(#60 Total: 76)
|
|
|
|
|
| Posts: 841 |
Re: New Mac threats?
On Jul 16, 2008, at 1:59 PM, John C. Welch wrote:
> What else, besides how a person or a lot of people use a word
> determines
> usage?
That's been my point since the beginning of this thread, but you've
disagreed....
Kirk
|
|
| |
Kirk McElhearn (apparently)
-
Jul 17, 2008 3:24 am
(#61 Total: 76)
|
|
|
|
|
| Posts: 841 |
Re: New Mac threats?
On Jul 16, 2008, at 1:59 PM, Shawn King wrote:
>> Many members of the Macintosh community have expressed a blind hatred
>> of the AV companies.
>
> As soon as the "AV companies" treat the Mac Community openly,
> honestly and
> with respect instead of trying to trick people into purchasing their
> software through FUD, that hatred will go away.
I'm always stunned that, in the Mac world, security companies are
treated like pariahs, unlike in the Windows world where the entire
community - and the press - respect what they do.
Kirk
|
|
| |
David McMurray (apparently)
-
Jul 17, 2008 3:24 am
(#62 Total: 76)
|
|
|
|
|
| Posts: 3 |
Re: New Mac threats?
On 16-Jul-08, at 7:59 AM, John C. Welch wrote, quoting me:
>> How a particular individual uses a word or phrase does not determine
>> usage. But you know that--you're just being silly, right?
>
> What else, besides how a person or a lot of people use a word
> determines
> usage?
Where did "a lot of people" come from all of a sudden? You were
talking about an individual and that was the point I addressed--I
never suggested that usage was determined by something other than a
language community.
|
|
| |
John C. Welch (apparently)
-
Jul 17, 2008 3:24 am
(#63 Total: 76)
|
|
|
|
|
| Posts: 862 |
Re: New Mac threats?
On 7/16/08 8:04 AM, "George Wade" <georgewade shaw.ca> wrote:
>> What IS useful is having an organization that finds and dissects a
>> malware threat at the earliest possible moment...
>
> Teen accused of stealing millions may even be asked to work with
> police to tackle online crime
>
> <www.guardian.co.uk/technology/2008/jul/15/walker.hacking>
>
>> Many members of the Macintosh community have expressed a blind hatred
>> of the AV companies. ...
>
> That is a useful way to deal with youthful inquisitiveness. Putting
> the kid in jail would have been making him an honoured, but terrified
> prof for the bad guys. Kiwi justice keeps him on our side. Could
> Apple donate a Mac for "AKILL's" new office ? Of course: this is
> not logical or right; but it is practical...;-)
Why, in the name of sweet sanity, would you hire someone as a SECURITY
OFFICER when they've shown a complete lack of anything resembling
professional ethics or behavior.
"youthful indescretion"? No. That's how you describe an unfortunate
water-ballooning. The kid was aiding and abetting a crime ring.
How in the name of $DEITY$ do you justify offering someone like him
privileged access to computer systems?
--
John C. Welch
|
|
| |
Randy B. Singer (apparently)
-
Jul 17, 2008 3:24 am
(#64 Total: 76)
|
|
|
|
via email - Co-Author: The Macintosh Bible (4th, 5th, and 6th editions) |
|
|
|
| Posts: 214 |
Re: New Mac threats?
On Jul 16, 2008, at 4:59 AM, Shawn King wrote:
> As soon as the "AV companies" treat the Mac Community openly,
> honestly and
> with respect instead of trying to trick people into purchasing their
> software through FUD, that hatred will go away.
I can't think of a company, offhand, that does not use hyperbole to
sell their products. Apple's own television commercials are an
excellent example of hyperbole.
The smart consumer educates themselves before considering a product.
Blind hatred of an entire company, or of an entire industry, usually
means that the consumer is hurting themselves, and not taking
advantage of what that company or industry has to offer.
The AV companies offer an excellent free service. Most of them have
freely available databases that they maintain that will tell you
everything that the ordinary consumer would want to know about what
malware threats currently exist, and about new ones as they arise.
Consumers who are mislead by those in the media to believe that the
AV companies are all unadulterated liars and cheats will tend to
believe mythology such as that "Macs are invulnerable to malware," or
that "there is absolutely no malware for the Macintosh." The truth
is right there for them to check out, if they can get past their
blind irrational hatred of an entire industry.
Randy B. Singer • Mac OS X Routine Maintenance • http://www.macattorney.com/ts.html
|
|
| |
John C. Welch (apparently)
-
Jul 18, 2008 3:53 am
(#65 Total: 76)
|
|
|
|
|
| Posts: 862 |
Re: New Mac threats?
On 7/17/08 7:24 AM, "Kirk McElhearn" <kirk mcelhearn.com> wrote:
>> What else, besides how a person or a lot of people use a word
>> determines
>> usage?
>
>
> That's been my point since the beginning of this thread, but you've
> disagreed....
I've disagreed that usage determines meaning. What I'm asking is what
besides usage can possibly determine usage, not the correctness, or lack
thereof in that usage.
If usage determines meaning, then I should be able to tell my doctor "I have
a cold" and they'll just "know" I mean "broken arm".
--
John C. Welch
|
|
| |
John C. Welch (apparently)
-
Jul 18, 2008 3:53 am
(#66 Total: 76)
|
|
|
|
|
| Posts: 862 |
Re: New Mac threats?
On 7/17/08 7:24 AM, "Kirk McElhearn" <kirk mcelhearn.com> wrote:
>> As soon as the "AV companies" treat the Mac Community openly,
>> honestly and
>> with respect instead of trying to trick people into purchasing their
>> software through FUD, that hatred will go away.
>
> I'm always stunned that, in the Mac world, security companies are
> treated like pariahs, unlike in the Windows world where the entire
> community - and the press - respect what they do.
Because in the Windows community, they interact with their users
differently. There's far less alarmism and fearmongering on the windows
side, than there is in their Mac announcements. People tend to be stupid in
groups, but they can still tell when someone's trying to yank their chain as
a way of getting their hand in their pocket.
In addition, the history of anti-malware software on the Mac is not one of
stability and quiet functionality.
--
John C. Welch
|
|
| |
John C. Welch (apparently)
-
Jul 18, 2008 3:53 am
(#67 Total: 76)
|
|
|
|
|
| Posts: 862 |
Re: New Mac threats?
On 7/17/08 7:24 AM, "Randy B. Singer" <randy macattorney.com> wrote:
> Consumers who are mislead by those in the media to believe that the
> AV companies are all unadulterated liars and cheats will tend to
> believe mythology such as that "Macs are invulnerable to malware," or
> that "there is absolutely no malware for the Macintosh." The truth
> is right there for them to check out, if they can get past their
> blind irrational hatred of an entire industry.
No, it's not "blame the media". You look at the history of AV company
announcements on the Mac, esp. since Mac OS X was released, and you'll see
some pretty specific fearmongering going on. That's not the media's fault,
unless you're blaming them for publishing press releases.
As well, up until a couple, maybe three years ago, AV programs on the Mac
were the FASTEST way to destabilize your system, bar none. Norton in
particular was bad about this, requiring, in one case, you to disable the
second processor on dual-G4 systems so that you could run certain
applications. Or, you could delete NAV, and the problem went away.
The AV companies willingly, even eagerly helped dig the hole they find
themselves in.
--
John C. Welch
|
|
| |
miraz065 (apparently)
-
Jul 18, 2008 4:03 am
(#68 Total: 76)
|
|
|
|
|
| Posts: 9 |
Re: New Mac threats?
On Thu, Jul 17, 2008 at 23:24, John C. Welch <jwelch bynkii.com> wrote:
> On 7/16/08 8:04 AM, "George Wade" <georgewade shaw.ca> wrote:
>> Teen accused of stealing millions may even be asked to work with
>> police to tackle online crime
>>
>> <www.guardian.co.uk/technology/2008/jul/15/walker.hacking>
>
> Why, in the name of sweet sanity, would you hire someone as a SECURITY
> OFFICER when they've shown a complete lack of anything resembling
> professional ethics or behavior.
>
> "youthful indescretion"? No. That's how you describe an unfortunate
> water-ballooning. The kid was aiding and abetting a crime ring.
>
> How in the name of $DEITY$ do you justify offering someone like him
> privileged access to computer systems?
If anyone is interested in learning more about why this kid has not
been sentenced to jail (and has not actually been offered a job with
the Police), there is an interesting story behind it.
Listen to an approx 23 minute radio interview wth a representative of
the FBI and another from the New Zealand Police, linked from this
page:
http://www.radionz.co.nz/national/programmes/ninetonoon/20080716
The link will almost certainly disappear within the next few days so
grab the file now, or from the iTunes Podcast section (search for
Radio NZ, Nine To Noon with Kathryn Ryan).
After listening to the interview yesterday I'd say it sounds as though
the kid was very naive, not intentionally involved in crime, perhaps
autistic, and apparently incredibly brilliant in programming.
Cheers,
Miraz
|
|
| |
Kirk McElhearn (apparently)
-
Jul 19, 2008 3:56 am
(#69 Total: 76)
|
|
|
|
|
| Posts: 841 |
Re: New Mac threats?
On Jul 18, 2008, at 1:53 PM, John C. Welch wrote:
>>> What else, besides how a person or a lot of people use a word
>>> determines
>>> usage?
>>
>>
>> That's been my point since the beginning of this thread, but you've
>> disagreed....
>
> I've disagreed that usage determines meaning. What I'm asking is what
> besides usage can possibly determine usage, not the correctness, or
> lack
> thereof in that usage.
>
> If usage determines meaning, then I should be able to tell my doctor
> "I have
> a cold" and they'll just "know" I mean "broken arm".
If one person uses a word to mean something, that's not determinate.
It's the mass of men (who lead lives of quiet desperation), who, in
their usage, determine meaning. Example: you may have used "google" as
a verb before others, but it has no become common enough that most
people (at least in English-speaking countries) understand what it
means.
Kirk
|
|
| |
Kirk McElhearn (apparently)
-
Jul 19, 2008 3:56 am
(#70 Total: 76)
|
|
|
|
|
| Posts: 841 |
Re: New Mac threats?
On Jul 18, 2008, at 1:53 PM, John C. Welch wrote:
> As well, up until a couple, maybe three years ago, AV programs on
> the Mac
> were the FASTEST way to destabilize your system, bar none. Norton in
> particular was bad about this, requiring, in one case, you to
> disable the
> second processor on dual-G4 systems so that you could run certain
> applications. Or, you could delete NAV, and the problem went away.
You keep using the plural, whereas the only real culprit, as you
describe above, is Norton.
Kirk
|
|
| |
ShawnKing (apparently)
-
Jul 19, 2008 3:56 am
(#71 Total: 76)
|
|
|
|
|
| Posts: 78 |
Re: New Mac threats?
On 7/17/08 7:24 AM, "Randy B. Singer" <randy macattorney.com> wrote:
> On Jul 16, 2008, at 4:59 AM, Shawn King wrote:
>
>> As soon as the "AV companies" treat the Mac Community openly,
>> honestly and
>> with respect instead of trying to trick people into purchasing their
>> software through FUD, that hatred will go away.
>
> I can't think of a company, offhand, that does not use hyperbole to
> sell their products.
Agreed. But I'm not talking about hyperbole. I specifically said "Fear
Uncertainty and Doubt". Completely different.
> Blind hatred of an entire company, or of an entire industry, usually
> means that the consumer is hurting themselves
Or it could mean that the company or industry is in fact worthy of that
"hatred".
> Consumers who are mislead by those in the media to believe that the
> AV companies are all unadulterated liars and cheats will tend to
> believe mythology such as that "Macs are invulnerable to malware," or
> that "there is absolutely no malware for the Macintosh."
You aren't seriously using the "Blame the Media!" cliché, are you? As a
(reticent) member of that media, I can tell that, at least on the Mac side,
the distrust the community has for AV companies is *very* justified. I've
been pitched *many* story ideas from AV companies whose only purpose is to
scare customers into buying their software. I get dozens of press releases
each year from companies proclaiming all kinds of doom and gloom to Mac
users that can be prevented if only we'd use their products.
> The truth
> is right there for them to check out, if they can get past their
> blind irrational hatred of an entire industry.
It may be hatred but it is most certainly *not* blind or irrational.
--
Shawn King
|
|
| |
George Wade (apparently)
-
Jul 19, 2008 3:56 am
(#72 Total: 76)
|
|
|
|
|
| Posts: 187 |
Re: New Mac threats?
> http://www.radionz.co.nz/national/programmes/ninetonoon/20080716
>
> The link will almost certainly disappear within the next few days...
>
> After listening to the interview yesterday I'd say it sounds as though
> the kid was very naive, not intentionally involved in crime, perhaps
> autistic, and apparently incredibly brilliant in programming.
Listening now: it seems that the FBI rep. was very naive, too. I
wouldn't call him 'possibly autistic', just well educated in an
unrelated field. Perhaps the kid is autistic, but there are no real
grounds for saying so. We don't even hear his voice.
He was described as being in the "Top 3 in the world?" The audio was
not completely clear. It was good to hear of him being redirected in
positive directions.
George
|
|
| |
bitreader (apparently)
-
Jul 19, 2008 3:56 am
(#73 Total: 76)
|
|
|
|
|
| Posts: 121 |
Re: New Mac threats?
On 7/18/08 at 4:53 AM, jwelch bynkii.com (John C. Welch) wrote:
>If usage determines meaning, then I should be able to tell my doctor
>"I have a cold" and they'll just "know" I mean "broken arm".
Not so. There is a distinct difference between *your* usage and
general usage.
|
|
| |
Kirk McElhearn (apparently)
-
Jul 19, 2008 3:57 am
(#74 Total: 76)
|
|
|
|
|
| Posts: 841 |
Re: New Mac threats?
On Jul 18, 2008, at 1:53 PM, John C. Welch wrote:
> On 7/17/08 7:24 AM, "Kirk McElhearn" <kirk mcelhearn.com> wrote:
>
>>> As soon as the "AV companies" treat the Mac Community openly,
>>> honestly and
>>> with respect instead of trying to trick people into purchasing their
>>> software through FUD, that hatred will go away.
>>
>> I'm always stunned that, in the Mac world, security companies are
>> treated like pariahs, unlike in the Windows world where the entire
>> community - and the press - respect what they do.
>
> Because in the Windows community, they interact with their users
> differently. There's far less alarmism and fearmongering on the
> windows
> side, than there is in their Mac announcements. People tend to be
> stupid in
> groups, but they can still tell when someone's trying to yank their
> chain as
> a way of getting their hand in their pocket.
>
> In addition, the history of anti-malware software on the Mac is not
> one of
> stability and quiet functionality.
No comment on your second point - the history of Norton stuff is clear
- but as to the first point, I disagree. I don't see these
announcements (with the exception of iAntivirus "finding" a trojan) to
be exaggerated at all. In fact, having a bit of information about Mac
security, they sometimes are understated.
Kirk
|
|
| |
ShawnKing (apparently)
-
Jul 19, 2008 3:57 am
(#75 Total: 76)
|
|
|
|
|
| Posts: 78 |
Re: New Mac threats?
On 7/17/08 7:24 AM, "Kirk McElhearn" <kirk mcelhearn.com> wrote:
> I'm always stunned that, in the Mac world, security companies are
> treated like pariahs, unlike in the Windows world where the entire
> community - and the press - respect what they do.
Why are you stunned? In the Windows world, their products are a necessity -
without them, the vast majority of personal computers would become useless.
That's not even close to being true on the Mac side.
But the security companies, by necessity, are trying to grow their markets
and they see the Mac community as a way to do that. But it's the *tactics*
they use that is objectionable to any number of people.
--
Shawn King
|
|
| |
Joe Kissell
-
Jul 19, 2008 4:01 am
(#76 Total: 76)
|
|
|
|
|
| Posts: 1297 |
Folks,
With your kind indulgence, I'm going to shut down this thread now. The discussion has been interesting, but it's been increasingly going in tangential directions, and as everyone seems to want to have the last word on various subtopics, I fear the thread dragging on interminably.
Cheers,
Joe
|
|
|
TidBITS TidBITS TidBITS Talk New Mac threats?
|
|
