+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 40
General Chat Thread, 600000 macs infected in General; Originally Posted by aerospacemango Aren't we ALWAYS being told by the fanbois how it's impossible for an Apple product to ...
  1. #16
    mthomas08's Avatar
    Join Date
    Jun 2008
    Posts
    1,488
    Thank Post
    117
    Thanked 143 Times in 126 Posts
    Rep Power
    52
    Quote Originally Posted by aerospacemango View Post

    Aren't we ALWAYS being told by the fanbois how it's impossible for an Apple product to get infected?
    I hear this so many times... and I have yet to hear this from a single person who actually understands Technical Support always some one who "I can use a MAC so that makes me a Know it all"..............

  2. #17
    mole's Avatar
    Join Date
    Mar 2007
    Location
    Teignmouth
    Posts
    359
    Thank Post
    109
    Thanked 38 Times in 37 Posts
    Rep Power
    23
    I guess alot of people would crap themselves if they did actually run a virus scan on their mac and see what it found. And then take it back to the apple store to get it sorted.

  3. #18


    Join Date
    Feb 2007
    Location
    51.405546, -0.510212
    Posts
    8,113
    Thank Post
    203
    Thanked 2,385 Times in 1,765 Posts
    Rep Power
    703
    A couple of useful links...

    Detect FlashBack Malware in Mac OS X the Easy Way « OS X Daily
    A new application has been released which makes checking a Mac for the Flashback malware infection as simple as clicking a button. This is a huge help for assisting less tech savvy people for checking their Macs...



    This new app-based detection method is very nontechnical and is just a two step process. (Source)
    Apple to release Flashback removal software, working to take down botnet « Ars Technica
    Apple plans to release software that will detect and remove Flashback malware infections on the Mac, the company announced Tuesday. In a knowledge base link published late in the day, Apple explained that it's aware of the infection—which takes advantage of a previously unpatched Java vulnerability—saying that the software was coming, but no specific release date was given.

    In addition to the Flashback detection software, Apple said that it's "working with ISPs worldwide" to disable the botnet's command and control (C&C) servers. Kaspersky researcher Kurt Baumgartner told Forbes earlier on Tuesday that "Apple is taking appropriate action by working with the larger Internet security community to shut down the Flashfake [also known as Flashback] C2 domains," and Apple's latest efforts seem to coincide with Baumgartner's statement.

    "Apple is developing software that will detect and remove the Flashback malware," Apple wrote. "In addition to the Java vulnerability, the Flashback malware relies on computer servers hosted by the malware authors to perform many of its critical functions. Apple is working with ISPs worldwide to disable this command and control network." (Source)

  4. #19

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    8,941
    Thank Post
    232
    Thanked 1,510 Times in 1,206 Posts
    Rep Power
    328
    I have to say, reading this article it goes to show just how amateurish and childish Apple really are when it comes to security.

    Apple really need to wake up and stop pretending their software is unbreakable. Microsoft's procedures are a perfect example how a new security vulnerability should be handled and patched accordingly.

    It wouldn't surprise me that proportionately, we'll start seeing more malware/viruses targeting Apple software rather than Microsoft software. You could argue it's getting increasingly more difficult to find vulnerabilities in Microsoft software and that Apple's software is comparatively untouched and potentially full of vulnerabilities to exploit.

  5. #20


    Join Date
    Feb 2007
    Location
    51.405546, -0.510212
    Posts
    8,113
    Thank Post
    203
    Thanked 2,385 Times in 1,765 Posts
    Rep Power
    703
    Apple have released their own Flashback removal tool now (it's part of the Java for OS X Lion 2012-003 and Java for Mac OS X 10.6 Update 8 updates).

    This Java security update removes the most common variants of the Flashback malware.

    This update also configures the Java web plug-in to disable the automatic execution of Java applets. Users may re-enable automatic execution of Java applets using the Java Preferences application. If the Java web plug-in detects that no applets have been run for an extended period of time it will again disable Java applets.
    In other news, Sophos have discovered a new trojan horse called OSX/Sabpab.A which uses the same Java vulnerability as Flashback.


  6. #21


    Join Date
    Feb 2007
    Location
    51.405546, -0.510212
    Posts
    8,113
    Thank Post
    203
    Thanked 2,385 Times in 1,765 Posts
    Rep Power
    703
    Quote Originally Posted by Michael View Post
    Apple really need to wake up and stop pretending their software is unbreakable.
    Java for OS X is developed by Oracle (but distributed to Mac's by Apple). Don't you think Oracle should get some of the blame for creating one of the most vulnerable pieces of software on the planet?

    Even when Oracle distribute the updates themselves (i.e. on Windows), you still find a lot of people have old versions installed because their updater sucks.

    Based on the Java patching habits of 28 million unique Internet users, Rapid7 estimates that 60-80% of computers running Java are vulnerable to this attack today.

    Looking long term, upwards of 60% of Java installations are never up to the current patch level. Since so many computers aren’t updated, even older exploits can be used to compromise victims.

    Rapid7 researched the typical patch cycle for Java and identified a telling pattern of behavior. We found that during the first month after a Java patch is released, adoption is less than 10%. After 2 months, approximately 20% have applied patches and after 3 months, we found that more than 30% are patched. We determined that the highest patch rate last year was 38% with Java Version 6 Update 26 3 months after its release. (Source)

  7. #22

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    8,941
    Thank Post
    232
    Thanked 1,510 Times in 1,206 Posts
    Rep Power
    328
    You could argue however that Apple have chosen to include and distribute Java as part of the OS. Microsoft do not include Java, although many OEMs do install it on their base images.

    I agree that the Auto Updater on older versions of Java isn't great, but newer versions do tend to download or at least prompt the user to download the update.

  8. #23

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,095
    Thank Post
    511
    Thanked 2,308 Times in 1,784 Posts
    Blog Entries
    24
    Rep Power
    803
    Quote Originally Posted by Arthur View Post
    Java for OS X is developed by Oracle (but distributed to Mac's by Apple). Don't you think Oracle should get some of the blame for creating one of the most vulnerable pieces of software on the planet?

    Even when Oracle distribute the updates themselves (i.e. on Windows), you still find a lot of people have old versions installed because their updater sucks.
    Not only that but look at the size of corporate networks - Java will be very much like IE was. Thorough testing has to occur before roll-out of patches.

    Not to mention the fact that they don't release patches. They release new versions every time. So every time we have to do a network wide update, we end up having 5 minutes at boot for it to install. And they update *a lot*.

  9. #24

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    8,941
    Thank Post
    232
    Thanked 1,510 Times in 1,206 Posts
    Rep Power
    328
    I suppose the other question of course is why is this Java exploit only being exploited on Mac and not Windows? Both OSes use Java, but it probably underlines other factors when it comes to OS design.

    As I say, Microsoft software proportionately is exhausted and it is getting increasingly harder to find vulnerabilities. I do suspect the Apple virus/malware is a bigger problem than many people realise.

  10. #25

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    10,686
    Thank Post
    824
    Thanked 2,570 Times in 2,187 Posts
    Blog Entries
    9
    Rep Power
    731
    Quote Originally Posted by Arthur View Post
    Java for OS X is developed by Oracle (but distributed to Mac's by Apple). Don't you think Oracle should get some of the blame for creating one of the most vulnerable pieces of software on the planet?
    Oracle missed their true calling, blue movies, honestly the amount of penitration and domination perpatrated on their software should see it selling in adult stores in the extreme section.

  11. 3 Thanks to SYNACK:

    Arthur (14th April 2012), Gatt (21st April 2012), glennda (14th April 2012)

  12. #26


    Join Date
    Feb 2007
    Location
    51.405546, -0.510212
    Posts
    8,113
    Thank Post
    203
    Thanked 2,385 Times in 1,765 Posts
    Rep Power
    703
    Quote Originally Posted by Michael View Post
    newer versions do tend to download or at least prompt the user to download the update.
    I think that's the problem. The average user simply ignores the prompt. Perhaps Oracle should either install Java to %AppData% by default (like Chrome and Dropbox), or install a service that keeps it up-to-date without prompting the user at all.

  13. #27

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    8,941
    Thank Post
    232
    Thanked 1,510 Times in 1,206 Posts
    Rep Power
    328
    I suppose they could, but it may be down to compatibility or simply giving the user choice whether or not they want to install an update.

    I think the best advice is to only install it if needed in the first place. This decreases the surface area of attack on any platform.

  14. #28

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    10,686
    Thank Post
    824
    Thanked 2,570 Times in 2,187 Posts
    Blog Entries
    9
    Rep Power
    731
    Quote Originally Posted by Michael View Post
    I think the best advice is to only install it if needed in the first place. This decreases the surface area of attack on any platform.
    +1, a service for updates would be good, last thing we need is another dirty app spewing rubbish into every users profile - how would you like 500 copies of chrome, yay - but I agree that simply not installing it is the best option, it is a massive security hole and if we did not 'need' it for lots of dirty little online education apps then it would be the first against the wall.

  15. #29


    Join Date
    Feb 2007
    Location
    51.405546, -0.510212
    Posts
    8,113
    Thank Post
    203
    Thanked 2,385 Times in 1,765 Posts
    Rep Power
    703
    Quote Originally Posted by SYNACK View Post
    last thing we need is another dirty app spewing rubbish into every users profile
    It goes without saying that if installing to user profiles became the default, it should be overridable by admins doing network-wide installs.

    A service would be better (to go along with the update services for Adobe Reader, Flash Player, Firefox, iTunes/Safari/QuickTime and the various Google apps).

    Quote Originally Posted by Michael View Post
    the other question of course is why is this Java exploit only being exploited on Mac and not Windows?
    The Java vulnerability used by the Flashback trojan (CVE-2012-0507) is actually the same one used by the Kelihos.C spambot on Windows. Tech journalists obviously report on the former because it generates page views and thus more ad revenue.

    Quote Originally Posted by Michael View Post
    I think the best advice is to only install it if needed in the first place.
    Definitely.
    Last edited by Arthur; 14th April 2012 at 12:26 PM.

  16. #30

    localzuk's Avatar
    Join Date
    Dec 2006
    Location
    Minehead
    Posts
    17,095
    Thank Post
    511
    Thanked 2,308 Times in 1,784 Posts
    Blog Entries
    24
    Rep Power
    803
    How about, on Windows, these plugin makers work with Microsoft and release their updates via the Microsoft Update platform. A single unified update platform for all software would be great.

    Kinda like APT in Linux...

SHARE:
+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. Replies: 0
    Last Post: 29th March 2012, 05:16 PM
  2. mini macs and midi
    By russdev in forum Mac
    Replies: 7
    Last Post: 29th November 2005, 02:08 PM
  3. for all those who like widgets on mac
    By russdev in forum Educational Software
    Replies: 3
    Last Post: 25th July 2005, 07:19 PM
  4. Mac Software?
    By dagza in forum Mac
    Replies: 9
    Last Post: 22nd July 2005, 09:44 PM
  5. How are your mac's connected ?
    By daveyboy in forum Mac
    Replies: 11
    Last Post: 16th July 2005, 01:52 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •