Timely warning for Mac users - you are not immume, you are just not a target YET.

[tlgerdes (Trevor)]

Why malware for Macs is on its way.

http://www.zdnet.com/blog/bott/why-m...n-its-way/3243

[supernova1965 (Warren)]

Not strictly true unlike windows both MAC and Linux have a different way of working to run any program or virus or make any changes you have to know the Admin password in the case of linux MAC is built on the same type of core code as Linux. In Linux there is a home partition and a Root partition the home partition is for the user and the Root partition is everything to do with the OS and for any changes to be made to the Root partition you must enter the password so viruses can't execute with out user interaction. Meaning it is much more difficult for a virus writer to attack MAC or Linux not saying it is impossible but with care and a good virus protection I would say it is virtually impossible to attack. Unlike with windows. As shown in the story linked for a malware to attack a MAC machine it requires the user to ignore sensible prevention measures the only weakness I see in MAC is the user if the user is cautious the malware cannot attack

[dannat (Daniel)]

I agree with Warren, the software asks u if u want to install said virus, though I am guessing there must be some out there working on a way around this..like free copies of PS which have something embedded

[supernova1965 (Warren)]

Quote:

Originally Posted by dannat

I agree with Warren, the software asks u if u want to install said virus, though I am guessing there must be some out there working on a way around this..like free copies of PS which have something embedded

Yes Dannat is right the "FREE" copy of PS only makes my point on user weakness we all know that there is no free PS and anyone trying to get one is only asking for trouble

[tlgerdes (Trevor)]

Quote:

Originally Posted by supernova1965

Not strictly true unlike windows both MAC and Linux have a different way of working to run any program or virus or make any changes you have to know the Admin password in the case of linux MAC is built on the same type of core code as Linux.

I dont know why you say not strictly true. At the recent security conferences, Mac OSX have been as easily and as quickly compromised as Windows (actually quicker than Windows at the last Pwn2Own contest).

95% of malware is made for economic benefit and 95% of users just dont know what is right or wrong when it comes to clicking through warning messages, if it "looks right" they will say OK. Your are basing your assumptions on knowing. Go and ask your next door neighbour or your mother.

[supernova1965 (Warren)]

Quote:

Originally Posted by tlgerdes

95% of users just dont know what is right or wrong when it comes to clicking through warning messages, if it "looks right" they will say OK. Your are basing your assumptions on knowing. Go and ask your next door neighbour or your mother.

This is exactly my point the fault is not of the OS it is a failing of the end user they ignore basic security in not allowing changes or installing software that they have not instigated or do not have knowledge of where the software has come from. Even windows can be kept secure with proper end user caution although it is more difficult to keep free from infection the user must be much more aware of what is happening. You say that they don't know what is right or wrong when clicking through warning messages I thought just the words Warning Messages should be sufficient to give the user pause

[bobson (Bob)]

Warren,

Read whats on that link Trevor posted.

cheers

bob

[tlgerdes (Trevor)]

People run out of petrol in cars, people get flat tyres because they dont check tyre pressures. They will also click through a message that looks like it is from Apple or Microsoft telling them they are found a security problem and click this button to apply the fix.

Have you ever believed a lie that one of your friends or acquaintences. Same thing happens in computers. I wanted to go to particular website, suddenly a message pops up from Friendly Software Vendor warning me about a problem...........

Then the buffer overflow and priviledge escalation exploit takes over and installs a malacious piece of code with your full approval as Root/Admin in side your computer.

The article was about that fact the malicous code is now appearing in limited quantities in the wild, that is specifically targeting OSX. It will only be time before OSX is as much a target as Windows.

It is all about targets and opportunity. When OSX was 3% of the Internet it was more worthwhile to chase the other 95% which was Windows. Now OSX is getting 6% and rising it is becoming an economical target to attack, ie 20 million OSX machines if I can get 1000 credit card from them and spend $1000 on each, I have just scored $1,000,000.

[TrevorW]

I got a message on my yahoo email the other day from the FBI saying I'd visited 41 illegal websites, DILLIGAF

How the hell would they know as none of the sites I visit are illegal and none ever ask me for my email address

Security is up to the end user, if your stupid enough to download anything from the web expecting something for nothing unless you know what you are doing, know who you are dealing with, have a good virus checker etc, it's Russian roulette.

[bobson (Bob)]

Trevor,

Quote:

The article was about that fact the malicous code is now appearing in limited quantities in the wild, that is specifically targeting OSX. It will only be time before OSX is as much a target as Windows.

Remember the time when Firefox just started?
They were saying how its so much safer than Internet Explorer.

And when people started using it more and more all over the sudden it wasn't that safe and security holes started to appear.

cheers

bob

[Omaroo (Chris Malikoff)]

Quote:

Originally Posted by bobson

Trevor,



Remember the time when Firefox just started?
They were saying how its so much safer than Internet Explorer.

And when people started using it more and more all over the sudden it wasn't that safe and security holes started to appear.

cheers

bob

That's not a parallel argument here Bob. Macs are based on Unix, which has been at the forefront of security management for longer than just about everything else. It's able to be locked down more tightly than just about everything at OS level. Whether people with root privileges install silly stuff is beyond any system.

[bobson (Bob)]

Cris,

I was wondering where were you all this time when Mac is in question
I even thought maybe you got virus on your iMac so you can't be online


cheers

bob

[Omaroo (Chris Malikoff)]

Never had one yet (touch wood) that has given me a serious problem - with over 300 Macs in various businesses over 25 years. This is, as Trevor is pointing out, not necessarily a permanent situation. I'll repeat what I said, and say that Unix-based systems have the luxury of many years of secure development more than their Windows cousins and are inherently tougher in the security department. Over time, we'll see whether or not the protagonists have the same relatively high level of success in compromising Unix systems that they have enjoyed with Windows. Macs, which are lumped in with Unix systems in general, are going to be a different nut to crack for these Windows-savvy buggers.

[tlgerdes (Trevor)]

Hi Chris,

As the thread states, it is a warning to anyone who thinks their computer is immume (whether they be Windows, OSX or Linux). OSX is just next on the hit list. We have already seen people try unsuccessfuly with things like iPhone etc, but it will only be a matter of time. We are just seeing the start of the bell curve for OSX malware. The stuff that is out there is crude, but it will get better/worse.

He is another article by the same author of what he found embedded in a picture listed through Google when searching for tsunami pictures.

http://www.zdnet.com/blog/bott/what-...69?tag=nl.e539

If you werent a knowledgable user, you would have installed this through FUD.

Bob is on the money with his analogy.

[Omaroo (Chris Malikoff)]

Quote:

Originally Posted by tlgerdes

Bob is on the money with his analogy.

Hi Trevor, I must humbly disagree here - we're still good friends though. When Firefox was new, it was, well new. Its failings were due to the same as anything else new - particularly in open source land - it was still in its infancy and was still developing. Of course it'll have holes in it - no matter how the developers advertise it.

This example doesn't work as an analogy when applied to Unix security as Bob's analogy was tying to imply, because the "newness" is not in the product in question - but in the attack strategies of the perpetrators. I agree that as Mac OSX grows in mainstream popularity, it will become more of a target of choice than it has been. I'm not sure where the notion that OSX is "impervious" has sprung from. Of course, the statistics show that there are far fewer successful attacks on OSX, but that is because there are fewer seats in place - not necessarily because it has better shielding (although it most certainly does).

New users to any system will always be in a compromised position until they learn and become savvy.

[bobson (Bob)]

Cris,

Quote:

This example doesn't work as an analogy when applied to Unix security as Bob's analogy was tying to imply, because the "newness" is not in the product in question

No mate, I was not implying on the "newness". But increased number of users, popularity.

cheers

bob

[AdamJL]

Quote:

Originally Posted by Omaroo

That's not a parallel argument here Bob. Macs are based on Unix, which has been at the forefront of security management for longer than just about everything else. It's able to be locked down more tightly than just about everything at OS level. Whether people with root privileges install silly stuff is beyond any system.

From the original link:

Here’s a breakdown of what was in that single April 2011 OS X 10.6.7 update package. The text is taken directly from Apple’s security bulletin:

• Nine separate flaws (buffer overflows, integer overflows, and memory corruption) in QuickTime, Image RAW, libTIFF, and ImageIO could allow arbitrary execution of code when viewing a maliciously crafted image or movie file.
• Five buffer overflow and memory corruption issues in font-handling components could allow execution of arbitrary code when viewing or downloading a document containing a maliciously crafted embedded font.
• Three issues (memory corruption, double free issue, and heap buffer overflow) could result in arbitrary execution of code when visiting a maliciously crafted website.
• Two memory corruption issues in QuickLook allow arbitrary code execution when downloading a maliciously crafted Excel or Office file. (Note that this flaw is in Apple’s QuickLook viewer, and doesn’t require that the user have Office installed or even open the document using QuickLook.)
• Multiple vulnerabilities in PHP and FreeType are patched, the most serious of which may lead to arbitrary code execution when running script or processing a font.
• “A privilege checking issue in the i386_set_ldt system can result in a local user being allowed to execute arbitrary code with system privileges.” The bad guys love privilege-escalation exploits, which even non-admins can execute.
• And the one I found most interesting of all: “URL processing issue in Install Helper may lead to the installation of an agent that contacts an arbitrary server when the user logs in. The dialog resulting from a connection failure may lead the user to believe that the connection was attempted with Apple.” That certainly would make social engineering easier.

"arbitary code execution" is the key bit. Mac OSX is no more safe than Windows. It's just that only a small percentage has ever wanted to use it, so no one has focussed on it. As that small percentage grows...

[iceman (Mike)]

Quote:

Originally Posted by TrevorW

I got a message on my yahoo email the other day from the FBI saying I'd visited 41 illegal websites, DILLIGAF

How the hell would they know as none of the sites I visit are illegal and none ever ask me for my email address

Security is up to the end user, if your stupid enough to download anything from the web expecting something for nothing unless you know what you are doing, know who you are dealing with, have a good virus checker etc, it's Russian roulette.

This hoax is going around:

http://www.hoax-slayer.com/fbi-visit...websites.shtml

[supernova1965 (Warren)]

Quote:

Originally Posted by AdamJL

Mac OSX is no more safe than Windows. It's just that only a small percentage has ever wanted to use it, so no one has focussed on it. As that small percentage grows...

I think that this statement a very brave one and I think that it is easily debated it is one thing to state that Mac is vunerable but to state it is at the same security level as Windows is laughable I would never think of running windows with out several types of security software. But with Mac and basic user security precautions you can keep it free from malware without antimalware and virus software and in all the time I have used OSX and Linux I have never run virus software at all and have never been infected. And even with the Virus software running in windows and all my good habits I have been infected in windows especially the ones that take over windows own security heart to get users to "Purchase security sortware" only to be handing over there creditcard details.

[Omaroo (Chris Malikoff)]

Quote:

Originally Posted by AdamJL

"arbitary code execution" is the key bit. Mac OSX is no more safe than Windows. It's just that only a small percentage has ever wanted to use it, so no one has focussed on it. As that small percentage grows...

Yep - no-one is saying that OSX is perfect - far from it. Given that every Mac IS a pre-configured web server when you unpack it (Apache, mySQL, etc, etc pre-loaded) it has a far larger "hittable" footprint than Windows too.