Welcome to the MacNN Forums.

Dark Helmet · Apr 30, 2006, 10:28 PM

"SAN FRANCISCO, California (AP) -- Benjamin Daines was browsing the Web when he clicked on a series of links that promised pictures of an unreleased update to his computer's operating system.

Instead, a window opened on the screen and strange commands ran as if the machine was under the control of someone -- or something -- else."

http://www.cnn.com/2006/TECH/04/30/a....ap/index.html

msuper69 · Apr 30, 2006, 10:32 PM

This is not the full story of what that guy did. Not enough details about exactly how he went about clicking on a link and then have a program downloaded and start running w/o some warning. Was he running as an Admin? Something is not quite right about this.

Macola · Apr 30, 2006, 10:34 PM

This was news, about 2 months ago...

Tomchu · Apr 30, 2006, 10:56 PM

"... an Apple Computer Inc. machine often touted as being immune to such risks."

STUPID

Anyone who believes that tripe ought to be banned from using computers.

Anyway, it's awesome how they dramaticize the whole thing. SOMETHING was in control of his computer! OH NOES!1!!1` GHOSTS HAVE STOELED MY MEGAHURTZ1!!1

rickey939 · Apr 30, 2006, 11:42 PM

D-r-a-m-a.

Sourbook · May 1, 2006, 12:41 AM

Total BS!

Kadman · May 1, 2006, 08:23 AM

It seems a fair number of the news services picked this one up yesterday. Is there something new, or even a new twist on the previous exploit? I would be curious to hear what factual information is out there instead of just the childish reactionary responses that have been posted so far.

msuper69 · May 1, 2006, 08:28 AM

Originally Posted by Kadman

It seems a fair number of the news services picked this one up yesterday. Is there something new, or even a new twist on the previous exploit? I would be curious to hear what factual information is out there instead of just the childish reactionary responses that have been posted so far.

That's part of what I was wondering. What was the web site? (I've subsequently found out that it's macosrumors.com). That "news" report is not very fact-filled.

normr · May 1, 2006, 11:21 AM

It's on both CNN & FOX, here are the links, it sounds like the issue with the Safari/auto-open bug that could run terminal command disguised in an innocuous-looking JPEG. Wasn't this addressed in the last security update and closed?

http://www.foxnews.com/story/0,2933,193749,00.html

http://www.cnn.com/2006/TECH/04/30/a....ap/index.html

chris v · May 1, 2006, 11:39 AM

"He and at least one other person who clicked on the links..."

2 known infections. By malware. Not a virus.

I know we can't just be complacent, but this is so much hysteria, unsupported by, you know, facts. There's not even much "truthiness" there.

Dark Helmet · May 1, 2006, 12:14 PM

Macs no longer immune to viruses, experts say

http://www.msnbc.msn.com/id/12537279/

http://www.wired.com/news/technology...l?tw=rss.index

Why is the exact same story on all 3 sites?

TETENAL · May 1, 2006, 12:19 PM

Originally Posted by Dark Helmet

Why is the exact same story on both sites?

Because both sites are customers of Associated Press maybe?

lookmark · May 1, 2006, 12:24 PM

And, frustratingly, that AP article seems to have no writer. Ugh.

edit. Oh, never mind, found it. Dan Goodin. I will write a polite note.

Tuoder · May 1, 2006, 01:57 PM

FUD!

Newswriters are usually not too knowledgeable when it comes to tech news, anyways.wway,

Horsepoo!!! · May 1, 2006, 02:08 PM

Seems to me like CNN is catching up to the news rather than viruses catching up to the Mac.

Maybe they'll start talking about Boot Camp in 3 months.

ghporter · May 1, 2006, 05:00 PM

This is NOT FUD. It IS about the worm that lured some folks with a promise of a picture of the UI of "the next generation of OS X." It did show that, given simple social engineering, a bad guy could gunk up some people's Macs. That's pretty much all; it's not even a very effective worm.

But (stand by for howls and groans) OS X never was "immune" to viruses. It was untested against the world of malware writers because of a couple of factors. First, the market share of Apple computers is small enough that until recently the script kiddies couldn't cause enough chaos by messing with OS X, so they left it alone. Second, and more importantly, as OS X is based on Free BSD, it's well written, tight, and well tested; there are very few holes in it. "Very few" is not equal to "zero."

So "OMGOMGWTFBBQ!!!!!" Yes, CNN has caught up with (was it February?) and written a story about it. No need to start worrying about something that is both old news and not a big problem anyway.

BUT...Mac users do need to start thinking in terms of "who is this guy, and why is he sending me an email with an attachment?" and "gee, that link says "www.bobs-site.com," but it doesn't look like a real URL in the status bar of my browser." It's just moving being aware of what's going on and what might be a threat into your computing, not the appocolypse.

Tuoder · May 1, 2006, 06:36 PM

Originally Posted by ghporter

This is NOT FUD. It IS about the worm that lured some folks with a promise of a picture of the UI of "the next generation of OS X." It did show that, given simple social engineering, a bad guy could gunk up some people's Macs. That's pretty much all; it's not even a very effective worm.

But (stand by for howls and groans) OS X never was "immune" to viruses. It was untested against the world of malware writers because of a couple of factors. First, the market share of Apple computers is small enough that until recently the script kiddies couldn't cause enough chaos by messing with OS X, so they left it alone. Second, and more importantly, as OS X is based on Free BSD, it's well written, tight, and well tested; there are very few holes in it. "Very few" is not equal to "zero."

So "OMGOMGWTFBBQ!!!!!" Yes, CNN has caught up with (was it February?) and written a story about it. No need to start worrying about something that is both old news and not a big problem anyway.

BUT...Mac users do need to start thinking in terms of "who is this guy, and why is he sending me an email with an attachment?" and "gee, that link says "www.bobs-site.com," but it doesn't look like a real URL in the status bar of my browser." It's just moving being aware of what's going on and what might be a threat into your computing, not the appocolypse.

I completely agree with everything that you have said except for one thing. It's FUD. If there were no fear, uncertainty, and doubt to be generated by this news, it wouldn't be news.

oexecbmug · May 1, 2006, 07:43 PM

Interesting article in the WashingtonPost

Virus to come in time- ? -

http://blog.washingtonpost.com/securityfix/

rickey939 · May 1, 2006, 09:00 PM

Nice timing by Apple on the brand-new TV ad that is airing starting today...

Laurence · May 1, 2006, 10:36 PM

Even though this story is only there for the hype and is best described as inaccurate, many of the responses here are also inappropriate. Telling new users to "not run as admin" is completely useless as most computer users won't even know what that is or even where to add new users to their computer. Even if they do, that doesn't solve the issue.

I, as well as most other users, would not care if my /System folder or /Library folder was destroyed. All that most users care about is what is in their home directory and even if you are running as a non-admin that is still vulnerable. As long as the home directory is protected most users will never lose any data that they need. Apple tech-support can always walk new users through an archive install to repair system issues, but can't restore personal photos and documents that have been accumulated over the years. So what's the answer...

...actually it is very simple. There should be a "Safe Mode" that is on by default where nothing can write to the ~/Music folder other than iTunes and nothing can write to ~/Pictures other than iPhoto. Nothing could write to ~/Documents other than Safari, Text Edit, etc... ie. only Apple apps. Hell, I wouldn't even allow the finder to write to any of these directories. If someone tried to manually move a .mp3 to their music folder a message would come up saying "use iTunes to do what you're trying to do" and just have one button that says "Launch iTunes"

Obviously when you install MS Office There should be an extra screen in the installer where you would add permission for Word/Excel/etc to write to ~/Documents

This would protect the new users and idiots of all ilk from themselves. It would also be a simple trip to the Users pref pane for the rest of us to turn off. I'm sure there would be some issues with this set-up, however I doubt that it would take more than a few engineers to workout the ACLs to implement this policy and provided that their were no root exploits this system would be foolproof.

normr · 11:44 PM

Here is the url for the new commercials, there are 6 of them, the first one is one virus's

http://www.apple.com/getamac/

normr · 12:11 AM

Just go to Apple.com, the commercials are coming up there on the main page

plus this is on the apple site now:

http://www.apple.com/getamac/viruses.html

By the end of 2005, there were 114,000 known viruses for PCs. In March 2006 alone, there were 850 new threats detected against Windows. Zero for Mac. While no computer connected to the Internet will ever be 100% immune from attack, Mac OS X has helped the Mac keep its clean bill of health with a superior UNIX foundation and security features that go above and beyond the norm for PCs. When you get a Mac, only your enthusiasm is contagious.

Connecting a PC to the Internet using factory settings is like leaving your front door wide open with your valuables out on the coffee table. A Mac, on the other hand, shuts and locks the door, hides the key, and stores your valuables in a safe with a combination known only to you. You have to buy, configure, and maintain such basic protection on a PC.

On a Windows PC, software (both good and evil) can change the system without your even knowing about it. In order for software to significantly modify Mac OS X, you have to type in your password. You’re the decider. You approve changes to your system.

People attempting to break into computers may disguise a malicious program as a picture, movie, or other seemingly harmless file. You might download such files from the Web, or get them via mail or chat. A PC just blindly downloads them without a peep. A Mac, however, will let you know that you may be getting a wolf in sheep’s clothing. The Mac web browser, Safari, can tell the difference between a file and a program, and alerts you whenever you’re downloading the latter.

A Mac gets much of this out-of-the-box protection from its open source UNIX heritage. The most critical components of Mac OS X are open for review by a worldwide community of security experts. Their input helps Apple continually make Mac OS X ever more secure. And it’s simple to update a Mac with the latest advances. By default, a Mac checks for updates weekly. For pure peace of mind, you can set a Mac to download security updates automatically. Apple digitally signs the updates, so you can be sure they come from a trusted source.

To get a sense of just how big the virus problem is, search for “virus” at both Apple and Microsoft. Compare the number of results. What’s more, the 100 most virulent attacks cause 99.9% of damage from malicious software. None of these attacks work on a Mac. Don’t you deserve such protection?

Numbers from Sophos, a world leader in integrated threat management solutions, developing protection against viruses, spyware, spam and policy abuse for business, education and government. The Sophos Security Threat Management Report 2005 [links to white paper after form] outlines the number and kind of attacks, while the March 2006 Top Ten reports the latest number of threats. More info on viruses may be found at http://www.sophos.com/virusinfo/. A Mac running with factory settings will protect you from viruses much better than a PC, but it’s never a bad idea to run extra virus and security software.

gulmatan · May 2, 2006, 12:46 AM

Here's another article I found (sorry if it's a repeat):

http://news.yahoo.com/s/ap/20060430/...NlYwN5bmNhdA--

TETENAL · May 2, 2006, 07:05 AM

I like the digital camera from Japan. The other ads are not so great.

Mediaman_12 · May 2, 2006, 07:25 AM

Originally Posted by TETENAL

I like the digital camera from Japan. The other ads are not so great.

That's the one ad that's a bit dubious. I remember back when iPhoto came out I had to manually edit some of the driver files for it to recognise my digital camera, because the European version used a different name to ID it's self on the USB bus.

Simon · May 2, 2006, 08:15 AM

Originally Posted by TETENAL

I like the digital camera from Japan.

I agree. It's a funny and smart ad. And of course the Japanese girl is beautiful. Ganbatene!

Person Man · May 2, 2006, 08:27 AM

Originally Posted by Laurence

...actually it is very simple. There should be a "Safe Mode" that is on by default where nothing can write to the ~/Music folder other than iTunes and nothing can write to ~/Pictures other than iPhoto. Nothing could write to ~/Documents other than Safari, Text Edit, etc... ie. only Apple apps. Hell, I wouldn't even allow the finder to write to any of these directories. If someone tried to manually move a .mp3 to their music folder a message would come up saying "use iTunes to do what you're trying to do" and just have one button that says "Launch iTunes"

Obviously when you install MS Office There should be an extra screen in the installer where you would add permission for Word/Excel/etc to write to ~/Documents

This would protect the new users and idiots of all ilk from themselves. It would also be a simple trip to the Users pref pane for the rest of us to turn off. I'm sure there would be some issues with this set-up, however I doubt that it would take more than a few engineers to workout the ACLs to implement this policy and provided that their were no root exploits this system would be foolproof.

That wouldn't work. Every third party application would need to ask users to write to the respective folders, and if there is a way for legitimate apps to do it, there would be a way for malware to allow it as well.

You still need to tell people not to run as admin, because the system displays more warnings and asks for the password more frequently, lessening the chance that something gets installed without the user knowing.

baw · May 2, 2006, 01:47 PM

http://daringfireball.net/2006/05/good_journalism

msuper69 · May 2, 2006, 02:14 PM

Originally Posted by baw

http://daringfireball.net/2006/05/good_journalism

Thanks for posting that link. An excellent exposé of the original piece of crap.

kick52 · May 2, 2006, 02:51 PM

BS. That seemed really sexed up.

JKT · May 2, 2006, 03:00 PM

Originally Posted by Person Man

That wouldn't work. Every third party application would need to ask users to write to the respective folders, and if there is a way for legitimate apps to do it, there would be a way for malware to allow it as well.

You still need to tell people not to run as admin, because the system displays more warnings and asks for the password more frequently, lessening the chance that something gets installed without the user knowing.

Not to mention it is completely anti-competitive... Mac OS X already has a simplified user account option where the administrator can determine what apps people can or can't use/can or can't install. Having Apple determine what those are for you just isn't the way to solve security issues.

quangdiggity · May 2, 2006, 03:45 PM

many hackers say that the mac osx is very vournorable....... easy to access
but they dont do it since so little ppl use it

Laurence · May 2, 2006, 04:50 PM

Originally Posted by Person Man

That wouldn't work. Every third party application would need to ask users to write to the respective folders, and if there is a way for legitimate apps to do it, there would be a way for malware to allow it as well.

You still need to tell people not to run as admin, because the system displays more warnings and asks for the password more frequently, lessening the chance that something gets installed without the user knowing.

That was exactly the point. There wouldn't be any installing of third party applications until the user was smart enough to figure out how to turn it off. Most people really don't need many third party apps. MS Office is the one exception to that and that could be hard coded in. This would not be "anti-competitive" as it would be a simple check box in the system prefs to turn it off. This would protect people like my parents from doing things that they shouldn't be doing anyway.

What JKT said is also relevant. Apple could just make the default user a "limited user" with apple apps the only ones allowed. That would fix the whole issue. The default "admin" user could have a pre-set password at the factory and it would be printed inside the manual so that people couldn't get admin access unless they were reasonably knowledgable, or at least enough to look in the documentation that came with the computer.

baw · May 2, 2006, 05:14 PM

Originally Posted by Gio-mania

many hackers say that the mac osx is very vournorable....... easy to access
but they dont do it since so little ppl use it

FUD. If it was soooo easy, it would have been done by now.

JKT · May 2, 2006, 05:26 PM

Originally Posted by Gio-mania

many hackers say that the mac osx is very vournorable....... easy to access
but they dont do it since so little ppl use it

Given that the average Mac user is probably higher up the economic scale than your average PC user, I say this is definite bull. Even if we are a minority, we represent a wealthy minority. Ergo, potentially much, much richer pickings than your average PC users... especially as we are all so dumb and stupid about our security as well.

gulmatan · May 2, 2006, 05:31 PM

What does FUD mean/stand for?

Person Man · May 2, 2006, 05:35 PM

Originally Posted by Laurence

That was exactly the point. There wouldn't be any installing of third party applications until the user was smart enough to figure out how to turn it off. Most people really don't need many third party apps. MS Office is the one exception to that and that could be hard coded in. This would not be "anti-competitive" as it would be a simple check box in the system prefs to turn it off. This would protect people like my parents from doing things that they shouldn't be doing anyway.

What JKT said is also relevant. Apple could just make the default user a "limited user" with apple apps the only ones allowed. That would fix the whole issue. The default "admin" user could have a pre-set password at the factory and it would be printed inside the manual so that people couldn't get admin access unless they were reasonably knowledgable, or at least enough to look in the documentation that came with the computer.

I'm sure glad you're not the one making these decisions at Apple.

You can't protect the user from every situation. What you are proposing would be overly restrictive. You'd have people flooding Apple's support center with requests on how to turn it off and the end result would be the same as if it was never restricted in that way in the first place. (And don't say that having something in the manual is enough... most people don't read the manual). Not to mention that people would probably avoid it altogether. "Don't buy Mac OS X... it won't let you do anything."

Educating the user is the key. Not overly restrictive "security" measures.

Person Man · May 2, 2006, 05:37 PM

Originally Posted by gulmatan

What does FUD mean/stand for?

Fear, uncertainty, and doubt.

TETENAL · May 2, 2006, 05:38 PM

Originally Posted by gulmatan

What does FUD mean/stand for?

http://www.acronymfinder.com/

JoeE · May 3, 2006, 03:42 PM

There's FUD in religion, politics, and even sex. I've heard too many of us Mac users using "FUD" as a scapegoat/conspiracy. Furthermore, it seems like the "FUD" cry is nothing more than a way of commenting without providing any real technical knowledge.

gulmatan · May 3, 2006, 04:30 PM

Well, the way I see it is this:

The media

1--writes a story BEFORE they get all the facts or even gets them straight--This Mac OS/X virus furor is case in point
2--Is permanentlt Anti-Mac because the're bought out by Micro$loth and WinTel--Case in point, MSNBC and CNBC
3--They love to bash Christians
4--Communist and Terrorist sympathizers--Forget about 9/11 travesty, let's feel sorry for Iran and Iraq terrorists and bash America and the freedoms our forefathers fought for

jasong · May 3, 2006, 08:51 PM

Yeah, that liberal press. They'll get you every time.

ghporter · May 3, 2006, 09:58 PM

When all that matters is getting collumn inches and getting them before someone else, something suffers. In many cases, a number of things suffer, including objectivity, journalistic ethics, telling the whole story, or even telling a real story (see the tabloids for most of this, but a lot of papers and TV news organizations may as well be "The Star").

In particular, there are few "general market" journalists (and fewer "reporters") who know a virus from a ham sandwich. Specific knowledge is not valued in modern journalism, or not nearly as much as a turn of phrase (even a bad, ungrammatical one) or punchy phrasing. And with more and more being reported, more and more people get poorer and poorer reports of what's going on. I don't think there could be another "Pentagon Papers" or Watergate news story; not enough reporters would see the payoff, not enough would understand why the story was important (neither would their editors), and most important, damn few people in general would understand the complexities enough to understand the basic story to begin with. We're a dumber society because we have too many sources for news, and they're all out for the "Dr. Phil and Judge Judy" audience.

Rant over. Go about your business citizens-nothing to see here.

alphasubzero949 · May 5, 2006, 04:26 AM

Originally Posted by jasong

Yeah, that liberal press. They'll get you every time.

With the exception of Fox News, but I'll let Stephen Colbert explain it.

workerbee · May 5, 2006, 06:13 PM

Probably not really 100% on topic, and sorry for cross-posting, but seeing that some pathetic fake security tool peddler might be starting to target OS X Tiger users makes me feel a lot less safe, right now.

http://forums.macnn.com/showthread.php?p=2971149

JKT · May 5, 2006, 06:34 PM

From your link:

Originally Posted by Symantec

Behavior
ErrorSafe is a Security Risk that may give exaggerated reports of threats on the computer. The program then prompts the user to purchase a registered version of the software in order to remove the reported threats.

You have to laugh... Isn't that just a perfect description of Symantec and their ilk?

TETENAL · May 5, 2006, 08:39 PM

Originally Posted by workerbee

Probably not really 100% on topic, and sorry for cross-posting, but seeing that some pathetic fake security tool peddler might be starting to target OS X Tiger users makes me feel a lot less safe, right now.

How is this "targeting Tiger users"? From your own link: Systems affected are "Windows 2000, Windows NT, Windows Server 2003, Windows XP".

workerbee · 02:56 AM

Originally Posted by TETENAL

How is this "targeting Tiger users"?

I'm probably (almost certainly) reading too much into this, but this was the URL of the second window:

Code:
http://www.errorsafe.com/pages/scanner/index.php?aid=adtiger_ch_en_ed2&amp;lid=in&amp;ex= 1&amp;p=&amp;ax=1&amp;h=

So I know it is targeting Swiss IPs ("ch" -- it also shows a Swiss flag), it probably is targeting an english OS ("en") -- so why could the "adtiger" not mean it is targeting my Tiger OS X?

Interestingy, I didn't get the Pop-Up window using IE 6 and FireFox under WinXP. Weird.

kick52 · May 6, 2006, 07:54 AM

Originally Posted by alphasubzero949

With the exception of Fox News, but I'll let Stephen Colbert explain it.

i remember seeing that letter in MacFormat.