550,000-strong army of Mac zombies spreads across world The Mac-specific Flashback Trojan created a zombie army of 550,000 Mac machines by exploiting a Java hole that Apple only patched on Tuesday, six weeks after Microsoft plugged it up on Windows machines. This is according to Russian anti-virus firm Dr Web, which arrived at the figure after it successfully managed to sinkhole …
My recollections of crocodile meat, from when Sainsburys sold it as precut strips, around 1998 or so, I think, are:
1. It has a distinct texture that vaguely looked like it would go in flakes (like white fish does) as I cooked it, but was meat-like rather than fish-like, and didn't flake at all. The texture was more like beef or lamb than it was like chicken.
2. It was nearly white in colour, which added to its resemblance to fish.
3. It had distinct, but not particularly strong, flavour that was not very much like chicken.
I have to admit it is so veeeery tempting. However, I hope that Cupertino really take this as a warning and get their collective arses into gear. None of us is served by this kind of shit (I know, I smiled as well) and it is best (in my humble opinion) that we recognise that we are all in this together (whether we like it or not) and act accordingly.
And I have been a Windows NT user since 1993.
Number of malware so far (not counting that awful PowerDVD crapware that came with my burner): 0.
Most of that time I have surfed with Javascript disabled. That fended off quite a few threats in the early years.
I also avoid installing any antivirus products. They lead to a false sense of security. Case in point: I've helped people clear trojans that their AV software only managed to pick up on after quite some time (I kept a sample at work where we are forced to use AV software).
OSX has grown in popularity. Welcome to your worst nightmare.
erm no you don't. RTFA:
"The Flashback malware was capable of installing itself on unprotected Mac machines without user interaction, a factor that goes a long way in explaining the success of its spread. Users become infected simply by visiting a site loaded with exploit code, in drive-by-download-style attacks."
Besides, I would think the best response to something like this happening is "Gee, I should make sure my software is up to date and I have a working antivirus."
Not
"They're making this up!" or "Oh yeah, well Windows gets viruses too, so there!"
"MacOS AV software is an even more pathetic scam than Windows AV is..."
I figured that out after about four or five years of struggling with Virex, and pretty much everything from Norton or McAfee. Also, by that time (early '90s), the Web was just starting to become widespread, and so there was a whole new set of common-sense do's and don'ts for how to handle things like Java, JavaScript and unsolicited downloads, not to mention all the attention of malware authors seemingly shifting to Windows. Back then, I was still using a scanner to check my downloads for viruses, but I'd ditched my automatic self-running AV suite -- the stuff that would run at boot time, and barge in to check every file I opened -- because it was slowing my system to a crawl and was getting to be a bigger pain in the ass than it was worth.
erm you have to type in your admin password for it to install...
Yeah, that's right; almost forgot that...
and if it detects any software like little snitch (and even Xcode!!) it won't install!
I'd like to see where they got these numbers from - are they selling anything?
Good point. Also -- for some reason -- I'm suspicious of that outfit simply because they're Russian. Makes no sense, I know, but...
"erm you have to type in your admin password for it to install"
Actually, you don't.
It's a bit of an odd duck, this one. It asks you for an administrator password, but you don't actually have to type it.
When the malicious Java applet runs, it attempts to download additional code. To do this, it prompts the user for an administrator password. If the user is gullible enough to type it, the downloader installs a payload in the Mac's Applications folder, and (I believe) sets it to run automatically at startup.
If the user *doesn't* type the administration password, the downloader installs a hostile payload in the user's home folder. This payload runs in userland, without administrator privileges, and I'm not certain but I don't believe it runs on restart (and it certainly doesn't if the user restarts and logs in to a different account). It's a lot more limited in what it can do, but it does still run, and (if the user doesn't have the firewall enabled) does seem to have the capability of making outside connections.
So the upshot is: No, you don't have to type an admin password. If you don't, the infection is somewhat mitigated, but it is still effective.
I've been a "true believer" since '85 and, iirc, one of the first major viruses discovered in the wild -- or at least the first that got any media attention -- was a Mac virus, around 1988 or '89.
I won't speak for other "fanbois" -- jeezus, I hate that goddamn' word -- but one of the first things I learned twenty-odd years ago was to not be complacent. I still think criticism of Windows for its defaults being set to "hack me, root me, trojan me, pwn me" out of the box, but I've always paid close attention to virus/malware reporting in the Reg and elsewhere as I knew sooner or later some miscreants would get around to doing a Mac virus or trojan, and I wanted to be sure I was ready for them (Firefox/NoScript/Adblock/Flashblock/LittleSnitch FTW).
"I won't speak for other "fanbois" -- jeezus, I hate that goddamn' word "
..........on the basis of your posting, do not remotely fall within the definition "fanboi" - in contrast to a certain number of the postings we get here at El Reg from a particular proportion of Cupertino's fan-base. I work with a number of "Mac-folk", amongst others, graphic designers and scientists - I would not describe any of them as "fanbois", serious people all of them for whom I have a great deal of time.
-:)
AF.
Thanks. The first computer I ever used or owned was a Mac; the design shop I was working got some in early '85, and I bought my own shortly after that. I think that if I'd used any system other than a Mac, I would be totally fearing and hating computers now. As it was, I was able to explore and experiment and learn about how computers and networks work because the Mac "just worked"; I could concentrate on my work and on self-education with my computer because I wasn't spending half the day ripping my hair out trying to figure out why stuff wasn't working.
But, aaaa-aaaanyway... long story short... yeah, I hate being tagged as a "fanboi" because I've used a Mac for over 20 years and really like it, but I can still dig where people are coming from when they fling that word around whenever I glance at the TV and see all those goddamn' hipsters lining up at 3:00 in the goddamn' morning to pay too much for iPhones and iPads... and I catch myself mumbling "jeezus, what a bunch of fanbois!"
I am very tempted to say "find a Mac in my area in less than 24 hours and I'll buy you a drink".
In my circles, there is about 1 Mac user for every 50 Windows user. True, it would not be hard for me to find an infected Windows machine, but it is because I know which particular user is most likely to have an infection at any given time. (OTOH maybe he has cleaned up his act by now, in that case I'd be hard pressed to find an infected Windows machine)
The thing is I can definitely remember clearing a virus from about 20 production Macs over 20 years ago in System 7 - no idea what it was called now.
Anyone who ever said Macs can't get a virus was an idiot, same as anyone who either repeats or claims such nonsense now
Just shows Mac users have the same level of stupidity as PC users. So what's new...
"Users that have been visiting a site with the malware will first be asked for an administrator/root password, if the users decides to enter the password the Flash Trojan will be installed in the application folder. "
D'uh... what if I just enter my password here...
Just shows Mac users have the same level of stupidity as PC users. So what's new...
D'ahh, not so fast. See my previous comment re: encountering my first Mac virus in the late '80s.
"Users that have been visiting a site with the malware will first be asked for an administrator/root password, if the users decides to enter the password the Flash Trojan will be installed in the application folder. "
Hey, c'mon, I'd have to be totally rock stupid to give the admin password to something trying to execute which I don't even recall asking to download. Add to this the fact that I installed NoScript, AdBlock Plus, FlashBlock and LittleSnitch ASAP after upgrading to OSX would indicate a level of stupidity approaching zero.
Amazing how much a "fanboi" like myself can learn from paying close attention to the news about Windows viruses, trojans, malware and "social engineering" tricks in El Reg.
This post has been deleted by its author
It's well known that Unix/Linux systems can get viruses - the difference has been that they've never become a widespread problem.
In any case if you want to be more sure in a Unix type OS use different accounts for different things.
I have an account I ONLY use for really important stuff like banking and another for for visiting sites that MIGHT be dubious. It's so easy to switch why not. Unless you can't be ars*d in which case you deserve all you get.
@Chemist
Separate accounts don't stop you getting a virus/trojan and if you get infected with your "dodgy stuff" account, you're still infected. If you used your "dodgy stuff" account and were silly enough to enter your root password or have software which runs as root (or even just a bit elevated) which has a vulnerability, you still have a seriously compromised system.
"dodgy stuff" account, you're still infected."
"dodgy account " is still infected true but it's all just still extra layers of defence. Other accounts will not be so 'safe' account is still less vulnerable. Of course if a further vuln. allow escalation then that is a different matter.
"dodgy account" by the way is deleted/recreated at weekly intervals
Too complex a topic to describe in detail here but LONG complex passwords, multiple accounts, firewalls, NAT routers, Firefox/Noscript/ABP and a lot of other techniques alongside using Linux have kept me safe over the years.
Keeping an eye on the logs is useful. I esp. look for SSH attempts which is my only open port ( protected by unusual port number, one unusual account name and a long, difficult password)
I don't buy that argument about anti-virus and never have. It's good at detecting stuff that's been around the traps a while but none of them score 100% in tests so you're just flying under the assumption of protection. Avoiding these things requires a multi-faceted approach and I find anti-virus decidedly ex-poste. I've never ever run it on Linux and have never had an issue.
>>Basically if you're running without antivirus on any system, you're an idiot.
Basically, If you rely on an antivirus to protect you against the weaknesses of your operating system, you are an idiot. If you knowingly running an OS that fails to address many security problems on its own to require some murky, obscured tools, you are an idiot squared.
>>There are Linux viruses in the wild and there have been for a while now.
It would be nice to support this claim presenting names of the alleged viruses with the estimated numbers of infected Linux users, each linked to the corresponding sources. Otherwise, it is a never-ending FUD of an MS Windows fanboy.
> It would be nice to support this claim presenting names of the alleged viruses with the
> estimated numbers of infected Linux users, each linked to the corresponding sources.
I'm starting off this post with "I'm not a Windows Fanboi", I run quite a few Unix systems in my lair (of which three runs different flavors of Linux, and one OpenBSD box acting as a router).
That said: http://ubuntuforums.org/showthread.php?t=1349678
This cropped up back in '09 . It caught my attention by appearing in an issue of LinuxFormat . I think it's proof enough that even friends of penguins aren't safe anymore.
This post has been deleted by its author
Ramchyld, so you're running an OpenBSD? Sure, no kidding? And may I ask, do you know, if a person starting the thread in your link is running plenty of OpenBSDs along with a Debian? And he/she is not kidding either:
"I have installed a deb from a site claiming to be an Screensaver however it looked dodgy however I proceeded."
Just, FYI, try not to install outside of central repositories, especially with sudo/root and/or binary only (even from gnome-looks. website) . With major distros/BSD users have a huge selection of various software, unlike their Windows counterparts. Possible reasons of going against such practices might be either recent switch from Windows, or a low IQ.
Another "not-a-Windows-fanboy" had a similar joke http://forums.theregister.co.uk/forum/containing/1359363 . Yours is good too :)
On a serious note, I've seen names of alleged Linux viruses and trojans on some antivirus makers' websites. All of them had nothing to claim about their relevance in the wild, except for a couple from the early 90s supposedly infected tens or hundreds of Unix users.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
