back to article Mac malware has a neat trick to install itself on OS X fans' machines

Mac malware that relied on a security exploit so small it fitted in a tweet has been upgraded to infect OS X machines after Apple closed that particular hole. The malware once used the patched OS X DYLD_PRINT_TO_FILE vulnerability that grants attackers root privilege escalation through trivial code. This was fixed in the OS X …

  1. Anonymous Coward
    Anonymous Coward

    It may be worth to check El Reg comments every so often..

    I posted this link 14 days ago.

    For the average end user, the best location to grab SUIDguard is not the GitHub location but https://www.suidguard.com/stories/download.html.

    It also has the checksums there, although that is not quite a guarantee of integrity (in case the site ever gets hacked it would be trivial to update those as well :) ).

  2. Rol

    Here have an analogy

    I can avoid getting mugged in the street by staying indoors all the time, however the software equivalent of insisting a spare house key is "hidden" under the welcome mat means I'm wide open to attack.

    And it's infuriating.

    Why does software have to go that extra mile in unnecessary functionality and thus provide yet another attack vector into my system?

    Simple text in the hands of many simple text handlers, gets elevated to the keys to the universe for no other reason than that the software providers are falling over themselves to encompass everything they can see from their ivory plinths.

    It wouldn't be so irksome if all the extra bumf was of any use to me, but invariably it is inaccessible to the average user and thus of more interest to those who I would prefer to rendition to another dimension.

    Can we, for pity's sake, just have software that does the task we require of it and NOTHING else?

    1. Charles 9

      Re: Here have an analogy

      Why? Because people are asking for them and threatening to go elsewhere if the seller can't deliver. What can you do when you're dependent on customers who demand the moon?

      1. Mark 85

        Re: Here have an analogy

        They can have the moon, but... there will be those who would steal it from them.

        Another Analogy: It's like a new car. They are blinded by the shiny, the hype and their friends hipness and status. They don't care about what's under the hood.

        1. Charles 9

          Re: Here have an analogy

          And therefore they're the ones who get the money and stay in business. No one cares what's under the bonnet even if it kills them. You can't win.

          1. Pascal Monett Silver badge

            There's just one thing

            Cars cannot be reconfigured after purchase. Software can.

            It's like all the rage around the TIFKAM thing. Wouldn't have happened if Microsoft had just made an option out of it.

            Curiously, it is very rare that software makers bolt on entire new functionality and include a checkbox to enable/disable it. Maybe it has to do with being to lazy, but I think it has more to do with avoiding the angst of dealing with masses of stupid customers not able to read instructions and wailing about how something ain't available when the checkbox is unchecked.

            1. Anonymous Coward
              Anonymous Coward

              Re: There's just one thing

              "Cars cannot be reconfigured after purchase."

              Hmm? Then what are car customizers and hot rodders doing?

  3. hoola Silver badge

    MAC - Malware

    Sorry but I must have missed something, I thought everyone has been telling us for years the MACs, Apple, OSx, iOS are all immune to malware and virus attacks.

    Is this no longer the case?

    As they are perceived to be invulnerable, very few bother with AV or Malware protection so the detection rate is very low, hence the myth that they are not targets for malware. It is one of those circular arguments along with the chicken and the egg.

    1. Rol

      Re: MAC - Malware

      It's all about return on investment. Hours spent crafting code to exploit an operating system would pay bigger dividends if the os you crafted it for was widespread, like Windows. In comparison most other operating systems are fairly niche, and worse, as often as not, used by more savvy. less suckered type of folk.

      Linux often come to mind when talking about "unprotected" systems, as most users don't run antivirus, again, because its users number in their millions and not billions, but furthermore the os is more robustly banged together and with much of your software requirements being provided for free, the need to torrent a "free" bit of highly suspect software is negated. Add all that up, and, well, it's a lot of hard work with very scant returns for the script devils.

    2. Morrolan

      Re: MAC - Malware

      OS X is roughly at least as vulnerable as every other implementation of Unix out there. Which is to say, it's more secure than Windows 98 by a long way, but even OpenBSD has been hacked in the past.

      An awful lot of the OS X holes - like this one - are connected to its extensive sudo support, as well as its habit of running too many background processes as root. Personally, I would have been happier if nobody had ever invented sudo and we still had to su on the rare occasion we actually needed root access, but that's me.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like