Advertising is the rattling of a stick inside a swill bucket - George Orwell
|
|
|
Mac OS X malware threat is overblown for now, but users better get a clue
THE MERRY MONTH OF MAY has seen Mac OS X malware tip up, with vendors flogging security products for the Mac, like Sophos and ESET, hungrily pouncing on Apple's recent troubles with fake anti-virus software.
Rogue security software on Mac OS X is a relatively new phenomenon, but the discussion of Apple's Mac OS X security is not. Experts agree that Mac OS X can be just as viable an attack target as Microsoft's Windows, but so far the threats have been much fewer because Apple's market share has always been far lower than Microsoft's, so it hasn't been as profitable for criminals.
But, as this recent outbreak shows, criminals are making tools to attack Mac OS X in the same way they've hit Windows. The ways in which the rogue security software makes its way onto Apple Mac computers is very similar to the ways it hit Windows, right down to fiddling with code that now allows the software to be downloaded and installed without needing the user to enter an administrator password.
Some Apple users still have their heads in the sand, however, with comments from pro-Apple INQUIRER readers saying that the fake anti-virus applications aren't malware and it's not a 'real virus' because the victim has to manually install it. That does't mean a thing, because an attack on the user via social engineering can be just as effective as an attack on the operating system.
But whatever the security software vendors say, Apple users shouldn't panic and suddenly start queueing to buy real anti-virus software. At the moment the threats are minimal and common sense should do - be reasonably careful about what you download and don't start sticking in your credit card details in dodgy places.
But if the bad guys do start targeting Mac OS X more, and the Macdefender malware outbreak does show that attacks can be effective, then this might change. The onus shouldn't be on Mac users to do something about it though, it should be on Apple. µ
Share this:
Share
Only people who have never used an Apple COMPUTER would say something like that. There is nothing remotely resembling a walled garden in the Mac OS.
You can run any program you like, install any kernel extension you want and mess with as many terminals as you want at the same time.
When you assume that Mac OS is exactly the same as iOS, that just shows everyone who knows what an pretentious idiot you are.
I think that the loss of freedom of choice related to running any Apple product is a greater threat to users than any other malware. After all, you can patch/purge away most malware, but the only way to avoid the Walled Garden of Apple is to avoid Apple entirely.
Steve Jobs seems to have incorporated his own brand of "malware" into all his products and software. Of course Microsoft is equally as bad (and more underhanded...at least Apple is obviously autocratic and manipulative).
Luckily, penguin-powered devices are becoming all the rage.
Never in YOUR experience you mean, right ?
Yes, it not a virus, it is however malware and Mac users who believe the myth that Macs are immune are setting themselves up for a nasty surprise.
Mac Users need to:
1 Use common sense, don't install things just because.
2 Use antivirus/antimalware products
3 Be suspicious about giving out credit card information
4 Dont panic and don't fall for "scare ware"
Even the best antimalware has its limits.
As one wag put it: 'Artificial intelligence is no match for matural stupidity.
... by principle.
That's the INQs motto when it comes to Macists.
Get your definitions together, this DefenderGuard-stuff is in no way related to viruses or worms. You have to download it and install it. It doesn't bypass the administrator password. It doesn't need to do so, because it only does things that are entirely doable as a normal user.
The vulnerability in this case is called stupidity and neither Apple, nor Microsoft can do anything about it.
@Frank White: "When I do get another Mac, I will of course install anti-virus and anti-malware software to protect it."
Anti-virus software is great for finding and uninstalling viruses. The problem is that MacDefender (and others like it) are NOT viruses!
There has NEVER been a Mac OS X virus.
And as Intego has clearly stated: "This is not a Mac OS X vulnerability".
NO amount of anti-virus software will protect aive and reckless users from falling for scams.
Since Mac Defender is just an application that the user must intentionally install themselves on their own computer, it's just as easy to trash that application if a user ever makes the mistake of falling for this scam.
I ran a Mac G3 Blue and White for almost ten years without any virus infection. Retired it due to obsolescence in 2009. It's a different time with different threats. When I do get another Mac, I will of course install anti-virus and anti-malware software to protect it. The Mac platform has become increasingly popular thanks to Windows Lameness and no other real alternative in Linux. Protect your Mac. It will thank you for it. ;-)
Even the security software companies who make a humongous amount of money selling anti-virus software to Windows users (and who would love to do the same thing with Mac users) have stated clearly that MacDefender and its variants are NOT a Mac OS X vulnerability!
Here is a quote from Peter James, spokesperson for Intego:
"This is not a Mac OS X vulnerability, but social engineering, taking advantage of users who are unaware of what is happening"
"Some Apple users still have their heads in the sand, however, with comments from pro-Apple INQUIRER readers saying that the fake anti-virus applications aren't malware and it's not a 'real virus' because the victim has to manually install it"
I'm not an Apple user, but I'll agree with them. It's not a virus. Viruses are self-replicating. This is a plain old Trojan.
Whilst I might agree that the outcome of that is fairly irrelevant to most end-users, you need to remember your audience. We're a technical lot, and we understand the difference between a Virus and a Trojan.
Whoever said it isn't malware is incorrect though. This is definitely Malware. Malware covers the whole gamut of irritating programs like Viruses, Trojans, Keyloggers, Rootkits, etc., etc., etc.