Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Security Apple

Apple Acknowledges MacDefender 314

Posted by Unknown Lamer
from the but-macs-don't-get-viruses dept.
Trailrunner7 writes with an article in threatpost "Apple is planning to release an update specifically designed to protect users against the MacDefender malware that has been circulating for the last couple of weeks. The update for Mac OS X will automatically find and remove the malware on an infected machine and also will warn users if another infection attempt is detected.
This discussion has been archived. No new comments can be posted.

Apple Acknowledges MacDefender

Comments Filter:
  • Re:Can't fix that (Score:4, Insightful)

    by sgbett (739519) <slashdot@remailer.org> on Wednesday May 25, 2011 @09:12AM (#36238478) Homepage

    "Hey you there, you look like you might have STUPAIDS. Quick! Inject yourself with this hypodermic needle who's contents are unknown to you!"

    That might work?

  • by doperative (1958782) on Wednesday May 25, 2011 @09:13AM (#36238482)

    "Apple is planning to release an update specifically designed to protect users against the MacDefender malware that has been circulating for the last couple of weeks. The update for Mac OS X will automatically find and remove the malware on an infected machine and also will warn users if another infection attempt is detected"

    What defence is there against the end users downloading and running MacDefender and giving up the Admin password?

  • Re:Oh, great (Score:3, Insightful)

    by snookerhog (1835110) on Wednesday May 25, 2011 @09:21AM (#36238542)
    statistics say you still made the right choice.
  • Re:Kudos to Apple (Score:2, Insightful)

    by Teckla (630646) on Wednesday May 25, 2011 @09:28AM (#36238646)

    IMHO, Apple is taking the bull by the horns and not only fixing the problem personally but also not charging an annual fee for the privilege of cleaning your system. Well done.

    Unless and until Apple disables the setting on Safari that causes the MacDefender Trojan to be automatically downloaded and executed just by visiting a malicious web page, Apple has not done a good job, in my opinion.

    Until then, malware authors can continue to abuse the "download safe content" feature in Safari. Hopefully, recent events will help educate users that they should immediately quit any installers that get automatically downloaded and executed that they did not ask for.

  • by insertwackynamehere (891357) on Wednesday May 25, 2011 @09:30AM (#36238656) Journal

    I see a lot of people who say this like they know for a fact that they are correct and it's just sheeple who believe lies who think any differently. But have you ever owned a Mac? I remember when I moved from PC to Mac I did the typical installation of antivirus/firewall/antispyware programs. The fact that many of these were shitty ports from PC versions should have tipped me off but I soon realized these served no purpose on my machine unlike my old XP machine where I wouldn't even think about plugging in an ethernet cable without my security suite all up and running to make sure nothing gets in and nothing gets run and the things that do get taken care of.

    This simply does not happen on Mac. I am sorry, but it is true. Yes, someone can make a trojan horse and generate a lot of media hype but that boils to someone tricking people into giving the malicious software a chance to run. There is only one way to handle that and that is by teaching people not to believe everything and be wary of what they download. Then you could have two equally informed users on a Mac and a PC who both avoid trojans but guess what. If the Windows users doesn't also have firewalls, antivirus, spybot, etc and a strong knowledge of how to use them (most users don't and these are loads more complicated than explaining to people not everything you here is true which is analogous to the real world) they are going to end up infected anyway. Not to mention that on a Mac, I didn't end up needing to run 2 bloated background programs to monitor security.

  • semantics. (Score:5, Insightful)

    by Skarecrow77 (1714214) on Wednesday May 25, 2011 @09:42AM (#36238784)

    Call it an infection then, using the generic term, instead of viral infection if you really want to, but that's just being pedantic. The "but macs don't get viruses" contingent has always truly meant and implied, if not outright stated, that OSX was not subject to the same malicious software infections that windows was. You know it, I know it, everybody knows it. This isn't a presidential impeachment, we're not required to define what "is" means. Everybody knows what "viruses" in this context means.

    Just like with humans, be it a viral infection, a bacterial infection, or even a fungal infection, the general layperson doesn't care what is causing the problem. They just want it fixed. The only person who cares exactly what is causing the problem is the person (doctor for humans, technician for computers) who is trying to fix it. The layperson just knows that they are "sick'. Likewise, the mac user just knows that their computer is "sick" and "this sort of thing isn't supposed to happen to macs".

  • Re:Kudos to Apple (Score:5, Insightful)

    by DJRumpy (1345787) on Wednesday May 25, 2011 @09:47AM (#36238826)

    The software downloads and opens the installer if you agree to 'scan' your computer, but it certainly doesn't install. You have to agree to install it and then put in your admin password. Unless you do that, it won't go anywhere. You can always just cancel the install and drop it in the trash. Pretty convincing hack though except that it crashes most of the time.

    I agree though that they should disable the option to automatically open 'safe' attachments. It's a common vector of infections on a Windows PC and never a good idea. Some times making things too easy for an end use is just begging for trouble. It's the first thing I turn off whenever I setup a Mac for someone.

  • by Bill Hayden (649193) on Wednesday May 25, 2011 @09:52AM (#36238868) Homepage
    Apple is a very safe platform, but the safest software in the world can't protect against Stupid.
  • Re:Kudos to Apple (Score:3, Insightful)

    by joeyblades (785896) on Wednesday May 25, 2011 @10:46AM (#36239586)

    You are confused. Safari does not automatically download the trojan just by visiting the page, you have to click on one of the download buttons. Of course, they are disguised, but the user still has to be tricked into initiating the download. Safari does not automatically execute the trojan either. If you have not unchecked the "Open safe files" box in the general preferences, Safari will open the installer, but nothing is executed until the user approves the install. Even then, unless you are foolishly running as an admin, the OS will require your admin password before the install can proceed.

    Any operating system that would prevent user stupidity would be crippling to a savvy user.

Possessions increase to fill the space available for their storage. -- Ryan

Working...