Proof-of-Concept Ransomware Affects Macs (vice.com) 163
sarahnaomi writes: Ransomware, the devilish family of malware that locks down a victim's files until he or she coughs up a hefty bounty, may soon be coming to Mac. Last week, a Brazilian security researcher produced a proof-of-concept for what appears to be the first ransomware to target Mac operating systems (Mac OS X). On Monday, cybersecurity company Symantec verified the researcher's findings. "Mabouia is the first case of file-based crypto ransomware for OS X, albeit a proof-of-concept," Symantec wrote in a blog post. "It's simple code, I did it in two days," [said] the creator of the malware.
That's special... (Score:5, Insightful)
Great! You can encrypt some files. You're amazing!
Show me a zero-click network infection vector, then I'll be a little worried. Yes, I've already removed Flash and never installed Adobe Reader. No, getting me to execute an email attachment (after disabling Gatekeeper) doesn't count.
Re: (Score:1)
Re: (Score:2, Insightful)
zero-click? that is a very low bar to set given that most of the ransomware that plagues windows these days is zero-click.
In case you haven't noticed, OS X appears to be somewhat (read: Insanely) more Robust in that regard than any version of Windows to date.
I offer as proof the fact that we are at SIXTEEN YEARS of OS X, without a single infection that did not exclusively rely on Social Engineering and active participation by the User.
Re: (Score:2, Insightful)
Re: That's special... (Score:1)
Millions of users over a decade and a half should have produced at least something. But you keep on enjoying your superior market share, dude...
McDonald's is prolific but that doesn't make it "the best food."
Re: (Score:2)
Re: (Score:3)
Re: (Score:1)
Re: (Score:2)
And yet Linux just got it's first malware target also. And how big is that desktop market compared to OS X?
Actually, not to pick on poor ol' Linux (it means well, afterall!); but there are quite a few ACTUAL Viruses [wikipedia.org] (rather than Trojans, which any OS is vulnerable to) listed for Linux, as opposed to, um ZERO (EVER!) for OS X. To be fair, most of these have been rendered ineffective by Updates; but...
And OS X has been out nearly as long as Linux, and has TEN TIMES the marketshare (especially on the Desktop).
Re: (Score:2)
Re: (Score:2)
have you clicked and read the descriptions of ANY of those? osx has had just as many of these "viruses that require the user to be stupid AND do most of the virus' work".
btw, does "flashback" ring any bells? it forced apple to remove the "doesn't get pc viruses" from its "why you'll love a mac" page.
http://www.welivesecurity.com/... [welivesecurity.com]
http://securitywatch.pcmag.com... [pcmag.com]
Re: (Score:2)
How many viruses (as opposed to trojans and malware that requires user interaction) are there for recent versions of Windows, say 7 through 10? Windows used to leak like a sieve, but Microsoft has put a lot of work into security over the years.
Re: (Score:2)
When I used to use a Mac, security updates came in via Software Update every week or two. There obviously were security holes galore in the operating system (and don't get me started on early versions of Safari automatically downloading and opening files without asking permission first...), it's just nobody bothered exploiting them.
I agree that that was a boneheaded Default, and it amazed me even more that it persisted even after the weakness was pointed-out. However, as you know, the fix was simple: Uncheck the checkbox.
However, I believe you would agree that we are LONG-past the "Security Through Obscurity" point with OS X (and really never were there with iOS); and now are FAR into the "Look at Me! I actually Infected a Mac!" bragging-rights territory (e.g. TFA). So, it is pretty clear that OS X really DOES have some serious Secu
Re: (Score:3)
CVE-2015-6988 - CVSS score 10.0
https://web.nvd.nist.gov/view/... [nist.gov]
The kernel in Apple iOS before 9.1 and OS X before 10.11.1 does not initialize an unspecified data structure, which allows remote attackers to execute arbitrary code via vectors involving an unknown network-connectivity requirement.
That's just the highest score. I'm not sure why you think OS X does not have any scores above 2. There are large numbers of CVEs above 2.
Re: (Score:2)
Unfortunately, I don't know that they provide this information in a specific field in the NVD. I mostly get remediation information from our scanner reports or by reading the actual responses/bulletins.
I know that the CVSS v3 specification has a Remediation Level field, but that hasn't been rolled out yet.
It is good that Apple seems to be cleaning up vulnerabilities, although it should be noted that fixing the problems only takes effect if the users are running a version of the software that is patched wit
Re: (Score:2)
The funny thing is that marketshare keeps coming up but Linux has had a greater marketshare for the last decade as far Internet-connected devices go. Mac has been increasing but there is no proportional increase in attacks on either Linux kernel or OS X or BSD/Solaris/...
Re: (Score:2)
The LInux kernel is extremely widespread, but mostly in Android phones and tablets, embedded devices, and servers. If you're looking to target desktops and laptops, it has very little marketshare. Android does seem to have its share of security problems, most crackers don't care about embedded devices, and servers tend to be administrated competently (whether Linux or Windows).
Re: (Score:2)
what you are deliberately leaving out is that OS X has a fraction of the marketshare of windows and that is the main reason.
If smaller marketshare is the main reason OS X has much less malware than Windows, isn't that still a compelling reason to buy a Mac? Let all the cheapskates who want to save a few hundred bucks on their computer deal with the mass insecurity.
Re: (Score:2)
Windows apologists have been saying this for going on two decades, yet the fact remains that Windows still has drive by owning showing up a few times a year, and essentially no other platform does- even phones don't suffer from this often or ever, and there's sure as shit plenty of those.
This is a Windows problem. It's not because there aren't enough OS X, or enough Linux, or enough ios, or enough Android. It's because Windows.
It's always been because Windows.
Re: (Score:2)
This nonsense again.
Anyone who wasn't born yesterday is well aware that older platforms with smaller market share and a smaller number of total users were ripe environments for all manner of malware.
That "market share" argument simply doesn't agree with actual real world results.
Re: (Score:2)
You must have missed all of the Pwn2Own contests. Mac OS has fallen first in every one due to insecure software.
You must've missed at least the last two.
Windows (IE) fell first in both years. OS X itself never did fall. Safari fell on the second day during both years, due to two exploits.
In the early Pwn2Own contests, OS X (or rather some apps running under OS X) fell first due to three factors:
1. Everyone wanted to OWN (that is "Win") the MacBook Pro being given away.
2. Flash
3. Adobe Reader
But you will note that Flash and Adobe Reader have not been included as part of an OS X standard build for several years
Re: (Score:1)
Great! You can encrypt some files. You're amazing!
Show me a zero-click network infection vector, then I'll be a little worried. Yes, I've already removed Flash and never installed Adobe Reader. No, getting me to execute an email attachment (after disabling Gatekeeper) doesn't count.
I'm with you.
I've been Flash-Free on my MBP since I bought it in 2013, and same with Adobe Reader.
I've only missed Flash a couple of times, but not enough to make me want to install it; as as for Adobe Reader, I think that recent versions of Preview are actually getting better than Reader for most things.
What really pisses me off are the sites that won't play a video without Flash on OS X; but if I visit the same site with my iPad, it happily plays the video (without using Flash, of course)! WTF is up
Re: (Score:2)
Setting your User-Agent to something that looks iThing-ish is sometimes enough to get sites to serve their mobile versions with MP4 based video instead of flash.
Re: (Score:1)
Setting your User-Agent to something that looks iThing-ish is sometimes enough to get sites to serve their mobile versions with MP4 based video instead of flash.
Too much work to get around someone else's sloppy coding; but thanks for the tip!
Re: (Score:1)
Safari > Preferences > Advanced > Show Develop menu in menu bar
You only need to do that once to enable the new menu. After that, if a website gives you "Flash is required to view the video", try the following:
Develop > User Agent > Safari iOS X.X - iPad
If the website does support iOS/iPad, it'll be sending your browser HTML5 code linked to a standard H.264 video file that will play without any problem.
Fight for your bitcoins! [coinbrawl.com]
Re: (Score:1)
Safari > Preferences > Advanced > Show Develop menu in menu bar
You only need to do that once to enable the new menu. After that, if a website gives you "Flash is required to view the video", try the following:
Develop > User Agent > Safari iOS X.X - iPad
If the website does support iOS/iPad, it'll be sending your browser HTML5 code linked to a standard H.264 video file that will play without any problem.
Fight for your bitcoins! [coinbrawl.com]
Cool, thanks! Maybe I'll give that a try. I have to admit, I do far more web-browsing on the iPad than my MBP anyway, though.
Re: (Score:1)
recent versions of Preview are actually getting better than Reader for most things
I've never found Reader to be better than Preview. I don't use OS X anymore, and Preview for PDFs is one of my majorly missed applications.
You must've come along after say, Tiger. In Tiger and before, Preview was ok; but lacked stuff like Highlighting and Annotations. It started to get better in Leopard (10.5), and by Snow Leopard, was getting pretty good.
So, begging the question: Why don't you use OS X "anymore"?
Re: (Score:1)
Yeah, I never understood the need to install Reader on a Mac. Probably most people did it by accident when installing something else. Flash isn't a problem as long as it can't run without asking first.
Re: (Score:1)
These people are like some creepy guy walking around your house rattling windows and doors looking for a way in. Then, when they find it, they want a prize.
At what point can we just shoot them?
Just ignore them. That's the surest way to get them to go away.
Re: (Score:1)
Nuke them from orbit - it's the only way to be sure.
Fight for your bitcoins! [coinbrawl.com]
Just to note... (Score:5, Informative)
This is NOT a proof of concept of stealth ransomware using some 0-day exploit etc. You have to actually download it, choose to run it, close the warning box that is popping up to warn you exactly of this sort of software. That's where I stopped reading, I mean, most competent programmers can write a program that ransom your documents in two days. Heck, I bet there are some who in two days of coding could even manage to bundle in a multi-level FPS game. The hard part is to get ransomware to run without the user explicitly installing it.
Unless I am missing something, in which case you can enlighten me..
Re: (Score:2, Insightful)
The idea is that anyone could take this program, disable the warnings, and combine it with some exploit package to create ransomware.
Re: (Score:1)
How would you propose that the the program disable those warnings, exactly?
Here's a tip for you that you evidently were not aware of, those warnings that pop up aren't being issued by the software.
Re: (Score:2)
And the reason such a warning may get ignored on certain other platforms is because that warning comes up for practically everything that a person might want to install... That is not the case with OSX, if ones primary source of applications is from the app store.
Re: (Score:3)
The idea is that anyone could take this program, disable the warnings, and combine it with some exploit package to create ransomware.
But, point is, that's the hard part. Doing what this guy did isn't particularly difficult. It's not a "proof of concept" if most programmers could easily figure it out on their own.
Re: (Score:2, Insightful)
Most grade school kids could figure this out:
man openssl
Combine OpenSSL with a little AppleScript, and voila, you have the same "proof of concept" that TFA is basically showing. What a fucking joke.
Re: (Score:2)
Most grade school kids could figure this out:
man openssl
Combine OpenSSL with a little AppleScript, and voila, you have the same "proof of concept" that TFA is basically showing. What a fucking joke.
The fix is simple. Just find another vulnerability in openssl and use it to recover the key used to encrypt the data.
Re: (Score:3)
That's been true all along. As the OP said, many of us here are confident in our ability to write ransomware in somewhere between a couple of hours and a couple of days, simply because the actual software is rather trivial to write. After all, it's just a matter of encrypting pretty much everything on the drive and then sending the key off to a destination you control. The hard part is in delivering the ransomware to your victims, and nothing about this proof-of-concept changes any of that. The people writi
Re: (Score:2)
While I did author a variety of programs for my own use a long time ago (think 1990s in C) and have done some other programming over the years - including some horrific stuff in Perl, even *I* could write this in a couple of days if properly motivated to do so. Err... Can I write a wrapper for PHP and have it display a web page and then use that code internally? I might be able to do it a little quicker. I do hope that such is not allowed, by the way.
Wow... That would be all too easy. The reason being, the
Re:Just to note... (Score:5, Funny)
I mean, most competent programmers can write a program that ransom your documents in two days.
The big question I'm having right now is why it took him two days. Did he get distracted by Foosball?
Yeah. Still, a reminder to backup off-site (Score:2)
Yeah this story is a bit silly. What concept was proved, exactly, that Macs can run encryption software?
Still, it is a reminder that bad things can happen on any computer, so have regular backups, test those backups, and don't store the backups right next to your main system.
Lately I've seen a lot of people with "back ups" to read/write network storage, where the machine pushes it's backup to a network drive it can write to. No bueno. Ransomware will encrypt any accessible network drives too, so your "back
Re:Just to note... (Score:5, Insightful)
Hey look! I have a "proof of concept" too!
#!/bin/bash
openssl aes-256-cbc -in ~/Documents/* -out ~/ransom.aes -d -pass $up3r$ecretPassw0rd!
Pay me or you'll never see your documents again!
Re: (Score:2, Funny)
can some one help me, I couldn't get this installed...
Re: (Score:2)
Damn you! That works in Linux! How much do I owe you for the password???
Re: (Score:3)
Pay you? How? My bitcoin wallet was in ~/Documents!!!
Re: (Score:2)
Sounds much like the honor system virus. You send an email to someone that politely asks them to randomly delete half the files on their hard disk and forward it to ten friends. (I believe it's the only virus I have ever propagated, but obviously I can't be sure.)
Re: (Score:2)
Agreed. It would be worse if it was able to circumvent some of the sudo protections, or if it was able to also lock Time Machine backups, or exposed some social engineering flaw in the install procedure that lulls users into a false sense of security, and so on. It just reinforces the principle of never installing software from dodgy sources, and even trusted sources require a bit of wariness.
Re: (Score:1)
Based on your username, I suspect you're just a Mac cult fanboy, so I expect that these "apple-haters" are just reality-based people. Try being less obvious.
Try being less of an ANONYMOUS COWARD, COWARD.
Re: (Score:2)
Well, the AC isn't *entirely* wrong. At least you're open about your fanhood. (No, spell check, that is a word because I say it is a word.) I say, so long as it works for you and you don't mind the price then, by all means, go for it. The number of desktops that use my chosen OS probably increases an order of magnitude when I turn my machines on so, yeah, I don't really have the whole popularity thing down pat.
Hell, I'm even in the official Ubuntu flavor family. There just don't seem to be a lot of us using
Re: (Score:2)
Re: (Score:2)
We have a whole distro, to ourselves... Well, and the rest of the rounding error that uses it. I don't know why it doesn't get more attention. It looks fine and it's blazingly fast on modern hardware - and still amazingly fast on older hardware. I'm sure it's eminently usable on your older system - even upgrading to 15.10 will still be okay. I don't want (or need) the features that come with Ubuntu but I do want the giant ecosystem and the myriad choices for support. I get that with Lubuntu without having t
Re: (Score:2)
Re: (Score:2)
I would say you're less 'passionate' than the F/OSS zealots who are less passionate than the gamer platform (console, which console, and PC - Macs aren't even on this list, really) goobers. So, there's that. I mean, you do go out of your way to minimize every security issue and seem inclined to think Mac users are as technical as you (they're not - trust me on this one). You, at least, admit it's not infallible and don't seem to worship Steve Jobs (maybe Woz).
So, yeah. You're definitely not quite that passi
Re: (Score:2)
Based on your username, you won't sign even a screen name to your trollish opinion.
Re: (Score:1)
Based on your username, you won't sign even a screen name to your trollish opinion.
WTF are you even talking about?
Re: (Score:2)
The parent AC.
Re: (Score:2)
I am a long time well known Linux Zealot with no love for Apple.
I will even concur with how bogus this is.
Malware needs an infection vector. Without that, you don't have Internet crippling mass malware infections.
Re: (Score:2)
Well, there is the new problem of programmers compiling their software with an infected, not-downloaded-from-Apple version of XCode. I'm not quite sure if Apple can catch 100% of those that get sent to the App Store, but that's one major security risk IMHO. And I say that as an OS X user.
Fight for your bitcoins! [coinbrawl.com]
Re: (Score:1)
Well, there is the new problem of programmers compiling their software with an infected, not-downloaded-from-Apple version of XCode. I'm not quite sure if Apple can catch 100% of those that get sent to the App Store, but that's one major security risk IMHO. And I say that as an OS X user.
Fight for your bitcoins! [coinbrawl.com]
That version of XCode was downloaded from a Chinese non-Apple source. I would imagine that Apple is going to modify XCode fairly soon so that it makes sure it is not modified before allowing a Build Application to happen, or maybe even a Launch of XCode.
Re: (Score:1)
You realize these "hacked" developers installed a different version of the tools... so it really doesn't matter what any company does since it's been modified? They could easily just replace the tools with their own look-a-likes (though, most likely ...
Actually, you're right.
As long as Apple allows the Devs. to do the final "for-Publication" Build, this is a potential problem.
However, when the Article on the tainted XCode came out, I proposed an elegant and simple solution:
Upon Submission, Devs send Apple their XCode Projects, and APPLE does the "For Publication" Build with THEIR (likely non-tainted) copy of XCode. Done!
Even better, since this means that Apple has the Source, they can take a MUCH closer look with both manual and automated methods,
Re: (Score:2)
Upon Submission, Devs send Apple their XCode Projects, and APPLE does the "For Publication" Build with THEIR (likely non-tainted) copy of XCode. Done!
I'm pretty sure the lawyers at my company (and most closed-source software companies) would say that sending the entire source code to a third party is a non-starter. This could work for open-source software, though.
Re: (Score:2)
I understand one can side-load apps on iOS now. I expect this to make for a 'warez' scene. With this, I expect an increased attack vector. Will it be a significant problem? Probably not. Security begins with the user, as it is. However, it will (potentially) be a new and novel way to get malware onto an iDevice. I think that idea may be what this PoC is aimed at demonstrating. I could be mistaken, it's not like I read the article.
Re: (Score:1)
Begrudged Apple hater here (][ Forever motherfucker.... jobs didn't get cancer, he WAS cancer! and don't even start me on lightning connectors and walled gardens....grrrrr fuck apple)
Anyway, totally agree. Any general purpose computing device can perform these basic functions if programmed to. That encryption and original file deletion and network access were all available on the Mac is quite uninteresting.
If these are the standards, then i claim prior art as one of the earliest people to have "proven" this
Re: (Score:1)
and I still hate apple and wont buy any of their products.
But you already did.
Re: (Score:2)
> But you already did.
I said "will not" not "never have". However, I could have said never have with the caveat of being a customer and rather than consumer. The GS was a gift from my parents and while I did personally buy one, it was at a flea market years later (and it was an original "Woz Edition" GS).
If you want me to clarify, I have not purchased an apple product, except possibly an Ipod as a gift for someone else who wanted one, since the Apple ][ was on the market, and Apple has, quite consistentl
Re: (Score:2)
I said "will not" not "never have". However, I could have said never have with the caveat of being a customer and rather than consumer. The GS was a gift from my parents and while I did personally buy one, it was at a flea market years later (and it was an original "Woz Edition" GS).
While I agree wholeheartedly with your "Apple ][ Forever!" sentiment (and BTW, it was JOBS that urged Woz to include EIGHT peripheral Slots in the original Apple ][ Design; not that I'm a big "Jobs" fan, mind you), I take exception to your characterization of the Lightning Connector and Apple's Curated App Store.
The Lightning Connector solved a lot of design and packaging problems for Apple, and is one pretty cool piece of engineering. I do wish the Male end was a little more robust; but it is still much
Re: (Score:2)
A walled garden prevents you from trying out so many of those flaky little items of godknowswhatware that you can download into Windows. It also prevents you from getting all those fascinating viruses.
Re: (Score:2)
...except that walled garden is hardly comprehensive.
Even Bodega is a better and more complete implementation.
Plus you can still just download stuff from random places.
Re: (Score:1)
You have to go back a bit further, with PGP in 91, or even further back with InfoZip's encryption, IIRC. I'm sure I haven't gone to the beginning.
Just curious about the apple hate: lightning connectors finally addressed one of the biggest annoyances - keyed connectors. USB-C's connector is a direct reflection of that, as I understand that it was not directionless in its early phases. Walled gardens? Yeah, but you don't have to play there if you don't want to. Let's also not forget that Apple was instrumen
Re: (Score:2)
> You have to go back a bit further, with PGP in 91, or even further back with InfoZip's encryption, IIRC. I'm sure I haven't gone to the beginning.
Very true, and I probably wasn't even the first person to compile decent encryption routines on an apple 2 either, hell, by that time someone had already developed a TCP/IP stack and gno existed.
> lightning connectors finally addressed one of the biggest annoyances - keyed connectors.
I guess that was never one of my biggest annoyances. In fact, connector w
Re: (Score:1)
Re: (Score:2)
you arent getting voted down for being wrong (you are not wrong IMO) you are being down voted for being smug and offputting
Re: (Score:2)
> That is actually how most ransomware works.
Except most people don't run it. Their OS does that for them because it hides the details that would make it obvious that it's a program. Their OS has the added convenience of running that untrusted program for them.
It's easy to avoid a problem like that when your OS vendor doesn't create it for you.
It STILL is not an automatic install. (Score:2, Informative)
to get his ransomware I have to download the file. launch it, give it administrator rights, type in my admin password.
ZOMG we are all gonna die!!!!!!
Come on, there has to be an exploit that get's completely around all security and can install silently on OSX. are these guys not trying?
Re: (Score:2)
Don't forget that you have to use a Microsoft product. No exploit, even one with all these hoops, is complete without a Microsoft product in the loop.
Seems like a much better business model (Score:1, Flamebait)
Re: (Score:1)
We already know that the typical Mac users is naive "there are no viruses for Mac!" and we also know there's a whole niche market of Apple users with more money than brains. I expect these people to haul in more money than the Windows ransomeware guys.
It is not "naive" to be aware that there are currently no "No user intervention required" viruses for OS X or iOS. It is the truth.
It IS "naive" to NOT be aware that there ARE a few (very few!) pieces of Malware that require a Social Engineering component and User Intervention to install. HOWEVER, Mac users are (justifiably) secure in the knowledge that, before these can infect more than a few dozen Macs, Apple will push out a detector-blocker into XProtect (which runs on every OS X machine running Snow L
Re: (Score:2)
I manage 1200 windows systems at my work. The only infection i ever had to fight in the last 3 years was a "User-intervention-required" virus. Your point being?
Re: (Score:2)
They have had potential PDF/Font bugs resulting in buffer overflows etc. The core of OS X is Open Source so that's why you see all those bugs passing by. The problem is that besides theoretical attacks, no self-replicating virus that doesn't interact with the user has been created yet. Even Flash exploits have operated in browser jails since the Windows Vista era or been unable to go beyond "this program needs Administrator rights tor run".
Re: (Score:2)
We already know that the typical Mac users is naive "there are no viruses for Mac!" and we also know there's a whole niche market of Apple users with more money than brains. I expect these people to haul in more money than the Windows ransomeware guys.
One potential problem - those Apple users with more money than brains also probably bought a Time Capsule backup device (because it's shiny and Apple says you need one and here's my credit card!), which means they've got constant incremental backups of all their files. Ransomware pops up, just roll back to pre-encryption.
Re: (Score:2)
So now the ransomware got ROOT? Why does it have root? Just because Windows UAC can be bypassed doesn't mean *nix machines like Mac have this problem.
Macs have a ton of open source in their guts, and you accuse them of security through obscurity? You'd better fucking be posting from Fedora or Debian, dude. Don't take that tone from a Windoze box.
Re: (Score:2)
The post in question talks about how the ransomware will blow away the backup (yet another thing that has been going on in Windows for years, and in Linux/Apple/BSD never, right along with the ransomware itself- he's presupposing ways to add features to the Apple ransomware product that doesn't exist and can't work). Pretty sure that requires root.
Pretty sure that anyone talking this line of cocaine from a Windows box is high as fuck anyway tho. "So, pretend that this worked, instead of not working. And
Re: (Score:2)
Re: (Score:2)
Speaking as a 15-year Mac shareware publisher, most users dumb enough to install malware are too dumb to figure out how to disable Gatekeeper (on by default) to allow an unsigned (with Apple-issued certs) app to launch for the first time.
You have never met my niece. She calls me, on a fairly regular basis, to ask me to help her fix her Mac. I do not know why. Of all the times she's needed it repaired, I've only managed to solve the issue once. While I do, technically, own a modern Mac - I don't actually use it and I am pretty sure my daughter absconded with it when she last visited. So, I might not even technically own it any longer.
Anyhow, within a day of her first getting her Mac she had managed to install something called Mackeeper (I th
Re: (Score:2)
Anyhow, within a day of her first getting her Mac she had managed to install something called Mackeeper (I think?). It took some digging to find out that it was not some sort of malware protection but actually was the malware.
It probably got installed due to the fact that the MacKeeper people plaster ads for MacKeeper all over the place (presumably only if your web browser's user-agent indicates you're on a Mac, though). These ads strongly suggest that installing MacKeeper will make your Mac more better in every possible way and that you should do download and install it right now because reasons.
Complete bunk, of course, but it can work on the right type of impressionable mind (i.e. "the computer said I should do this, so I'd
Re: (Score:2)
I'll just make sure she's got a subscription to Apple Care. She can call them. Thanks for the insight. I've never seen it advertised - probably due to my header information/user-agent which clearly identifies me as a Linux user. I kind of figured it was something along those lines - akin to the "you need codec to watch this movie" and appearing to be an official system application. It looked like a legitimate application as I was searching for it.
The call (I got several that day) involved her telling me tha
OSX ransonware would have been more destructive... (Score:2)
Interview (Score:1)
All the more reason to actually USE... (Score:2)
Time Machine, instead of letting it sit in your I'll-get-to-it-someday pile of shit-to-do.
If Windows users are any indication, they might learn the value of backups by the third formatted hard drive.
Re: (Score:2)
Re: (Score:2)
TimeMachine is a push backup on the same computer. Thus vulnerable to being encrypted too.
Only if the malware gains root access -- not that that couldn't happen, of course.
You want a pull backup from a second system ( maybe with TimeMachine on that secondary computer).
Another option would be to have two external TimeMachine drives, and only keep one of them connected at any time, and swap them every so often.
Re: (Score:2)
Actually, it's a reason to periodically use Carbon Copy Cloner to make a bootable exact copy of your HD to an external drive which you mount only for the occasion, rather than leaving it running all the time. It's also a reason to use a VERSIONING online backup service that amounts to a "cloud Time Machine."
Panic And Despair (Score:2)
Am I missing something, or is there not a single hole or bug being exploited here?
Are we...are we confirming that if a user downloads a program and actively grants it access, it can do things that programs are allowed to do?
For serious?
Re: (Score:2)
No, there's a bug in Microsoft Office that is allowing a locally created (not downloaded off the net- the video shows a local exploit) file to run some crap. It's just a standard Microsoft Office virus, except the damage is limited because it's on a Mac.
Even then, he had to rig the game to look real by running a locally created file- if he had actually downloaded it, there would have been a pop up to that extent. That's why he runs it off the desktop instead of pulling it or clicking it.
I just think it's
Re: (Score:2)
I once left SSH enabled with a reasonably guessable account name and password for one account not being used. (I'm at least a little smarter now.) Somebody, apparently from Romania, signed in and ran user-level stuff to bombard someplace in Sweden.
Clearly, then Ubuntu is hopelessly insecure, since the exact same exploit would work today under the same conditions.
sigh... (Score:1)
If you ever wanted proof that the world is completely chaotic and that there is no God, the fact that ransomware exists is proof enough in my book.
Ransomware Affects Microsoft Office (Score:2)
Leaves out something IMPORTANT (Score:2)
One important detail is left out- by running this locally, he skips the part where it warns you about running stuff off of the net. And of course, it's not so much an OS X problem as it is a Microsoft Office problem, because that's the vector.
So OS X can be owned, if you skip OS warnings AND use a Mircosoft product to actually do the owning, which even then can't act at root. Good grief man.
(Mac OS X) (Score:2)
"to target Mac operating systems (Mac OS X)"
no shit, I thought they would target Mac OS 7.01, thanks for the clarification numbnuts
Re: (Score:2)
Wow, that new company should get some lawyers ASAP because I'm quite sure Microsoft will sue them for using a company name similar to their own. [wikipedia.org]
Fight for your bitcoins! [coinbrawl.com]