A Week After Apple's Fix, Flashback Still Infects Half a Million Macs 161
Sparrowvsrevolution writes "Security firm Dr. Web released new statistics Friday showing that the process of eliminating Flashback from Macs is proceeding far slower than expected: On Friday the security firm, which first spotted the Mac botnet earlier this month, released new data showing that 610,000 active infected machines were counted Wednesday and 566,000 were counted Thursday. That's a slim decrease from the peak of 650,000 to 700,000 machines infected with the malware when Apple released its cleanup tool for the trojan late last week. Earlier in the week, Symantec reported that only 140,000 machines remained infected, but admitted Friday that an error in its measurement caused it to underestimate the remaining infections, and it now agrees with Dr. Web's much more pessimistic numbers."
makes more sense (Score:5, Interesting)
I had wondered how in the hell it got that low that fast--a couple of days after Symantec reported 140,000, they or someone else reported 30,000. But checking the Java vulnerability against versions installed with Mac OS X, it seems that 10.4 and 10.5 should also be vulnerable, while Apple only patched for 10.6 and 10.7. That alone should prevent the numbers dropping so far so fast. Sigh. Smooth move Apple.
Re: (Score:1, Funny)
If you're too poor to upgrade your Mac every year you shouldn't own one.
What kind of hipster are you?
Re:makes more sense (Score:5, Insightful)
[1] http://www.adium.im/sparkle/#osVersion [adium.im]
Comment removed (Score:5, Interesting)
Re:makes more sense (Score:4, Informative)
Wow...10.5 was released in 2007 and its ALREADY unsupported according to the wiki? damn maybe folks shouldn't have marked the AC a troll that made the joke about buying a new Mac every year. I thought the big selling point on the Mac was how "high quality" Macs were? Yet the support drops after less than 5 years? I guess that's why I never really got into macs, i just don't get it.
10.5 was the last version that ran on PowerPC machines. People with older PowerPC machines who wanted to keep up to date with the OS needed to upgrade to Intel hardware to run 10.6.
10.6 for existing Intel Mac owners was $25. From what I've read and seen, a massive percentage of the user base upgraded to 10.6 pretty quickly. 10.6 wasn't a massive upgrade, but by shedding all of the PowerPC support and through compiler optimization, threading and multi-core support improvements (Grand Central Dispatch, and its use by most of the core applications), improved 64 bit support (including a 64-bit kernel and 64-bit apps), and various Intel-specific improvements, 10.6 was a pretty massive upgrade from 10.5 in terms of speed. According to this press release, OS X 10.6 saw twice as many purchases in its first week of release as 10.5 (four times more than 10.4's first week), with sales declining by only 25% in the second week. As such, from a practical standpoint for most Mac users, it's a non-issue, as the majority are now running 10.6 or 10.7 (roughly 78% according to the Adium page quoted by the GP post). 10.6 was such a massive improvement and so cheap (relative to other commercial OS's) that the only real reason to stick with 10.5 was if you're still on PowerPC hardware.
In terms of hardware support according to Apple [apple.com] systems go into "Vintage" classification if they're between 5 and 7 years old (which for most of the world means "obsolete/unsupported").
If I was a paranoid person i'd have to wonder if this wasn't by design, after all who would fault Apple if they restricted or outright banned Java as a security risk now?
Apple already dropped Java from OS X 10.7. It isn't included at all, but can download and install itself if it's needed (it will typically offer to do so if you try to run anything that requires it).
The latest Java updates disable Java applet support in Safari and other browsers that use Apple's Java plug-in. You can re-enable this if you need it, however it will disable itself again after a period of disuse. To be honest, while I've long been a Java developer and have no problem with rich Java applications, Java applets are a dead technology anyhow. I haven't come across one in many, many years now.
Point being, Apple has been moving in this direction for a while. At one point (back in 10.1 IIRC) Java was supposed to be one of the top-level development languages for the Mac. Apple developed and provided the Java Cocoa bindings, which allowed UIs designed in their Interface Builder tool to be bound to Java applications, and Cocoa objects to be easily accessed via Java (and vice-versa). This was deprecated in 2005. Then Apple decided not to support Java in iOS (smart move IMO). Now it's no longer included with the OS, is only available as a downloadable add-on, and applet support is disabled by default. I don't predict they'll be getting rid of it entirely (there are a lot of Java developers on OS X, yours truly included) -- IIRC they're trying to transition to having Oracle maintain it alongside the Linux and Windows versions, instead of doing it themselves. They just want to move into a model more akin to Window's Java support -- it works fine, and applications run just fine, but you have to get it from Oracle as a separate install.
All of which reminds me -- my parents are the type who continually ignore the pop-ups that software updates are available for their Mac (no matter how many times I've told them they need to stay up-to-date). I should call them this
Re: (Score:2)
10.6 for existing Intel Mac owners was $25.
This is the single biggest reason why macs upgrade fast. Apple doesn't overprice their upgrades, and they do a terrific job of advertising them. It makes it much more palatable to upgrade than the budget killer that MS drops on us every so often.
Re: (Score:2)
10.6 for existing Intel Mac owners was $25.
This is the single biggest reason why macs upgrade fast. Apple doesn't overprice their upgrades, and they do a terrific job of advertising them. It makes it much more palatable to upgrade than the budget killer that MS drops on us every so often.
The real budget killer is periodically having to buy a whole new computer to run a supported OS. It especially has to painful given how expensive the computers are. Microsoft supports older versions of Windows for so long that the support will likely outlast the hardware. I could have bought an XP machine a full 10 years ago, and it will still be getting updates for it for almost another 2 more years, without giving another dime to Microsoft.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Screw it, my Mac mini died years ago. POS.
Re: (Score:2)
Doesn't help if you've got a PowerPC Mac, of course, since it will only run 10.5, and is still fast enough for a lot of things, especially if it's something like a dual 2GHz G5 (although even a 1.5GHz G4 is faster than the old PC my mother still uses).
Still, I'm sure that these numbers will make someone at Oracle happy: at least half a million people still have machines set up to run Java applets...
Re: (Score:2)
Symantec have admitted their 140,000 was too low. The trojan uses DNS generation partly based on date on where to look for C&C servers. AV companies are building honeypots on those DNS names to 'capture' infected machines - and then use that to estimate how many machines in the wild are still infected. Turns out, some ISPs are also blocking the DNS names from resolving at all - so not only don't they connect to the dodgy C&C controllers, they don't connect to honeypots either. On top of that, the in
Comment removed (Score:5, Funny)
Re: (Score:1)
I had no idea, that's almost 500 per coffee shop!
I guess you have not been to a Starbucks in awhile.
Re: (Score:2)
Comment removed (Score:5, Funny)
Apple didn't issue fix 10.5, 16.5% of it's users (Score:1)
10.5 makes up 16.5% of Mac users, sure a lot are on PPC and the Flashback isn't targeting it, or is it?
Also about 4-5% are still on 10.4%
Apple didn't issue Diginotar Root certs fixes for these older OS X version neither.
Come when 10.8 is released, a whopping 65% of Mac users on 10.4-10.6 will be ripe for the pickings
Because Apple only updates the last two OS X versions in circulation, then is now releasing a new OS X version every year.
Microsoft on the other hand issues updates for their OS for 10 years?
Mac
Re:Apple didn't issue fix 10.5, 16.5% of it's user (Score:5, Informative)
10.5 makes up 16.5% of Mac users, sure a lot are on PPC and the Flashback isn't targeting it, or is it?
Also about 4-5% are still on 10.4%
Apple didn't issue Diginotar Root certs fixes for these older OS X version neither.
Come when 10.8 is released, a whopping 65% of Mac users on 10.4-10.6 will be ripe for the pickings
Because Apple only updates the last two OS X versions in circulation, then is now releasing a new OS X version every year.
Microsoft on the other hand issues updates for their OS for 10 years?
Mac's a better value? Less prone to malware? Not for too much longer...
... and yet I find it hilarious when I read all the angry rants on wired.com and here on how poor old XP is going to lose support in 2 years a mere 13.5 years after launch.
This dwells into the more serious issue of the security nightmare that will come when all internet enabled computers that are more used like XP become abandonded. Personally I think it would be a good idea to disable port 80 on all devices 3 months after support ends to keep the upcoming security nightmare. It will anger many users but many malware writters will target XP if MacOSX has so many infections yet remains so small marketshare wise still. We do not allow vehicles with rags for a gas cap to go on the road right?
I understand Apple losses money to support users but something should be done. If not after a few billion lost dollars in bank accounts will create some nasty lawsuits.
Re:Apple didn't issue fix 10.5, 16.5% of it's user (Score:5, Insightful)
> ... and yet I find it hilarious when I read all the angry rants on wired.com and here on how poor old XP is going to lose support in 2 years a mere 13.5 years after launch.
When is the last time a new PC was sold with some version of XP installed by the hardware vendor?
THAT is your starting point for "support", not when the first version was originally released.
Re: (Score:2)
Re: (Score:2)
Today at Woot Sellout section, they're offering 1.8ghz Dell desktops with WinXP for around $125. Two gig of RAM, too!
Re: (Score:2)
You could stash one today and (try to) sell it 10 years down the line. But why would it obligate, whether legally or morally, Microsoft to support it?
What can be reasonably counted is the date of the last sale of an OEM license from Microsoft to any hardware manufacturer or reseller. According to Wikipedia, OEM XP was available until October 22, 2010 - and then only for netbooks; for other PCs, no OEM licenses were sold after June 30, 2008.
Re: (Score:2)
They're probably used off-lease corporate machines, given the processor speed and price. There are lots of places that'll sell you an old Dell/HP/Lenovo/whatever P4 or early Core system for $100 - $150 or so with an XP license.
Re: (Score:2)
Except that is not how the MS support lifecycle currently works unfortunately. It guarantees mainstream support for 5 years after this version's release, or 2 years after the next version's release, whatever is later. In other words, the only reason XP is getting more than 10 years of support is the Longhorn delays (I still remember when mainstream support for it was to end in December 31, 2006!).
Re: (Score:3)
The relevant period here would be extended support rather than mainstream, since extended support still includes security fixes. And extended support lasts either 5 more years after mainstream support ends, or 2 years after the second next version is released, whichever is longer.
So, basically, you'll keep getting security fixes for the product for at least 10 years.
Re: (Score:2)
I have more sympathy for those who blew $2,000 for an iMac only to be dumped in 3 years
I'm not clear on how those iMac users were dumped. The upgrade from Leopard to Snow Leopard was only $29.95. The upgrade from Snow Leopard to Lion was priced the same and I expect Mountain Lion will be too. The PPC crowd will have a different experience, but that production ended about six years ago when the architecture changed. The path from Windows 95 to NT, 2000, XP, Vista and then Windows 7 cost significantly more and it required new hardware along the path as well. Microsoft does go to extraordin
Re: (Score:2)
Are you the most interesting admin in the world?
I must be; the people in my head talk about me all the time.
I'd welcome discussion of the assertion that users were dumped. They're free to upgrade or select a new OS at any time as long as the hardware is viable. Sometimes hardware reaches the end of life because technology advances in a new direction. It happened for MS/PC/DR-DOS, OS/2, BSD, games, etc. As for the Cisco comment, it isn't entirely accurate. Cisco has a preferred browser, but you're certainly not required to use their choice any more t
Re:Apple didn't issue fix 10.5, 16.5% of it's user (Score:5, Insightful)
I understand Apple losses money to support users but something should be done. If not after a few billion lost dollars in bank accounts will create some nasty lawsuits.
Apple has been getting more serious about security for awhile (in comparison to, "we're unix, we're ok"). Sandbox, gatekeeper, removal of automatic execution, malware removal tool, etc. They need to gt a LOT better in how they respond though.
Apple clearly understands support in general though. They routinely get excellent marks on their support. See the genius bars as an example. I personally have had out of warranty macs repaired for free. My sister had an out of warranty Macbook case top replaced when it chipped. And so forth. Support is one of the big reasons to buy an Apple, imho.
Re:Apple didn't issue fix 10.5, 16.5% of it's user (Score:5, Informative)
PPC macs have not been sold since 2006. They are no longer supported (we still run 2 power pc macs running 10.4 at work, fwiw, running legacy applications). They were supported through the end of 10.5 (early 2011). 5+ years.
OSX 10.6 and 10.7 are being actively updated. I hate 10.7 and have stuck with 10.6.
First generation Intel Macs were released running 10.4. First generation Intel macs can run OSX 10.7, so they are still supported. They will no longer be supported with 10.8. ~6 years.
Apple seems to roughly support hardware for at least 5 years (given that we've gone through a PPC->Intel transition AND a 32-bit to 64-bit transition in the last ~7 years, not too shabby). I hope they will keep updating 10.6 now that they are hurrying up their OS release schedules.
Re: (Score:3, Informative)
First generation Intel Macs are not supported on 10.7.
Re: (Score:3)
Not quite true.
I'm running Lion on a MacPro 1,1 (1st gen, early 2007) right now. It works quite well! It will not be supported for 10.8, but that's because of the video card (stupid to not support an X1900XT).
So, I should have tempered my statement by saying that some 1st gen macs remain supported for Lion, and, afaik, all macs sold after January 2007 are still supported for Lion.
Re: (Score:2)
Personally I think it would be a good idea to disable port 80 on all devices 3 months after support ends to keep the upcoming security nightmare. It will anger many users but many malware writters will target XP if MacOSX has so many infections yet remains so small marketshare wise still. We do not allow vehicles with rags for a gas cap to go on the road right?
Just out of curiosity, what was your opinion when Sony removed Boot Other OS from the PS3? "It's their right to patch systems if you want to keep using their servers" or "they're removing a valued feature without asking the users, this is fraud and theft!"
Re: (Score:2)
What's scary is the number of NEW embedded systems like Point Of Sale, ATM, and factory control systems that are still shipping with Windows XP. There are still a bunch of software vendors that STILL have not updated their software to work with Windows 7.... and Windows 8 is right around the corner.
Re: (Score:2)
I'm RELIEVED to know that new systems are using XP. I can't tell you how many systems I run across still running 2000. Make me think, though, that since the Armageddon predicted over the deprecation of 2000 never materialized, perhaps we'll dodge the bullet with XP, as well.
Re: (Score:2)
AFAIK Stuxnet was developed before Win2000 ended support and was discovered just after, which means it did target Win2K, but patches for the vulns Stuxnet targeted are not available for Win2k without a CSA. This is a targeted attack though.
Re: (Score:2)
semantics of the term "Trojan" (Score:5, Informative)
According to wikipedia [wikipedia.org], Flashback uses web redirects and javascript to automatically load a Java applet that contains the vulnerability.
In my book, it's only a Trojan if a real person is duped into executing it, and IMHO an infected legitimate website redirecting someone to a malicious website that automatically runs something that infects the user's computer does not count as duping a person into executing something.
TL;DR: Flashback is not a trojan. We need a new term for this type of threat.
Re:semantics of the term "Trojan" (Score:5, Informative)
Re: (Score:2)
It is both a trojan and a malware drive bye.
If you do not click on it, it is malware and will use a memory corruption bug to infect your account. You can delete your account to delete it. If you do click on it the malware turns into a deadlier trojan that runs as administrator and is more difficult to remove.
Most malware these days regardless of type target multiple vulnerabilities. Since IE and Chrome have a sandbox ... what is up with Firefox not having one? ... you need to first get past the sanbox. Afte
Re: (Score:2)
Did the user perform an innocuous action that lead to the trojan being run? It sounds like you have to visit a website hosting the trojan with a vulnerable computer (a user-initiated action, btw) and you're infected. That seems to meet the definition of a trojan to me. If you just connect a vulnerable Mac to the network and let it sit, it won't be compromised this way.
So yes, Trojan is accurate. A user is tricked into downloading and running something malicious. A user could theoretically avoid an infection
Re: (Score:3)
Did the user perform an innocuous action that lead to the trojan being run?
So if you perform an innocuous action that leads to you getting infected with malware then its a trojan?
Gotcha.
So if the user were to perform an innocuous action like...
If you just connect a vulnerable Mac to the network [a user initiated action, btw] and let it sit...
Then any infection that leads to is a trojan.
QED.
A user could theoretically avoid an infection if they knew that the site was hosting the trojan
True. And a user could a
Re: (Score:2)
Most people just call it a "Virus", although the Pedants call it Malware.
The Mac fanboys use the distinction to claim that the Mac has never gotten a virus, despite hundreds of thousands of machines being infected. Technically, they are right, but practically, it's spin.
Ars Technica shows its gone up to 650k (Score:2)
The article is here [arstechnica.com].
I think many people who assume they are invulnerable and have older macs probably have no clue they are even infected. I am curious what the percentage of older MacOSX installations are? Not everyone can afford or want to buy an expensive iMac/Powerbook every 3 years.
otherwise engaged (Score:5, Funny)
To be fair, Apple users may have more important things to do than install hotfixes. For example, engaging in a love that dare not speak its name can be very time-consuming.
I've heard...
Welcome to grown up computing (Score:3)
Re: (Score:3, Insightful)
UNIX has been where grown-ups go to compute for the last 40 years, where have you been?
Re: (Score:2)
Re: (Score:2)
I was always under the "assumption" that the success of Unix had to do with the fact that it was written mainly in C so you could port it to any platform with a C compiler
UNIX emerged at a time when the cost of computer was far greater than the cost of the developer effort to write an OS. Writing an OS from scratch in assembly (or, occasionally, in Algol or similar) was a fairly common task at the time and the OS was often a differentiating feature (e.g. VM/370).
, that it supported a rich programming API even very early on,
Nope, it supported an incredibly limited API. No initial support for shared libraries, no support for structured files, no ACLs. It was very primitive in comparison to mainframe or minicomputer operating systems
Re: (Score:2)
Re: (Score:2)
You think anti-virus would have protected mac users from this?
It wouldn't.
Re: (Score:2)
Actually, you're completely wrong. Not because the real-time scan would have caught the exploit applet at first (although any decent antivirus has now had the definition for all known variants for a few weeks) but because this malware explicitly targets people who don't give a damn about their computer's security.
The drive-by download's payload is an installer. Before it installs the botnet kit, the installer checks the filesystem for a list of security programs, including antivirus software. If it find any
Re: (Score:2)
The numbers (Score:5, Interesting)
Do they port scan 1000 random machines and extrapolate from there? I'm genuinely curious to know their methods. How could they arrive at such a precise number? Surely they must only have a sample of macs and use statistical models to extrapolate, right? They can't scan all the macs, right? right?
How do they do it?!?!
Re: (Score:2)
Do they port scan 1000 random machines and extrapolate from there? I'm genuinely curious to know their methods. How could they arrive at such a precise number? Surely they must only have a sample of macs and use statistical models to extrapolate, right? They can't scan all the macs, right? right?
How do they do it?!?!
My understanding is that infected Macs try to contact a command-and-control server with a unique identifier in order to get the trojan payload. Several of the anti-virus/security companies have ben able to hijack the command-and-control system to insert their own system (probably via DNS entry changes at some major ISPs) that infected Macs then try to connect to. They record the unique ID's in the request messages, and then extrapolate the results accordingly.
Yaz.
Re: (Score:2)
They have hacked some of the command and control servers by taking over their DNS entries. They can see Flashback infected Macs trying to phone home for instructions.
Re: (Score:2)
I wish Microsoft... (Score:4, Interesting)
Re: (Score:2)
Re: (Score:2)
Grand, ain't it?
Still no fix for Leopard (Score:3)
If you bought your Mac three years ago and never bought an OS upgrade, you are likely running Leopard.
Apple has still not provided any fix or upgrade that addresses this malware for Leopard. Only for Snow Leopard and Lion.
Re: (Score:3)
Apple has still not provided any fix or upgrade that addresses this malware for Leopard. Only for Snow Leopard and Lion.
They have a fix for Leopard. It's the free upgrade to Snow Leopard.
Re:Well clearly (Score:4, Funny)
Re:Well clearly (Score:5, Interesting)
That's what TFA says. The infected machines haven't had the updates installed. That implies that the owners either don't know that they are infected or don't care. I'm leaning towards the former.
With the number of machines that remain, it seems clear also that Mac users aren't using auto updates. What's up with that?
Re:Well clearly (Score:5, Insightful)
With the number of machines that remain, it seems clear also that Mac users aren't using auto updates. What's up with that?
You're surprised that users dont install updates? Or choose to skip updates when they are offered? You must be new here... (and by here, I mean, anywhere) This is hardly a problem that is unique to mac users or even ignorant users.
Re: (Score:3)
That's why Windows 7 pretty much just silently downloads and installs updates unless you go out of your way to tell it otherwise. They realized that it was worth drawing the wrath of nerds who hate not being in control to help the vast majority of clueless users.
Re: (Score:3)
auto updates only work automatically if you're logged in as an admin user....
Re:Well clearly (Score:5, Informative)
Re:Well clearly (Score:4, Interesting)
And once again, it doesn't do even the above if you're logged in as a regular user. You have to manually kick it off to even find out there *are* updates.
It's not hard to kick it off, but it is something you have to bother to remember to do. Which, "your parents" probably do not ever really think about.
Re: (Score:3)
It's even more retarded than that. It tells you there's a handful of updates and makes you log off. Then you have to sit and watch while it downloads the updates on your now incapacitated desktop. Then you have to watch as it updates itunes or quicktime... Why does upgrading a media player mean you have to reboot your computer? So not only do I lose all the context in all of my terminal sessions, I have to sit and watch it download, and then watch it reboot. Then after the reboot, after I start working
Re: (Score:2)
I maintain 6 macs, and then are always up to date... I have never seen what you described (save the occasionally having to reboot with updates)...
Re: (Score:3)
I maintain 6 macs, and then are always up to date... I have never seen what you described (save the occasionally having to reboot with updates)...
I have seen EXACTLY what he described in the most recent update with Snow Leopard (maybe the magic intrusion-free update feature was only introduced in Lion?) The system prompted about needing to reboot for updates and after it was OKed, it probably spent at least 10 minutes in "update mode".
Re: (Score:3)
You didn't read the question asked in the dialog? The one asking *your* permission to download and install updates and reboot your computer? You didn't understand that 'Continue' means 'yeah, go ahead, install and reboot'? You didn't see the 'not now' button next to it, allowing you to continue working without interruption?
Helpful tip: read the dialog and make sure you understand the question asked before clicking any button.
(You can configure Software Update to download updates in the background, in which
Re: (Score:2)
Once I upgraded to Lion the software upgrades went much smoother. The only required reboot is for security updates, which are not so large as to do the multi-minute "waiting to reboot" spin cycle.
Re: (Score:2)
This is not the typical update cycle, although I remember that one in recent memory.
Usually, a popup informs me there are updates available. I ignore it for a while, and finally click "OK". It does some updating, in the background, and finally displays a dialog box for me to reboot. I ignore that for about a day, and when I'm free and relaxed, and the battery is fully charged or whatever, I let it reboot.
Re: (Score:2)
...and as far as the mystery reboots, I am fairly certain these are due to security updates that Apple doesn't tell us about. Not that I think that's a terribly good idea, but you know... the amount of headache I get from Apple Computer, in terms of preventing me from being productive, is actually pretty slim compared to the equivalent from Microsoft. And I think that's significant considering how locked down the Apple OS is. To be fair, I'm including Mac Office and Windows Office in with Microsoft Windo
Re: (Score:3)
Also, I wonder how Apple, the paragon of UI design, has never been able to implement a good window manager? It makes my eyes bleed every time I try to place Firefox and a ter
Re: (Score:2)
One of the reasons I reboot is that OS X has a virtual memory file (kind of like the buffer cache) that grows but never shrinks again until a reboot.
OS X has a lot of headaches, but not as many as Windows, and I like it better than Linux. I never compile device drivers or wonder which version of $FOO is more stable than the other.
I agree, the window manager is one of the bugbears in this OS. I do a lot of window management and filesystem manipulation with trackpad gestures now... this lowers my stress leve [youtube.com]
Re: (Score:2)
Also, I wonder how Apple, the paragon of UI design, has never been able to implement a good window manager? It makes my eyes bleed every time I try to place Firefox and a terminal window side-by-side on a friends machine.
Agreed, BetterSnapTool solves this issue, though it should be integrated into the OS from the get-go...
Re: (Score:2)
So not only do I lose all the context in all of my terminal sessions
They fixed (that much) in Lion. Now, when you quit Terminal with terminals still open, restarting it brings back those terminals and all the context with them.
It's still actually closing the shell, so if you had three terminals open, your .bash_history is still "who the fuck knows," but you'll at least still have the last page or so of terminal output, and the terminals resume in the same directory they were in. Even after reboots. It's nice.
I think they also fixed the "iTunes update requires reboot" thing,
Re: (Score:3)
I'm not infected (checked), but perhaps about 50% of those that "haven't installed the updates" is because people refuse to upgrade? I refuse to pay for an upgrade that will no doubt slow my Macbook Pro down and cause random issues.
You might be shocked at the amount of "automatic" updates the mac doesn't install. Air doesn't get patched by Adobe's own patches, MSFT Office only gets patched by it's own update program, etc...
Re: (Score:2)
Re: (Score:2)
Canonical and Apple both now offer proper stores for selling, installing, and updating third party software. They both need work and many publishers don't use them, but at least we're making some, slow progress.
Re: (Score:2)
I'm not infected (checked), but perhaps about 50% of those that "haven't installed the updates" is because people refuse to upgrade?
That's an interesting possibility. Netmarketshare.com puts 10.6 and 10.7 users as 82% of all Macs. 10.5 is 14%, but Apple is now offering a free upgrade to those users to 10.6. so 96% of Mac users can get this security update for free without manually installing Java (lets assume most users aren't technical enough to understand how). That means there are maybe 30 million Macs out there connected to the net that can't get free updates (All of them at least 6 years old).
I refuse to pay for an upgrade that will no doubt slow my Macbook Pro down and cause random issues.
Macbook Pro were introduced in 2006, 6
Re: (Score:2)
They don't know. How would they? Not everyone reads the news or understand what it means in cases like this. Maybe the nerds do but that's a tiny fraction. I was even confused by this as I got no explicit update pushed, though it turned out it was part of the Java update, and it only applies to Lion anyway. Maybe people just have auto-update of software turned off (which is normally a good idea, always have it ask you first)? Maybe they haven't rebooted the macs yet, which is required before infected
Re:Well clearly (Score:5, Insightful)
The updates are only available for Snow Leopard and Lion. If you're on Leopard (10.5) (still sold up until summer 2009) or older, you don't get the security patches OR the latest fixes to remove infection. Apple only support current and previous OS versions for security. Once Mountain Lion comes out in a couple of months, anyone who's running an OS older than october 2010 goes under the bus. Note, they're still selling snow leopard right now, as you need to install it first to go to lion - you can't jump from leopard to lion direct, as leopard don't have the app store needed. You can of course download and make a USB clean installer from an existing lion Mac, but if you've only got one physical machine and no-one can help you make an install, leopard -> snow leopard -> lion it is (pre-made lion install usb keys not available here)
We criticise microsoft for ending support for XP after 13 years, and Apple drops all support after TWO and get a pass? Something like 25% of mac users are using Leopard or older - not least due the removal of PPC support in snow leopard. Mountain Lion looks pretty pointless unless you're also an icloud user, and the steady of killing off of carbon library support in Lion and Mountain Lion means you may have to stick to snow leopard if a key app doesn't run on Lion yet - and you'll be in the same boat as Leopard users right now, running an 'obsolete' unsupported OS with no security patches that's still for sale right now!
Now apple are switching to an annual OSX release, they REALLY need to still support older OSes - such as the soon to be EOL'd snow leopard - longer than they do for critical security patches, such as this one. Apple decided they wanted to control java installation on OSX, they should have the decency to get security patches out for it in a prompt timescale. Don't forget, the whole reason this happened is Apple sat on upstream java security patches for months for even current OSX users - if they'd pushed out the patches THEN, instead of waiting for half a million + users to get infected...
Re: (Score:2)
First, the 13 years of MS support for MS WIndows XP is not a good metric. MS actually only supported retail XP for less than a year after retail sales ended, and it might have been possible for a consumer to buy a new XP machine with no support.
Since all machines A
Re: (Score:2)
The default setting for auto-updates is that the machine checks once a week. Then I tend to postpone the actual installation a few times if it requires a reboot (and security updates generally do). So I'm not surprised that not everyone has installed the update in the 4 days between release and the day the stats were taken.
Re: (Score:2)
In doing actual front desk/helpdesk support (at a University no less) I've found most Mac/Windows end users to be pretty much totally clueless when it comes to security.
Re:Well clearly (Score:4, Insightful)
No, most of them are talking about being utterly immune. And they were always wrong.
Re: (Score:3)
Re: (Score:3, Insightful)
Windows and even IE has been getting harder and harder to crack in after the laughing bad issue with XP pre SP1 and IE 6. Windows 7 has ASLR, DEP with all services, special VC2010 exception checking at runtime executable support, and sanboxing. Windows 8 and IE 10 have 2 sandboxes to get an exploit pass.
Ask any enterprise who migrated from XP to Windows 7 and they all say a drop in malware and virus infections is the first thing they notice.
Maybe MacOSX is an easier target?
The fact that most MacOSX users do
Re:There has been little else more pleasant in lif (Score:5, Informative)
Ask any enterprise who migrated from XP to Windows 7 and they all say a drop in malware and virus infections is the first thing they notice.
Flash drive Autorun viruses!
By default XP SP1 and newer (IIRC) while not automatically running autorun.inf files from flash drives, will give you the "What do you want to do" prompt including the autorun option. If you decline that, but double click the drive in my computer it will go ahead and run the autorun with no warning or indication. The default action on Windows 7 is to not even try to run autorun from flash drives.
On any computer I have control over (personal or for work) I completely disable autorun because:
a) It's annoying
b) It's dangerous.
Two large corporations I've worked for recently (still using XP) did not disable autorun! It's amazing how much autorun malware runs rampant. Crappy overpriced Symantec or McAfee don't pick them up either. I alert people when I stick their flash drive in my computer and notice hidden autorun.inf files, and hidden mischievous folders with random file names. I usually get stunned looks from them.
I also get stunned looks from IT when I point out the gaping, tractor-trailer sized hole in their security.
Re: (Score:2)
No, they're not. While OSX will put files like .DS_Store on flash drives, those aren't the files I'm talking about. I'm talking about files pointed to in the autorun.inf. Half the time they're hidden in a "Recycler" folder. Recycle bin doesn't exist on removable drives. Files that while overpriced McAfee and Symantec don't pick them up, submitting them to virustotal comes back with some hits.
Re: (Score:2)
Hey Apple fan brats, you're idiots!
Please please mod me troll - I love it when you guys make that pig squealing sound.
Re: (Score:2)
Re:Apple articles always frustrate me (Score:4, Insightful)
There actually was an article on Slashdot that had a link to the information you mentioned. It said how to check to see if you were infected and told how to remove it. By asking why something something that was posted wasn't posted, you are doing little to improve our collective opinion of Mac users.
Re: (Score:2)
Nearly 30 years running MacOS and still haven't got a virus... What makes you think your anecdote means jack shit?
Re: (Score:2)
I also do the same on my Nix and Win boxes as well, with the same results (I did get a virus back in 1995 on a Windows box, which is when I started to tighten up
Re: (Score:2)
Right – that was rather my point – all this is is an anecdote, not actual statistical evidence.
Re: (Score:2)