Loading ...
Sorry, an error occurred while loading the content.

Re: [wpmac] [OT] The sad state of anti-virus protection

Expand Messages
  • mxytsplyk
    Thank you, Randy, for putting this in perspective. There are reasons we use Macs and an operating system designed with security in mind (as BSD Unix was), is
    Message 1 of 15 , Jan 8, 2013
    • 0 Attachment
      Thank you, Randy, for putting this in perspective. There are reasons we use Macs and an operating system designed with security in mind (as BSD Unix was), is one of them.
    • John Kaufmann
      Randy, I echo the thanks expressed for your perspective. As a one-time Windows programmer, I was keenly aware of exploitable flaws that simply did not exist
      Message 2 of 15 , Jan 8, 2013
      • 0 Attachment
        Randy,

        I echo the thanks expressed for your perspective. As a one-time Windows
        programmer, I was keenly aware of exploitable flaws that simply did not
        exist in the more robust Mac system architectures. That said, I was struck
        by one of your assertions:

        In a message dated 2013-0108 20:32 -0500, Randy B. Singer wrote:
        > The Macintosh is now more secure than it has ever been.

        Ever? Was there ever malware for the pre-OSX "classic" Mac OS? [I'm not
        suggesting it was a better OS - there are many things that OSX does better
        - just that security was not an obvious motivation for the switch.]

        John K
      • Randy B. Singer
        ... When I said that the Macintosh is now more secure than it has ever been, I meant that OS X has been continually made more secure. As of Lion there were
        Message 3 of 15 , Jan 8, 2013
        • 0 Attachment
          On Jan 8, 2013, at 7:11 PM, John Kaufmann wrote:

          > Ever? Was there ever malware for the pre-OSX "classic" Mac OS? [I'm not
          > suggesting it was a better OS - there are many things that OSX does better
          > - just that security was not an obvious motivation for the switch.]

          When I said that the Macintosh is now more secure than it has ever been, I meant that OS X has been continually made more secure. As of Lion there were major improvements made with regard to security.

          Note that "improvements in security" doesn't mean that here are more threats around, or more severe threats. It just means that Apple has been pro-active.

          To directly answer your question though, yes, there was malware for the classic OS (OS 9 and earlier). At least 27 examples by my count:

          See:
          http://www.faqs.org/faqs/computer-virus/macintosh-faq/
          Section 7

          In fact, the fact that there were a significant number of viruses for the classic Mac OS is a great piece of evidence to refute the lie that Windows bigots like to spread that OS X doesn't have lots of viruses because it doesn't have a big enough market share. Back in the days of the classic OS the Mac had a much smaller market share than it does now, yet there was no lack of malware (but nothing like what existed for the PC). So it clearly isn't the case that virus-writing sociopaths are only interested in writing malware for a platform with a certain level of market penetration. The reason the Mac has so many fewer pieces of malware than Windows is, and always has been, that it is much harder to write malware for the Mac.

          Have a look at these fun articles:

          Broken Windows
          http://daringfireball.net/2004/06/broken_windows

          So Witty (followup to Broken Windows)
          http://daringfireball.net/2004/06/so_witty

          ___________________________________________
          Randy B. Singer
          Co-author of The Macintosh Bible (4th, 5th, and 6th editions)

          Macintosh OS X Routine Maintenance
          http://www.macattorney.com/ts.html
          ___________________________________________





          [Non-text portions of this message have been removed]
        • Randy B. Singer
          As of today, all Mac malware is either extinct or cannot infect a properly-updated machine. Although there are situations that can lead to infection, they
          Message 4 of 15 , Jan 8, 2013
          • 0 Attachment
            "As of today, all Mac malware is either extinct or cannot infect a properly-updated machine. Although there are situations that can lead to infection, they require dangerous behavior on the user�s part, such as not updating their systems or downloading software from bad sources, such as through most torrent applications. Right now, anti-virus software is still not necessary for most users."
            http://www.reedcorner.net/a-look-back-at-12-years-of-mac-malware/


            ___________________________________________
            Randy B. Singer
            Co-author of The Macintosh Bible (4th, 5th, and 6th editions)

            Macintosh OS X Routine Maintenance
            http://www.macattorney.com/ts.html
            ___________________________________________
          • Randy B. Singer
            As of today, all Mac malware is either extinct or cannot infect a properly-updated machine. Although there are situations that can lead to infection, they
            Message 5 of 15 , Jan 8, 2013
            • 0 Attachment
              "As of today, all Mac malware is either extinct or cannot infect a properly-updated machine. Although there are situations that can lead to infection, they require dangerous behavior on the user�s part, such as not updating their systems or downloading software from bad sources, such as through most torrent applications. Right now, anti-virus software is still not necessary for most users."
              http://www.reedcorner.net/a-look-back-at-12-years-of-mac-malware/


              ___________________________________________
              Randy B. Singer
              Co-author of The Macintosh Bible (4th, 5th, and 6th editions)

              Macintosh OS X Routine Maintenance
              http://www.macattorney.com/ts.html
              ___________________________________________
            • John R
              I know very little about this, but couldn t help taking seriously this caution from the Department of Homeland Security:
              Message 6 of 15 , Jan 22, 2013
              • 0 Attachment
                I know very little about this, but couldn't help taking seriously this caution from the Department of Homeland Security:

                http://bits.blogs.nytimes.com/2013/01/14/department-of-homeland-security-disable-java-unless-it-is-absolutely-necessary/

                which includes:

                "Last April, hackers exploited a Java vulnerability to infect more than half a million Apple computers with a vicious form of malware in what was the largest-scale attack on the OS X operating system to date. The exploit was particularly disconcerting because it let attackers download a malicious program onto its victims' machines without prompting."

                It's just a guess, but when malware went from being the province of the teenage hacker/vandal to become the province of professional thieves, it was bound to become worse. Mac market share is growing, making Macs increasingly plausible targets.

                According to the article, Apple now ships Macs with Java disabled, and has remotely disabled Java where it has been installed. I disabled Java on my machine as soon as I read this (for whatever reason, it had not been remotely disabled). But a day later I was on the New York Times' chess page, which featured an interactive game; I clicked on it and a dialog said I had to install Java, giving me a button to click to do so. I might not have known about the vulnerability.

                Half a million Macs aren't very many, but I'm glad mine wasn't one of them. Hope this info helps someone.

                John R.
              • Randy B. Singer
                ... That exploit was called Flashback, and whether or not it really infected half a million Macs is a matter of intense debate. I m on about a dozen Mac
                Message 7 of 15 , Jan 23, 2013
                • 0 Attachment
                  On Jan 22, 2013, at 8:48 PM, John R wrote:

                  > I know very little about this, but couldn't help taking seriously this caution from the Department of Homeland Security:
                  >
                  > http://bits.blogs.nytimes.com/2013/01/14/department-of-homeland-security-disable-java-unless-it-is-absolutely-necessary/
                  >
                  > which includes:
                  >
                  > "Last April, hackers exploited a Java vulnerability to infect more than half a million Apple computers...

                  That exploit was called Flashback, and whether or not it really infected half a million Macs is a matter of intense debate. I'm on about a dozen Mac discussion lists, frequented by tens of thousands of Mac users, and among all of those users we could not find a single first-hand account of anyone having encountered Flashback.

                  It's true that Java is full of security holes and it is risky to have Java installed and active on your Mac. However, that point is moot for the overwhelming majority of Mac users at this point.

                  Mountain Lion didn't ship with Java at all. For those who were using an earlier version of OS X with Java installed, Apple has already pushed out patches to all Macs running OS X 10.6 through 10.8 that disables Java.

                  http://www.reedcorner.net/about-the-flashback-malware/
                  http://www.reedcorner.net/apple-and-mozilla-act-fast-to-secure-java/
                  http://www.macobserver.com/tmo/article/apple-remote-disables-java-on-macs-after-major-security-alert

                  If you haven't allowed Software Update to update your Mac with security updates, you should. If you have re-enabled/installed Oracle's version of Java on your Mac because you need it to access a particular Web site (some courts require Java to be able to file documents via the Web, for instance), you should turn Java off in your Web browser until, and only when, you specifically need Java.

                  In Safari, go to:
                  Safari menu --> Preferences --> Security --> uncheck Enable Java

                  As before, it's best not to use Web sites written by sources that don't really understand the Macintosh as your primary source of information about what is going on with the Macintosh. Especially with regard to security. They tend to be overly alarmist and not entirely accurate.

                  You can always find the latest info, written in language that ordinary folks can understand, and offered by a source that isn't trying to sell you anti-virus software, here:
                  http://www.reedcorner.net/mmg/

                  ___________________________________________
                  Randy B. Singer
                  Co-author of The Macintosh Bible (4th, 5th, and 6th editions)

                  Macintosh OS X Routine Maintenance
                  http://www.macattorney.com/ts.html
                  ___________________________________________
                • John Kaufmann
                  ... Firefox users have the option of the QuickJava extension, which gives button-based toggling of Java and other potential vulnerabilities (JS, Flash, ...),
                  Message 8 of 15 , Jan 23, 2013
                  • 0 Attachment
                    In a message dated 2013-0123 06:13 -0500, Randy B. Singer wrote:

                    > ... If you have re-enabled/installed Oracle's version of Java on your Mac because you need it to access a particular Web site (some courts require Java to be able to file documents via the Web, for instance), you should turn Java off in your Web browser until, and only when, you specifically need Java.
                    >
                    > In Safari, go to:
                    > Safari menu --> Preferences --> Security --> uncheck Enable Java

                    Firefox users have the option of the QuickJava extension, which gives
                    button-based toggling of Java and other potential vulnerabilities (JS, Flash,
                    ...), making it very easy to enable on a per-site, or even per-page, basis.

                    John
                  • Rick Albright
                    ... What about JavaSCRIPT? That s a separate option. Should that be unchecked, as well, Don t a lot of web pages use JavaScript? What are the implications of
                    Message 9 of 15 , Jan 25, 2013
                    • 0 Attachment
                      On Jan 23, 2013, at 6:13 AM, Randy B. Singer wrote:

                      > In Safari, go to:
                      > Safari menu --> Preferences --> Security --> uncheck Enable Java

                      What about JavaSCRIPT? That's a separate option. Should that be unchecked, as well, Don't a lot of web pages use JavaScript? What are the implications of turning this off? Will it cause a lot of problems accessing web pages?

                      Thanks,
                      Rick

                      ===========================================================
                      Rick Albright
                      logres@...

                      Writing the Past, Writing the Future: Time and Narrative in Gothic and Sensation Fiction
                      http://www.powells.com/biblio/72-9780980149647-0
                    • J.J. McVeigh
                      ... No. You can leave that be. Apples and Oranges. -- John Joseph McVeigh, Attorney at Law Butler, Maryland 21023-0128 Practice before the Federal
                      Message 10 of 15 , Jan 25, 2013
                      • 0 Attachment
                        At 23:01 -0500 25.01.2013, Rick Albright wrote:

                        > > In Safari, go to:
                        >> Safari menu --> Preferences --> Security --> uncheck Enable Java
                        >
                        >What about JavaSCRIPT? That's a separate option. Should that be
                        >unchecked, as well[?]

                        No. You can leave that be. Apples and Oranges.

                        --
                        John Joseph McVeigh, Attorney at Law
                        Butler, Maryland 21023-0128
                        Practice before the Federal Communications Commission
                        Member: NY; DC; and USPTO Bars
                      • Sam Storch
                        While it is now considered good practice to disable Java (except by you for known specific purposes that you trust) you may need to have Javascript enabled to
                        Message 11 of 15 , Jan 26, 2013
                        • 0 Attachment
                          While it is now considered good practice to disable Java (except by you for known specific purposes that you trust) you may need to have Javascript enabled to do just about any work beyond text-only websites.

                          Despite having similar names, Java and Javascript are two entirely different things. You can get better clarification than my simple statement by searching recent discussions on macintouch.com which is reliable in this sort of stuff.

                          Cheers!
                        Your message has been successfully submitted and would be delivered to recipients shortly.