You don't know that at all. Available patches does not translate to more patched systems, especially amongst the user base most vulnerable to malware infections.We don't know how many people do update regularly and we don't know if it would have been huge. What we do know is that the botnet would have been smaller - it surely wouldn't have been bigger if patches were available
Clearly.- and closing know security holes as quickly as possible is to be encouraged and allowing them to remain open for months is a Bad Thing.
Typical Apple, shoot the messenger and hope the bad news he was bearing doesn't happen.
"If I close my eyes I can't see you!"
How you found that link is beyond me. I went to Apple.com, clicked contact, and found this page.
EDIT: Bing manages to find it for me, so I guess it's findable, just not through Apple.
Myth of the inherent invulnerability of OS X to malware... Busted!
This might be one of those moments Apple can ask Microsoft for help.
Rocketman
Step 1: Fake trojan outbreak news
Step 2: Create bogus removal tool that infects Mac when run
Step 3: 20 millions of Macs now trojaned
)
It's not matter of becoming "pen pals", it's matter of tackling the security issues as fast as possible so that the minor number of users are at risk and the botnet does not become a bigger threat (and bloggers have less ammunition to start spreading FUD about Mac security).Wait, so it was difficult to contact someone because you don't have direct email addresses to internal people? Why do you need to know this? Here it clearly states how to contact Apple.
You don't need to become pen pals with the folks inside Apple just because you found a security vulnerability.
Right, because Microsoft is well known for having a secure platform.
You don't know that at all. Available patches does not translate to more patched systems, especially amongst the user base most vulnerable to malware infections.
Whats more annoying is that all the idiotic Windows fanboys are parading around every known social networking site gloating that Mac's actually do get viruses.
How did so many people become so misinformed about the differences between trojans, worms, and viruses?
No one ever claimed OS X was invulnerable to malware. This isn't the first piece of malware for OS X anyhow.
Most users have no need for Java on their machines these days. Very few mainstream web sites use it. Corporations that use Java based apps are probably using some type of ERP system, like Oracle, that use Java in some of their products, but for the average Mac user has very little need for it.
Typical apple ...
I've used OpenDNS for a number of years now and it works fine.
And what websites do you have to visit to get this "Flashback" thing exactly?
I checked both of my Macs using the command line thing and none of them are infected. Apparently none of my Mac-using friends have it either, which makes me question these infection numbers that are getting thrown around and whether the whole thing is just a viral marketing campaign by Norton to revitalize their company with a "radar gun / radar detector" business model now that Microsoft has finally made 3rd-party security software all but obsolete.
"They told the registrar this [domain] is involved in a malicious scheme. Which would be true if we weren't the ones controlling it and not doing any harm to users," says Sharov. "This seems to mean that Apple is not considering our work as a help. It's just annoying them."
Image
Most Apple fanboys at this moment. So many of them are grasping at straws, downplaying the situation, and pretending it's not a big deal when it's huge.
It's not a virus!!! DAMN ANTI APPLE MEDIA!! WE STILL DONT HAVE A VIARUS!!
Nobody cares about the difference between malware and a virus. Hell, how many true viruses have been released on Windows? This is an extremely potent thing that doesn't even need your admin password in order to install and begin.
To the college student, to the grandma, to the other less tech savvy Apple user they don't give a ****. They now have to think for the past couple of months their computer has possibly been tracked, used in attacks, and now they have to figure out what info could have been stolen.
This is an extremely serious infection that does extremely serious stuff. Apple's response was pathetic.
Well i'm still not sticking AV on my mac so in your expert opinion what sites should I avoid?
P.S. I’d like to see more on the other side of the story: first a web site must be compromised, and only then can a Mac visiting it (with Java on) be compromised too. How are these web sites being compromised, which ones are they, how many of them, can we detect them, and can they be blocked if not fixed?
Another piece I’m curious about: are email spam/phishing campaigns (possibly driven by Windows botnets) being used to send out clickable links to infected sites?
That’s a potential malware vector that I wouldn’t ignore if I were behind this, but email hasn’t been mentioned in the articles I’ve seen.
I sometimes wonder if these "security companies" who find these vulnerabilities, are not somehow connected to the hackers who exploit them. Particularly ones based in foreign countries where many of these attacks seem to originate.
Checked, Im clear. Macs still rock for me!!
Typical Apple, shoot the messenger and hope the bad news he was bearing doesn't happen.
"If I close my eyes I can't see you!"
Pardon? You realize that it wasn't just a couple of sites or malware from pirate sites?
All you had to do was go to an infected site on say google images and even if you denied the password you'd be infected.