That's the best they can come up with?
Disable java??
So, if I get a virus on my old macbook then Apple's recommends to stop using it???
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple Developing Software to Remove Flashback Malware
- Thread starter MacRumors
- Start date
- Sort by reaction score
That's the best they can come up with?
Disable java??
So, if I get a virus on my old macbook then Apple's recommends to stop using it???
Best response yet to all these fanboys screaming, "Its not a virus! Its just a trojan..." I like Apple products, but who cares what it is. It can download and screw up your system without any action on your part other than visiting an infected page while Java is running. Apple screwed up big time being 2 months late with the update.
That's the best they can come up with?
Disable java??
So, if I get a virus on my old macbook then Apple's recommends to stop using it???
That's pretty much Apple for you. You either stick with them, keep in their garden, keep up with their garden, or you don't matter.
Such is life in the walled garden, and those walls aren't getting any smaller. They are getting higher and higher.
----------
Horrible analogy..
It's more like calling a spider an insect. Or say calling Rooibos a tea. It's not really that big of a deal. Sure, it's technically wrong but they both have similarities and in the big picture it simply doesn't matter to someone who doesn't know or care to know they have bigger things to worry about.
Virus spreading today is very inefficient compared to Trojans and worms, regardless of the operating system. In the eighties and early nineties it was the best way to infect PCs, because most of them were not connected to networks and people exchanged lots of programs from PC to PC via floppies. Nowadays, it's not hard to develop a virus and install it on one PC, but it's unlikely that it spreads to other computers unless you provide additional mechanisms besides those of a virus. That's the reason why viruses today are much less of a concern than Trojans or worms.
No, you're underestimating Windows users. Believe it or not, they haven't been sitting around for ten years waiting for this to happen. They have their own platform that gets security updates every Tuesday, before problems like this get a chance to take a significant hold. Most of them don't even know this has happened.
What worries me as a Mac user is the attitude of other Mac users. If you give Apple a free ride on stuff like this, then they'll screw up when it really matters.
Apple is responsible because they wanted to develop their own version of Java. The Oracle version was fixed in February. The Apple version was not. The responsibility for this lies entirely with Apple.
While I think that Apple should have acted much earlier on this whole thing, I do think this is quite astounding:
Isn't it quite unusual for a software- / hardwaremaker to get involved in such a way ?
---
On another note:
I always hoped that Apple might be secretly developing an integrated antivirus / -trojan / -malware solution which they could activate instantly when things get rough. Much like the "Just in case scenario" when Macs were still running on PowerPC CPUs and Apple was secretly developing every OS X release for x86 as well. I guess I hoped for too much there.
Apple Support said:
Isn't it quite unusual for a software- / hardwaremaker to get involved in such a way ?
---
On another note:
I always hoped that Apple might be secretly developing an integrated antivirus / -trojan / -malware solution which they could activate instantly when things get rough. Much like the "Just in case scenario" when Macs were still running on PowerPC CPUs and Apple was secretly developing every OS X release for x86 as well. I guess I hoped for too much there.
No. Command & Control centres are regularly disabled, and taken control of by security forces. When possible, it is used also to tell the malware infected machines to uninstall the malware itself.
For worms, its also not uncommon to deploy a 'patcher worm' that'll use the same distribution method as the malware - but one that runs around patching the machines of the used vulnerability, and again removes the malware worm (Along with itself after a set amount of time).
That's the best they can come up with?
Disable java??
So, if I get a virus on my old macbook then Apple's recommends to stop using it???
Its great advice and one GGStudios has said for a long time if you check his faq.
Do you really need Java enabled anyway?
Its a simple solution and an effective one without compromising the usability of you machine.
But Apple will likely do nothing for those tens of MILLIONS of old Macs which can not be upgraded to the new OS. Apple is irresponsible.
Depends on the user. I know a couple of people who use MoneyDance for personal finance, which is written in Java.
For developers, you have Eclipse and IntelliJ (yes, a lot of Java applications are actually written on the Mac platform).
And as it happens, the only alternative IDE for Cocoa development is also written in Java.
----------
Well, no one can say with absolute certainly that that is the correct figure. Both Dr Web and Kaspersky admit that the techniques they use may falsely identify the type of machine in certain circumstances.
But 600,000 is probably accurate, yes.
This is great news for consumers. This is why we use Macs because Apple is always working for us.
When it's on Windows it's a virus. When it's on Mac that's when you have to be specific
I love that analogy!
Love all the, "Its Java not Apple!" Comments. If you get food poisoning from Taco Bell do you blame the meat supplier? No you blame Taco Bell for not handling the food properly. Same issue here. Apple is serving us a version of Java that is old and not safe to eat. Apple repackages and redistributes Java themselves and its not like we can just upgrade to the latest patched Java version like Windows users. Its ok that Apple is wrong sometimes. Everyone is wrong sometimes.
You do realize Apple could have prevented this from happening months ago but instead they chose to ignore it.
You do realize Apple could have prevented this from happening months ago but instead they chose to ignore it.
Apple is working to fix a public relations clusterf**k of its own making. We're just reaping the benefits.
I know a lot of people hate the IT press when they go after Apple, but if they didn't then a lot of this stuff might not get fixed.
Regarding the "trojan vs. virus" debate ...
I had always thought that trojans were malware that the user had to explicitly let into their system. Sort like how the Trojans tricked the Greeks??? into letting a big horse filled with Trojan soldiers into their fort.
This Flashback thing seems to install itself without user intervention, once the user visits a malicious/hacked webpage.
So, is Flashback truly a trojan? Or is it something of a hybrid?
ft
I had always thought that trojans were malware that the user had to explicitly let into their system. Sort like how the Trojans tricked the Greeks??? into letting a big horse filled with Trojan soldiers into their fort.
This Flashback thing seems to install itself without user intervention, once the user visits a malicious/hacked webpage.
So, is Flashback truly a trojan? Or is it something of a hybrid?
ft
I've received Windows patches every day over the past 4 days. It's an ongoing battle.
Dude, its like saying on a PC you can die from Aids or/and Cancer..... and on a mac you just get Cancer! I for one am kinda pissed you can now get cancer on a mac!!!!!!!! To be honest I cannot remember the last time I actually got a virus on a PC...
Least on my PC I have a truckload of programs to screen my system. On a mac, I can read about it on Macrumours or the news.... yipee thats proactive!
The only security is to stay off the internet! Common sense... and internet... please! You way way way overestimate your average user.
How many Macs actually, really, have this reported problem. The 600,000 number sure looks like an exaggerated SWAG to me. Most of my friends and I have Intego VirusBarrier X6 installed which is able to detect this problem, but none have had it reported. Please post if you know "first-hand" of anyone with this problem.
They can. They have in the past, before Mac OS X. They don't since Mac OS X, only because none have been released into the wild.
tH3y 5ti11 d0n'T.
Yes, they do. They get trojans, but not viruses.
And by "sheep", you mean "informed users who know the difference", of course!
The difference determines the proper defense. I love the approach that "the masses are ignorant of the differences, so rather than try to learn and inform others of the facts, let's just join the masses in their ignorance!"
They absolutely did. It's far from being the only time. They dropped the ball by shipping Macs with the default settings of having the firewall disabled and Java enabled (for the versions that shipped with Java installed), and "Open "safe" files after downloading" enabled in Safari, to name a few. The good news is that a user can pick up the ball by correcting such things. I don't leave the security of my computers in the hands of a hardware or software company. I take responsibility to make sure my own computers are secure. Did Apple drop the ball? Absolutely! Did it affect my computers that they did? Not at all.
There's a reason for the distinction between the two platforms. If all malware could be easily avoided by practicing safe computing, and all users practiced safe computing, there would be no need for antivirus software. However, a virus changes things. Once a virus is released in the wild for a platform, practicing safe computing is no longer sufficient to provide a complete defense. At that point, antivirus software is required. Once you have a dependency on antivirus apps, they can be used against both viruses and other forms of malware.
No OS is immune to malware, especially the greatest threat to security: the user. With Windows, the "virus cat" has already been let out of the bag, so running antivirus has become common for Windows users. If and when a virus is released in the wild for Mac OS X or later, the same will be true for Mac users. We're just not there yet, since safe computing practices can still completely protect against all Mac OS X malware in the wild.
Macs are not immune to malware, but no true viruses exist in the wild that can run on Mac OS X, and there never have been any since it was released over 10 years ago. The only malware in the wild that can affect Mac OS X is a handful of trojans, which can be easily avoided by practicing safe computing (see below). Also, Mac OS X Snow Leopard and Lion have anti-malware protection built in, further reducing the need for 3rd party antivirus apps.
- Make sure your built-in Mac firewall is enabled in System Preferences > Security > Firewall
- Uncheck "Open "safe" files after downloading" in Safari > Preferences > General
- Uncheck "Enable Java" in Safari > Preferences > Security. This will completely protect you from the Flashback malware. Leave this unchecked until you visit a trusted site that requires Java, then re-enable only for your visit to that site. (This is not to be confused with JavaScript, which you should leave enabled.)
- Change your DNS servers to OpenDNS servers by reading this.
- Be careful to only install software from trusted, reputable sites. Never install pirated software. If you're not sure about an app, ask in this forum before installing.
- Never let someone else have access to install anything on your Mac.
- Don't open files that you receive from unknown or untrusted sources.
- Make sure all network, email, financial and other important passwords are complex, including upper and lower case letters, numbers and special characters.
- Always keep your Mac and application software updated. Use Software Update for your Mac software. For other software, it's safer to get updates from the developer's site or from the menu item "Check for updates", rather than installing from any notification window that pops up while you're surfing the web.
It could also be said that Apple doesn't "serve" it anymore and hasn't done since the release of lion.
If you want to eat off the menu then expect it to get less attention than the normal dishes.