Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Flashback Tidbits: Flashback Checker, OpenDNS Protection, Apple's Low-Visibility Security Team

After years of non-stop computing using Macs, I'm concerned. Largely for two reasons.

If one steps back and looks at the big picture, the most disturbing issue I have is amount of time Apple allowed to elapse with their head in the sand. Complete radio silence (lack of communication).

If their head was not in the sand, then they should have communicated with the user base, and in turn the public.

They've failed to learn anything about damage control from the other big corporations that have faced negative challenges. Communication is everything.

Second is the fact that by remaining silent, it invites nothing but speculation, none of which is good for Apple's reputation. They can only abuse the positive halo that surrounds them for so long, and eventually the users will turn against them. It also leaves Apple open to accusations that they are simply being arrogant.

No company is perfect, but by at least making your users feel as though they are appreciated, by conveying that Apple is doing everything it can to get a handle on this, they appear proactive, concerned, diligent, responsible and professional.

That's the Apple I'd feel good about.
 
msimpson said:
Microsoft has made 3-rd party security software all but obsolete? LMAO.

You obviously don't work in computer security, or have used Microsoft's ForeFront product. It is a weak product that most business don't rely on. Business for McAfee and Symantec security solutions, including endpoint systems, is busier than ever. The current APT landscape shows how sophisticated attacks have become, and that a multi-layer defense is priority number 1.

Apple could do more to improve its response to security issues, but the size of the security problems pale when compared to Windows. Windows 7 is a big improvement, but it still falls prey to the weakest link in the security chain - users who are uneducated and fall victim to phishing and other attacks.
Click to expand...

Security Essentials has been more than adequate on my Win7 machine. Of course it is always NAT'd behind my router and I don't use POP3 email or surf warez sites on it.
 
miles01110 said:
Maybe, maybe not. It wouldn't be surprising if the vast majority of those infected don't even know it. Malware on all platforms is perpetuated by the type of users least likely to install any updates at all.
Click to expand...
Can you substantiate that claim? I run regular updates. If this had been pushed out earlier my machines would have been protected earlier. (Although not having users run with admin rights probably helps).
 
C. Alan said:
The security industry, whether it be computer or otherwise, is a business model based on fear. So it is in their best interest to always put forward the worst case scenario.
Click to expand...

Ah, I tought you would have anything to prove false the methodology used to count those 600k computers
 
Last edited:
Oletros said:
Ah, I tought you would have anything to prove false the methodology used to count those 600k computers
Click to expand...

Actually after having done some more research, I may have to eat my own words...

The methodology they used to come up with the number was pretty clever. They took over one of the domains that the trojan was set up to check in with. According to this article, they counted the number of unique requests in a 24 hour period, and based their estimates off that.

So that number may not be that far off.

I hope the crow is good today, because I appear to be eating it....
 
Doc750 said:
Typical apple ...
Click to expand...

Last I checked this was an issue with Java so why is anyone harassing Apple for solutions

----------
ddarko said:
Well, it's good to know Apple is going after the botnet's command and control servers but wouldn't it have been great if it had pushed out the patch for the Java exploit back in February? They'd probably be dealing with far fewer infected Macs if Apple security hadn't been so complacent.
Click to expand...

What about if Java had never had said exploit in the first place
 
Supermacguy said:
Secrecy has it's place for new product announcements, but Apple needs to get its head out of its ass in regard to security issues. Start working with the good guys, communicate a little bit with them. Playing ostrich doesn't help anyone examine or solve problems.
Click to expand...

Apple put out notice that folks using Java should get it from the source so they get updates the moment they are released by the source. Same with Flash.

So how do they have their heads up their butts over an issue with software they didn't create.

Next you'll say that Apple needs to fix all the security issues with Windows because it can be run on Mac hardware

----------
msimpson said:
I sometimes wonder if these "security companies" who find these vulnerabilities, are not somehow connected to the hackers who exploit them.
Click to expand...

How do we know they didn't make these 'viruses' so they could find them, freak folks out and hype themselves
 
Am I the only one that thinks it's kind of heartening to know that Apple were keeping track of this enough to try and shut down the sink hole? Seems fairly pro-active to me.
 
These threads on the Flashback trojan are getting boring.

Macs are not immune to malware, but no true viruses exist in the wild that can run on Mac OS X, and there never have been any since it was released over 10 years ago. The only malware in the wild that can affect Mac OS X is a handful of trojans, which can be easily avoided by practicing safe computing (see below). Also, Mac OS X Snow Leopard and Lion have anti-malware protection built in, further reducing the need for 3rd party antivirus apps.
  1. Make sure your built-in Mac firewall is enabled in System Preferences > Security > Firewall

  2. Uncheck "Open "safe" files after downloading" in Safari > Preferences > General

  3. Uncheck "Enable Java" in Safari > Preferences > Security. Leave this unchecked until you visit a trusted site that requires Java, then re-enable only for your visit to that site. (This is not to be confused with JavaScript, which you should leave enabled.)

  4. Change your DNS servers to OpenDNS servers by reading this.

  5. Be careful to only install software from trusted, reputable sites. Never install pirated software. If you're not sure about an app, ask in this forum before installing.

  6. Never let someone else have access to install anything on your Mac.

  7. Don't open files that you receive from unknown or untrusted sources.

  8. Make sure all network, email, financial and other important passwords are complex, including upper and lower case letters, numbers and special characters.

  9. Always keep your Mac and application software updated. Use Software Update for your Mac software. For other software, it's safer to get updates from the developer's site or from the menu item "Check for updates", rather than installing from any notification window that pops up while you're surfing the web.
That's all you need to do to keep your Mac completely free of any virus, trojan, spyware, keylogger, or other malware. You don't need any 3rd party software to keep your Mac secure.

If you are required to run antivirus (such as by a school or work network), ClamXav is one of the best choices, since it isn't a resource hog, detects both Mac and Windows malware and doesn't run with elevated privileges. You can run scans when you choose, rather than leaving it running all the time, slowing your system. ClamXav has a Sentry feature which, if enabled, will use significant system resources to constantly scan. Disable the Sentry feature. You don't need it. Also, when you first install ClamXav, as with many antivirus apps, it may perform an initial full system scan, which will consume resources. Once the initial scan is complete, periodic on-demand scans will have much lower demands on resources.
 
To be honest I wouldn't panic. If nobody surfs with root priviliges everyone should be fine as I understand that for a specific command you'd need su access no?

And I don't know if the code even if embedded in a website could use the internal strucures and commands of Unix?
 
sweetie81 said:
To be honest I wouldn't panic. If nobody surfs with root priviliges everyone should be fine as I understand that for a specific command you'd need su access no?
Click to expand...
Root privileges aren't required for this trojan to infect. It can infect while running an admin or standard account.
 
KnightWRX said:
There is nothing in the OS that prevents viruses, that is a myth. Macs are not prone to viruses at all though for the simple fact that none yet exist for OS X.
Click to expand...

You should read what I said before replying. I said that macs are "less prone" to viruses, not invulnerable. As for what's in the OS that makes it this way? It's a four letter word: UNIX. That, and Apple has done a good job on the OS X side as well.

EDIT: Plus, there's sandboxing. While it is optional, it does help to prevent things such as code injection from doing too much damage. There is no Virus-proof OS and there likely never will be, but OS X is "less prone" than certain other OSes out there.
 
ddarko said:
It seems you haven't been following this story closely. The 600,000 figure is derived from widely used and accepted techniques and it's being reported as "confirmed" or "disclosed" because Kaspersky Labs, a very well known and prominent security firm, reproduced Dr. Web's findings.
Click to expand...

You're right - I haven't been following it very closely.
I have never believed that my Macs are invulnerable to viruses and trojans, so I use the web carefully. When the news broke, I followed F-Secure's guide to check for infection and found I was OK. Just to be safe, I turned off all the Java settings that people were advising could provide protection. Then Apple released a patch, so I installed that. I also have Xcode installed, so it seems like this might not have even done its thing on my machine even if I had come across it.

As far as it affects me, I've been following it enough. I'll just stop posting to forum threads about it.
 
GGJstudios said:
You can still remotely access Safari Preferences, right?
Click to expand...

Yes, but we don't use Safari.

I'm considering globally disabling Java on the Mac in the Java Preferences Utility and want to make sure that the LogMeIn Host Software doesn't use/need Java enabled in order to work.

Mac is running Snow Leopard.
 
toronado455 said:
Yes, but we don't use Safari.

I'm considering globally disabling Java on the Mac in the Java Preferences Utility and want to make sure that LogMeIn Host Software doesn't use/need Java enabled in order to work.
Click to expand...
If you can't get physical access to the Mac and you're concerned that disabling Java may cause you to lose access altogether, you could install TeamViewer on the Mac and use that as a backup connection. That way if disabling Java affects LogMeIn, you can still control the Mac via TeamViewer. I prefer it over LogMeIn anyway, because it includes free file transfers between computers, a feature I use frequently.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back