Is this true about safari and malware?

Discussion in 'Mac Apps and Mac App Store' started by lpskater, May 5, 2015.

  1. lpskater macrumors newbie

    Joined:
    Jul 9, 2011
    #1
    I was on ebay a few minutes ago, trying to hit the "print shipping label" so I can send a recently sold item, and I received an "invalid certificate" notification through Safari. But when I checked, the certificate was valid until August 2015. Frightened about exposing my computer to a malicious site pretending to be the ebay postage page, I searched for this issue and came up with an ebay thread complaining about the same problem. Apparently it is a mac issue. You can read the thread here:

    http://community.ebay.com/t5/Technical-Issues/cant-purchase-on-ebay-using-safari/td-p/23860459

    One comment in particular caught my attention

    To others using Apple products, I posted in another thread about a new malware specifically targeting Safari and Apple products (ALL of them), and so far the security updates do not protect us. In the meantime, I would use Firefox (FF) with your usual security ad-on's and NoScript, which WILL protect you against this new scripting malware, and no not use Flash unless you absolutely have to (you can turn it on/off). Until Apple releases a fix for this. I am not going to risk getting malware just to use Safari, and in talking with my Apple techs., they agree. Just a head's up to help protect you.

    My question is, is this valid advice and information? I have switched to firefox and installed NoScript, (after making sure it was a valid site) because I don't want to invite malware. My mom's pc has that problem already, and I don't want to infect a few month old computer. Obviously I'm not an "expert" so any comments and responses would be appreciated.

    Thanks! :cool:
     
  2. 0d085d, May 5, 2015
    Last edited: May 5, 2015

    0d085d macrumors regular

    Joined:
    Apr 23, 2015
    #2
    You're no safer with Firefox than you are with Safari. You're just vulnerable to a different set of malwares.

    Since the eBay virus he talks about has been cleared up now, there's no reason to avoid anything in particular. I can't find any known vulnerabilities in Safari for the time being (somebody please feel free to correct me on this!), and the certificate problems are an admin error at eBay's end.

    Sure, you can disable Flash and Javascript, but you could also unplug the Internet and be even safer. A line has to be drawn somewhere between security and connectivity.

    Looking at this bloke's other posts, he does make valid points regarding security and vigilance on the Internet, but he also sounds a pit prone to overreaction and making grandiose claims. DO install an antivirus program, DON'T download anything suspicious. Doing anything more than that in my view is starving yourself to avoid food poisoning.
     
  3. scaredpoet macrumors 604

    scaredpoet

    Joined:
    Apr 6, 2007
    #3
    Nope, total FUD. Make sure you're running the latest version of OS X and you're fine.
     
  4. dusk007 macrumors 68040

    dusk007

    Joined:
    Dec 5, 2009
    #4
    You are always a bit safer with the less popular browser. When malware programmers target Windows they first go for IE because the least tech savy victims (the ones most likely to fall for phishing and click fishy stuff) and the most victims overall use it. Same goes for Safari on Mac. FF is propably the last to get targeted after Chrome which would be next in line after IE and Safari.
     
  5. MisterMe macrumors G4

    MisterMe

    Joined:
    Jul 17, 2002
    Location:
    USA
    #5
    Nonsense. This is another variation of the I'm-not-a-whore-I'm-just-popular defense used by Windows supports have touted since something like 2001. There are no viruses for OS X--not for Safari, not for Firefox, and not for any other OS X web browser. What you do have on OS X is adware. I am not sure if adware is technically malware, but it certainly acts like malware. Adware is distributed online by disreputable sites. However, it is also deliberately distributed by "legitimate" sites such as CBS Interactive's c|net.com.

    c|net Download.com's downloadable installers install adware by default. If you are careful, then you can avoid it. However, most users don't know all that c|net did after it retired VersionTracker. Therefore most users are likely to have adware if they installed software from Download.com in the last couple of years. However, there are free adware removal utilities that will rid you of it. If you know the names and location of the adware, then you may remove it using only the Finder.
     
  6. lpskater thread starter macrumors newbie

    Joined:
    Jul 9, 2011
    #6
    Thanks everyone for your responses....I'm always very careful about not downloading things from unknown or disreputable sites. Your comments made me feel much better about using Safari! :)
     
  7. zhenkaixin macrumors newbie

    Joined:
    Dec 10, 2012
    Location:
    Ladysmith BC
    #7
    Can no one rid me of this meddlesome beast?

    I cannot get rid of an annoying little Pop-up window that appears every 30 minutes or so - and always at start up - which states:
    "To view this web content, you need to install the Java Runtime Environment. Click more info to visit the website for Java Runtime Environment."

    I am then asked to click "OK" or "More info". I have run various virus detection and malware programs which tell me that there is nothing on my hard drive to affect my computer.

    Can anyone tell me how to remove this pop up?
     

Share This Page