Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

New Java-Based Malware Targets Mac OS X, But Threat Level Disputed

Apple should make 'cancel' the default/highlighted button to go along with those nice red x's and the warning... if someone just hit the 'enter' key in a rush, at least it would not proceed.
 
leodavinci0 said:
They are not clear, which seems deliberate. Trojans are not like viruses, trojans require the user to accept it, thus the name. Since they say it runs an installer and modifies system files, it should be requesting a password for the system, like all mac trojans before it. As stated above, anyone who actually gives the installer, that auto runs after playing the video, your password is not being cautious or educated and deserves it as a means of learning the hard way not to do this. There will never be a way to stop Trojans on any OS, it's the viruses that are the real threat.

Still no viruses for Macs.
Click to expand...

Good point :D
 
Lucky736 said:
If you're dumb enough to type your admin password, and sometimes username, along with clicking enter to something you have no idea about.... you deserve it.
Click to expand...

Not only that, but the question is: WHY use Java in the first place? To run ridiculously-slow and badly-designed apps? It's a pretty much useless thing on Macs nowadays.
 
Durendal said:
Callous as it may sound, anyone who lets Facebook install anything on their computer, especially something that asks for your password (does this even do that?), is an idiot. Sadly, idiots abound in the computer world. Just take a look at that intellectual hellhole known as Yahoo Answers. It's horrifying.
Click to expand...

LOL, this is why i think most virus infection under either Mac OS X or Windows are user's fault. I mean, if you have good computing habits and never open a file that you have no idea about, then there just very tiny chance to get virus infection.

OK, as Mac gets more popular, we might starting seen more OS X virus coming.
 
Nanasaki said:
LOL, this is why i think most virus infection under either Mac OS X or Windows are user's fault. I mean, if you have good computing habits and never open a file that you have no idea about, then there just very tiny chance to get virus infection.

OK, as Mac gets more popular, we might starting seen more OS X virus coming.
Click to expand...

More OS X virus? when have we seen one yet? this isn't a virus its a trojan there is a difference.
 
Yvan256 said:
How do we completely delete Java from our system? I'm guessing a Spotlight search for "Java" will reveal most folders, but is there some other places to look for?
Click to expand...
I would think disabling Java in your browser preferences should be enough (unless the trojan exploits another hole to get executed after being downloaded).
 
Nanasaki said:
LOL, this is why i think most virus infection under either Mac OS X or Windows are user's fault. I mean, if you have good computing habits and never open a file that you have no idea about, then there just very tiny chance to get virus infection.

OK, as Mac gets more popular, we might starting seen more OS X virus coming.
Click to expand...

A virus acts without the user intervention. I don't think we'll see a lot of OS X viruses, but more trojans are to be expected. The most secure OS on the planet can't protect itself if the user gives root permission to install and run malware.
 
IMPMAC said:
What ever happened to the sandboxing thing in Java?
Click to expand...
People found a hole in the sandbox, simple as that. These things pop up every now and again, good reason to disable Java in the browser which I have done for years probably by now.
 
Yvan256 said:
A virus acts without the user intervention. I don't think we'll see a lot of OS X viruses, but more trojans are to be expected. The most secure OS on the planet can't protect itself if the user gives root permission to install and run malware.
Click to expand...
Viruses and trojans are not clearly separated species, their definitions overlap.

The definition of a virus is that is can spread on its own. The definition of a trojan is that it requires user action. These definitions do not exclude themselves.
If you count just visiting a website as user action (and thus trojan), then there is no species between a worm and a trojan. A worm requires nothing but a connection to a network or device (eg, USB stick), a trojan requires user action. A worm is almost always also a virus in that it spreads by itself, a trojan can be virus (ie, spreading by itself) or it cannot.
 
BRLawyer said:
Not only that, but the question is: WHY use Java in the first place? To run ridiculously-slow and badly-designed apps? It's a pretty much useless thing on Macs nowadays.
Click to expand...

WHY don't you get a clue and educate yourself a bit better? As a hint: Surfing on the net and checking emails are not the only things that one can do with a computer.
 
deceiver said:
WHY don't you get a clue and educate yourself a bit better? As a hint: Surfing on the net and checking emails are not the only things that one can do with a computer.
Click to expand...

Please enlighten me instead of saying zilt, then...Java has been deactivated on my Safari for a long time without any loss of functionality.
 
... Different things.

Guys, the java applets running in your browser are different than the java running from your command line and/or gui.

Uncheck java in your browser if you want, that's fine. But, do not uninstall java from your mac. Apple has apps written in java running on your mac. You actually do need java.

Stop comparing java and flash. That's dumb. I'm not going to debate it with you, you're just wrong.

Java has sandboxing in the form of you can't write directly to memory and the java in your browser is supposed to not being able to do system level calls from the browser. There's nothing in java to keep you from approving a self-signed root cert. Disabling java in your browser is fine and is a perfectly reasonable thing to do.
 
rhoydotp said:
or the sentence: This root certificate is not trusted ... and it's in RED :confused:
Click to expand...

Mind of a typical user:
Ooh! Red is my favorite color! Anyway, what's that? A root certici... cetrifi.. cefitric... oh! what a difficult word! Oh, I won't mind. *Reminds himself of the wise words used in the Keynote of Steve Jobs* "It's fantastic. It just works. It's amazing. You don't have to configure anything. All is set up for you. All you have to to is click, and all works for you" Oh? Really? Then I'll click accept.
 
zeemeerman2 said:
Mind of a typical user:
Ooh! Red is my favorite color! Anyway, what's that? A root certici... cetrifi.. cefitric... oh! what a difficult word! Oh, I won't mind. *Reminds himself of the wise words used in the Keynote of Steve Jobs* "It's fantastic. It just works. It's amazing. You don't have to configure anything. All is set up for you. All you have to to is click, and all works for you" Oh? Really? Then I'll click accept.
Click to expand...

HAHA this so true
 
Yvan256 said:
A virus acts without the user intervention. I don't think we'll see a lot of OS X viruses, but more trojans are to be expected. The most secure OS on the planet can't protect itself if the user gives root permission to install and run malware.
Click to expand...

not even close...
 
gr8whtd0pe said:
you can not modify system files to bypass anything with out giving it your password. Even in terminal you have to become SU to do anything...

Right??
Click to expand...
That's not necessarily true. The ideal security says yes, but there can be flaws in the software that permits privilege escalation through buffer overflow, stack overflow, etc. Terminal is not designed to be a malicious software.
 
Great.. now i need an antivirus for my MAC , ok , so mby i can go back to XP now?
ps
ok, with every year we are going to see more and more viruses for macs, because with every year there are more and more macs sold in different countries. Let the party begin:)
 
dnaida said:
Great.. now i need an antivirus for my MAC , ok , so mby i can go back to XP now?
ps
ok, with every year we are going to see more and more viruses for macs, because with every year there are more and more macs sold in different countries. Let the party begin:)
Click to expand...

http://www.clamxav.com/
From site:
ClamXav is a free virus checker for Mac OS X. It uses the tried, tested and very popular ClamAV open source antivirus engine as a back end.
Click to expand...
 
dnaida said:
Great.. now i need an antivirus for my MAC , ok , so mby i can go back to XP now?
ps
ok, with every year we are going to see more and more viruses for macs, because with every year there are more and more macs sold in different countries. Let the party begin:)
Click to expand...
:confused:

This isn't a virus. A virus acts without any help from the user.

It's a trojan. A trojan requires you to do something stupid for it to wreak its havoc.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back