Correction 99.999999% will never know they have malware, cause of ignorance and marketing that macs are completely safe and windows is a ticking time bomb.
And yes we do deserve weekly coverage, payback for those smug I am a mac / I am a PC ads.....
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
New 'MACDefender' Variant Installs Without Admin Password Requirement
- Thread starter MacRumors
- Start date
- Sort by reaction score
Correction 99.999999% will never know they have malware, cause of ignorance and marketing that macs are completely safe and windows is a ticking time bomb.
And yes we do deserve weekly coverage, payback for those smug I am a mac / I am a PC ads.....
If it's been said once, it's been said a million times...
...this is why you shouldn't run day-to-day as an adminnistrator account, either as the system administrator or as a user with administrator privileges.
It ain't difficult people.
...this is why you shouldn't run day-to-day as an adminnistrator account, either as the system administrator or as a user with administrator privileges.
It ain't difficult people.
If you read the thread, you would have seen it said several times, it makes no difference if you run a standard or admin account. None.
...this is why you shouldn't run day-to-day as an adminnistrator account, either as the system administrator or as a user with administrator privileges.
It ain't difficult people.
It really doesn't help you in the big wide world. If anything, as is evident here, it gives people a false sense of security. There's very little malware can't do even with access only to your user folder.
... and there's nothing that today's malware can do to harm a computer running Mac OS X, unless the user takes action that permits it.
You make some very good points. This malware is causing a problem for enough users that Apple felt it was worth addressing. Arguing over someone mistakenly calling it a virus is getting to be a bit idiotic.
A refreshing perspective on the OSX vs Windows discussion, especially on this site.
If you do not use an administrator account, are you safe from this? Can't you install apps as a normal user (in your own programs).
You can certainly execute downloaded apps right? (A dmg downloaded from the internet). Just perhaps not move it to the programs folder?
Or will it just ask for admin username & password and then proceed? Then I don't see what benefit this has. Unless of course you're not the only one using the mac and only you know the password to prevent the others from messing up.
You can certainly execute downloaded apps right? (A dmg downloaded from the internet). Just perhaps not move it to the programs folder?
Or will it just ask for admin username & password and then proceed? Then I don't see what benefit this has. Unless of course you're not the only one using the mac and only you know the password to prevent the others from messing up.
Aaaand yet another one here with no consideration for the people who weren't brought up in the 'Internet age'. Just try to imagine an elderly user who is just getting to grips with a computer - do they all have a sufficient understanding of what malware is?
The problem is the user. The user that cant understand that any pc/mac with connection to the internet is exposed to malware etc. We all love macs and the os but if you think like some yelling fanboys, that elfs made mac os and has magic powers, shut up and let rationale people guide the unexpirienced users.
virus/trojan/malware? its just an application.
A lot of people still seem to be confused as to the nature of this *trojan* so lets call it something else to make it easy for you...
It is nothing but an *application*, allbeit one that doesn't do exactly what it's makers tell you it does. Does that put it in to perspective for you? An 'application' people, you know, like photoshop or firefox... you choose to download, install and run it all by your self like you do any other regular 'application'.
Call it malware if you like, because at the end of the day it doesn't do good things for you and your computer, but it's not a virus, bears no resemblence in any respect, and doesn't use any other special 'hacker' techniques either. In this respect, the highly secure nature of the OSX platform hasn't changed one jot since its introduction.
By way of an example: at anytime someone could have written an application that gets you to type in your credit card details which are then sent to who knows where, and called that application 'fluffy bunny game' or whatever. Hell, they could simply write a web page to do the same thing and a similarly gullible/uninformed user would be suckered in the same way, however neither exploit a weakness in OSX - just the end user. The only caveat being Safari set to automatically open downloads which I agree is not a good default.
A lot of people still seem to be confused as to the nature of this *trojan* so lets call it something else to make it easy for you...
It is nothing but an *application*, allbeit one that doesn't do exactly what it's makers tell you it does. Does that put it in to perspective for you? An 'application' people, you know, like photoshop or firefox... you choose to download, install and run it all by your self like you do any other regular 'application'.
Call it malware if you like, because at the end of the day it doesn't do good things for you and your computer, but it's not a virus, bears no resemblence in any respect, and doesn't use any other special 'hacker' techniques either. In this respect, the highly secure nature of the OSX platform hasn't changed one jot since its introduction.
By way of an example: at anytime someone could have written an application that gets you to type in your credit card details which are then sent to who knows where, and called that application 'fluffy bunny game' or whatever. Hell, they could simply write a web page to do the same thing and a similarly gullible/uninformed user would be suckered in the same way, however neither exploit a weakness in OSX - just the end user. The only caveat being Safari set to automatically open downloads which I agree is not a good default.
Last edited:
If a standard user creates a folder named Applications in their home directory. They can install applications themselves without the need for an administrator account.
Still shocked by the number of posts containing at least some form of incorrect information here. About 95% or more from what I have read are in some way stating what they perceive as facts, but are most certainly not.
First, for anyone that is an IT person or has advanced computer knowledge, you already know what I am going to say. Most of the public though, as evident here, simply lack that ability for various reasons.
The discussion/debate over the whole "virus" term is not made clear so let me try to help here. A "virus" is a generic term that is used to describe some sort of malicious code regardless of its behavior. To demonstrate this, take the term "PC" and ask most what this means. Many will respond that it is Microsoft or not a Mac. They would be wrong however, because most ads, articles, etc. do not give proper technical terms since the general public has a basic frame of reference for what THEY believe it means. In contrast, a "PC" is in fact a generic term that is short for "Personal Computer" and it has no regard to a specific OS. It can be a Mac, Windows, Linux/Unix or whatever. This is the correct and proper term despite how the media and such state it to the public and is historically correct. Now, the same thing holds true for the term "virus". This too is a generic term that is used to describe any type of code that does some sort of harm. Where you get the different terms such as "Malware", "Trojan", etc. is all based on how this harmful code acts, spreads, is obtained, etc. Once this is known, then it is put into the various categories you see mentioned mostly.
If anyone truly wants to learn the FACTS and history behind these matters, I would urge you to read known technical sites that are accurate for computer security. The one I know of is Steve Gibson with the podcast "Security Now" that is a national cyber security expert. There are a few others too if you do your research, but they will give more details than you can find here or in most forums.
First, for anyone that is an IT person or has advanced computer knowledge, you already know what I am going to say. Most of the public though, as evident here, simply lack that ability for various reasons.
The discussion/debate over the whole "virus" term is not made clear so let me try to help here. A "virus" is a generic term that is used to describe some sort of malicious code regardless of its behavior. To demonstrate this, take the term "PC" and ask most what this means. Many will respond that it is Microsoft or not a Mac. They would be wrong however, because most ads, articles, etc. do not give proper technical terms since the general public has a basic frame of reference for what THEY believe it means. In contrast, a "PC" is in fact a generic term that is short for "Personal Computer" and it has no regard to a specific OS. It can be a Mac, Windows, Linux/Unix or whatever. This is the correct and proper term despite how the media and such state it to the public and is historically correct. Now, the same thing holds true for the term "virus". This too is a generic term that is used to describe any type of code that does some sort of harm. Where you get the different terms such as "Malware", "Trojan", etc. is all based on how this harmful code acts, spreads, is obtained, etc. Once this is known, then it is put into the various categories you see mentioned mostly.
If anyone truly wants to learn the FACTS and history behind these matters, I would urge you to read known technical sites that are accurate for computer security. The one I know of is Steve Gibson with the podcast "Security Now" that is a national cyber security expert. There are a few others too if you do your research, but they will give more details than you can find here or in most forums.
For that past 10 years or so, that is all the Windows platform has received as well. Windows hasn't had a virus written for it for years, all have been Trojans.
What we are seeing here is an advancement in Trojans for Mac OS X. Yesterday it was argued that you have to knowingly install it and put in an admin password. Today it is argued you have to knowingly click 'Continue' on an installer. Tomorrow...?
Not saying that OS X will have it as bad as Windows. But you'd have to be blind to say that people are certainly trying to infect Macs now, which is more than what could have been said before.
I think you're point has been made numerous times in this thread.
People will not listen though unfortunately.
It's an application which downloaded without the user's knowledge, and then proceeds to ask for a credit card number.
If you "fall" for this, you are stupid. It doesn't matter if people want to complain that it takes advantage of "not growing up in the internet age", or however you want to view it.
If you own a credit card, you should know not to give it out to anyone who asks.
If I disable Adblock/Noscript on my XP box at work, I will go read standard news sites and see a warning of an impending virus I must fix (and pay for) within the first 2 minutes. This doesn't happen on my Macs at home. That is not because they are a magical pixie-dust-blessed box, but it is because the barrier for entry is slightly higher than for Win32. Until now, most haven't bothered to try (and still aren't bothering to try). I buy OSX+Apple HW because it is my preference. Not all Mac users fall for the pixie-dust marketing.
Why is this even a "Mac vs PC" debate at all? It was inevitable that someone would start targeting Macs with the gain in market share (and gain media attention for it).
If you "fall" for this, you are stupid. It doesn't matter if people want to complain that it takes advantage of "not growing up in the internet age", or however you want to view it.
If you own a credit card, you should know not to give it out to anyone who asks.
If I disable Adblock/Noscript on my XP box at work, I will go read standard news sites and see a warning of an impending virus I must fix (and pay for) within the first 2 minutes. This doesn't happen on my Macs at home. That is not because they are a magical pixie-dust-blessed box, but it is because the barrier for entry is slightly higher than for Win32. Until now, most haven't bothered to try (and still aren't bothering to try). I buy OSX+Apple HW because it is my preference. Not all Mac users fall for the pixie-dust marketing.
Why is this even a "Mac vs PC" debate at all? It was inevitable that someone would start targeting Macs with the gain in market share (and gain media attention for it).
Hit the nail on the head.
The closest thing to an exploit on this is getting the popup in the first place and in some cases getting the "are you sure you want to leave this page?" dialogue on an attempted close.
They weren't magic elves (we aren't talking about Toll House cookies here...). It was of course the aliens who built Mac OS.
If windows users come across this all the time what makes you think they are dumb enough to fall for it?