Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
You probably don't have to click through the installer, but you do have to be running as an administrator. Something that no one should ever do on a day to day basis, for any reason.

which a majority probably do anyway.
 
Blame windows users for this they are the only ones dumb enough to fall for it. Why because they are use to dealing with this kinda problem. The reason they used anti virus as a cover was to fool ex windows users into instilling it

LOL - never been to a Mac user group meeting have you?
 
First, for anyone that is an IT person or has advanced computer knowledge, you already know what I am going to say. Most of the public though, as evident here, simply lack that ability for various reasons.

The discussion/debate over the whole "virus" term is not made clear so let me try to help here. A "virus" is a generic term that is used to describe some sort of malicious code regardless of its behavior.

You're not an IT person then. The generic term is malware. The behavior of a malware is quite important to identifying its type, of which Virus is one. A viruses behavior is what identifies it as a virus. With different behavior, you can be faced with a different malware.

A virus is a self-spreading infection that requires no user intervention. It used to be that it would "piggie" back on legitimate executables by altering the code area and inserting itself between the runtime the program's entry point so that it would be executed first and then it would call the program itself so that no one suspects a thing. When anti-virus writers wrote generic code to detect any virus that did that, virus writers got a little more clever as to where the virus would hide itself and still get executed in the executable.

Viruses do not spread through network security holes. There's another term for that, it's called a Worm. A lot of "viruses" (Blaster, Conficker, etc..) are actually worms. They spread using either a remote root vulnerability (usually, a buffer overflow in a part of code that executes with administrative priviledges) or using a 2 part scheme which include a remote execution vulnerability and a local privilege escalation. The premise is the same, using the execution bug, the worm sends a malformed request to trigger the buffer overflow and insert enough code to fetch itself from a central source (or the infected host it's coming from directly). Once the target runs the code which now resides in the stack, the worm has downloaded and started itself. This second part will make sure to get administrative privilege if it doesn't have them and install/start itself. Worms have been around since the 70s, so don't go claiming it's new.

Then there's the good old trojan horse, spread through social engineering. This one is also an oldie. Force the user to run a program under the guise of it being something else entirely, as administrator for bonus points (though for botnets, usually an unprivileged account is sufficient to bind to a high port (over 1024) and to throw out some UDP/TCP/ICMP traffic for DDoS). Usually, throw in a cute fake error message after the stealth installation so as to make it seem the program would have run if not for "STACK HEAP UNDERFLOW ERROR #0xae4567fd". User confused, attacker already connected and having his way.

There's all sorts of other "Benevolent" malware, which are basically spyware or adware, which are mostly aimed at generating information for ad companies to either directly target you (by popping up banners at random) or get "market research" for free (collect your browsing/computer habits to build targetted ads). This can become quite invasive as they eat ressources and pop banners at random. This is mostly new from the late 90s though, all the other types I mentioned have been around since at least the 70s and old VAX/Unix systems.

Now you know. ... Wait where's a GI Joe when you need them ?
 
wow what is it with some people on here acting like macs are only aimed at geniuses and everyone who uses windows must be a idiot

from someone who has a mbp and a desktop running windows with a neutral point of view a big part of the appeal in a mac is its suppose to be simple even if you are not used to computers, apple even go out of the way to market them to old people and other people who might not be computer illiterate and just because they are not good with computers it doesn't make them stupid like some people are making out.

also windows users are no more stupid then mac users, you have a mix of users for both so really yeah its sad to see how big an ego some people get from using a mac, they are designed for computer illiterate people.. anyone can use a mac after all?, so no its not stupid windows users at blame for this at all :rolleyes:

plus if the reports that apple were receiving masses of calls from mac users who had fallen for this.. are you really just going to make up an excuse and say it must just be because they are ex windows users?
 
You're not an IT person then. The generic term is malware. The behavior of a malware is quite important to identifying its type, of which Virus is one. A viruses behavior is what identifies it as a virus. With different behavior, you can be faced with a different malware.

A virus is a self-spreading infection that requires no user intervention. It used to be that it would "piggie" back on legitimate executables by altering the code area and inserting itself between the runtime the program's entry point so that it would be executed first and then it would call the program itself so that no one suspects a thing. When anti-virus writers wrote generic code to detect any virus that did that, virus writers got a little more clever as to where the virus would hide itself and still get executed in the executable.

Viruses do not spread through network security holes. There's another term for that, it's called a Worm. A lot of "viruses" (Blaster, Conficker, etc..) are actually worms. They spread using either a remote root vulnerability (usually, a buffer overflow in a part of code that executes with administrative priviledges) or using a 2 part scheme which include a remote execution vulnerability and a local privilege escalation. The premise is the same, using the execution bug, the worm sends a malformed request to trigger the buffer overflow and insert enough code to fetch itself from a central source (or the infected host it's coming from directly). Once the target runs the code which now resides in the stack, the worm has downloaded and started itself. This second part will make sure to get administrative privilege if it doesn't have them and install/start itself. Worms have been around since the 70s, so don't go claiming it's new.

Then there's the good old trojan horse, spread through social engineering. This one is also an oldie. Force the user to run a program under the guise of it being something else entirely, as administrator for bonus points (though for botnets, usually an unprivileged account is sufficient to bind to a high port (over 1024) and to throw out some UDP/TCP/ICMP traffic for DDoS). Usually, throw in a cute fake error message after the stealth installation so as to make it seem the program would have run if not for "STACK HEAP UNDERFLOW ERROR #0xae4567fd". User confused, attacker already connected and having his way.

There's all sorts of other "Benevolent" malware, which are basically spyware or adware, which are mostly aimed at generating information for ad companies to either directly target you (by popping up banners at random) or get "market research" for free (collect your browsing/computer habits to build targetted ads). This can become quite invasive as they eat ressources and pop banners at random. This is mostly new from the late 90s though, all the other types I mentioned have been around since at least the 70s and old VAX/Unix systems.

Now you know. ... Wait where's a GI Joe when you need them ?

You've been a bit selective, quoting part of the OP's post and have missed what he was getting at I think.

He later said in that paragraph:
This too is a generic term that is used to describe any type of code that does some sort of harm.
This came after discussing how the term 'PC' has come to mean Windows when it really means Macs/Windows/Linux etc.

And he's right. If you ask the average bloke on the street, everything is a virus. They don't necessarily know or care what a trojan or a worm is. In the few years I provided technical support, I never had someone say they had a 'trojan', they always had a 'virus' - even though they rarely did. Of course we know (at least most of us here) that a virus is very different to a trojan but to the average user, it's all just malicious software that does bad things.

Regardless of what type of malware it is, the simple question is, can Apple do something about it? The answer is clearly yes, Microsoft managed it with the malicious software removal tool. Apple seem to have incredibly basic (and mostly silent) anti-malware software in 10.6 (link) but there's no reason they couldn't improve it and give it frequent updates.

My guess is Apple would hate to do it because it would be giving up one of Mac's USPs. Maybe they're going to sit it out and see if more comes along and ignore it if it doesn't. The upcoming OS update is a good move but I still think that Apple could take a more pro-active role in all this.
 
wow what is it with some people on here acting like macs are only aimed at geniuses and everyone who uses windows must be a idiot

from someone who has a mbp and a desktop running windows with a neutral point of view a big part of the appeal in a mac is its suppose to be simple even if you are not used to computers, apple even go out of the way to market them to old people and other people who might not be computer illiterate and just because they are not good with computers it doesn't make them stupid like some people are making out.

also windows users are no more stupid then mac users, you have a mix of users for both so really yeah its sad to see how big an ego some people get from using a mac, they are designed for computer illiterate people.. anyone can use a mac after all?, so no its not stupid windows users at blame for this at all :rolleyes:

plus if the reports that apple were receiving masses of calls from mac users who had fallen for this.. are you really just going to make up an excuse and say it must just be because they are ex windows users?

It's rampant here. I'm just ignoring it from now on. You can bet that when they grow up and get old, and a whole load of new technology comes out that all the younger generation understand and they're left in the dark, they'll think differently.
 
so is now the time to start seriously thinking about using anti virus software on a mac? I've always liked not having to use it but would rather be safe than sorry.
 
Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_3 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5)

This is why, in the not too distant future, all Mac apps will be installed through the App Store. This kind of crap is a waste of Apple's time. No one is ever going to invent a 100% secure system. The gate keeper method probably solves 50%+ of security issues.

Couple of problems:

1) - Malware writers will not care about the app store - they'll continue to look for holes to exploit. Having the "security" of a closed system would actually work in tehir favor.

2) apple could very well run into regulatory issues since they would essentially exert monopoly power over other companies by restricting access to apps from the app store.

3) Apple could let companies put their apps on teh App Store for free (i.e. no Apple cut) but that would cost Apple a lot of money to test and approve every app.
 
its those stupid pc users migrating over to apple that is making a bad name for macs

Stupid is as stupid does.

A PC does not make the person....maybe an education or lack thereof does in this case.

The smartest people can be pretty stupid when they start talking.
 
You've been a bit selective, quoting part of the OP's post and have missed what he was getting at I think.

Now that is quite funny actually - Your quote of what OP was getting at is cut short as well, leaving out the claim that "Virus" is the general term and "Malware" a specific one, which is what the reply was about.

Talk about being selective! ;)
 
Now that is quite funny actually - Your quote of what OP was getting at is cut short as well, leaving out the claim that "Virus" is the general term and "Malware" a specific one, which is what the reply was about.

Talk about being selective! ;)

Ha, well my point still stands, most people use the term virus (often incorrectly) and couldn't care about finer details, only that their data is safe.

I'll leave the OP to fight his own battles ;)
 
This came after discussing how the term 'PC' has come to mean Windows when it really means Macs/Windows/Linux etc.

PC as always meant and still means "IBM compatible PC", a reminiscent naming scheme that came about thanks to IBM's PC which has always been a Microsoft platform. The IBM PC was both a hardware and software platform and as such to try to unmarry both specifications to generalize the term is quite wrong. It's an anachronism in this day and age as a BIOS equipped x86-64 system with Windows 7 is quite incompatible with the legacy IBM PC platform in many ways. Hence why the industry moved to Wintel to name these "boxes" quite a while ago (it was the 90s I think).

Of course, there's also just "personal computer", of which you have a much wider variety, of which namely PDAs, Smartphones and Tablets are also a part of (they are computers, and they are personal) and of which PCs with Linux and Macs are a part of .

And he's right. If you ask the average bloke on the street, everything is a virus.

The average joe on the street does not dictate my "slang" nor my technical terms. That he is confused by them is not my problem. I do not pretend to redefine his technical terms and vocabulary for his field, he will not do it to mine.

Anyone who lets "language" "evolve" (or devolve in this case) by the measure of the average joe is just as guilty. I don't go around construction sites calling everything a girder and hope it catches on.

As such, he's far from right. As an IT person ? He'd get laughed out of any technical interview for a security position coming in and claiming "virus" is a generic term.
 
its those stupid pc users migrating over to apple that is making a bad name for macs

Yes it's the "PC" users that are "stupid". Clearly Apple do not rely on technical naivety in their advertising or have stores that dedicate half entirely to customer support.

I'll just go back to gentoo linux on my PersonalComputer (Macbook Pro), what a dunce I am.
 
PC as always meant and still means "IBM compatible PC", a reminiscent naming scheme that came about thanks to IBM's PC which has always been a Microsoft platform. The IBM PC was both a hardware and software platform and as such to try to unmarry both specifications to generalize the term is quite wrong. It's an anachronism in this day and age as a BIOS equipped x86-64 system with Windows 7 is quite incompatible with the legacy IBM PC platform in many ways. Hence why the industry moved to Wintel to name these "boxes" quite a while ago (it was the 90s I think).

Of course, there's also just "personal computer", of which you have a much wider variety, of which namely PDAs, Smartphones and Tablets are also a part of (they are computers, and they are personal) and of which PCs with Linux and Macs are a part of .



The average joe on the street does not dictate my "slang" nor my technical terms. That he is confused by them is not my problem. I do not pretend to redefine his technical terms and vocabulary for his field, he will not do it to mine.

Anyone who lets "language" "evolve" (or devolve in this case) by the measure of the average joe is just as guilty. I don't go around construction sites calling everything a girder and hope it catches on.

As such, he's far from right. As an IT person ? He'd get laughed out of any technical interview for a security position coming in and claiming "virus" is a generic term.

Completely missed my point. To a user who has become infected - what is the difference to them whether it's a virus or a trojan? Ignore a virus' ability to spread - an infected user mostly only cares about their own computer, not those of others who could become infected as a result. It's all malicious code at the end of the day. Their data is at risk either way. Educating the user will only get you so far and you'll never be able to stop everyone from falling for trojan attacks. What is the harm in Apple taking more pro-active steps on this?

Of course when I (and I will presume the OP) used the term 'PC' I referred to 'Personal Computer' in exactly the same way Steve Jobs regularly does on stage when he uses the same two letter acronym to describe Apple's products. The lesson in IBM's history was unnecessary.
 
To a user who has become infected - what is the difference to them whether it's a virus or a trojan? Ignore a virus' ability to spread - an infected user mostly only cares about their own computer, not those of others who could become infected as a result. It's all malicious code at the end of the day.

Simple - a virus is something that can spread without the user having done anything, worms can do the same thing.

A trojan is something that spreads only when a user allows it to happen by the user engaging in some activity to allow it to happen.

The line here is that, you wouldn't be infected by a trojan if as a user, you were better educated about proper Internet safety/security. A virus/worm can hit an unpatched/vulnerable system without the user ever doing anything to cause the infection, so they are far more dangerous!

But the day will come for a true Mac virus/worm to appear, probably sooner than later.
 
Saying what a person means is often not done, and in face-to-face conversations there is often ample opportunity to clarify meaning. In this site's format, there is need to correct lazy sloppy thinking to keep things clear for readers looking for answers.

Sorry, but when I see a lot of posters calling people idiots and morons and everything else under the sun for simply being ignorant of various technologies and malware threats, I wouldn't call that simply using good grammar or vocabulary. :rolleyes:
 
Simple - a virus is something that can spread without the user having done anything, worms can do the same thing.

A trojan is something that spreads only when a user allows it to happen by the user engaging in some activity to allow it to happen.

The line here is that, you wouldn't be infected by a trojan if as a user, you were better educated about proper Internet safety/security. A virus/worm can hit an unpatched/vulnerable system without the user ever doing anything to cause the infection, so they are far more dangerous!

But the day will come for a true Mac virus/worm to appear, probably sooner than later.

"To a user who has become infected"
"Educating the user will only get you so far and you'll never be able to stop everyone from falling for trojan attacks."

I'm well aware of what viruses and trojans are. My point remains, if you have become infected, and people always will (you can't educate everybody), to that user it does not matter whether it's a virus or a trojan. They just need a way to deal with it, or have had the OS take steps in the first place to prevent it from happening.

Safari warns you if you visit a potential phishing site - no one's on here saying users should be left to learn for themselves in this respect. Phishing sites pose no risk if you're 'internet savvy', but not everyone knows to check the URL and so on. I don't see why Apple's approach to malware should be any different.
 
Last edited:
They just need a way to deal with it, or have had the OS take steps in the first place to prevent it from happening.

There are steps the OS takes to prevent it from happening, but should the OS totally prevent the user from installing/doing something bad even if the user wants to proceed with it? Maybe it should prompt you with "Allow/Disallow" from every single object you pull from the Internet? :rolleyes:

As for the way to deal with it - it seems that is under development, but it will always be after the fact (the fix). Preventing infection by having educated people is far better to fixing the problem/cleaning up the mess after!
 
"To a user who has become infected"
"Educating the user will only get you so far and you'll never be able to stop everyone from falling for trojan attacks."

I'm well aware of what viruses and trojans are. My point remains, if you have become infected, and people always will (you can't educate everybody), to that user it does not matter whether it's a virus or a trojan. They just need a way to deal with it, or have had the OS take steps in the first place to prevent it from happening.

Safari warns you if you visit a potential phishing site - no one's on here saying users should be left to learn for themselves in this respect. Phishing sites pose no risk if you're 'internet savvy', but not everyone knows to check the URL and so on. I don't see why Apple's approach to malware should be any different.

Knowing the different kinds of possible attack vectors and the different types of malware out there goes a long way in preventing infections. Just lumping it all together and just "letting the average joe dictate what is and isn't a virus" is counter-productive to this required education.

If instead of just nodding and agreeing with him when he redefines the terms you educate him, you might have just prevented future infections. But no, let's just let average joe call everything a virus and go on his merry way right ? :rolleyes:

You're as much a part of the problem as he is with that attitude.
 
There are steps the OS takes to prevent it from happening, but should the OS totally prevent the user from installing/doing something bad even if the user wants to proceed with it? Maybe it should prompt you with "Allow/Disallow" from every single object you pull from the Internet? :rolleyes:

As for the way to deal with it - it seems that is under development, but it will always be after the fact (the fix). Preventing infection by having educated people is far better to fixing the problem/cleaning up the mess after!

There's no need to get snarky. All they would have to do for a start would be to keep this up to date: http://www.pcmag.com/article2/0,2817,2352102,00.asp They've got the beginnings of a very good solution there, they just need to put some focus on it.

As I keep saying, you can't educate everyone, you're naive if you think you can. See my phishing example above for a pro-active measure that succeeds when education fails. Whole operating systems are built around the concept that you can't trust the user to do the right thing, I don't see any reason why this should be different.
 
hmm

Maybe this will show that most windows malware is installed the same way this MAC one is . By the user actually running the infected file. Thats why security arguments really should not be used to say which OS is better because on windows most malware is run by the user not automatically.
 
As I keep saying, you can't educate everyone, you're naive if you think you can.

So your solution is to educate no one ? Throw out the baby with the bathwater much ? :rolleyes:

So what if we can't educate everyone, let's educate the ones we can. Let's not let them go one falsely believing that "the average joe" defines computer science/IT vocabulary.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.