You probably don't have to click through the installer, but you do have to be running as an administrator. Something that no one should ever do on a day to day basis, for any reason.
which a majority probably do anyway.
You probably don't have to click through the installer, but you do have to be running as an administrator. Something that no one should ever do on a day to day basis, for any reason.
Blame windows users for this they are the only ones dumb enough to fall for it. Why because they are use to dealing with this kinda problem. The reason they used anti virus as a cover was to fool ex windows users into instilling it
First, for anyone that is an IT person or has advanced computer knowledge, you already know what I am going to say. Most of the public though, as evident here, simply lack that ability for various reasons.
The discussion/debate over the whole "virus" term is not made clear so let me try to help here. A "virus" is a generic term that is used to describe some sort of malicious code regardless of its behavior.
You're not an IT person then. The generic term is malware. The behavior of a malware is quite important to identifying its type, of which Virus is one. A viruses behavior is what identifies it as a virus. With different behavior, you can be faced with a different malware.
A virus is a self-spreading infection that requires no user intervention. It used to be that it would "piggie" back on legitimate executables by altering the code area and inserting itself between the runtime the program's entry point so that it would be executed first and then it would call the program itself so that no one suspects a thing. When anti-virus writers wrote generic code to detect any virus that did that, virus writers got a little more clever as to where the virus would hide itself and still get executed in the executable.
Viruses do not spread through network security holes. There's another term for that, it's called a Worm. A lot of "viruses" (Blaster, Conficker, etc..) are actually worms. They spread using either a remote root vulnerability (usually, a buffer overflow in a part of code that executes with administrative priviledges) or using a 2 part scheme which include a remote execution vulnerability and a local privilege escalation. The premise is the same, using the execution bug, the worm sends a malformed request to trigger the buffer overflow and insert enough code to fetch itself from a central source (or the infected host it's coming from directly). Once the target runs the code which now resides in the stack, the worm has downloaded and started itself. This second part will make sure to get administrative privilege if it doesn't have them and install/start itself. Worms have been around since the 70s, so don't go claiming it's new.
Then there's the good old trojan horse, spread through social engineering. This one is also an oldie. Force the user to run a program under the guise of it being something else entirely, as administrator for bonus points (though for botnets, usually an unprivileged account is sufficient to bind to a high port (over 1024) and to throw out some UDP/TCP/ICMP traffic for DDoS). Usually, throw in a cute fake error message after the stealth installation so as to make it seem the program would have run if not for "STACK HEAP UNDERFLOW ERROR #0xae4567fd". User confused, attacker already connected and having his way.
There's all sorts of other "Benevolent" malware, which are basically spyware or adware, which are mostly aimed at generating information for ad companies to either directly target you (by popping up banners at random) or get "market research" for free (collect your browsing/computer habits to build targetted ads). This can become quite invasive as they eat ressources and pop banners at random. This is mostly new from the late 90s though, all the other types I mentioned have been around since at least the 70s and old VAX/Unix systems.
Now you know. ... Wait where's a GI Joe when you need them ?
This came after discussing how the term 'PC' has come to mean Windows when it really means Macs/Windows/Linux etc.This too is a generic term that is used to describe any type of code that does some sort of harm.
wow what is it with some people on here acting like macs are only aimed at geniuses and everyone who uses windows must be a idiot
from someone who has a mbp and a desktop running windows with a neutral point of view a big part of the appeal in a mac is its suppose to be simple even if you are not used to computers, apple even go out of the way to market them to old people and other people who might not be computer illiterate and just because they are not good with computers it doesn't make them stupid like some people are making out.
also windows users are no more stupid then mac users, you have a mix of users for both so really yeah its sad to see how big an ego some people get from using a mac, they are designed for computer illiterate people.. anyone can use a mac after all?, so no its not stupid windows users at blame for this at all
plus if the reports that apple were receiving masses of calls from mac users who had fallen for this.. are you really just going to make up an excuse and say it must just be because they are ex windows users?
Wirelessly posted (Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_3_3 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) Version/5.0.2 Mobile/8J2 Safari/6533.18.5)
This is why, in the not too distant future, all Mac apps will be installed through the App Store. This kind of crap is a waste of Apple's time. No one is ever going to invent a 100% secure system. The gate keeper method probably solves 50%+ of security issues.
its those stupid pc users migrating over to apple that is making a bad name for macs
You've been a bit selective, quoting part of the OP's post and have missed what he was getting at I think.
Now that is quite funny actually - Your quote of what OP was getting at is cut short as well, leaving out the claim that "Virus" is the general term and "Malware" a specific one, which is what the reply was about.
Talk about being selective!![]()
This came after discussing how the term 'PC' has come to mean Windows when it really means Macs/Windows/Linux etc.
And he's right. If you ask the average bloke on the street, everything is a virus.
its those stupid pc users migrating over to apple that is making a bad name for macs
I'll just go back to gentoo linux on my PersonalComputer (Macbook Pro), what a dunce I am.
PC as always meant and still means "IBM compatible PC", a reminiscent naming scheme that came about thanks to IBM's PC which has always been a Microsoft platform. The IBM PC was both a hardware and software platform and as such to try to unmarry both specifications to generalize the term is quite wrong. It's an anachronism in this day and age as a BIOS equipped x86-64 system with Windows 7 is quite incompatible with the legacy IBM PC platform in many ways. Hence why the industry moved to Wintel to name these "boxes" quite a while ago (it was the 90s I think).
Of course, there's also just "personal computer", of which you have a much wider variety, of which namely PDAs, Smartphones and Tablets are also a part of (they are computers, and they are personal) and of which PCs with Linux and Macs are a part of .
The average joe on the street does not dictate my "slang" nor my technical terms. That he is confused by them is not my problem. I do not pretend to redefine his technical terms and vocabulary for his field, he will not do it to mine.
Anyone who lets "language" "evolve" (or devolve in this case) by the measure of the average joe is just as guilty. I don't go around construction sites calling everything a girder and hope it catches on.
As such, he's far from right. As an IT person ? He'd get laughed out of any technical interview for a security position coming in and claiming "virus" is a generic term.
Which is why I have Safari ask me if I want to open a file right after downloading...
To a user who has become infected - what is the difference to them whether it's a virus or a trojan? Ignore a virus' ability to spread - an infected user mostly only cares about their own computer, not those of others who could become infected as a result. It's all malicious code at the end of the day.
Saying what a person means is often not done, and in face-to-face conversations there is often ample opportunity to clarify meaning. In this site's format, there is need to correct lazy sloppy thinking to keep things clear for readers looking for answers.
Simple - a virus is something that can spread without the user having done anything, worms can do the same thing.
A trojan is something that spreads only when a user allows it to happen by the user engaging in some activity to allow it to happen.
The line here is that, you wouldn't be infected by a trojan if as a user, you were better educated about proper Internet safety/security. A virus/worm can hit an unpatched/vulnerable system without the user ever doing anything to cause the infection, so they are far more dangerous!
But the day will come for a true Mac virus/worm to appear, probably sooner than later.
They just need a way to deal with it, or have had the OS take steps in the first place to prevent it from happening.
"To a user who has become infected"
"Educating the user will only get you so far and you'll never be able to stop everyone from falling for trojan attacks."
I'm well aware of what viruses and trojans are. My point remains, if you have become infected, and people always will (you can't educate everybody), to that user it does not matter whether it's a virus or a trojan. They just need a way to deal with it, or have had the OS take steps in the first place to prevent it from happening.
Safari warns you if you visit a potential phishing site - no one's on here saying users should be left to learn for themselves in this respect. Phishing sites pose no risk if you're 'internet savvy', but not everyone knows to check the URL and so on. I don't see why Apple's approach to malware should be any different.
There are steps the OS takes to prevent it from happening, but should the OS totally prevent the user from installing/doing something bad even if the user wants to proceed with it? Maybe it should prompt you with "Allow/Disallow" from every single object you pull from the Internet?
As for the way to deal with it - it seems that is under development, but it will always be after the fact (the fix). Preventing infection by having educated people is far better to fixing the problem/cleaning up the mess after!
As I keep saying, you can't educate everyone, you're naive if you think you can.