Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
New 'MACDefender' Variant Installs Without Admin Password Requirement
- Thread starter MacRumors
- Start date
- Sort by reaction score
Well that is truly hilarious, you sir have made my day. You are in absolutely no position to call mac users stupid…:
From: https://forums.macrumors.com/showthread.php?p=12239246&#post12239246
I won't be taking any security advice from you...
Well, this is my last post since most simply do not take the time or seem unwilling to be properly educated on computer history and cyber security. Put simply, I stand by my posts as they are guaranteed to be historically and factually CORRECT on all counts.
What you may be seeing is people coloring what they perceive to be truth, when in fact it is society that has it wrong. It is comparable to how you have to be careful as an educator at schools/universities of the textbooks that are used now days because many are distorting historical facts trying to whitewash. The public may perceive a certain view or term as true, but it remains inaccurate.
My information is complete and 100% and as has been pointed out MANY times, forget everything here, including mine if you choose and properly educate yourself on cyber security at the places I referenced prior.
What you may be seeing is people coloring what they perceive to be truth, when in fact it is society that has it wrong. It is comparable to how you have to be careful as an educator at schools/universities of the textbooks that are used now days because many are distorting historical facts trying to whitewash. The public may perceive a certain view or term as true, but it remains inaccurate.
My information is complete and 100% and as has been pointed out MANY times, forget everything here, including mine if you choose and properly educate yourself on cyber security at the places I referenced prior.
One question. When you said
were you referring to popular perception or that the actual dictionary defined generic term was "virus"?
Idiots
I completely agree. If you are clicking ANY ads that say "your computer is infected! Download this!" then you are a complete moron and you deserve to be infected.
I completely agree. If you are clicking ANY ads that say "your computer is infected! Download this!" then you are a complete moron and you deserve to be infected.
Have you been reading any of this? Or just the first 3 lines.
It downloads automatically.
Um, hello, these are two separate issues here. A mac running a mac virus vs a mac that cannot run a windows virus.
Well, there is both a yes and no to that question. I read your posts and they seem to be very sound and valid. All I was trying to do in the end was get people to educate themselves because public forums like this contain a lot of factually incorrect statements.
In regard to "virus", it is as stated in my prior post. It is a generic term that remains true regardless of what sub-category the malicious code falls under or how it spreads. When you look up the WIKI on the term, you will see "computer virus" is stated to be erroneous but is often referred to for malicious code that would fall into various sub-categories. However, this too would be factually inaccurate at the generic term of implied use. To give a bit of general comparison to what I am referring to, let's take the word "gay". This word if you look it up in a dictionary has several meanings that has changed over the years, mostly due to popular society changing the root definition. In its basic root form, it is meant to represent "happy, someone that displays a lot of joy" etc. Now, apply this to what I was saying about the term "virus" and it becomes clear. At the root of the term, it represents anything that is defined as malicious code period. While there are indeed sub-categories that break down further, it's the historical root that remains true.
The same is true about "PC", it has nothing to do with IBM, the x86 platform, etc. If you go by true historical fact, regardless of popular culture giving it different terms or meaning they perceive it to be, it was defined long ago as simply "any computational device that is used in the home for personal use". This came about before there were actually any mass market computers at all and was defined at the root term long ago.
I think many people believe that only popular culture, as currently defined terminology, is the most accurate and true meaning when in fact that would be incorrect. Society may have different meanings for a specific word, but the root is still the correct use.
Best wishes, hope everyone truly does learn some facts though about real cyber security.
If you go to my company's website, you will find links to software that you could download. And many people have done it. Click on link, software downloads. That is _supposed_ to happen. We could also make a "download" button and if you click "download", it downloads the software. Now someone wanting you to install malicious software just puts up a question "Do you want to download this software", with three buttons named "Download", "No way José", and "I'll call the police right now", and each of the buttons will download the software.
No, it doesn't download itself. It can just easily trick you into clicking the button that starts the download. And right now they go through their spiel showing you a page that is supposed to be scanning your Mac and finding viruses, so that clever people can quit their browser while stupid people click and later pay money; they could easily have a website without these signs. In that case, better educated people would _also_ download the software, except these people wouldn't install it anyway even if it gets downloaded and the installer is started.
And what of older MacOSs?
And what of older machines and MacOSs?
It is irresponsible of Apple to create obsolescence of hardware by discontinuing operating system and technical support for older systems. This policy of Apple's creates more trash filling the landfills and is a waste of resources.
The solution is for Apple to make new software intelligently scaleable such that it recognizes the hardware it is being installed on and adjusts to fit within the memory footprint and hardware's capabilities. Yes, certain new features like transparent window shadows will not be available but there are many improvements which can be continued to offer for older hardware such as the folders in the new iOS which do not need any advanced hardware capability.
The benefit to Apple is they can continue getting sales of operating systems each year as they offer new versions of the OS with new features. Additionally Apple will gain more market penetration as the old hardware is kept active and passed down in families resulting in a larger user installed base. Charge for the technical support - obviously. Just keep offering AppleCare.
Apple should also encourage developers to support the furthest back operating systems and hardware possible.
And what of older machines and MacOSs?
It is irresponsible of Apple to create obsolescence of hardware by discontinuing operating system and technical support for older systems. This policy of Apple's creates more trash filling the landfills and is a waste of resources.
The solution is for Apple to make new software intelligently scaleable such that it recognizes the hardware it is being installed on and adjusts to fit within the memory footprint and hardware's capabilities. Yes, certain new features like transparent window shadows will not be available but there are many improvements which can be continued to offer for older hardware such as the folders in the new iOS which do not need any advanced hardware capability.
The benefit to Apple is they can continue getting sales of operating systems each year as they offer new versions of the OS with new features. Additionally Apple will gain more market penetration as the old hardware is kept active and passed down in families resulting in a larger user installed base. Charge for the technical support - obviously. Just keep offering AppleCare.
Apple should also encourage developers to support the furthest back operating systems and hardware possible.
Actually, it does indeed download itself, which is pretty easily accomplished via JavaScript. Ever been to one of those pages that says, "If the software does not begin downloading automatically, click here for the direct link."? Same thing. It's not a malicious technique, it's just being used for malicious purposes. Nor is that fact inherently dangerous, nor the fact that it automatically launches the Installer app. The user still must click through the installer, even though this latest version doesn't require a password when they do so. No security holes, except the user themselves.
jW
Running as a standard or admin user makes no difference.
That's only true for those who are uninformed. For those who are informed, "virus" refers to malware with specific characteristics which distinguishes it from trojans, worms, etc.
Again, false. Malware is the umbrella term to describe Mal (malicious) ware (software). Malware includes specific types, such as viruses, trojans, worms, etc. Your terminology is incorrect.
Even Microsoft has the facts on this straight:
You can also simply read the link at the bottom of this post.
Quite true, but that doesn't mean you shouldn't try to educate as many as possible. To effectively use computers, people must learn how to use them. It's not any different in learning how to recognize and avoid scams and malware. If they can learn how to use a computer, they can learn basics of avoiding threats. If they choose not to, that's their problem.
Yes, but Apple isn't responsible for forcing users to learn how to practice safe computing. You can only go so far in educating and warning and recommending proper actions, but the user is ultimately responsible for what malware they invite to their computer, regardless of what OS they run.
Yes, turning off JavaScript will prevent the download. The fact that it puts an entry in Startup Items doesn't make it a virus. It still can't do anything without the user's permission.
Based on your post, I don't expect an intelligent response, but name ONE virus that runs on Mac OS X. Just one.
This makes no sense at all. As technology advances, obsolete technology should die. Do you also think we should adjust our freeway speeds to accommodate horses and buggies?
Last edited:
Attachments
Language is an ever evolving thing. I would say that the root of the word is still a correct definition but it is by no means the only correct definition.
My only real issue with what you've stated is that you've come to a public forum, knowing that a term will most likely be taken to mean something and fought against that popular use.
Most of us don't care about the etymology of the word "virus."
Last edited:
You want to say "PC" means Wintel whereas clearly "PC" means personal computer even on the IBM PC (that's what the "PC" stands for and IBM is the brand). "Personal Computer" is platform independent by definition and PC is now an acronym for it. The fact that the majority of the public thinks of the "PC" as being Wintel doesn't mean it's correct usage of the term anymore than saying a virus is a correct catch-all term for Malware.
It's understandable why the public would think PC is Wintel when Apple's own advertising took advantage of that perception. The problem is that the hardware is now the same so the real difference is just the operating system (despite Apple's refusal to let anyone else install OSX on their computers).
In any case, the terminology is largely moot. One can usually tell by context whether they mean personal computer or Wintel. But then people can usually tell that with virus versus malware too, but that doesn't stop them from throwing a fit about it on here.
Apple could do this by simply not removing support from XCode for older systems. The reason Universal Binaries have dried up for PPC is that developers now have to include XCode3 to support PPC and that means working around or bypassing newer features in XCode4 to support it. No one made Apple dump all support for Universal binaries in XCode4 except Apple. And so if Apple won't support even the basics for older systems, you sure as heck can't expect developers to bother and as users of those systems get down to <10% of all Mac users or even less, there's little incentive to bother. What Apple did right in XCode3 was to make PPC almost a 'free' bonus. Now it's a PITA to support so people don't bother.
Microsoft supports older software for a much longer period of time, but they also have a lot more users using it so people use the excuse with Apple's waning support for older hardware on 'they need hardware sales to make money' but that's always been true and their support for older Macs has traditionally been much better. Obsolescence used to be based on a lack of power to run newer operating systems. But now lately with Apple it's based on a set schedule to dump support for it. For example, a quad G5 could run Snow Leopard just fine if it were available (my own upgraded 1.8GHz G4 runs Leopard very fast for that matter) and certainly 32-bit Intel could run Lion just fine except Apple dumped it. So it is Apple that is artificially making these machines obsolete not their inability to run current software in terms of power.
Last edited:
You blame mac users for 'being so stupid' but yet you have fallen for the very same social engineering trick yourself. You received an email from a sender you don't know about a package you weren't expecting that had an exe as an attachment and then proceed to run the exe using a Windows emulator. For someone who posts on a tech forum, that's really quite 'stupid'.
Security updates are provided for both the current OS X version and the previous one. That's keeping both 10.5 and 10.6 secure, which covers hardware over the past 5/6 years. You can have a 6 year old iBook which still receives security updates - I can't see any planned obsolescence there.
We're largely in agreement. Others here implied I was against educating users - I never said or believed that. I fully believe in educating users (and I have done so, working on the Genius bar for a year, I was always sure to give people as much information as I could), but I also believe there should be something else in place should it not work. The competition have such software in place (MSRT) and I think there may be a time, if not now, that Apple should have something similar. They've got the basics there, there is anti-malware software in SL, it's just not as effective as it could be.
I think there are two factors that produce this pattern of dropping support.
For PPC, it is due to relatively low market share of Macs using that architecture. Apple sales didn't really start to increase until the switch to intel so there are not enough PPC machines to justify the costs of maintaining support. G5s are 64-bit so this is not the issue.
For 32-bit intel, it is due to the implementation of security mitigations. Some important security mitigations, such as ASLR, can be brute forced for 32-bit implementations of the feature. NX also is not hardware based but only software emulated in the 32-bit intel architecture so it is more easily defeated.
I think these issues with 32-bit intel security implementations are the reason apple not only didn't invest in further developing such security implementation for the x86 architecture but also pushed the decision to move everything over to 64-bit to at least make exploitation much more difficult.
You still have to approve it. It still requires user intervention.
@rytif86
"There is some epic lols here. I'd honestly love to see the look on some of these mac zealot faces when these mac viruses began to appear. How's it feel to be knocked off of your pedestal for a change? Not too shabby, eh?
You still like the smell of your own farts? eww.. smug."
What Mac viruses? Show me one that is an actual virus, meaning it replicates and distributes itself without user intervention. I don't think anyone here who has any knowledge of the subject thinks Macs are immune to malware in general.
Last edited:
Agree.
Use brain people ! This is the best anti-virus protection.
How can they be so naive to entering a personal cc# data.
Ok, sure, the MacGuard package is downloaded automatically, but only after installing the avRunner package, and the avRunner package doesn't download itself. The user has to initiate the download of the initial package and run the installer, so I stand by my previous snarky comment.
Like everyone else has said, it's best to turn "open files after download" off. And better yet, don't click on suspicious links.
As I mentioned earlier, was merely Googling for images on Canadian Coast Guard Hovercraft. I did the search, I had a results page from Google of images, I was opening tabs by CMD-clicking on images, when I noticed something was downloading. It was MacDefender (or one of the variants I forget.) I don't know what it would have done, as I cancelled the download and trashed the partially downloaded file. But I didn't click on any dialogues to start the transfer. So, yes - something does get downloaded automatically.
I'm not worried about this, 'cause it is so easy to avoid by paying attention. But it's not quite as hard to catch as some posts have been claiming.
I'm not worried about this, 'cause it is so easy to avoid by paying attention. But it's not quite as hard to catch as some posts have been claiming.
