Apple Plans Update to Address MacDefender Malware

... and the Windows fans had massive LULZ everywhere. ... maybe apple isnt as secure as was thought to be.. or rather.. apple fanbois aren't as smart as thought to be. Guess that $4000 system can be turned into a slow pile of junk now too huh.

Ever notice that when a Mac virus comes out, it makes headlines? That's because it's rare. Ever notice that when a Windows virus comes out, no one notices? There's already 750,000. What's one more?

I think is't funny I know some mac users that  arogant and think they will never have to worry about attacks those are the ones that will be hit the hardest. 

The beggining of the end is near. go to eset.com they sell good anti malware products for mac. Of couse the main thing even on windows is don't fall for the click her we can fix your computer. 

Macs are no less/more vulnerable than PCs. There simply aren't as many people using them. When someone writes a virus, malware, spyware, etc. the goal is for it to spread and effect as many computers as possible. That can't happen if they're only targetting the minority. Macs don't have fewer problems because the OS is better, they have fewer problems simply because far less crap is being written to screw them up (that goes for regular applications too, not just malware... fewer apps, fewer chances at crashes at the hands of someone's buggy code).

Uh, actually Macs are much less vulnerable than PCs due to the nature of the core of the OS.  PC's use Windows which has had many security issues over the years because Windows was built on top of DOS, which had no security.  In contrast, the current Mac OS, OS 10.X is based on UNIX, which had security built into it from the start.

Also, I would argue that the Mac OS is better because it was built on top of Unix kernal.  But Windows still has some shortcomings as it has had a long time to evolve from DOS to where it is today.  Windows 7 was probably the first Windows I really found to be stable.

Anyway, I have 2 laptops running Windows 7 and XP, a desktop running Windows XP, and a Mac Pro running Snow Leopard.

The Mac boots faster, never gets viruses, and almost never crashes.  While the Windows machines, even the XP desktop which is a gaming machine with a 2.4 Dual core processor takes so long to boot, I can go get a cup of coffee and make toast.  

But my Mac Pro is up in maybe 10 seconds or less.

Point of order, OS X is built on top of the Apple XNU kernal which hybrids the MACH 3.0 microkernal and the 4.3BSD monolithic kernal and adds Apple's C++ IO/Kit APIs.

 

XNU, btw, stands for "X is Not Unix".

Yeah, just like the BMWs and Mercedes are in the minority of cars, so they're not targeted by thieves. Makes total sense. It's not a zero-sum game - why only target PCs when you could target Macs & PCs?

NOT A VIRUS.

REGULAR PROGRAM. EVIL PURPOSE, BUT REGULAR PROGRAM.

YOU HAVE TO ENTER YOUR PASSWORD TO INSTALL IT!

NO SYSTEM IS IMMUNE FROM USER IDIOCY.

THAT IS ALL.

It's sad to see how people are working so hard to create malaware and viruses for OSX.  Why ruin something good?  Lets live in harmony!

 

1. Quote:"Macs are no less/more vulnerable than PCs."  This is a common hoax that many people fall for. Macs are actually less vulnerable than PCs for several reasons. Unfortunately the author of the preceding  comment has fallen for this common story of denial. 
2. The current Mac platform is built on a version of one of the many different UNIX platforms available. If you read the article you'll see that it's actually very easy to remove the malware this article discusses. Why is that? Because of the protections built into the UNIX style kernels it is much more difficult for any random piece of code to escalate its privileges to the point where they can successfully root a system. 
3. I'm not even sure you can call this attack malware. It's a social engineering attack.
4. If you write a convincing enough presentation, you'll always convince a certain number of users to do something for you, and in this case that "something" was to install the malicious code on their system. That's right, the computer operating system had nothing to do with this attack. This was a social attack that depended totally and solely on convincing the user to do something that they shouldn't do.
   1.  "Little pig, little pig, let me come in!"
5. Well as we all know, not only should you never let the Wolf in, and you should build your infrastructure out of something more substantial than sticks or straw.  ;-)
6. The assumption that people just aren't bothering to attack the various Linux and UNIX systems on the web is directly proven wrong by the fact that this article exists, and further is proven wrong by the fact that hackers tend to go for status and the status available from hacking into companies like Google who run the largest server farm in the world, almost all of it exclusively on Linux, is absolutely huge. Now of course Google is under attack all the time, "48 hours a day" :-). It is even rumored that Google is under attack by national security forces of certain countries. And yet, as far as I know, Google seems to remain operational. Well okay except for occasional glitches on Gmail. :-) it's not clear whether those are attacks or some other form of unhappy circumstance. 
7. Here's a snippet stolen from the about to be referenced website:
8. "Why? Some of the reasons were articulated nicely in (separate) analyses by Nick Petreley, Eric Raymond, and Karsten M. Self:
9. - System was designed for multiuser and networked operation from the ground up.
10. - System was designed to distrust and not rely (in the general case) on remote procedure calls (RPCs), especially not between hosts.
11. - System is profoundly modular, with the simplest, most generic possible interactions (often via pipes or textual interchange — even if then layered over sockets, etc.) between components (which can thus be individually changed, patched, upgraded, removed, or disabled as desired — without, in general, large interdependency consequences or cascade failures). Within that modular framework, functional substitutes exist and can be swapped in for almost all common security-relevant codebases. (E.g., if OpenSSH is having security problems, I can easily sidestep to LSH or any of several other SSH daemons. Ditto Web servers, ftp daemons, mail servers, etc. If need be, I can even change kernels.)
12. - System doesn't give software excessive privilege or easy paths to escalation. Components run with high privilege are kept as small and carefully checked as possible. Interacting components seldom even run as the same effective user ID, and thus are in a poor position to subvert one another's resources.
13. As a result of the above, system state is highly transparent, lending itself to effective scrutiny and management via simple, well-understood tools (including ps, netstat, lsof, lslk, fuser, etc.).
14. For details, please see Petreley, Raymond, and Self's more-comprehensive write-ups.
15. There are a series of articles referenced by the writeups from Rick Moen that you can read to learn more about this here:

 

 

If you are stupid enough to install this your an IDIOT to being with.

 

Yes it is very very impossible to get a virus on Linux/Unix and even mac os x.

 

Again these malware are a joke!!!

 

I can infect my machine and kill the parent and poof they are gone. Good luck on windows doing that.

 

So again .. you should not be using something so powerful if you an IDIOT.

 

It still requires a user to install it however, even if the "open safe files after downloading" option is checked, you still have to install it yourself. Don't install it and you are fine.