MacDailyNews - Where Mac news comes first

Not a virus; it's a flaw in Safari (please see related articles below)

Which articles?

I don't really know the difference between a virus, a worm, a trojan horse, and a vulnerability. I'd like to...

I'm convinced - so called experts don't fully understand how a computer works.

As it turns out I know Dan Goodin. Dan lives about 3 miles from me. He is a lifetime Mac user and writes 'how to' books.

I don't know anything about this 'virus' but the next time I see Dan I'll ask.

my mac crashes every 10 seconds, its filled with bugs and viruses, safari crashes without a warning, so does ichat and iweb. its full of viruses.

also i noticed safari makes text bolder than it really is.
for example, a regular verdana text looks like verdana bold on safari while it looks normal on firefox or internet explorer.

this is a huge issue especially if you design a web site.

Don't forget... "The number of discovered Mac vulnerabilities has soared in recent years, with 81 found last year, up from 46 in 2004 and 27 in 2003"

Of course they don't put this into context by listing the number of windows vulnerabilities.

Google is the stupidiest search engine in the world, i cant ever find anything decent on google, its simply stupid.

they are full of promises but nothing really works right, their calendar doesnt even work on safari browser their froogle thing is a crap, i get tons of spam in my gmail account, and im gonna stop using it.

i get like 5000 spam messages to my gmail account every day.

stupid google.

OK, I run my Mac as "Root" How do I change over to non root? How do I add programs if I am non root. PLease explain in a long winded description so I can convert to non root and understand what to do. What I can and can't do as non root. Thanks much!

Don't they mean 'untarnished"?

Several
Plz get a life, beacuse even a Dell runing Windows XP would not crash that many times, let alone a Mac. Dont post shit if you dont no what you are talking about.

I managed to download leapA when it showed up. Terminal opened up much to my surprise. I closed it out immediately. No obvious problems in the month+ since.??? I still feel like a dumb ass however.

This recent splashing of "Mac OS X" virus on major news sites is just a FUD campaign aimed at reducing the effectiveness of the anticipated launch of Apple's new ad campaign. Monkeyboy Ballmer has his hands all over this. That's all it is.

BTW, Mike, you're not serious, are you? I smell a WinTroll.

Mike -

Root itself is turned off and disabled by default in Mac OS X. You need to go to Netinfo Manager to actively turn on Root and set its password. And even then, with the root user enabled, you still need to log in as root.

The first user account in the list of users (the one who initially set up the computer) is a power user. Even he doesn't have root capabilities.

You want very good root security? Use Netinfo Manager to turn on root, use a password generator to make a tough as hell password to crack, set it as roots password, and then disable root again.

If you download whatever you find on the net (simbl etc) o fcourse
your Mac can crash,like your car does if you fill it with shit and water in to the tank.

Common sense ! ! ! Please

SEVERAL:

It appears that you are being very presumptuous about the true cause of your problems, it sounds like you have a hardware problem, or you are a Wintroll.

Mike,
Can't tell if you are serious or not.

It's very easy (and, possibly, foolish) to use an Admin account for User tasks, difficult to run as "root". Apple made it easy enough to create an Admin account and never mentions how to get to "root".

It's easy to switch from using an Admin account (possibly dangerous to the whole system) to using a User account (possibly dangerous only to that account) for your user activities. Open System Preferences and create a new account without the Admin privs, then use that all the time.

Need to update your system? No problem. From your user account, tell the system to install it! The system will come back and say you lack permission to do that (a feature) and give you the choice of (Authenticate) or (OK) - my representation of 'buttons'. Click (Authenticate) and it will ask you for an Admin account name and the password for that account. Get it right and you enter 'sudo' land briefly - the action requested works as if from your Admin account. No reason to ever log in through your Admin account.

Engage in "risky behavior"? Set up another account with Parental Controls activated! Limit the programs that account can run - NOT Terminal, for example - so that even if you find something evil:
a) there isn't much it can do
b) it can only do it in this toss-away account
Not a Perfect Solution, perhaps, but quite effective for the truly modest amount of effort involved.

Actually I think this latest rash of FUD falls into the "any publicity is good publicity" category. It's still plainly obvious that the Mac is way more secure than Windows, and the article gives the platform higher visibility and mentions the "growing market share". The Mac is getting street cred.

Yes, Mac Nutjobs, this is a GRAND CONSPIRACY by Microsoft, the CIA, and the Dark Side to keep Apple down. Nothing in these news reports is at all true. The reporters are, in fact, Redmond employees who receive daily marching orders from Bill and Balmer. Now then, let's all kneel before our Macs and masterbate.

UNIX,
When I read "several's" comment I figured it was tongue-in-cheek. Starting with the "crashes every ten seconds" thing - when was the last time you used a system that could boot up in ten seconds? Perhaps he meant after ten seconds of finishing booting ... possible with auto-login and some seriously foolish actions.

Auto-login ... don't use it! Even if your system is in a locked room in a secure corridor of Fort Knox. I know people like my mother love the ease of just booting up and checking their email without having to bother with nasty user names and passwords, but it really isn't a good idea. As you will find out if you tragically install a user-level program/script that crashes your auto-login account as soon as you log in.

Re: Mac-PC Font Size Differences

There is a good article on the topic here....

http://db.tidbits.com/getbits.acgi?tbart=05284


In short, long, long ago when GUI was first being designed and introduced, Apple decided to stay with the printing industry standard of fonts being divided into 1/72nds of an inch, a "point". A font size of 72 points was exactly 1 inch tall. This was an international standard for the printing industry.

Microsoft, in their infinite wisdom decided to use 96 dpi. It wasn't even an understandable "100" which could have some level of rationality to it, but it may have been based upon the resolution of common computer monitors. The actual reason to ignore industry standards is still unclear.; perhaps it's just Microsoft being Microsoft.

To this day, the battle rages and to make it even more difficult, HTML only offers 7, nonstandardized, fonts sizes to choose from. In the days of the early internet, PDF was strongly considered as the standard. It would have kept with existing printing standards, fonts would be sent with the document and would not be limited to a few styles and sizes and it also allowed for vector graphics (enlarged without losing detail) rather than bit mapped graphics. Unfortunately, the low speed of data transfer and the general public's obsession for instantaneous gratification, resulted in creating a smaller and faster files, resulting is equally poorer web pages; HTML.

I am hoping with more people getting faster internet connections that PDF will become the standard for web design. The viewer will see exactly what the designer created regardless of browser or computer platform. The only 2 things holding this up is the inability of American designers to think different, to hang onto archaic standards in a phobic reaction to learning something new, even though it is obviously a better means to a much better end. Imagine making your website using ANY type of publishing program and simply (on a Mac at least) save as a PDF to your ISP folder, and knowing with 100% assurance that the viewer will see it exactly as you created it.

Naawwww... too easy... too simple... and Microsoft has no stake in it... Yanks too dim-witted to see something awesome 2 inches from their nose... it'll never fly.

Just goes to show how the various media outlets regurgitate whatever the AP puts on the wire.

Not sure how many of these early posts were satire. Like Mike and his root story or several and the Verdana font story. Very funny stuff!

Wow, an unvarnished track record. I wonder if the local hardware store sells track record varnish so we can fix it up nice.

Joe,
Nobody said anything about the CIA or 'the Dark Side' - unless you equate tDS with Redmond. The 'reporters' could be mistaken, or idiots, or PC trolls - or they could be posting from within MS, as do various anti-Linux trolls.

None of it 'true'? Well ... the report noted above is just so much FUD. About the only things that might be accurate are:
1) the source
2) the author's name
3) the reported good reputation of Mac security
4) the reality that OS X is NOT invulnerable

The rest is FUD - Microsoft's favorite weapon for the past 20 years. The only thing they produce more of would be vulnerabilities. I guess the users don't help, though - they like to run user tasks from Admin accounts and have the system log in at power-up even more than Mac users do.

If looking for Mac news, look no further than:

http://www.macsurfer.com/

and

http://mac.watchster.com/

Between those two, you should be able to find all the people who have picked up on this story and their basis for picking it up. I suggest stopping the FUD before it spreads too fast.

Context context context. Perspective perspective perspective.

The real FUD in these kinds of articles is that the world's precious Windows platform might just come crashing down around us after all, with or without viruses.

The real FUD is being felt by the IT people who have been brainwashed, and who have in turn brainwashed the companies and individuals they serve. IT personel the world over may just have to fess up that no one and no company has to use Windows to get their work done - period. Its all been a big lie and the world has been a "Stepford" Consumer of MS Windows, and the robotic minions are beginning to awaken.

Come on world, you can do it - WAAAAKKKEE UUUUUPPP!!!!!

So a flaw in Safari is not a Mac OS X virus but a flaw in Internet Explorer is the end of the world for PC users?

Cant get my foot out of my mouth.

please slap me

This is the same FUD dishonesty that MickeySoft uses regularly against Linux. MS uses the Joe Goebbels approach -- throw enough mud and some of it is bound to stick.

Hypo... you must be a computer newbie. Look up the definition of "computer" virus.

"nobody's giving you a million dollars via random email"


Dagnabbit.

"my mac crashes every 10 seconds, its filled with bugs and viruses, safari crashes without a warning, so does ichat and iweb. its full of viruses.

also i noticed safari makes text bolder than it really is.
for example, a regular verdana text looks like verdana bold on safari while it looks normal on firefox or internet explorer.

this is a huge issue especially if you design a web site."

I suggest you check your fonts - if main applications are crashing it's 90% a font issue (conflicting or corrupt) NOT a virus. That's PC mentality - "if I'm crashing it must be a virus" Just because you feel a drop of water doesn't mean there's a thunderstorm.

Yes, I am serious. It sounds like I am running in Admin now and need to open a new account and base myself off of the new account and turn off terminal in that new account since I have no need for it. Thanks for the help

Mike,
Don't worry much about Terminal. It's generally not a problem. The only ways to "turn it off", without setting up a limited "Parental Controls" account, are to delete it - BAD idea - or move it. You can hide it in plain sight just by moving it to the Applications>Utilities folder in your Admin account's home directory. You won't be able to run it from your user account but it will still be available should you need it. This may complicate some installs, but will add a bit of security in the process.

Seriously! Didn't anyone notice the one guy's name later in the article?

"Apple asked the man, Kevin FINISTERRE, to hold off publishing the code until it could patch the flaw."

Sure looks a lot like a derivation of "Window" in a few other languages!

German - fenster
French - fenêtre
Italian - fenstra

Was this published April 1st?

MW = reported
as in, he's a fool for having "reported" this crap!

A Google search of articles written by Dan Goodin leads to the conclusion that he is of the chicken little (the sky is falling) school of journalism. One of the posts claims that Mr. Goodin is a Mac user, thats hard to believe as every thing he writes about Apple is of a neg. nature and the few articles that I took time to read before i became bored appear to poorly researched. I guess that he's to busy writing drivel to bother with something as trivial as the facts. No wonder the world looks down on journalist when they are as full of it as Mr. Goodin appears to be.

There's a guy in my office who clipped this article and had it sitting on my (Mac) keyboard. We've been debating about Mac vs. Windows for a few weeks. He's convinced that Mac users are fanatics who "believe-in" the Mac Religion against all common sense, and that our cult is not based on a superior user experience, but rather the smugness of being in and elitist clique.

So I said "No Kool-Aid for you!"

First off the is B.S. Mainly because he was trying to click on a "link" (executable) "that promised pictures of an unreleased update to his computer's operating system". He must have authorized for this to run. He must have been trying to download a hack and got took.

This thing is a virus from the information I'm getting about what it does. It uses a hole in Safari to install a virus that turns the Mac into a spam zombie for instant messages. It sends out ten IMs with a copy of the virus in it. Apparently this virus deleted some of his system files and created some new files. It says it didn't do the full ammount of damage because the fool who wrote it made a mistake. The full code wasn't executed. But this is a bad virus for the ammount of stuff it did to the systems.

I thin Mac users need to protect their systems like Windows users because it's only a matter of time.

Why is this article being published today? This is old news and hit the airwaves right around Valentine's Day. Can anyone explain that? Maybe the author was hard-up for a story.

The full article says this happened to Daines in mid-February. Wasn't that when the Ooompa/Loompa whatever-it-was got posted in MacRumors?

If that's the case, this is old news being ruminated like a bunch of dairy cows.

This is not BS. It doesn't matter what he did to allow the viurs on his system the fact is it got on there. Most Windows viruses get on their because someone installs pirate software or open infected emails. This could be the same problem for a Mac. Sure you can tell them not to allow the programs to be installed but some people won't pay attention. That's why Windows has so many viurses, too many people don't understand the threat and they use poor security practices. I think many Mac users are in denial.

move along folks, nothing to see here.

It was just Oompa-Loompa.

I must be doing something wrong -- I've never had a crash on my Intel iMac, just two kernel panics both when I had the computer asleep overnight.

I feel so left out...

I read in MacWorld that it was best described as a Trojan horse that had both virus-like and worm-like behaviors. So it's not unreasonable to describe it as a "virus" even though that's a simplification.

Unvarnished?! OS X's rep has never been finished with wood finish? Untarnished.

Re: Mike Buonarroti

Oh, for heaven's sake - the biggest problem with websites today is all the web designers who put "pretty" as a ghigher priority than _legible_. For most web pages there is no reason to specify a definitive font size - let the READER decide what size text they need - use relative font sizes. That way we can read the content, not hammer the "+ font size" key combo every time we come to a page that thought lining up fancy boxes and pictures was more important than being able to read without getting a migraine.

PDF would not have been the answer. Still isn't. Bandwidth has nothing to do with it. PDF is for printing. Websites are (supposed) to be for screen reading.

See? I can generalize too.

It's a hybrid. The only thing that makes it truly a virus is that it replicates itself and spreads. That's the only thing that makes a virus a virus. Also many folk use "virus" to describe any form of malware. But in the strictest technical sense this is a Mac virus.

One of our favorite Mac writers, Paul Thurott, says that all this virus FUD is nonsense.
How about that?

http://www.internet-nexus.com/2006/05/viruses-catch-up-to-mac-or-do-they.htm

"Unvarnished?! OS X's rep has never been finished with wood finish? Untarnished."

Untarnished because Apple uses a secret digital blend just for brushed metal interfaces.

As a regular know-nothing all I can say is that I have owned a number of PC's for several years and bought my first MAC last spring. I now have three IBOOK's that have not given me a lick of trouble, period! While the Dell laptop that I kept for the legacy of software that I had to purchase has now been formatted with WIPE DRIVE three times in the last year alone. Several times in the last three years. I finally said enough is enough. Sometimes you just have to cut your losses and look for an alternative. So what if I've spent hundreds of dollars in software. At least it wasn't thousands

several,

my mac crashes every 10 seconds

Really. Then how are you able to run Safari, iChat, and iWeb?

How do you have enough runtime to determine your system is full of viruses?

Nice try. Troll.
Now go back to myspace before your mommy sees you here.