MacDailyNews - Where Mac news comes first

Mar 29, 08 - 10:40 am Comment from: Wandering joe

Ah the joys of enterprising young souls. Scare us all into throwing our money away. Might work on switchers who only have 'doze to relate to, though.

Don't call me dude.
I hate that.
Don't make me take you to church, young man.

Mar 29, 08 - 11:22 am Comment from: LordRobin

How is this even a security issue? This is just an automated lying salesman. Hey, it's progress. It used to be that you need a human Circuit City associate to scam you into buying sh*t you didn't need.

------RM

"Do not eat iPod shuffle"

But I like mine with ketchup.... Why not?

We're turning off our Mac OS X firewalls for the entire weekend in honor of the duplicity. Oh, wait, they're already off. They've been off for a months.

Very foolish, MDN. Unless of course you're running hardware firewalls...

You sound like the small-town proud resident, who never locks their doors and leaves the keys in the car, just because the neighborhood "has always been safe".

Your confidence in OS X's security is commendable, but there are some basic security steps one has to take regardless of platform.

What are the odds that Cookies, Caches, Universal Binnaries, etc. are all 2313.5MB? With that kind of coincidence karma, the owner of that computer needs to buy lottery tickets now!

In all seriousness, what website can I go to in order to try the Imunizator? I wouldn't mind trying this on my test machine.

Is it me, or does MDN always take on the tone of Mac Fanboys that deride anything that hints and OS X insecurity and spins real examples of security flaws (the recent Safari exploit that netted a free MacBook Air) into "good job, we'll be safer now that the flaw is found?"

"Relax, we're Mac users, dudes. And, we do take personal computer security seriously, that's one of the reasons we have Macs. As always, do not download, authorize, and install software from unknown, untrusted Websites or any other sources." Wow, way to fuel the Mac-snobbery fire.

"Immune" has 2 m's as well.

But the designers did such a nice job with the GUI. It's not your standard "Interface Builder" junk. They made custom, shiny buttons, and a nice gradient. What's more, they employed the security framework (ie, the padlock), which is not a trivial thing to program. You'd think with the amount of time these guys spent on coding this software, they could put their skills into something beneficial.

Mar 29, 08 - 12:22 pm Comment from: HMCIV

If I had a palatial headquarters, I'd run screaming down it every day, just because I can.

I wish the Redmond skunk works would just focus on their own scat instead of trying to create diversions.

I like cookies, mostly chocolate chip

Mar 29, 08 - 01:56 pm Comment from: Cubert

JC! The sheer desperation of the attempt is telling enough.

Mar 29, 08 - 01:58 pm Comment from: Boyarsky

What exactly does it do?

Mar 29, 08 - 02:02 pm Comment from: Cubert

"You'd think with the amount of time these guys spent on coding this software, they could put their skills into something beneficial."

Or at least put a little more thought into the glaring flaws.

how a firewall offers ANY protection?

Firewalls block traffic, except to services being used. How does that help? If I turn on file sharing, traffic on file sharing ports is not blocked. If I turn off file sharing, traffic is blocked, but it wouldn't get through anyway, because file sharing is off!!!

Firewalls are placebos. AV software are band-aids designed to cover open wounds(known vulnerabilities). Neither is a real defense.

Mar 29, 08 - 04:00 pm Comment from: qka

Turning your firewall off is pure folly.

You've got the security tools at hand. Use them.

As for the folly of running anti-virus, I am in agreement there.

However, I will admit to running a ClamXAV scan about twice a year, just to prevent passing a Windows virus along to the unfortunate.

What then, does the firewall do for you?

If you don't have any services turned on, what is the firewall protecting? Then again, if you do have a service turned on, what is the firewall protecting?

Smug Mac veterans who are fairly savvy, feel free to mock this. But there are a lot of new Mac users who are former Windows users who've moved over to avoid spyware/viruses that used to plague them. WHY did it plague them? Because they engaged in behavior that put it on their PCs. Now they are using Macs, and guess what? They think they don't have to worry because . . . they are using Macs. So, their bad behavior will continue on the Mac side of the fence, and the makers of malware know it. These little scareware programs are just the beginning. As the Mac installed base swells with disaffected Windows users, it will get worse. A lot worse.

Mar 29, 08 - 06:05 pm Comment from: ken1w

> These little scareware programs are just the beginning. As the Mac installed base swells with disaffected Windows users, it will get worse. A lot worse.

Nonsense. The difference is that if a hacker compromises a Windows PC, they can do a lot things like make it a spambot to spread the compromise to other Windows PC. They can do a lot of things that are worth their time and effort.

If you compromise a Mac, you gain access to the user's account, if anything. So much work for so little gain. It's not worth the effort for the hacker. That's why malware has not become epidemic on Mac OS X so far. That's why it will continue to be highly publicized nonsense, the few times they appear.

Mar 29, 08 - 09:27 pm Comment from: AppleMacMan

Sophos isn't kidding! I went to the Imunizator website and attempted to see if VirusBarrier could detect this in real time before it's actually installed on my Mac and it detected this as "OSX.AngeloScan" and I placed this malware in quarantine.

Actually we have to stop being arrogant as Mac users and thinking a person is "stupid" for downloading this. It does not appear to be malware and the screen shot of this trojan looks very nice, like a legitimate app for OS X. A new user of OS X could very well fall for this one.

This is the second trojan in recent months that I know of that has been released for OS X. The first one was more malicious which prompted me to get VirusBarrier.

It's been said for years that Macs will eventually be targets. With a market share that seems to grow daily, Macs will soon have a double digit market share, making them very lucrative for malware writers and hackers, especially considering that Mac users tend to be in higher income brackets.

I'm also running Intego's NetBarrier Firewall which is far more secure and robust than the built in OS X firewall. Maybe this isn't necessary to some of you right now but it will. I recently came from the Windows world, so I know first hand just how clever and sophisticated hackers can be if they set their minds to target something. As has been said many times, "It's better to have and not need then to need and not have." 

Mar 29, 08 - 09:36 pm Comment from: AppleMacMan

@LordRobin

You're joking right? I mean you can't be serious in asking "how is this even a security issue?" Go back and RE-read the article ssslllooowwwlllyyy...and THINK about what you just read.

Do no eat Happy Fun ball*

*still legal in 35 states

How do i get rid of this iMunizator? The only way to gewt it off the screen was to click continue unprotected. I am a new Mac user and if could refrain from the sarcastic #*@#* with a helpful answer that would be appreciated.

Sophos continues, "Instead, Apple Mac lovers are advised . . ."

Because we're all lovers? There's some implied condescension in that statement just like calling Mac users, cultists or fanatics.
At least they didn't call it MAC.

To mark Melancon: Try force quitting: Press command (Apple Key)+option+esc at the same time. Then, click Force Quit in the window that pops up.

macscan. i saw this program a while ago and wonder if this is legitimate. it's also on the apple download site? i know this is not the same as the one above, but i would like to know what everyone thinks of this.

The number one reason that you run security software on the Mac is to avoid propagating incoming malware to other machines on your network that may be running operating systems with inferior defense characteristics. If you don't happen to have machines like that, then there's no point in running security software. Any malware that attacks a Mac is going to be brand new that exploits a flaw in the OS that has not been fixed in an update from Apple. There are no third party security packages available for Mac OS X that can preempt malware invasion better and faster than Apple via Mac OS X itself. Third party packages look for signatures in content, watch ports, and so forth, but Mac OS X _is_ the OS and contains the potentially exploited code. Third party packages for Windows erupted because Microsoft proved itself completely incapable of protecting Windows xp fast enough. Apple has not, in fact, demonstrated that it is incapable of reacting quickly to bona fide threats, and in fact so far the Mac OS X track record has been pretty good.

*sigh*

There is always going to be someone who is gullible enough to install malware, not matter what operating system they use. Although OS X is definitely more secure than say, Windows, if this program actually did something malicious, what is going to stop a user from manually entering his/her admin password, and letting the app gain root access?

An OS can only be secure up to a point. It's up to the user to maintain the computer properly.

Mar 30, 08 - 07:47 pm Comment from: ken1w

@ Reality Check

> my has my music collection and every photo of my family taken since 1999. I care much more that they can access this than that they can corrupt my MacOS installation.

But how is this stuff (that's obviously valuable to you) valuable to a hacker. It's not. That's my point. Hackers who write malware are like thieves. They are not going to go after people's music and photo collections. That's not worth their time and effort. They are going to target Windows where an exploit is much more valuable, because they can do things like take control of the PC. Even if Mac OS X share reaches 50%, Windows will still be the target.

@not fooled

I don't even have a lock on my door!

but ipod shuffles come in such yummy flavors!

I've never enabled the firewall on my G4, it's been connected to the internet for 5 years +

"What's more, they employed the security framework (ie, the padlock), which is not a trivial thing to program."

Maybe they just, you know, DREW a padlock?

Mar 31, 08 - 09:26 am Comment from: Mr. Peabody

Yaaawwwwwwwnnn.

Nice take MDN.

This isn't a warning to Mac users but a warning to recent Mac Switchers who haven't shook their pre-programmed Redmond thinking yet as evidenced in this quote..."'Windows users are no stranger to scareware like this, but it is rarer on the Apple Macintosh."

Every Mac veteran knows only a moron or a switcher would follow this link. Have pity on your fellow switchers until they have fully grasped the idiocy they had been living in.

It even looks like a badly-written Windows XP program! Or maybe some Linux interface.