AppleCare Support Rep: Mac Malware getting worse

[Red]

Quote:

Originally Posted by nik-

Yes, but Apple has allowed the myth of immunity to viruses and malware to propagate as a selling feature to their product. Do they now turn around and try to make money on this service and thus completely shatter that myth or do they prefer to hook people into buying their product thinking they will never have to deal with the software issues they did on an MS product.

It's not a myth, it's mostly truth. Just the fact that we are discussing one malware instance that needs the user to download, input the admin password and install some malicious software is a testament to how secure macs are.

In windows it would just plant itself without any user interaction. Just like thousands other viruses do.


That's the difference here.

[MacGruber]

Apple sells their product on a lot of myths.
"it just works"
"its easier to learn and pick up for new people"
"virus free"

these are all false.

Do they make a great product? Sure. It looks snazzy and is a great conversation piece. The iPhone 4 is the best phone product out there if you want a hybrid like I do to avoid carrying around 3 or 4 devices.

But if were all a little honest here... apple is a hype machine.

[bubbsy]

Quote:

Originally Posted by MacGruber

Apple sells their product on a lot of myths.
"it just works"
"its easier to learn and pick up for new people"
"virus free"

these are all false.

Do they make a great product? Sure. It looks snazzy and is a great conversation piece. The iPhone 4 is the best phone product out there if you want a hybrid like I do to avoid carrying around 3 or 4 devices.

But if were all a little honest here... apple is a hype machine.

yup. i'm a mac owner, but am annoyed at the company's arrogance, and the fan boy BS you hear whenever pc/mac discussions start up.

maybe it's just me, but i would love a change in the company image/portrayal.

[FlameOn]

Quote:

Originally Posted by bubbsy

yup. i'm a mac owner, but am annoyed at the company's arrogance, and the fan boy BS you hear whenever pc/mac discussions start up.

maybe it's just me, but i would love a change in the company image/portrayal.

The corporate arrogance ingrained into the culture of the company from CEO down. Even the Mac marketing strategy is it focuses on a perceived sense of exclusivity.

When something is this deeply embedded so deeply into the company structure, things will not change unless you get rid of almost all the management, which will never happen.

[sclitheroe]

Quote:

Originally Posted by Red

It's not a myth, it's mostly truth. Just the fact that we are discussing one malware instance that needs the user to download, input the admin password and install some malicious software is a testament to how secure macs are.

In windows it would just plant itself without any user interaction. Just like thousands other viruses do.


That's the difference here.

That's not entirely. If UAC is active, very little malware is getting installed without a prompt. And if it does (without a UAC prompt), it's likely running in the local user context. (let's leave XP out of the equation, it's obsolete)

This whole idea that you need to get admin privileges, and how it's harder on the Mac to do that because of the password prompting is BS. Most malware doesn't want to eff up your machine, it wants to sit there and steal passwords, do spam, or other "useful" work. From that perspective, 90% of the malware out there is PERFECTLY happy running in your non-privileged user context.

So you combine that fact with vulnerabilities in browsers, internet-listening tools like Skype, etc, and its not only possible, it's probably that this stuff is going to slip onto Macs.

Removal of malware is in some cases going to be easier, by virtue of the malware possibly being confined to the user account. But this is no different than on a windows system, really - in either case, if you execute code with admin priviliges, or allow privileges to elevate via UAC or the Macs security prompt, you're hooped - it'll get embedded deeper into the system.

Nobody can claim, with a straight face, that there aren't attack vectors on the Mac that will, at the very least, get code remotely executing in your user context, which, as I've just outlined, is plenty for most malware.

[Red]

Quote:

Originally Posted by bubbsy

yup. i'm a mac owner, but am annoyed at the company's arrogance, and the fan boy BS you hear whenever pc/mac discussions start up.

maybe it's just me, but i would love a change in the company image/portrayal.

I don't care what the company says. I buy them because I like them.

Oh, and they just work and are virus free. Those that dispute that are splitting hairs or just really reaching.

Not sure about easy to learn, I was a PC user for a long time before getting a mac so I had some issues getting used to it. But in the end my macs just work and don't get infected. Makes for easy and pleasant computing for me and mostly my wife and kids.

And they are damn pretty :-)

[Hemi-Cuda]

Quote:

Originally Posted by Red

I don't care what the company says. I buy them because I like them.

Oh, and they just work and are virus free. Those that dispute that are splitting hairs or just really reaching.

Not sure about easy to learn, I was a PC user for a long time before getting a mac so I had some issues getting used to it. But in the end my macs just work and don't get infected. Makes for easy and pleasant computing for me and mostly my wife and kids.

And they are damn pretty :-)

all Windows 7 machines i build for family and friends "just work" too, and don't get infected. and being in IT i've come across many Mac's that don't "just work", and when they do break they become very heavy paper weights since no one outside of Apple knows how to fix them

[MarchHare]

Quote:

Originally Posted by Hemi-Cuda

when they do break they become very heavy paper weights since no one outside of Apple knows how to fix them

Anyone can become an Apple-certified technician just as easily as getting a CompTIA or Microsoft cert on the PC side...

http://training.apple.com/certification/acmt

[sclitheroe]

Quote:

Originally Posted by Red

I don't care what the company says. I buy them because I like them.

Oh, and they just work and are virus free. Those that dispute that are splitting hairs or just really reaching.

No, it's not reaching to say that Macs are exploitable. It's uncommon right now but very much in the realm of possibility and eventuality.

Just because the current example of malware is unsophisticated, easy to spot, and relatively innocuous should not be construed as a testament to the fundamental security of the OS or the infallibility of it's users (which is the real weak point in any system).

[Hack&Lube]

Quote:

Originally Posted by Red

I don't care what the company says. I buy them because I like them.

Oh, and they just work and are virus free. Those that dispute that are splitting hairs or just really reaching.

Not sure about easy to learn, I was a PC user for a long time before getting a mac so I had some issues getting used to it. But in the end my macs just work and don't get infected. Makes for easy and pleasant computing for me and mostly my wife and kids.

And they are damn pretty :-)

Your views were correct a few years ago, but nolonger.

All Windows 7 and Linux PC's just work too and have the same level of vulnerability to infection as Macs do. The difference is that the two former ones have much more support and user serviceability. If Windows 8 is actually running in a virtualization layer as rumored, it would be pretty much immune to critical unrecoverable threats.

I've transitioned my parents and grandparents into using Linux and open source software instead of Windows products and it's just as friendly as Apple OSX, etc. and even better in many circumstances. Best of all, it's all free.

Beauty is in the eye of the beholder. Personally, I hate Apple's industrial design and their software design with a passion. I don't want to be a slave to their "blah" image of white Apples and bare aluminum fetishes. I don't want to be a slave to their OS and applications all looking exactly the same on every single Apple device. For me, Apple products are ugly as sin. They are all a piece of soap attached to a piece of aluminum. Of course, that is purely a subjective observation and a matter of my individual taste that need not apply to anyone else.

[Red]

Windows 7 doesn't just work. I've had 7 for about a year at work and plenty of software needs to be tweaked to install. Something with the protection that you can't write to certain directories. These directories are used in a lot of software installs. Run as admin annoyances etc. Plenty of compatibility issues still. Not MS fault, but in the end it's about productivity and Windows 7 does not deliver.

Linux is not user friendly. Too much crap out there with very little testing. I don't have time to spend hours just to get wireless working (with wine) etc. Plus there is little support for vendors whose hardware I use or may purchase in the future. I wouldn't be getting most of my gear (dslr, hd cam, garmin etc.) With windows or mac os I can at least use most of the features.

But that's just me. I don't mind "overpaying" for an inferior (specs) machine. I have two macs and they work like they did the day I got them and have spent 0 time fixing them. No AV, no spyware removal tools, no registry cleanups or OS re installs. Smooth sailing so far and if it continues I will be getting a mac again. Even if it comes at a premium.

[Hemi-Cuda]

Quote:

Originally Posted by Red;3128579[B

]Windows 7 doesn't just work. I've had 7 for about a year at work and plenty of software needs to be tweaked to install. [/B]Something with the protection that you can't write to certain directories. These directories are used in a lot of software installs. Run as admin annoyances etc. Plenty of compatibility issues still. Not MS fault, but in the end it's about productivity and Windows 7 does not deliver.

Linux is not user friendly. Too much crap out there with very little testing. I don't have time to spend hours just to get wireless working (with wine) etc. Plus there is little support for vendors whose hardware I use or may purchase in the future. I wouldn't be getting most of my gear (dslr, hd cam, garmin etc.) With windows or mac os I can at least use most of the features.

But that's just me. I don't mind "overpaying" for an inferior (specs) machine. I have two macs and they work like they did the day I got them and have spent 0 time fixing them. No AV, no spyware removal tools, no registry cleanups or OS re installs. Smooth sailing so far and if it continues I will be getting a mac again. Even if it comes at a premium.

you're comparing a work Windows environment to your home Mac environment, that's an apples to oranges comparison. for a regular home user Windows 7 will work out of the box just as well if not better than a Mac. you can't blame Microsoft for the fact that a lot of software makers have been slow to convert their stuff to Windows 7, if you wanna run that route then you have to scoff at Apple for having a fraction of the 3rd party support that Microsoft has (which is why they still offer bootcamp, because some functionality of MacOS compared to Windows just isn't there)

Apple is going to be in trouble in a few years if they keep touting the same old one liners for advertisement instead of looking for new ways to attract consumers. they're already losing the smartphone war against Android and Microsoft is eliminating the major selling points of Macs by out-developing Apple in the desktop OS segment

[Yeah_Baby]

Quote:

Originally Posted by FlameOn

The corporate arrogance ingrained into the culture of the company from CEO down. Even the Mac marketing strategy is it focuses on a perceived sense of exclusivity.

And I'm okay with that.

[Rathji]

Quote:

Originally Posted by Hemi-Cuda

you're comparing a work Windows environment to your home Mac environment, that's an apples to oranges comparison. for a regular home user Windows 7 will work out of the box just as well if not better than a Mac.

This is so true. We lock down our work machines to only a moderate level and our users are constantly whining about things that can do easily at home that are a pain here.

[maidestone]

What do Harold Camping and Apple have in common? Fear mongering.
I absolutely detest Apple products and philosophy with a passion precisely because I am a born rebel.

[silentsim]

Quote:

In the coming days, Apple will deliver a Mac OS X software update that will automatically find and remove Mac Defender malware and its known variants. The update will also help protect users by providing an explicit warning if they download this malware.

http://support.apple.com/kb/ht4650

[ZedMan]

New variant is out that no longer requires an admin password to install:

http://arstechnica.com/#!/apple/news...equirement.ars

[sclitheroe]

Quote:

Originally Posted by ZedMan

New variant is out that no longer requires an admin password to install:

http://arstechnica.com/#!/apple/news...equirement.ars

Yep. I alluded to this already:

Quote:

This whole idea that you need to get admin privileges, and how it's harder on the Mac to do that because of the password prompting is BS. Most malware doesn't want to eff up your machine, it wants to sit there and steal passwords, do spam, or other "useful" work. From that perspective, 90% of the malware out there is PERFECTLY happy running in your non-privileged user context.

For this new malware variant you still need to actually install it yourself, but now, the next logical step is to get Safari, Skype, Flash, Adobe Reader, or one of the myriad other internet-listening POS and poorly written apps that run on Mac to remotely download and run the installer for you.

[sclitheroe]

I've been putting some more thought into this whole thing about permissions and passwords, when something popped up on my screen, all by itself, quite unannounced.

This, ladies, gentlemen, and nerds, is how you get that password. A window that pops up looking like this:


The Mac is rife with apps that check for updates on their own. When windows pop up announcing new versions, looking all sharp and legit, how many users do you think just click and allow these updates to come down. Growl is one of those apps that nearly everyone has, most don't know where or what app it came from, and has no apparent link to websites or surfing.

Lots of people know not to "update" their video codecs when surfing video sites. But an unrelated popup like this? Hmm..

[Meelapo]

Quote:

Originally Posted by sclitheroe

I've been putting some more thought into this whole thing about permissions and passwords, when something popped up on my screen, all by itself, quite unannounced.

This, ladies, gentlemen, and nerds, is how you get that password. A window that pops up looking like this:


The Mac is rife with apps that check for updates on their own. When windows pop up announcing new versions, looking all sharp and legit, how many users do you think just click and allow these updates to come down. Growl is one of those apps that nearly everyone has, most don't know where or what app it came from, and has no apparent link to websites or surfing.

Lots of people know not to "update" their video codecs when surfing video sites. But an unrelated popup like this? Hmm..

Those pop ups are fancy. I just clicked my Growl update. I hope it's not a virus disguised as a Growl update!