Much more like it
Pity they have to be bullied into favouring support over complete denial.
Apple has finally held its hands up and admitted that the MacDefender scareware package might be a problem, abandoning the line that support workers must on no account suggest to users that their machine might be infected with malware. Contrary to this (unsustainable) line, Apple has now published an advisory explaining how to …
All we have about this supposed denial is Ed Bott's - a well known Microsoft shill - word for written on his regular column called "Microsoft Report"
I actually went by the Apple Store (well to see the new changes to the store) and asked one of the tech staff (aka geniuses) if they knew how to remove it, he didn't seem to have any problem with it or telling me what to do.
So sorry but to me this is all bollocks.
I also used to be a 'support staff' and it's quite common for the 'official line' to be one thing, but on ground level one actually does try to help the customer face to face otherwise one looks like a dick.
Fact is:
1. why has it taken this long for Apple to issue something?
and
2. I thought it was totally impossible to get anything untoward on a Mac, regardless of user stupidity? The argument has always used random and meaningless words like "Unix".
Humble Pie doesn't always taste so good huh? That why when I bought my Mac I just bought the product and did not subscribe to the church. I don't like superiority complexes because they are usually short lived, as we are seeing ;o)
Being a "support staff", I would've thought you would take the time to research things a bit more - although my experience of some "support staff" is to just read through a script.
It has never been "totally impossible to get anything untoward on a Mac regardless of user stupidity". What has been mentioned many many times is that a virus can't (or at least ones that are "in the wild") get onto the system via vulnerabilities without the user doing something (like entering the admin password). This is in contrast to Windows where you could get infected just by connecting to the internet (ok, so this particular flaw has been corrected by patches, but there are others that are being patched all the time).
"What has been mentioned many many times is that a virus can't (or at least ones that are "in the wild") get onto the system via vulnerabilities without the user doing something..."
Ones that can do such things are not in the wild. Not yet.
No system is impenetrable. It just has to be worth it for someone to do so.
I am neither pro mac or against it, but a quick search on the obviously evil and fraudulent Google shows lots of places where there the implied position is that you are safe from malware on a Mac (or *nix for that example).
Lots of them. Seriously, visit google and put some searches in. Its amazing.
When a strain of malware does appear, taking the position that "no one ever said it was impossible" is a bit of a cheat.
Traditionally it has been Windoze users who have tried to defend their OS's poor history by saying "it could happen to anyone" and this gets shouted down by the Mac / *nix users as nonsense.
I have no major issue in the fight - I have a MacBook and a Windows PC that dual boots Windows vista and Ubuntu. I do not think one os is inherently better, or safer or more yellow or whatever stick you want to show off with, than the other.
I do, however, think it is pretty close to lying to claim that Mac supporters havent made the claim that you can use their OS and be safe from Malware.
Nobody *reasonable* ever said it was impossible to be infected with malware on *whatever*. Especially if you include trojans in that mix. where you have to be stupid enough to download and run and install with admin permissions a malicious bit of software.
@Bear Features....
I think you need to look up the defintion of VIRUS vs MALWARE. The story hasn't changed from those of us who are aware of these things. It's people who write stuff without researching things properly that give the impression that Apple users think they are not vulnerable, or show people as not knowing what they are on about.
Much like your comment really
Fanboys don't do humble pie.. They do revisionist trifle. With a nice side order of panicky redirection.
They "just work", except when they don't. In which case, everybody is expressing unrealistic expectations, cos "nothing works perfectly all the time"... And when other manufacturers have problems, nobody says a word.
Other gems include.. "every phone has a death grip problem".
Nobody wants cut and paste,
nobody wants 3G,
nobody wants a second mouse button.
Until they become available on the holy objects that is.
Who ever said it's impossible for users to install anything bad into the Mac, or any Unix for that matter?
It's been widely reported that Snow Leopard included malware detection for stuff well before this one: http://www.theregister.co.uk/2011/03/22/apple_mac_malware_update/
And the end of day if you give something the admin password you're trusting it to do the right thing. Whoever thinks otherwise is seriously deluded.
I don't know why it took so long for Apple's official solution for this to come out - if about two weeks is that long.
Maybe they thought this could be controlled using Google's Fraudulent website list and "Safe Browsing" feature (used by many browsers including Google's own Chrome and Safari) before coming out with the bigger gun of adding a signature to the OS?
Agreed. My head office of a Aussie brown-goods chain doesn't go out of their way to screw over the customer, but they will often impose limits on what I can do to help them outside of our usual send to the service department option. This is most often visible in that I'm limited to 10 minutes per support query in store, and I certainly can't offer to do any cash in hand work after hours as it competes with another wing of the biz. Any reasonable business HAS to give at least SOME leeway to their customers in support, whether it's their own product or just one they offer. The fact that Apple know their product should mean this shit shouldn't happen. At all.
And I don't get most of the comments here. I don't care what operating system you use, guaranteed there will be some kind of privilege escalation exploit that can be taken advantage of. I don't know if Mac has silent installs, but it would only take the combination of the two to fuck people over on a massive scale. In both the damage to their computer and the damage to their wallet after buying an expensive paperweight the manufacturer refuses to support.
AC for obvious reasons.
@Arkasha
Sarcasm? In "Bear Features" post? Wow must be a really stealth one as I tend to have a good detector.
@AC 11:40
Just tried that with "Mac trojan" and "Mac safe trojan" and all the first pages of links found are all from people saying Macs do have them.
Care to share you own apparently magical query terms? I really doubt anyone in their right mind will say Macs are safe from any malware users install.
@+++ath0:
'Sarcasm? In "Bear Features" post? Wow must be a really stealth one as I tend to have a good detector.'
Try this bit again:
'2. I thought it was totally impossible to get anything untoward on a Mac, regardless of user stupidity? The argument has always used random and meaningless words like "Unix".'
If your detector still did not go off, there may be an issue with it. Please follow these steps:
1. Is your detector a brilliant Apple iRony, or a cheap non-Apple knockoff? If it's an iRony, you're obviously using it wrong, as it's flawless. Please return it along with all of the original packaging. No refunds.
2. If it's a knock-off, well, we don't service those. Sorry.
I thought the they were told not to admit that therewas a problem.
A completely different scenario.
In almost 15 years of Mac support - I'v e never yet come across a 'screw you' response from Apple's support teams.
In fact just the opposite - I've had out of warranty macs replaced for free when failed parts cannot be obtained.
Hmm, I sort of agree. It is a fail but it is the user or the OS.
Least Privilege makes sense but it needs to be properly implemented and users have to be TRAINED in how to manage it. Simply assuming home users, who have bought the nice shiny white box cos it cures cancer, will think to create various accounts and monitor permissions properly is doomed to failure. On an epic scale.
Apple encourages its users to not be techno-savvy - they dont need to be 'cos everything is easy and just works. Except when it doesnt.
Have a proper OS where permissions are not blanket "Admin" or "user" and things might get better. Cant think of one that works though.
"grab a beer and a pint mug, drink the beer and just slug the nearest combatant with the mug like everybody else is doing."?
Personally I'm of the opinion that while I know Macs are less vulnerable, they aren't invulnerable, but most of the comments from the Mactards even here on El Reg have tend toward the invulnerable. There have of course been a few notable exceptions. And this particular piece of nasty sounds exactly like one of the ones that has been plaguing Windows for ages.
...not with the kit or OS.
It's with the user. And I've said the same thing regarding similar nasties on Uncle Bill's platform.
If you've a nice petrol-engined car, and you fill it with 14 gallons of diesel, would you expect the manufacturer to sort it for you, and fix it under warranty?
If you would, then you're not entirely reasonable.
"works as easily on Mac fans as Windows users"
Actually the concept is proportionally more likely to work on Mac fans than on Windows fans:
o Most Mac users have never seen anything like this before, and are therefore more like to believe it to be true and click through
o Most Mac user believe Macs are safer, and are therefore less likely to be suspicious
o Most Mac users will believe Apple when they say there isn't a problem, so Apple's stance has only made the situation worse.
The fact is, users are stupid, no platform is safe, and vendors have a responsibility to be honest to those who buy their products.
We in the IT industry need to stop bashing each other and bash the vendors more into making things safer. Apple have seriously dropped the ball by delaying this one.
Yes, users are the problem. How can somebody install a program which they have no idea if it going to help them, reading information from the install site without checking is just plain nuts.
If a strange man approached you in the street and said "come with me if you want to live and you follow him down a dark ally, don't be surprised if you get mugged.
Do you remember the intel inside badge which was renamed, "idiot outside" in the early 90's well its time to bring them back for our Granny Smiths.
Users are a problem. Agreed. By this token all Operating Systems are equally vulnerable because the users are a problem.
Life would be so much easier if systems could be designed and then not used by users, wouldnt it?
I mean, it is simply just not possible to design a system that guides the user to staying safe.
I mean, this was scareware that pretended to be a virus-cleaner. Giving a vague "malware problem" publicity by confirming that there is a new Mac malware going around would probably make the usual headline-skimming users more, not less prone to fall for that thing. Actively ignoring it and playing it down until you offer a clear document what this is and how to remove it actually makes sense in this case.
BTW, you remove this thing by throwing the app into the trash and emptying the trash. Lol.
When a virus or malware hits Windows machines, nobody expects Microsoft or the machine manufacturer to sort it out, so why is everybody making such a big deal about Apple's slow response?
And of course Macs can be targetted by viruses/malware, it's just that as the installed base is smaller, they're not such a prime target. Also, the inbuilt security is probably slightly better, but certainly not bulletproof.
1. Cooperate actively with internet security professionals.
2. Issue regular advisories themselves.
3. Issue regular updates/patches where known issues exist.
4. Provide one of the best AV packages on the market free, gratis (Security Essentials)
5. Actively cooperate with Jurisdictional authorities to trace, obtain the evidence, arrest and convict the criminals who engage in this kind of shite.
Nah, they don't do nuffin', fuck all really.
Say ...... off, it'll be fixed next patch Tuesday or the one after that, sometime, when we get around to it. That is your missing item 6. I suggest application of sanity in the form of downing a few Redds is needed for your obvious oversight in not including item 6.
When Macs have a virus problem like windows then they will have a problem. But you will notice they dont! and considering the Uderlying UNIX system is run by most of the major financial organisations in the world , you would think the writers would target Unix vulns..
They dont target Macs with viruses becuase of the simply fact that unlike Windows is damned hard to propergate a Virus via UNIX systems , GET OVER IT PEOPLE!
Now social malware like this mac denfender relies on user stupidity and there is no software that can defend against that!
I agree with your sentiments, but I would dispute that major financial institutions use UNIX primarily because it's safer. In actual fact, all of the financial institutions I've worked at (and there have been several) all shield even their more secure OS's from untrusted traffic with layer-upon-layer of additional protection (filewalls, port filters, content level filters etc.), and often run their internal networks in segregated segments for security purposes.
Mainly they use UNIX because it has scaled better in the past, has been easier to port applications between different vendor platforms running UNIX, and has better Enterprise RAS features and vendor support than most other popular platforms.
With very large Intel systems, virtual machine support, and major vendors differentiating their Intel platforms with RAS enhancements, these advantages are being eroded over time.
Looks like there is a new version:
Antivirus firm Intego today reported that it has discovered a new variant of the "MACDefender" malware that ups the ante by not requiring an administrator password for installation. The step is accomplished by installing the application only for the current user.
http://www.macrumors.com/2011/05/25/new-macdefender-variant-installs-without-admin-password-requirement/
I started responding to someone else's post about how any user (Mac or otherwise) has to ultimately lay trust at someone's doorstep when installing any piece of software. I then started pontificating about how they could get around that hurdle, who could "sign" software as legit. I then thought "ooh, and App Store controlled by Apple would work" and then shuddered.
Is there the remotest possibility that this was deliberate? Is the solution from Apple going to be "only buy from our App Store and you'll be fine"? Or am I just seeing shadows...
* sound of heli-rotors despatching from Cupertino.. *
Chill out guys, non story in the making!
Apple issue a memo (Sez the bloke from M$) telling support not to tell users they have malware on the machine. So what, they don't, the problem is a scam site. You need to reassurance and help and the Genius Bar staff happily tell you how to avoid the issue.
End of the Apple story.
You want to blame somebody? OK, Did you sign up to the scam, give em money or install software? YOU did?
Well YOU did it, not the computer, not the manufacturer of the computer or the OS or the fairies at the bottom of your garden. But YOU.
If you believe giving money to some random twat you've never heard of from the interwebs who took control your computer, scanned it and now tells you how to fix a problem you didn't know you had then that is YOUR problem.
YOU, OK?
"Well YOU did it, not the computer, not the manufacturer of the computer or the OS or the fairies at the bottom of your garden. But YOU."
Correct, but they're paying for Applecare, i.e. paying someone to fix any problems that develop, regardless of who causes them. The best analogy I can come up with is a user accidentally puts an offensive image as their desktop wallpaper and doesn't know how to switch it back, they take it to Apple for help and get the official response of "there is no offensive wallpaper" instead of them switching it back for them.
Yes, it's the users fault, but in asking for help, they're told there is no problem to begin with.
Is that they are paying for Applecare to give an extended warranty for Apple Products. Not for the products of some Russian scam-artist.
Your 'best' analogy about wallpaper is pretty pathetic - instructions for changing wallpaper are in every mac (and you know it) - And Applecare would tell you how to do it if you didn't know - because switching it is 'part of an Apple product'.
What Applecare won't do (along with DellCare or AsusCare or SonyCare etc) is fix your MS Office when it screws up again, or your CAD package or your Adobe package or your Epson printer.
MS made a shitty operating system that has more holes than a colander?
How is it not their fault? You're talking viruses here, not trojans like mac defender.
This is not even Mac fanboism, almost ANYTHING out there is better than Windows: Linux, Mac, FreeBSD, OpenBSD, BeOS, HP-UX, Solaris, QNX, iOS, NetBSD, Android, ChromeOS, Plan 9, Hurd, VMS, etc.
Windows just sucks at security compared to ALL these.
Wrong, actually. My own small IT outfit has removed dozens of these things in the past few weeks on Windows and NONE of them has been an infectious virus of the traditional kind. I stopped seeing those a couple of years ago, tbh. They are all trojans these days, mostly vicious and (admittedly) tough to remove as they often include (or download) TDSS rootkits.
I have personally removed many dozens in the past year that masqueraded under around 20 different "AV" names (XP Police AV, MS AV 2011, etc etc etc) and they vary from simple to incredibly time-consuming to deal with.
I'd say over 90% of really nasty viruses on PC atm are of this ilk. So why is the huge volume of PC infections always MS's fault, when nearly all modern infections starts with a "Your PC is infected. Click here now" warning?
As another poster said, the IT community should stop mud-slinging. Users are users, and every non-teccy Mac user I know swears to me that they are immune from viruses, which is a singularly dangerous attitude and mentioned only as illustration that the problem is one of education, and not solely platform-based.
If people were so convinced that Macs were immune to any kind of malware, why did they download an anti-virus package from a website that said they had a virus? A virus that they believed they couldn't get? Nope; they were all too happy to believe what the web site said.
They downloaded the package, double-clicked on the installer, clicked through the warning that the package may be malicious (you get that for any downloaded executable), clicked through the installer procedure, typed in the admin user name and password and then ran the software. Some even then went and typed their credit card details into its GUI.
If people really *did* believe their machines were immune, they never would have believed the web site saying it had a virus and never would have downloaded, or been infected by, the malicious package in the first place. Oh, the irony!
Andrew, only the stupid ones did. Most likely formed by years of Windows use and with little faith.
I've seen it pop up several times and had a good look and laugh for fun. It looks so fake it is beyond believe, not even close to Finder. My wife on her macbook who normally asks about things even saw that thought it was just one of those stupid windows targetting ads and instantly clicked it away. My daughter on her iMac, well that machine is locked down with parental control, but is also clever enough at 8 years old to ask someone else when not certain what they are doing.
But you can't protect against gullable people, I've kicked off several friends from links on social networking sites as they seem to say yes to anything.
It would be nice when the fanboys see this for what it is, it is a con, it is not a system vulnerability. And this is not the first time, anyone want a pirated vesion of iWork?
firu toddo - your superior attitude isn't helpful. Not everyone who gets infected is as savvy as you. In fact, they might have bought a mac because someone just like you told them how great and safe they were and how they don't get viruses.
People make mistakes - they click things they shouldn't, then they follow the process through. Someone who believes the initial pop up is unlikley to stop believing it at the point of entering their password are they?
It's not "malware-like" it is malware, plain and simple. It seems even now Apple can't quite bring themselves to admit in clear unequivacal terms that malware exists or is even possible on their hallowed OS.
And before you start, fanbois, I don't care if it's a virus, trojan or whatever - it's all malware and I don't give a toss how it propogates. The attitude of "you don't need an anti-malware application if you've got a Mac" simpy holds no water for users who don't have a clue what they're doing. I know windows users who've been similarly clueless and fallen for similar scams and their AV software has saved them. And again that's not to say OSX isn't more secure than Windows, it's that MS actively encourage their users to install AV software. Apple OTOH actively discourage their users from installing AV software. As a result of this Apple have to take some of the blame for this malware getting onto their users' machines.
jeffo- MS makes it very clear to users that they'll need anti-virus protection - they even provide MS Security Essentials for free.
Go into an Apple store and ask one of the assistants whether you need malware protection - I guarantee they'll say no.
Its all very well blaming users, but if they've been led to believe that they're safe then Apple really needs to take responsibility - its good to see that they finally have.
What?!? It's possible for users to install software on Macs?!?
Who knew? Why didn't I get high-priority warning emails from Apple?
Obviously, the company is responsible for any junk that users put on their machines, if they let users install a single app.
Obviously totally irresponsible of them to allow users to put programs on their computers, and to connect to the internet with them. Sue the bastards!
Right, Register?
I'd hazard the guess that it all started in zdnet-land. Why might you ask? Well, for years there are people who blog and post there (I know I'm insane for visiting that site, thereg is much more amusing, now back to the thesis) have been claiming that viruses and other malware on Windows are all the fault of the user, not Microsoft's at all. That and they claim they have never used AV or related and never had an infection etc.
What is truly amusing is the same people are now claiming that that isn't the case with this storm in a teacup. That it's all Apple's fault and the world is ending (Harold Campling should be proud that this occured on/around May 21).
Basically, it's all just a bunch of tossers screaming louder, looking for their chance for glory. That or it's all a conspiracy and there are people behind the people etc that are controlling it all. Stuff it, beer is needed. I've read too much zdnet and brain cells need to be culled to remove the memories.
... its down to a problem with the underlying operating system, yet if a Mac gets beasties then it is all, 100% the users fault."
Yes, that would be because thats the case.
I a large proportion of the time, it IS split between the MS WIndows platform and the user, whilst in the Macs case it is ALWAYS the users fault.
It's not about hubris, or comparisons to Windows, lads. It's about the denial.
That's the real difference between a mac and Windows. If a mac malfunctions in some way you'll only hear about it if you know what the problem is to start with and can find it on the Apple forums.
If a Windows vuln is discovered it is on the back of milk cartons within the hour.
I never heard of anyone getting an exchange from Dell having to sign an NDA, either.
Looking through images of houses on Google I clicked on a picture of a house I liked and the browser turned into a bad facsimile of the Finder showing all sorts of infections overtaking the machine. I was asked to install MacProtector and it had downloaded the zip file file and asked for Admin password. Quick Cancel and in to the trash and problem sorted.
Back in 2005, I had to re-OS my Windows-powered SHOUTcasting machine with XPsp2.
Got it all loaded up with XPsp2, Ad-Aware, Spybot S&D, and Sophos AV.
Keep in mind this is a FRESH INSTALL hooked up to the Internet.
Sophos found 12 infections, Spybot S&D found about 15 more, Ad-Aware found about 3 more after that.
Worms. Viruses that self-replicate and take advantage of holes in the OS to install without any user interaction. Windows 7 is still susceptible to these kinds of attacks today.
I have yet to see that kind of infection succeed on a machine running MacOS X. So far, all these Mac viruses have been Trojans, requiring a PEBCAK. Windows users still have no right to gloat.
The quality of comments in these forums has declined dramatically in recent months. There's so much misinformed crap on here I don't even know where to begin.
1. This isn't a virus, it's a trojan. Any platform which lets you install software is susceptible to social engineering attacks. Just like Windows, you need to enter your password to confirm you want to install and run software you download from an untrusted site.
2. Four or five days to fully investigate an issue and come up with a clear statement, rather than rushing out something misleading or incomplete, doesn't seem particular tardy, nor does telling support staff not to do or say anything that could make it worse until the investigation is complete seem particular irresponsible.
3. Only someone stupid or misinformed would claim that Macs *can't* get viruses (though sadly forums such as this are ample proof that there's no shortage of either). I believe it's still true to say that while Macs certainly could be susceptible to a virus, the number of actual viruses out there in the wild *currently* that pose an *actual* threat is approximately zero. Nada. None. (A few proofs of concept, or cross platform Java or Flash exploits that have either long since been patched or never properly targeted the Mac, but no serious live threats). This means that *currently* there is little or no point anyone with a Mac should buy AV software. This could all change in future of course (and lots of people, from credit card thieves to Mac bashers through to AV vendors would wish that to be the case, so you'd have to be very naive to be too complacent).
4. Ditto for malware, there is little or no serious malware targeting Macs at present. That's why this one is news, after all. Again, that doesn't mean there might not be more in future, especially as the Mac's market share continues to increase, or that Mac OS is technologically superior to Windows. If Windows is more susceptible to malware then that's only because most PCs come with so much demoware and crapware pre-installed by the manufacturer and alerts popping up from software they've never heard of that users are preconditioned to clicking Yes when a strange message pops up telling them they need to install something.
"Apple's support centres sources told ZDnet that anywhere between 60,000 and 125,000 customers had contacted the facility with malware-like problems."
Wrong. Wrong. Wrong!! Apple support centres sources did not tell ZDnet anything. Ed Bott concocted the 60,000 - 125,000 number himself. He arrived at that number after a so called "anonymous insider" said calls that "REFERRED" to Mac Defender had exploded.
http://www.zdnet.com/blog/bott/an-applecare-support-rep-talks-mac-malware-is-getting-worse/3342?tag=mantle_skin;content
The word "REFERRED" is very vague, it could be just callers asking for advice.
When Arstechnica did a more thorough investigation, to find how bad the problem was, they found there had been a marked increase but the problem wasn't anywhere as bad as Ed Bott portrayed.
http://arstechnica.com/apple/news/2011/05/malware-on-the-mac.ars
Ed Bott then comes up with an internal memo, that say's support staff are not to help. But, as actual Mac users have attested, support staff have only been too happy to help.
Has anyone else found that Apple was ignoring the problem except Ed Bott?
Apple are well known for not commenting until they researched the issue, this is no different.
Ed Bott also posted links to Apple forums, where the number of infected users has also exploded. But, if you actually read the forums, 95% of the posts are helpful instructions on how to remove and avoid the trojan.
Ed Bott then comes up with the 60,000 - 125,000 number, based on no evidence at all.
http://www.zdnet.com/blog/bott/apple-continues-to-tell-support-reps-do-not-help-with-mac-malware/3375
Where has all the information come from that the whole web is suddenly using as verified facts.
One source. Ed Bott.
He got riled by John Gruber when he called him out for crying wolf. Now Ed Bott is on a FUD campaign. Plain and simple
I think the main problem lies with Apple and their fanbois.
I've lost count of the number of times I've met Apple users in my day to day working life who religiously believe that their sainted machines are invulnerable to malware of any sort.
Sure, we're mostly techy types in here and yes, we know when not to give a piece of software a password or agree to install something (although I will admit to clicking the wrong button once or twice, experiencing the 'ohnosecond') but the same old argument applies, you *have* to educate the lowest common denominator.
Preaching that a platform is invulnerable or worse denying the existence of an extant and demonstrable problem does not do that, it makes it *more* likely that the average 'I just wanna get on me facebook mate' user will do something stupid.
FWIW, despite some of my more rabid anti Apple/fanboi posts on here, I do like Apple computers I just despise the attitude of the company and the fanbois.