back to article Apple trails behind world+Microsoft in 'Flashback' malware debacle

Apple went out of its way to make life difficult for the Russian security firm that first alerted the world to the spread of the now infamous Flashback Trojan on Mac computers, it has emerged. However the fruitbite-branded firm has now pledged to resolve the problem, well after security firms - and Microsoft - had acted. The …

COMMENTS

This topic is closed for new posts.
  1. ItsNotMe
    FAIL

    Still nothing but utter scum...with...or without...Boy Wonder.

    "Worse still, Apple asked a Russian registrar to take down a domain Dr Web had established in order to observe and analyze the botnet in the mistaken belief that it was acting as a command and control server for the zombie network."

    1. Arctic fox
      Windows

      Re: ".......Apple asked a Russian registrar to take down a domain Dr Web......"

      Ah, now I understand what Apple mean by security. Have the messenger taken out back and shot.

  2. Aaron Em

    Better hope OS X security is all it's cracked up to be

    Because, as is increasingly apparent, Apple doesn't have the first fucking clue how to respond; their instinct isn't to disclose and patch ASAP, but rather to sweep the whole thing under the rug.

    1. Anonymous Coward
      Anonymous Coward

      Re: Better hope OS X security is all it's cracked up to be

      You do really understand it is a Java vulnerability, don't you ?

      1. Anonymous Coward
        Anonymous Coward

        Re: Better hope OS X security is all it's cracked up to be

        Yes, it's a Java vulnerability that Oracle patched weeks (months?) ago. Because Apple insists on pushing out their own Java patches, and didn't patch this until weeks after Oracle, millions of Macs have been unprotected while the rest of the computers of the world got patched and protected.

        1. Aaron Em

          Re: Better hope OS X security is all it's cracked up to be

          ...which brings us back (as if by magic!) to "not the first fucking clue".

      2. Tom 13

        Re: Better hope OS X security is all it's cracked up to be

        To which I will respond with a slight variation when the M$ shills went on about "you do understand it's IE and not the kernel don't you? We need to compare apples to apples.":

        When you introduce it into your OS infrastructure and don't update it, IT'S YOUR FRICKING FAULT!!!

        That goes double when you introduce the idea that YOUR system is IMMUNE to hackers so user don't need to worry about patching it as a marketing tool.

        1. Fatman

          Re: Better hope OS X security is all it's cracked up to be

          You have a sight mistake in your last sentence.

          It should read:

          "That goes double when you introduce the idea that YOUR system is IMMUNE to hackers so (L)user don't need to worry about patching it as a marketing tool."

  3. Anonymous Coward
    FAIL

    iArrogance

    The sheer arrogance of Apple users and the company for many a recent year has been the reason that I have refused to purchase any of their kit. This incident is yet more proof. I don't wish malware upon anyone, but these arrogant to$$er$ deserve all they get. Time to sell the Apple stock if ever there was a time...death of Jobs, retrograde iPad3 versus iPad2, and this incident the vanguard of future malware hits.

  4. Anonymous Coward
    Anonymous Coward

    Don't think so

    I don't think it's "a shift in attitudes at Cupertino", I think it's just good old fashioned corporate embarrassment due to widespread media coverage, which has always been the only way Apple seem to acknowledge that their product may have a problem.

  5. Atonnis
    Facepalm

    Hah!

    Always good to see Apple products stung by malware...not because I wish any normal user any harm, just to watch the furtive glances and sudden quietness of the usually crowing crowd of childish fanbois usually trying to point out the 'dreadful security and constant viruses' in MS products.

    1. Anonymous Coward
      Anonymous Coward

      Re: Hah! - Do you really expect all MacOS users

      to come back crying to good ol' papa Microsoft ? And all this because of one single piece of malware ?

      1. Aaron Em
        WTF?

        Re: Hah! - Do you really expect all MacOS users

        Spoken like a true idiot -- you'll need a little more than the Guy Fawkes to hide your unthinking partisanship for Apple.

        For the slightly more sensible of that crowd, assuming always that they exist outside my increasingly desperate fantasies of a more livable world: it's just that, given the small but tiresome Apple fan crowd's propensity for babbling in threads about Windows exploits about the theoretical superiority of their overpriced platform of choice, many find it amusing that none of the fanboy crowd seems to have much to say here.

        Besides which, and speaking as a working IT support professional, I don't want ex-Apple-zealots for users! Christ almighty, I'd rather support an old folks' home -- while probably not any more familiar with the equipment than, say, a graphic designer would be, older folks are at least somewhat likely to recognize the uses of politeness, and I'd rather listen to a codger's stories than a crayon-pusher's any day.

        1. Mike Moyle

          Re: Hah! - Do you really expect all MacOS users

          "For the slightly more sensible of that crowd, assuming always that they exist outside my increasingly desperate fantasies..."

          Not to put too fine a point on it but, considering the number of sensible Apple users -- including, I would like to think, myself -- who post on this site, it seems that your "increasingly desperate fantasies" may revolve more around your own arrogant expression of your oft-stated antipathy to Apple and its users than around the users themselves. Like the true troll, you seem to be able to ignore any evidence that doesn't fit your preconceived notions. Many of us use Macs, Windows, and Linux machines interchangeably; besides the Mac that I normally work on, I have a Windows box sitting directly to my right, for those times when Windows Server and OS X can't agree to play nicely together. I haven't actually had to turn it on in the past couple of weeks, but it IS there, because I tend to be a "belt-and-braces" kind of guy. This is also why, despite the -- historically -- general dearth of malware for OS X, I have used Sophos anti-malware software on my machines for some years and occasionally double-check them by running ClamX-AV software on disks that Sophos says are clear.

          "Besides which, and speaking as a working IT support professional, I don't want ex-Apple-zealots for users! Christ almighty, I'd rather support an old folks' home -- while probably not any more familiar with the equipment than, say, a graphic designer would be, older folks are at least somewhat likely to recognize the uses of politeness, and I'd rather listen to a codger's stories than a crayon-pusher's any day."

          As a working graphic designer -- who not only supports/upgrades his own Macs, at the office and at home, but is the first person that the folk in the office (a large-ish municipal government department) come to for assistance with workgroup printer issues (hardware and software) and problems with their Windows machines, before even CONSIDERING putting their request into the MIS helldesk queue -- I don't find your attitude "professional" at all. Your "...somewhat likely to recognize the uses of politeness..." is particularly laughable, considering your own apparent inability to grasp the concept.

          And, BTW -- Pen/brush and ink, Photoshop, InDesign, Freehand/Illustrator, SolidWorks and Blender for 3-D, OpenOSX Grass for GIS (when I don't feel like booting up the Winbox to run ArcView), HyperEngine-AV/Premiere for video editing, and... Oh, look... Buried in the bottom drawer of my desk... I *DO* have a box of crayons... one that I bought to keep the office-mates' tykes amused for "Bring Your Child to Work Day" some years ago and haven't had need for since...

          So in all fairness, given that I *DO* have a box of crayons in my desk and they *HAVE* ended up getting "pushed" to the back of the drawer over time, I suppose that I MUST allow you one point in the accuracy of your screed. Other than that, however, it's appears to be all fail.

          1. Aaron Em

            Re: Hah! - Do you really expect all MacOS users

            Eh -- this is the Reg comments, not LinkedIn; some airing of prejudices in the cause of humor is to be expected.

            Also, I dispute your accusation of impoliteness. At what point in this thread have I been other than polite to the whiny damned crayon pushers?

            1. Fibbles

              Re: Hah! - Do you really expect all MacOS users

              Fuck off with the constant 'crayons pusher' remarks. It's as ridiculous as me describing people who work in IT as nothing more than computer janitors.

              1. LinkOfHyrule
                Joke

                Re: Hah! - Do you really expect all MacOS users

                I've got some oil pastels in a drawer in my living room (not pushed them much) and a Wacom tablet connected to my PC but I dont have a Mac - I'm confused - I feel like the computing equivalent of bi-curious! I need a tech agony aunt!

                1. Aaron Em

                  Re: Wacom & oil pastels

                  Only you can admit you've got a problem. It's a tough step, I know, but we're all here for you.

              2. This post has been deleted by its author

              3. Aaron Em

                "Computer janitor" I don't think

                Computer plumber, thank you ever so much. A janitor wouldn't have to put up with your shit.

              4. jason 7
                Devil

                Re: Hah! - Do you really expect all MacOS users

                Brilliant, "Crayon pushers!"

                I'll use that from now on when folks mention maybe buying Macs.

                1. Snapper
                  Thumb Down

                  Re: Hah! - Do you really expect all MacOS users

                  Really?

                  I think it will say a lot more about you than it does about Macs.

  6. Naughtyhorse

    Apple's security team.....

    am I the only one with a mental images of a dimly lit office, with a large Bakelite 1950's telephone in the foreground covered in cobwebs... ringing forlornly (I know this was... a Heineken advert of many years ago, but wtf if the shoe fits...)

    while all the security experts are in a brightly lit office next door brainstorming what colour the icon should be for the malware removal tool, which explains why it is world+dog have already got theirs out :-)

    Oh yes and

    Window Snyder? rly????

    srsly? rly?

    you'll be telling me M$ new VP in charge of bullshit and rollnecks is a bloke called snow leopard

    1. This post has been deleted by its author

    2. Field Marshal Von Krakenfart
      Pint

      Re: Apple's security team.....

      (I know this was... a Heineken advert of many years ago, but wtf if the shoe fits...)

      No, it was a Carlsberg ad. Early eighties I think,

      Probably the best advertising in the world

  7. John 104

    Nice!

    That wasn't the image I had, but now that you mentioned it, thats probably exactly what is happening.

    "The button should be RED"

    "No, red is scary, lets make it orange."

    "No, RED!"

    "You two stop it now. The button should be green because it makes people feel good."

  8. cashxx

    Get your facts straight

    Apple is going after all servers that is talking to this malware and Dr. Webs is one of them. Its not the only server being gone after.

    As far as Apple trying to sweep it under the rug! Not so! They are making a detect remove utility and is surprised by this like everyone else. I still don't believe it, I think Dr Web is behind the whole mess. That company is in russia where most malware comes from and was the only one with the data at first. Seems suspicious to me!

    Apple is learning as they go and are still learning about the problem and investigating the issue. They haven't been attacked like Windows OS has over the years so they are not professionals at malware/virus protection. Grow up and learn about the company! Want a company to hate go look at Google, Amazon, Samsung, Microsoft.

    http://support.apple.com/kb/HT5244

    iArrogance......I have over 200 macs under me and none have been infected by this bug. Its not arrogance its standing behind a product you believe in and a company that supports its users and doesn't sell you like Google does.

    1. ElReg!comments!Pierre
      WTF?

      Re: Get your facts straight

      What is very sad is that I can genuinely not decide whether your post is over-ironical of if you are really that braindead.

    2. LinkOfHyrule
      Holmes

      Re: Get your facts straight

      "Apple is learning as they go" - they've been in this game a long time, I'd a thought they'd have a bloody clue by now!

      "they are not professionals at malware/virus protection" - Clearly!

      For the record I actually hate all those companies....

      Google - for having a fucking stupid name.

      Amazon - for having a fucking stupid name.

      Samsung - for making noisy fridges.

      Microsoft - for having a fucking stupid name and because one day they will probably make a Kinect enabled fridge and my bloody milk will go sour.

      Apple - for having a fucking stupid name but they'd probably make a good fridge!

    3. nsld
      Mushroom

      Re: Get your facts straight

      Whats your dealers number, I want some of the shit your on, its seriously good gear for you to come out with this bollocks.

      "As far as Apple trying to sweep it under the rug! Not so! They are making a detect remove utility and is surprised by this like everyone else."

      Surprised? What like six weeks ago when the main fix was released by Oracle, some surprise that,and six weeks of intransigence leads to a massive botnet of Macs thanks to owners who drink the kool aid of a company so surprised its done fuck all for six weeks.

      "They haven't been attacked like Windows OS has over the years so they are not professionals at malware/virus protection."

      Perfect for a corporate environment with sensitive data then, a provider that has no grip on security threats, always a good idea to spec machines from a supplier that are, by your own description amateurs.

      I wonder if the 650,000 mac owners with a bad case of galloping mac rot share your belief in Apple after this debacle

      1. ElReg!comments!Pierre

        Re: Get your facts straight (@nsld)

        >I wonder if the 650,000 mac owners with a bad case of galloping mac rot share

        > your belief in Apple after this debacle

        Some of them clearly do. One of my dearest friends (hardware choice notwithstanding) found it strange that her 3-years old MacBook Pro suddently became so slow as to seriously hamper day-to-day work (lightweight word processing, basic internet browsing and email, nothing a 200 MHz x86 couldn't theoretically handle easily, let alone a somewhat-recent 4-cores whatsitface Intel chip). That and she complained about frequent crashes, too.

        When I suggested that malware could be involved, she gave me that "special kid" look and explained to me that it was essentially normal wear and it just meant that it was time to replace the machine. Because obviously, one must be retarded to think that a mac can get malware. Ever.

    4. Arctic fox
      Windows

      @cashxx Re:"Apple is going after all servers that is talking to this malware..........

      .........................and Dr. Webs is one of them. Its not the only server being gone after."

      No, what they appear to have done is, after having taken their sweet time to remove thumb from rectum, thrash around in a panic when it finally dawned them that they had a serious problem. This resulted in them trying to take down a server belonging to the very company that had at an early stage contacted Cupertino to warn them that the issue was a major one. You can dress it up anyway you like but their current behaviour is idiotic.

      1. gollux
        Mushroom

        Re: @cashxx Apple is going after all servers that is talking to this malware..........

        Given their clownshow reaction to a known exploit fixed by Oracle and mostly ignored by them and their stupid "part of the os" Java variant, I nominate Apple to run the TSA and DHS. More hilarity to ensue...

  9. Spud2go
    Meh

    To be expected, really.

    The reality distortion field at Apple still working well, I see,

  10. greenfinch
    Meh

    As a fan of apple products....

    ...i'll be the first to admit that they've fucked up here quite badly.

    However, I seem to remember a while back they said they were going to stop producing their own release of Java - so in the future, oracle should have full control over their software, and apple will be left to concentrate on theirs.

    1. Tom 13

      Re: stop producing their own release of Java

      While that is a potentially helpful step, I think the greater damage has been Apple's promotion of their product as something where users, unlike those poor M$ plebes, don't have to worry about updating the installed software. Until that is corrected the problem will persist, although fluffing it off on Oracle will at least give them plausible deniability.

  11. Dan 55 Silver badge

    Apple's security rollouts are atrocious

    I usually read them in The Reg first then 2-4 of months later as if by magic there's a 'security rollup' patch which addresses 20 holes at once.

    At what speed do Apple think that botnets work?

    1. Tim Bates

      Re: Apple's security rollouts are atrocious

      >At what speed do Apple think that botnets work?

      Well all the people involved in running them seem to live in Soviet Russia. So at best, the comrades are likely to be getting around 20kbps on their dialup. That, and the bitterly cold winters, slow down the production of OSX-compatible malware suitable for the KGB to spy on the US.

      At least that's how I imagine the thinking at Apple going along.

  12. jason 7
    Mushroom

    Makes you wonder...

    ...how many other things Apple have swept under the carpet or threatened others to "keep quiet" about over the years.

This topic is closed for new posts.