back to article Trojan heralds OS X's 'new phase of exposure to malware'

The Mac security scene is heating up, with the discovery in recent weeks of a serious vulnerability in OS X and at least two Trojan horse programs that target the Apple OS. The most notable is a security hole in the latest versions of Tiger and Leopard that allows attackers to install malware on a Mac without first requiring a …

COMMENTS

This topic is closed for new posts.
  1. TheProf
    Flame

    Shurly shome mishtake

    Apple computers are perfect. This cannot be true. You must have mixed the story up with one about Microsoft.

  2. ZM

    Was...

    ...only a matter of time, right?

    Mac is way more popular now, more people using it, more people trying to break it.

  3. Brad
    Coat

    it was always going to happen but

    "This shows that there is an active community of researchers who are looking for vulnerabilities in MacOS X and *not* reporting their findings to Apple."

    From memory there doesnt seem to be any point escalating any findings to apple as they dont actually do anything about them.

    Queue Apples standard response "We can see how it may be seen to be an issue but we dont know when we are going to fix it or if we even will fix it"

    Mine is the one with the Apple Trojan in the pocket

  4. Nate
    Pirate

    Welcome to the club

    Make yourself comfortable.

    Now can I interest you in these products.

    * avast!

    * Avira

    * AVG Anti-Virus

    * BitDefender

    * BullGuard

    * CA Anti-Virus

    * Cisco Security Agent

    * Command AntiVirus

    * DriveSentry

    * eSafe

    * Fortinet FortiClient End Point Security

    * F-PROT

    * F-Secure

    * G DATA AntiVirus

    * InVircible

    * Kaspersky Anti-Virus

    * LinuxShield

    * McAfee VirusScan

    * NOD32

    * Norman ASA

    * Norton AntiVirus

    * OPSWAT

    * Panda Security

    * Protector Plus

    * PC Tools AntiVirus

    * Principal AntiVirus

    * Protector Plus Antivirus

    * Quick Heal Anti-Virus

    * Rising AntiVirus

    * SecureIT

    * Solo Antivirus

    * Sophos Anti-Virus

    * ThreatFire AntiVirus

    * Trend Micro Internet Security

    * V3

    * Vba32 AntiVirus

    * ViRobot (Hauri)

    * Virus Chaser

    * Windows Live OneCare

    * ZoneAlarm

    * k7 Total Security

    * VirusBuster

  5. Antidisestablishmentarianist
    Heart

    Somebody send for the Doctor

    If Webster doesn't post a "told you so" rant then he must be ill. We should all be concerned for his health don't you think?

    Sending our love Webby

  6. Gordon Fecyk
    Go

    MacOS X is inherently insecure!!!!!111oneone

    Apple Remote Desktop is a major security hole, one that should be disabled by default on all new Macs.

    Also, whoever invented AppleScript should lose their job, and Apple should immediately release a patch that disables AppleScript functionality in all Mac apps.

    Apple has relied on security by obscurity for far too long! It's time they focused on security above all else, and bring their OS into the 21st century. And application writers that can't deal with such changes should stop writing Macintosh apps altogether, and go back to writing for Windows.

    [There, that felt good. I suppose I could've borrowed a typical anti-Microsoft rant and swapped "JavaScript" with "AppleScript," and "ActiveX" with "ARDP" or something, but I wanted to see if I could write a rant all on my own. Microsoft-haters beware: You're not safe anymore!!!!!!!111one!]

  7. Andy

    Well...

    "the exploit was was written modularly" - that's actually pretty awesome. Good to see sensible coding practices in use, even if they're not in *good* use.

    *cough* it's not a real exploit if users have to sign their souls away by entering their administrator credentials *cough*

  8. Andre

    Steve Jobs should take it as a compliment

    His OS has finally become successful enough to become a target. Watch out Microsoft!

  9. Colin

    @ ZM

    Yup bigger target = more people shoot at it.

    More and more fashionista types using the entire "Mac Experience" and the scammers are obviously looking to target this new "revenue source". Apple has conned these people into believing that all Mac's are 100% safe thanks to those "funny" Mac vs PC ads. God help those trendy types because they probably have no idea their systems are so open to attack.

    Mind you some would say it's about time Apple got given a metaphorical kick in the stones, concerning security. Others might not be as kind and forget to insert the word, "metaphorical" in that statement, but I'll be nice.

  10. Anonymous Coward
    Boffin

    Prying Eyes

    The spurring popularity of Mac or Apple, captures the prying eyes of attackers. This is evident to prevalent DNSChanger for Mac which is coming from RBN. But, the recent two trojans AppleScript.THT (discovered by SecureMac) and OSX.Trojan.PokerStealer (discovered by Intego) are just proof-of-concept malwares trying to exploit the recent vulnerability found in ARD agent. So, it means there's no prevalence or massive distribution of this threat.

    Check out this blog, it's covering different threats in Mac:

    http://ithreats.wordpress.com/category/osx-malwares/

  11. Joe

    @ Antidisestablishmentarianist

    Yeah, I fully expected some bile on here from him!

    Also, surely it can't affect if you have ARD turned off in Sharing? Or a router with a firewall and ARD not set up on it?

  12. Jeffrey Nonken
    Linux

    @Nate

    All those are Windows antivirus programs (at least, all the ones I recognize). I don't think they'll work for OS X. :)

    But Mac already has ClamAV. http://www.clamxav.com/

  13. Webster Phreaky
    Jobs Horns

    Best Comment: Bwah ha ha ha ha ha ha ha ha ha ha......

    Smart-ass AppleTards, you ASKED FOR IT with your BS Mac vs PC adverts and , now you're going to get it good. Now you can not only enjoy forking out $149 every 18 months to feed Stevies every growing cash chest, but you will enjoy popping for $40 - $50 per year on Anti-Virus subscriptions, which might be even more expensive since Norton and the other AV companies will need to charge more to cover programming costs for the MINUSCULE market share the MacTards are.

    I LOVE it!!

  14. Steven Swenson
    Linux

    It's not hard

    to trick someone who switched to Mac because they couldn't figure out how to work a PC.

    "My PC and printer... they just weren't talking to each other." "I couldn't even turn it on." etc.

    "With Mac, it just works."

    Exploits that trick the user are pretty much imminent on a mac.

  15. Anonymous Coward
    Jobs Halo

    Save us, St Steve!

    If Apple Remote Desktop is switched off via System Preferences, will an Applescript still be able to be funneled through ARDAgent?

  16. Anonymous Coward
    Anonymous Coward

    Re: MacOS X is inherently insecure!!!!!111oneone

    "Apple Remote Desktop is a major security hole, one that should be disabled by default on all new Macs."

    Err... It is disabled by default.

  17. Anonymous Coward
    Jobs Horns

    "Hi, I'm a smarmy jerk" , "And I'm a tool"

    Apple asked for it with those snarky ads. They deserve every bit of this and more.

  18. Trevor Pott Gold badge
    Joke

    if you have enough money...

    ...if you have enoguh money for a Macintosh, a dozen pastel-coloured sweaters, an iPod, (in a few flavours,) an iPhone, a vehicle that runs on smug, and every copy of MacFap 2000 magazine, then you know what?

    ...You have enough money to pay the ransom for the data we just encyrpted.

    "Become sucessful enough?" It doesn't need to be. It can be small and unimportant, so long as it targets the right group.

    Rabid, frothing at the mouth flaming can commence now.

  19. Michael Xion

    Vested Interest

    "...an active community of researchers who are looking for vulnerabilities in MacOS X and *not* reporting their findings to Apple."

    These researchers wouldn't be working for some of the companies listed by Nate by any chance?

  20. Solomon Grundy

    What's Next....I Know, I Know

    The best part about all this is that the Linux type guys are next. Remember several years ago that there were studies that "proved" that Mac and Linux were more secure because of their inherently better code and commune involvement - and that the lack of targeted malware/viruses had nothing to do with the fact there were only 117 people on the planet using them? I'll have to dig up proofs for those that don't remember, but they are out there.

    Linux is next. Hahahaha. Get ready for annoying windows that pop up in the middle of your work and shutdowns for updates that only occur after you've successfully calculated the 3 gazillionth number of Pi and are just waiting for that next number to publish. Get ready. Crappy computing is coming to you to.

  21. amanfromMars Silver badge
    Linux

    Singularity?

    I think the Master Plan is that Apple be Reality/Vista Drivers. Apple Open Source Windows Administration ...... or is Competition for Conflicts a Better Beta?

  22. Kanhef
    Happy

    The author comments

    http://www.macshadows.com/forums/index.php?showtopic=8640&view=findpost&p=65873

    "I would like to say thank you to everyone who has participated. I've had so much fun this past few weeks and I'm grateful for the escape from the daily doldrums."

    [big list of credits and thanks]

    "Oh and to the endless supply of utterly unqualified Internet journalists, thanks for all the terrific entertainment. Virtually all of you guys are easily duped, lazy / no fact-checking, FUD-spreading jackasses. If you aren't going to take the time and expend the effort to get the story right, please leave it for the real reporters who will. Thanks."

  23. Mectron
    Paris Hilton

    Prepare for nightmare

    Since Apple (and most Mac Users) have not clue of any kind about security, This look like exciting time for maleware writers. Look like macs have finally got to critital mass, enough of those poor extremly low quality BSD Clone are ont the market to make virus writing on the Mac a viable option.

    The time you could count the number of virus on Mac with your hands is gone and so is the number one (but false) reason to get a Mac. But Mac users are in luck. Since now mac are in fact just clone PC with a couple of $100's more on the price tag, they can alway install windows and get a real functional computer.

    Since there is praticly no real anti-virus on the mac, rogue anti-virus maker will have a field day.

    Attantion Windows and Linux user: Prepare for some nice enteirtement over the next few months

    Paris? because she is probably own a Mac.

  24. inverse
    Happy

    get jacked buy a mac

    This is the funniest thing I have seen today, I hope someone adds a module that bricks iphones or ipods that are plugged into any mac.

    Anyone who is stupid enough to fork out the money for mac products is going to be easy pickings for scammers. I can't wait to see mactards running around like headless chickens with their tight t shirts and messy hair.

  25. Rick Leeming
    Linux

    Apple, Windows and Linux security

    See, the thing is. OSX stems from FreeBSD, a Unix. As such is should be pretty secure. However the point people miss is that people using Unix machines are inherently more technical than the average user. They know not to click on random links, download oddball executable files, and open e-mails with titles like "Get It Bigger, She'll Love You For It".

    Similar profiles fit the users of the more "Serious" Linux distros. You pretty much know that someone using Fedora/RedHat/Suse/Mandriva will be fairly technical, and again will know the sensible things to do. On the flipside of this are the users of "Newbie" distros like Ubuntu/Linspire. They often aren't as technical. They can get the stuff working that they need to, but then they aren't too bothered about anything else. Even here there is a certain level of security consciousness. These are users who are either technical, or have in many cases had a Seriously Bad Experience of an infected computer.

    Mac users, now then they are living in world of "We are safe because we use Macs". Even back in the days of System 6/7/7.5/8 there have been Mac viruses. However the modern Macs using OSX are sold as super-secure. When in fact we all know they are pretty secure, but not foolproof. This advertising however has made them out to be so secure you don't need to worry about anything. This results in the user thinking they can click what they want, with no consequences. It also results in a certain level of irritating smugness that really riles everyone else. "Get A Mac, It Just Works" rings out on the release of new models, and the party faithful line up to buy Mr Jobs a new Bentley or Three. Then if things don't work Apple just delete the topic on their forums and deny that there is a problem.

    Now if you'll excuse me I'll go back to my Windows and Linux boxen. I'll keep my AV programs up to date, and remain pretty paranoid about my own security.

  26. Richard Lubomski
    IT Angle

    Mac vs. PC - When will it end??

    Honestly... I don't care much about the Mac vs. PC debate... I use both systems both at work and at home and in my honest opinion they are entirely different entities all together...

    On the security side of things; Apple have already taken steps to securing OS X Leopard; they have introduced numerous security countermeasures into the latest release, and with a little manual tweaking, you can make OS X pretty tough to crack...

    http://images.apple.com/server/macosx/docs/Leopard_Security_Config_20080530.pdf

    Bomski

  27. Anonymous Coward
    Paris Hilton

    @Mectron

    "they can alway install windows and get a real functional computer."

    ROTFLMFAO...seriously?? Oh man, that's a killer...stop it, no really...why don't you have the "joke ahead" icon cause that one's a beaut!!

    "Since there is praticly no real anti-virus on the mac"

    Err...Norton, Sophos, Avast, McAfee...should I go on?

    Before you post bollocks, it's always advisable to do a quick google to get something closely resembling the facts.

    Paris? Well she looks like she's obviously checking out the size of your knob and thinking, I don't need glasses, I need hubble!!

  28. Nate
    Joke

    @ Jeffrey Nonken

    You got the point though; Right?

    I'm sure Trend Micro (et al) are now beavering away at their mac editions.

    BTW, is the Inquirer full of bearded IT druids?

    Think I'll inject this into MAC 0SX

    run

    10 poke 649

    20 poke 1

    end

  29. Anonymous Coward
    Stop

    Norton AV on a Mac?

    I'm sure someone up there mentioned Nortons for Mac. Obviously they have never tried the combination - it's as bad as a Creative driver for Vista.

    I use Intego products and have always 'protected' my Mac, being a paranoid sort who can't be arsed with the daily sh*t of being a Windows user, and who isn't willing to become socially inept by becoming a Linux user.

  30. iSuff44
    Alert

    No real Anti Virus on Mac?

    Sophos, C.A., Symantec and Intego yes less than PC but still enough.

    Far from defending Mac users who are blissfully unaware of viruses I agree the time has come to protect your Mac from Viruses, also don't you think by installing Windows on the Mac it's any more functional? Yes for gaming, word processing and accounting!

  31. Stephen Sharpe

    Some info about the Apple Remote Desktop flaw

    This is my best understanding of the situation:

    This flaw will affect you whether you have ARD on or off, since the flaw actually exploits the fact that ARDAgent.app has the SetUID bit on. Basically it executes stuff as root user without requiring the admin password. So assuming your corporate Mac network doesn't use this for administration, you can just unset the SetUID bit.

    > cd /System/Library/CoreServices/RemoteManagement

    > chmod u-s ARDAgent.app

    Job done.

    For the record, have a Macbook Pro 15.4" with Leopard AND Vista 64-bit Business. Enjoy your flaming everyone.

  32. Raife Edwards
    Boffin

    Oh, brother...

    First, I cannot believe the pedantic HA-HAs being expressed here. I suppose that such people also laugh when an elderly-person trips on a curb, and falls down in the street.

    Second, a "Trojan" is NOT a "vulnerability" within a piece of software. You cannot say that BRAND-X is inherently vulnerable, if the "exploit" effectively consists of, say... directing a user to strike the display-screen squarely with a hammer. No computer-system could, nor should, be faulted for that... not the Mac, not Windows, not Linux (unless the OS implicitly allows the malicious-site/code to hide its actual purpose/origin... such as say... Windows/IE has repeatedly been demonstrated to allow).

    Which leaves the inane argument that, a vulnerability (or, even, a handful of vulnerabilities... if they ever show-up) in an alternative-system... actually makes it as "vulnerable" as the, demonstrably, most insecure and compromised, OS on the planet. Frankly, in my opinion, to even make that claim clearly demonstrates, either, extreme ignorance, a general lack of intelligence, and/or utter childishness.

    And, finally, to assert (completely disproven bits of FUD, such as) that -popularity- has anything to do with a systems inherent-security (or the numbers of officially-identified vulnerabilities)... or, to misrepresent the very meaning of the expression, "security through obscurity"... as meaning that a lack of popularity creates inherent security... is beyond ignorance. It borders on being intentionally-deceptive (that particular expression refers to keeping code, closed, and trying to suppress information about vulnerabilities. You know... like Microsoft does).

    So, simply put, ALL of the actual facts still put the Macintosh so far ahead of Windows... it isnt even funny. And, BTW, I AM a PC design/support technician (I dont even use Macs).

  33. Patrick O'Reilly
    Linux

    GNU

    Another good reason to stay Linux based.

  34. richard
    Jobs Halo

    webster phreaky is alive...

    and still coming out with nonsense - yes! all is well with the world.....

    and one from amanfrommars too!! can it get any better?

  35. Martin Kelly
    Jobs Halo

    Bring it on

    I feel really sorry for you poor guys who have been waiting oh so long for the first threat to the Mac. Thats the point, we've just got on with our computing lives and not had to worry about all the crap that windows users have had to put up with.

    No Mac user has ever thought their computer was 100% safe, we're not that dumb, nor are as stupid to think that we have been left alone because of the small number of Mac users. I know that hackers have been trying for years to create a true Mac virus that spreads across the system with no intervention from the user (sound familer) but so far none, nada, zilch nothing.

    We also don't need to worry about notification about new threats as all you windows users will let us know quick enough.

    Get a Life, get a Mac

    Majik

  36. Anonymous Coward
    Paris Hilton

    OSX is built on Unix so they are naturally stuffed

    Here we go, all the *nix freetards coming out of the woods saying how secure *nix is. Is it f^ck. Is it just as insecure as any other limited deployment whereby there aren't real security experts to check it out. Apache a safe webserver - ha ha ha ha.

    Anyway, back to Mac victims. They will probably like to get hijacked so at least their computer is doing something rather than just sitting pretty (you could install Vista if you want a pretty look).

    Now Solaris, there is a system that won't get hacked. Why? Cos the scum writers can't afford it to develop on. Wait a minute, what do you mean it's now free? Doomed, we're all doomed.

    Paris - sits pretty (I said sits not sh!ts)

  37. JayKay
    Jobs Halo

    Viruses on OS X?

    I thought this article was about a couple of Trojans that have been made in a lab... and require the user to

    Where's the story about the viruses? Oh right, there isn't one, because there aren't any.

    I'm a Mac user, and I'm proud of it. Penis envy isn't something to be proud of, you bunch of Ballmer kissing Windows whores. Get back to defragging, virus scanning and all that other crap you call work before your bosses see you posting on El Reg and fire your inefficient asses. Me? I'm getting back to using my Mac to run my business.

    Up yours, Windoze w@nkers!

  38. daniel
    Linux

    well it was a matter of time

    the problem is that all computers (like it or not) are vulnerable. It reminds me of that poster in my old school computer room a few years a go "The only secure computer is one that is buried in concrete, with no power and the network cable cut" they all have exploits. Which is exactly why I think the advertising campaign that apple ran was highly irresponsible. to tell the users "you are in no way vulnerable" is inherently wrong (yes you are more secure than a windows user - true) but when people start believing this and pay for macbooks that cost £700 and give you one gig of RAM, more exploits will come out of the woodwork. The other issue is anyone stupid enough to make such a transaction, isn't going to be the most technically minded of people, and so will properly help the exploits along. "It just works" indeed.

  39. Martin Kelly
    Gates Horns

    No real Anti Virus on a Mac?

    Why do we need it, according to Webster Phreaky were to MINUSCULE to be bothered by hackers. The last time I tried Norton it buggered up my system and told me a whole load of BS about all this crap that was meant to be on my system, guess what, there was nothing wrong!!

    Why would I want to put windows on my beautiful MacBook Pro, I have a games consul for playing games, I use Pages for word processing and I use MYOB for my accounts, and guess what, they all perform perfectly.

    Get a life, get a Mac

    Majik

  40. Thomas

    This. That.

    "Since Apple (and most Mac Users) have not clue of any kind about security"

    Oh, you caught us. Although Apple's doubling or tripling or whatever it is of market share in the past few years has been attributed to switchers, people tend to forget that the memories of those who switch are instantly erased.

    Webster has a point though, maybe all us Mac users shouldn't have banded together and made those BS Mac vs PC adverts. Probably Apple would have sprung for their own adverts if we'd just given them a chance.

  41. Charlie Clark Silver badge
    Jobs Horns

    @Rick Leeming

    Learn to write. Sentences. And use. Adverbs correctly: What. is "pretty secure?"

    "See, the thing is. OSX stems from FreeBSD, a Unix. As such is should be pretty secure."

    Unix is not inherently more or less secure than other operating systems. It comes with a lot of mechanisms for providing security but that itself does not provide security. Apple has a somewhat cavalier approach to security and an obsession on eye candy and ownership (DRM, EULA).

  42. Anonymous Coward
    Anonymous Coward

    AV for Macs

    I remember using SAM Antivirus on my system 6.x and 7.x Mac Classics starting back in 1991.

    I am pretty sure it is impossible to create a usable OS that is entirely secure. OK some OSs may be more inherently insecure than others, but in real terms the main weakness of any system is the user.

    So, let's get away from the pointless old "my speccy is better than your C64" argument and move on to the real business here. Which is who's users are more stupid than who else's?

    On the Mac side I give you: people willing to spend £300 extra for an inferior spec machine just because they cannot be bothered to read a 6 page flier telling them how to use their computer.

    On the PC side I give you: Phreaky and the other guy who shouts a lot about PCs being real useable computers.

    On the linux side I give you: Well, I agree linux users are generally more savvy than average, but man there is more to life than recompiling the kernel, playing DnD and having sex without the burden of having anyone else involved.

  43. Mark Land

    no real trojan/virus in the wild

    where is the proof/data of actual virus or trojan in the wild on a Mac? There is none, this is all hypothetical based on a Trojan that requires a user to actively download and run something. Sure there is a vulnerability in privledge escalation. At this time I still choose to use my Mac for online banking rather than a Windows machine....and that's all that counts for me

  44. Anonymous Coward
    Unhappy

    I think this thread may grow quite large.

    Possibly as big as the "God makes you stupid" one we had recently.

    Thing is, it'll be just as pointless.

  45. Fluffykins Silver badge

    @Apple

    You've been cored.

  46. Anonymous Coward
    Jobs Horns

    "Get a life, get a Mac - Majik"

    Well 'Majik', it doesn't seem to have gotten you a life.

    I'll gnaw off my own arm and fist myself to death before I'd turn into another smug Mac gobshite like you.

    No, really.

  47. Anonymous Coward
    Jobs Horns

    re: no real trojan/virus in the wild

    "At this time I still choose to use my Mac for online banking rather than a Windows machine....and that's all that counts for me"

    ...and that's exactly the reason why malware is starting to appear on Mac. You are a nice juicy target, with your head up your own arse about accepting the vulnerabilities of your beloved OS.

  48. Anonymous Coward
    Linux

    Blown out of proportion

    This is only really going to affect companies who use Apple Remote Desktop. The average Mac user won't use that, so most machines won't be affected.

    As a recent Mac switcher myself after 14 years of Windows use - (3.1, 3.11, 95, 98SE, XP Pro) it no longer cut the mustard for my uses. The problem is that most fanboys are preprogrammed to be berks and make claims that OS X is immune to viruses. No OS is secure. Heck, if an OS came out that was secure, all the AV companies would go skint in a week. However it would also result in a larger OS, using more resources and ultimately costing more.

    I agree that most users sit on their laurels and make the claim that OS X is secure. FFS, stop drinking the Kool-Aid and wake up to reality - THERE IS NO 100% SECURE OS!!!

    Penguin - cause he's not a public figure that a fanboy wants to be.

  49. Gordon Pryra

    @Solomon Grundy

    "calculated the 3 gazillionth number of Pi"

    Pi is Pi

    nothing more nothing less

    Macs are shite, and deserver to be trojaned to death, but theres no escaping that Pi is 3.14159

  50. RichyS
    Coat

    @Lee

    <quote>

    So, let's get away from the pointless old "my speccy is better than your C64" argument and move on to the real business here. Which is who's users are more stupid than who else's?

    </quote>

    Exactly. Everyone knows that the Beeb is best!

    Mines the one with the copy of Chuckee Egg in the back pocket...

  51. Sam Tana
    Paris Hilton

    Proof?

    Where's the proof? Where's the evidence that one single Mac has been compromised by this alleged Trojan? There's a great many "could"s, "may"s and "maybe"s in the article and the original blog, but no evidence that this would really work on a real Mac in the real world.

    So, it's a theoretical threat - and the world's full to bursting with them already.

    Paris? Because you'd need to be that dumb to fall for this one.

  52. Thomas

    @Soloman Grundy

    "Remember several years ago that there were studies that "proved" that Mac and Linux were more secure because of their inherently better code and commune involvement - and that the lack of targeted malware/viruses had nothing to do with the fact there were only 117 people on the planet using them? I'll have to dig up proofs for those that don't remember, but they are out there."

    Several years ago there was probably a good case to be made. Microsoft used not to care much about security, see e.g. the extremely haphazard way older IEs handle ActiveX. In the last few years they've become aware of their problems and have done a lot to secure their software. And they've been doing good work. To claim that Microsoft OSs now are exactly secure as they were "several years ago" is to seriously belittle Microsoft's efforts and their skills.

  53. Anonymous Coward
    Anonymous Coward

    Cotton Wool Operating System, or blame the user?

    It does not matter how secure the operating system is, be it Windows, Linux or OSX. If the user is not experienced enough, or chooses to download their Adobe/Microsoft apps from torrent sites etc., then they are entering the seedy world of the unknown and should expect to catch something.

    As an IT Manager using Windows/Linux servers at work, I run OSX at home because I enjoy using it. I legally own Office, Photoshop and Parallels, and don't visit shady sites or open emails from people I don't know, but just because I use a Mac I get labelled a naive user?

    The weakest point of failure is the user's greed or naivety. Giving away the admin password to some software you don't know the origin of is like giving your credit card details to someone in the street, and in some cases the results are the same.

    How far should software go to prevent user stupidity? Electrical appliances warn not to touch live wires, bags of peanuts come with a "contains nuts" warning, and yet the device you store your family's files on, perform online banking with and use to your job is supplied with nothing more than "click here to get started" guide, and then you're left to get on with it.

    Educate the user.

  54. Anonymous Coward
    Coat

    Wintards are funny..

    And predictable too. Ofcourse OSX can get a virus, name an OS which couldn't, but if we're keeping things to scale here, let's scale the 2 trojans and 2-3 concept viruses against the what....atleast 80,000+ Windows viruses/trojans (50,000 were known of in 2000)??

    I bet you halfwits think Mac is now as probable to get infected as Windows right? Now Apple is in a unique position to act against security issues like these now its transformed into a legitimate threat (proof of concept was hardly justifiable in a business sense to act on). Mac OS 9 and below had viruses and trojans, but this is a new playground, so they could act now to pre-empt further attacks, and with a *nix based environment they have better mechanisms available to implement something.

    Apple have been historically faster than Microsoft with Windows at issuing security updates for OSX, so i'd be willing to bet within a week we will be seeing new security updates for the vulnerable OS's, Microsoft have been known to go months without acting on critical issues. PS. the person who quoted Apple on the Safari security defect obviously is looking for cheap and useless ammo, as the Safari one was a Windows only issue, not an OSX one.

    McAfee and Norton have been hoping for OSX viruses/trojans to appear for around 7 years now! So they were dissapointed OSX had such a good run without anyone being being able to create a real threat for it, which meant those companies had been left adding only Windows viruses/trojans to their Mac definition files, as they had only OS 9 and below viruses which nobody was even bothering to write anymore otherwise!

    If Apple don't act properly now they deserve to get some slack, but quit acting like the apes out of A Space Oddesy 2001 over your excitement that a single real issue (and a second semi-threat) now exists, i bet you'd dance on peoples graves too!

    Mines the coat with the Windows virus definitions DVDs in it...

  55. Martin Kelly
    Jobs Halo

    Gnaw your arm off - Anonymous Coward

    I have a great life thanks AC and its not spent acting as unpaid developers and maintenance contractors for Microshaft. My Macbook and iPhone do everything I need and I'm happy to and be in a position to pay extra for the better things in life. I don't want everybody to use Macs.

    So carry on with your jealous ranting and leave us to enjoy life.

    Get a better life, get a Mac

    Majik

  56. RichyS
    Paris Hilton

    Inferiority Complex?

    I find the bile and vitriole from the Windows camp slightly odd. Maybe this (slightly iffy) article has acted as an opportunity for Windows fanboys to vent 20 years of built up spleen.

    To me, a computer is a tool to do a job. For some people (e.g gamers), that tool may be a PC; to others, it may be a Linux or OS X. No system is inherently right, but one system is right for /you/.

    Me? I bought a 15.4" MacBook Pro last year. The reason I did so was that it was the best replacement for my Vaio Z1. No other lappy (!) within my price range had a sufficient screen resolution (against the portability of the device -- no 17" 1 grand behemoths for me!). At the time I thought I'd give OS X a whirl; and, if I didn't like it, install XP instead. But, with OS X I was pleasantly surprised. For the bile spitting Windows users amongst you, I suggest you try it before hating it.

    I got my first PC in 1995 (on 3.11 -- this was the beginning of 95!) because I needed AutoCAD. Before that, I was using an Acorn Archimedes because it suited my purposes well (Impression was, and still is, one of the best document processing tools I've ever used). The fact that RISC OS was leagues ahead of 3.11 helped too. In fact, one of the things I've discovered about OS X is how similar it is in many ways to RISC OS. It just works more logically and consistently -- as any good UI should. On a side note, this email from Bill G shows that we're not the only ones who despair at the way Windows and MS work sometimes (http://blog.seattlepi.nwsource.com/microsoft/archives/141821.asp).

    And the idea that Macs are significantly more expensive than PCs (for laptops anyway) is wrong. Granted, you can get some very cheap Windows laptops, but if you actually compare like-for-like, Macs are not really any more pricey.

    And to whomever stated that no OS is inherently more secure than any other OS clearly has no idea what they're talking about. The fundemental architecture and coding practices used to develop an OS has a huge impact upon the security (relating to potential exploits). In this respect *NIX based OSes are much more secure than Windows. The default configuration of the OS also has a big impact -- and here Windows does badly too (with users being Root by default). There are a whole load of other things that affect security too but these two are probably the most important.

    Paris, 'cos she doesn't care if you prefer a Mac or a PC either...

  57. JayKay
    Jobs Halo

    @ Martin Kelly

    Well said sir, I agree 100%.

    I use my iMac, MacBook and iPhone every day, efficiently and easily. Managing my business wherever I am, whatever machine I decide to use (I do enjoy my iMac the most, very very cool tech).

    Makes me laugh when I go to my girlfriends workplace (largest building insurance firm in UK) and see Brian the IT guy sweating in front of his Dull, checking for viruses on machines, fixing his registry, clunking around on his clunky Windoze box, trying to solve problems that are an inherent problem on DOS since Windows 3.1 and still there in XP and Vista, scoffing at my iPhone when I'm checking my Mail on it. I just smile at him, read my Mail, and take my lady out to lunch, leaving him in his confused state.

    Some people just don't get it. Life is all about QUALITY of existence. If someone releases an all in one solution that is better than Apple's offering, I'll take it. I just know that won't happen anytime soon (Zune, anyone?)

    Get a life. Get a Mac. Enjoy life again.

  58. Anonymous Coward
    Linux

    @ all the "Get a life. Get a Mac." bores.

    I, and I think I'll be speaking for many here, respectfully suggest that you smug f*ckers get stuffed instead. (AFTER you've finished your massive circle jerk, obviously).

  59. JayKay
    Jobs Halo

    @ AC

    "I, and I think I'll be speaking for many here, respectfully suggest that you smug f*ckers get stuffed instead. (AFTER you've finished your massive circle jerk, obviously)."

    Don't think dude, it only confirms how stupid you are.

    Nothing wrong with being smug, when the thing you are being smug about is superior to every other offering.

    Get a Mac. Get a clue. Get a life.

  60. Law

    oh come on

    People - most of you will be IT professionals, resorting to childish "You know how I know you're gay?" type arguements about mac over pc and vice versa is below you all, grow up.

    I have a mac, I have a pc, I have a nokia phone, I have a Samsung TV, I Robinson's Orange Sugar Free squash... how daft would you look if you had a go at me for buying robinsons orange squash, and not Ribena because "every berry makes it". I have a lot of different things - I bought my mac because it was one of the fastest laptops I could find with the longest battery life, it has its downsides, it has its upsides - but it's just a bloody tool. Get over it.

    This virus does suck though, it means I have to install antivirus on this bad boy, and I remember the early teething problems with windows antivirus programs (and current ones *spits on norton 360*)...

    Can we have some constructive commends - has anybody got a recommendation for antivirus programs that they have actually tried on the mac? Norton and McAfee are out of the question as I hate both bloatwares on the PC. I think AVG and Avast do mac versions, but I don't like Avast, AVG isn't meant to be good. Any idea's??

  61. Galaxy Bob
    Happy

    MACS=£££ Which is a good thing?

    I don't get why people like Majik seem to thing they are better because they pay over the odds for a pretty looking PC. Then again Majik also owns an iPhone, perhaps the biggest con out there. I've never understood the iPhone mentality. Why pay more for a phone that doesn't have the same functionality of my N95 8GB that I got for free?

    No doubt Majik thinks he is Rockerfella himself with his boasts of spending more money because he can. Well, I, along with many others I know can afford iPhones and Macs but choose not to because we have our heads screwed on.

    I'll stick with my free N95 and my cheapo Wintel machine and be able to do exactly the same as you do, except I will have more money left in my back pocket.

    For the uk users - Does anyone remember the Fast Show brummie that had the catch phrase "I am considerably richer than yow(sic)". Remind you of anyone. :)

    PS

    I have no allegence to any OS. Why anyone would be is beyond me.

  62. Rolf Howarth
    Coat

    Move along, nothing to see here

    Who ever said Macs were inherently immune to security flaws? Certainly no one who understands computers and operating systems. As far as I can tell, what people claim is:

    1. Due to the nature of Mac OS X (and Un*x in general) there are fewer dependencies between system components (eg. browsing a folder on your desktop doesn't automatically execute every plug-in that's installed in your web browser). In general, this makes it much more difficult for a flaw in one component to compromise the system as a whole.

    2. Having the underlying core operating system (Darwin) based on open-source code means that bugs such as possible buffer overruns etc. are more likely to be found, reported and fixed. (It doesn't mean they're any less likely to occur in the first place, but in general open source code tends to be more secure.)

    3. Empirically, the number of malicious exploits currently out there in the wild that actively threaten Mac OS X are approximately zero. I've no idea how many there are for Windows but it's definitely more than zero.

    4. Of the millions and millions of 0wn3d machines in the world running keyloggers or forming part of botnets very few if any are currently running Mac OS X.

    None of this says that exploits aren't possible, even likely, in future or that one should be surprised if they occur. No-one should stop being vigilant against social engineering attacks just because they have a Mac. (Is it just me that's been flooded with spam the last few days claiming a million people have been killed by an earthquake in China and inviting me to open this document that will tell me all about it??)

    Sure, Macs might start suffering an increasing threat from malware, no-one is denying that, but it's still fair to say that currently they are relatively more secure than most other platforms. And exactly the same thing goes for Linux.

    -Rolf

  63. Peter Gathercole Silver badge
    Stop

    Pi is Pi Gordon?

    It will be equal to itself (this is axiomatic), but it is NOT 3.14159, although you could make this statement true by saying it is 3.14159 rounded to 5 decimal places, or to 6 significant figures.

    Pi is a non-repeating irrational number (i.e. it cannot be represented as a fraction, and as far as we know, the sequence of digits does not repeat), so it is not possible to be completely accuratly represented on paper or computer.

    But, back to the story. All of you who state that it is impossible to have a completely secure OS are generalising. It should be possible to make a completely secure OS, but the costs of doing it make the feat impractical. But UNIX-like OS's have a distinct advantage over pre-vista versions of Windows because the security model that has existed in UNIX-like OS's for over 30 years expects that most work is done as a non-privileged user that does not have access to large parts of the system.

    Even a patchy webserver can be made to run as a non-privileged user, with read-only data, so the system as a whole is unlikely to be compromised.

    Of course, if you have a means to administer/patch the OS, social engineering can ALWAYS be used to compromise the system. I'm not saying that these OS's are completely secure, but they have fundamental advantages.

    If you were to have a system with no mechanism to patch the OS, and the OS was stored in ROM and could not be changed, and there was no way to re-vector OS calls, and you were not able to run any code that was not shipped with the OS, and you made the system functionally frozen, and you put an encrypted filesystem in place, encrypted by a physical dongle then it is unlikely that anybody would break in. But this would be more like an appliance that a general-purpose computer. But maybe that is what is needed by the majority of current users.

    Putting any ease-of-use feature in an OS (although you could argue that the user interface is seperate from the OS proper) puts a system at risk. Obviously, any remote desktop tool has the scope to be a way into a system, and having a general purpose scripting language could also make a system vulnerable.

  64. Mike Groombridge
    Boffin

    right let's sort this out

    First this isn't the first time acouple of AV companies produced reports a few months ago saying that in the last year the number of Mac OSX viruses had gone up ten fold from 120ish to 1200ish yeah i know not much compared to the 10000+ windows ones found each year.

    secondly i know 3 mac people have have had mac's destroyed be virus's erasing important parts of the os so it wouldn't boot etc one 3 year old mac book and a couple of mini macs. and they were all over a year ago and they all said but it's a mac it doesn't get viruses. i like mac's i've even adviced people to buy them (one of the aforementioned mini mac's was my doing) as i thing they do some things really well (music and video editing picture editing etc)

    but they are to smug and the new hardware is going to fuck them because apple are to willing to ignore it and then clam in their next version it's more secure. this problems going to get worse not better invest in some av just to save oyur self some hassel

    thirdly it's not like we windows users can laugh to much put your hand up if after everything (firewall av and being security aware) after six months and your av etc hasn't found anything.

    you linux gits can shut up too no one going to write a virus for it cause it's to easy to cock it up on your own i'll stick to running my ubuntu distro with GNS3 on it so i have something to play with.

  65. Ivan Headache

    @Gnaw your arm off - Anonymous Coward (original post)

    why does AC have to resort to such bad language? Remember there are children reading this thread.

    Oh sorry, You are one.

  66. Ivan Headache

    AVG isn't meant to be good

    I doubt that the makers had that in mind when they wrote it.

    What you probably meant is "I am told by someone who read something somewhere about an overheard conversation in a pub and that they thought they heard someone say that AVG wasn't very good."

    Well from what I hear, AVG appears to be fine on PCs. So.....

    Anyway, as this threat is a Trojan what's the likelihood of an anti-virus program finding it?

    From other discussions (on Mac sites) it appears that there are temporary work-arounds available within the system already but unfortunately they are not foolproof.

  67. Anonymous Coward
    Jobs Horns

    Re: @Gnaw your arm off - Anonymous Coward (original post)

    "why does AC have to resort to such bad language?"

    Because it's big AND clever.

  68. JayKay
    Jobs Halo

    @ Mike Groombridge

    Mike, insert grammar your comments and people might take you seriously. Your post looks like it fell out of a 3 year old children's crayon.

    There is simply no excuse for poor grammar.

    "secondly i know 3 mac people have have had mac's destroyed be virus's erasing important parts of the os so it wouldn't boot"

    What virus was this? Any evidence? Any proof? Or is it just another "I know loads of Mac viruses, but I can't name any of them" comments?

  69. Stevie

    @ Mike G

    All good points Mike, but rendered largely unintelligible by your apparent unfamiliarity with capitalisation and punctuation.

    If it's worth saying, it's worth saying so people can understand you.

  70. Anonymous Coward
    Black Helicopters

    Wow - what a bunfight

    Go Ricky Go Ricky go...

    My £0.02 worth...

    I'm Microsoft Certified, have a couple of Thinkpads (great hardware), an Asus EEE PC, work on Linux most of the time and run a Macbook Pro for my day to day work. So I think I'm qualified to speak about the general experience of running a few OS's and lots of different types of machine.

    I bought a Mac after a major Windows BSOD, upon which I lost 3 days of work whilst I got myself and my OS back to some kind of working state (apart from losing access to documents and needing to boot off a CD to get them back).

    Since having a Mac the experience is completely different - its just a pleasure to use - you don't have to fight the damn thing like Windows does. As others here have said - it's a tool, but a better one. The UNIX base does make it a better platform (in my opinion), and much superior to Linux for the desktop (again in my opinion).

    It seem a lot of the childish comments here from the Windows crowd are from little boys with little experience of using something other than Windows. The iPhone comments are the same - a N95 vs an iPhone. Please. Maybe you'd like to use a Windows mobile device instead. Yes the iPhone is more expensive, but won't be much longer, and for a v1 product is light years ahead of anything from Nokia etc.

    So save up your Luncheon Vouchers and hop on a bus to the nearest Apple store. You never know, you might just like it.

  71. Steven Hunter
    Thumb Up

    @Gordon Fecyk

    "Apple Remote Desktop is a major security hole, one that should be disabled by default on all new Macs."

    Actually you can disable this exploit by (counter intuitively) *enabling* Apple Remote Desktop. See also: http://arstechnica.com/journals/apple.ars/2008/06/20/flaw-in-apple-remote-desktop-exploited-via-trojan

  72. David Kelly

    Yawn

    Every six months or so we get one of these stories. And the Windows zealots jump on it as definitive "proof" that OSX is as insecure as Windows. Well boys, get your jumping in now coz it'll be a while 'til the next bit of "proof" is announced.

    There are anti-virus programs for Macs. How many viruses do they protect against? I can't tell. None of them advertise this. Why? Probably because the number is low ... embarassingly low! Would you shell out for an AV program to protect against less than 100 viruses, of which none are active in the wild? No wonder they keep it quiet !

    (PS. as far as I'm aware most of those 100- "viruses" are MS Word macro viruses and trojans, not real viruses)

  73. Anonymous Coward
    Thumb Up

    I like Marmite

    Would anyone like a fight?

  74. Adair Silver badge
    Thumb Up

    Everyone knows...

    Vegemite's the best.

  75. Rick Leeming
    Happy

    @ Charlie Clark

    I work nights, it was about 6:30am when I was writing that and my fingers where pretty much going in the direction my brain pushed them rather than aimed them.

    "Pretty Secure" is considered perfectly acceptable English here. Unix itself-unless it's messed with to not be-is a fairly secure and a reliable platform.

    My real point is that the least secure part of any computer system is the user. OSX users have swallowed the "More Secure, and no viruses" line hook, line and sinker. They by and large believe that there is nothing that can infect their machine, so they can do as they please with nothing to worry about. I'm commenting here from about 15 years of experience supporting systems both in corporate environments, and in domestic settings, while dealing with people of pretty much all levels of technical ability.

    P.S. If you are going to try and correct my grammar and spelling, perhaps you should consider a few lessons in the use of commas beforehand.

  76. Patrick
    Happy

    Trojans have been coming out for Macs for years

    #1. Not a virus, trojan

    #2. Trojans have to be downloaded,

    #3. Trojans have to be run by the user

    #4. Trojans need the user to Authenticate into the computer for them to run with the users or greater rights of the account that has administrative privileges.

    #5. Trojans then run some script commands.

    #6. Just google OS X and Trojan and you will find a history of them, this is not the first, nor the last, nor groundbreaking, nor going to effect all the Macs in the wild.

    Sorry, but you've missed the mark, but thats what you get for reading articles that have deliberately left out key pieces of information on their reports that clarify.

    Still amusing to see all you Wintards just so wound up, so hurt from all the negative comments on Windows security that you leap headfirst into a Mac attack only to find out you've leapt out without any clothes on and hanging over the edge of a cliff in mid-air.

    Keep the comments coming! Its a big smile generator, hence Mr. Smiley.

  77. Hans
    Coat

    <platform>tards

    Mine is < favoriteAdjective> than yours, hahahaha!

    You don't have mine, get a {Brain|Clue|Life|Whatever}!

    Insulting each other for what? Computers? Software?

    Using the word "retard" to qualify somebody is something kids do in secondary school. So you guyz feel really cool, because you remove the <re> from the retard word and append it to some computer platform abbreviation? I think what you have written so far is immature and I do not know where you guyz were educated.

    I think you should honestly look at your life, think about what is important to you! There is CCTV everywhere, coppers can arrest as they please, our countries are engaging in wars for the leaders' own private profits and worst of all ... And you guyz rant, insult over software??!?

    My coat please, yes, the one with "I'm just 17" on the back.

  78. Jon Gudmundson

    @ David Kelly

    "There are anti-virus programs for Macs. How many viruses do they protect against?"

    Good question.

    I've been administrating a Macintosh workplace for about as long as Mac OS X has come out, and for most of that time we've had site license to use Sophos Antivirus.

    In a half-decade or so of Sophos being deployed on fifty-odd Macs, it has caught multiple copies of a harmless Word macro virus and scored false positives on an MS Office update (not-so-false positive?) and a couple of other legitimate program installers.

    On the other hand, Sophos claims it will catch this particular trojan red-handed, so it's not totally worthless.

  79. Patrick
    Happy

    Another Source For Balance

    "Like any Trojan horse, AppleScript.THT does not spread on its own but relies on user actions, such as downloading and launching, to infect a machine. Trojans can also be silently introduced on a computer if it's injected after a successful attack using another vulnerability, such as a browser bug.

    Some researchers downplayed the threat. Thomas Ptacek of Matasano Security LLC, a New York-based security consultancy, said the ARDAgent vulnerability wasn't much of a concern.

    "Who cares if someone busts root on your Mac?" Ptacek said in a Thursday entry on the Matasano blog. "It's a single-user system. I'll let you in on a Matasano state secret: if you break [my user] account, I'm in trouble. If you're malware and just trying to spread, or redirect my browser to phishing pages, you're wasting your time with this 'root' silliness."

    Ptacek and others have noted that users can protect themselves by removing ARDAgent from its normal location, which is System/Library/CoreServices/RemoteManagement, and archiving the application."

    -- Cheers!

This topic is closed for new posts.

Other stories you might like