Posted on 06/01/2011 8:10:35 AM PDT by Wooly
Update June 1, 6:00AM PDT: The bad guys have wasted no time. Hours after Apple released this update and the initial set of definitions, a new variation of Mac Defender is in the wild. This one has a new name, Mdinstall.pkg, and it has been specifically formulated to skate past Apple’s malware-blocking code.
The file has a date and time stamp from last night at 9:24PM Pacific time. That’s less than 8 hours after Apple’s security update was released.
On a test system using Safari with default settings, it behaved exactly as before, beginning the installation process with no password required.
As PC virus experts know, this cat-and-mouse game can go on indefinitely. Your move, Apple.
I’ve also captured a video that shows the File Quarantine feature successfully blocking an attempt to automatically install the Mac Guard malware. See below.
After a month-long Mac Defender/Mac Guard malware attack, Apple has finally released the security update it promised last week. The update takes Apple one step closer to turning an obscure security feature into something very close to full-fledged antivirus software.
(Excerpt) Read more at zdnet.com ...
Maybe you should READ the DETAILS about the Pwn2Own contest from the interviews with the people who actually won the contest and learn that it is really NOT that "easily" won... but actually required months of work in advance of the contest by those who won... And that the winners were actually world class computer security experts, ex-NSA experts to be precise, who had prepared their exploits in advance. . . and that the second place winners had NOT prepared in advance and brought down the Windows machines, working off the cuff in real time in TWO of the four years, once almost as quickly as the prepared exploits against the Mac machines. You might ALSO learn that in TWO of the years, the exploit used against the Mac would have worked on ALL THREE of the targeted machines, because it was a JAVA exploit taking advantage of a JAVA vulnerability, not a SYSTEM vulnerability, and that the choice of target computer was dictated because the winner WANTED to win the Mac. . . and that in THREE of the years, the exploit required the active cooperation and participation of the USER of the target computer.
True. But in fairness, how many Mac users run their systems with administrative priv? 80% or better is my guess.
The only systems where I -always- run non-priv, are Unix and Linux, because I'm at a command line and have sudo at my fingertips.
Windows "Run-As" is a bad joke, since too many Windows commands and applications do not really respond to that elevated privilege correctly. There are some things where you simply MUST be a user who is a member of "Administrators". And there are some where you still have to bloody well be The Administrator, thank you. What a PITA.
Yes, the situation is considerably better on a Mac. I can run as a non-priv user most of the time without hassle.
But while what you say is true and defensible, we must also allow for the fact that it describes the minority of Mac users.
For-q-clinton, the rules of the contest is that the computers are not all being hacked at the same time... they have windows of time in which they are allowed to make an attempt. It is NOT A RACE, nor is it timed. It just so happened that the Mac attempt was always targeted first because the contest presenters set it up so that the crackers CHOSE what machine they wanted to go after when they got their chance to attack a computer. There are 15 minute periods that the "hackers" get to make their attempts. THEY get to choose which computer they target. The MacBook Pros or MacBook Airs are the desired machine that all of them go after because 1> it is always the most valuable prize. 2> it is the "choice" target. 3> Cracking it gets the headlines.
True... and even IF it launches the system's installer, the user has to click "continue" THREE separate times to install the malware, ignoring the system's warnings. And it still DOES put up the warning that the Trojan's signature was found in the Pkg file. . . and that even that doesn't happen if the "Open 'safe' files after downloading" is unchecked in preferences in Safari... because nothing gets opened.
True, too many.
Actually, no. I am just countering his blather with facts... for those who might fall for his factually incorrect statements.
The most hilarious was his comment earlier in this thread when he said "I’m not happy that OSX is getting hacked and malware attacking it. . ." and in the VERY NEXT thread posted "Read again. No password needed :-)" with a HAPPY FACE, no less!!! He has the audacity to claim this after posting thread after thread and reply after reply chortling about it as he feigns shock and surprise and raises multiple strawmen about what he CLAIMS we have said about the invulnerability of Macs and the impossibility of Macs getting "viruses" (ignoring this is a Trojan, not a virus, and the fact that I posted the first article on this Trojan on FR) and pinging the trolls to his threads to play.
In a way, he is probably telling the truth. He isn't "happy." He is ecstatic!
This is what I meant by " too many folks who make this into their own little cult!"
If you like the Apple OS, good for you. I don't like it or dislike it either way, but I get turned off by people like you making this into a cult -- it's a technology item, nothing more. I don't wax lyrical over comparing my bic pen to another pen. It's just a tool
Some people prefer having a pre-packaged, straight out of the box item -- my sis-in-law has an Apple and she's a language professor who gets scared seeing a spread-sheet. She likes Apple
i prefer to program what I have and tweak it -- so I get some crappy results, but ok, that's the way I like it
there's room for all three -- Apple, Windows and Linux on user PCs. On big servers Linux and windows reign while on the m/fs I see, I don't see anything more robust than z/os
So take your little slogans somewhere else please.
you use apple and like it -- good for you. I don't use it and don't like or dislike it one way or the other. I don't particularly feel "threatened that you use it or like it", so please extend me the same courtesy
The fact that I don't use Apple and that you do says nothing about you or me
The fact that you get so worked up about a product that you say Perhaps the thing that is closed is your mind? because I don't want to use it says a lot about you and about why I dislike the entire apple cult (note, not the apple products, but the hype and the near religious fanaticism of SOME folks who use it)
Wahhhhh...
however, if I want a certified Unix based system, why not just go with Red Hat Linux? It's a heck of a lot cheaper.
Apple is good for folks who want something straight out of the box and are willing to pay the price for that. Good for them and good for Apple
? I’m talking about people making a technology brand into a cult. It doesn’t make sense. It’s a brand at the end of the day, not a philosophy or religion.
No the Mac users download the virus but it doesn’t affect them because no one writes viruses for Macs.LOL!
Knock it off with the personal attacks!
The happy face was to signify that the PERSON was wrong on his assessment not that OSX is insecure (like it’s followers are as well).
Man, why do you take everything so personal and assume it’s about apple? That smiley face was directed at the fool for not being able to read.
BTW: my screenname is for-q-clinton. Please use it properly.
Don’t know about windows 8...first I saw it today. Looks like a better touch interface for windows.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.