More (Apple) OS-X vulnerabilities, holes, etc...

Discussion in 'iPhone' started by Me, ...again!, Jun 19, 2010.

  1. How many holes does OS-X have?

    (note "Mac trojans" in the article, and comments about Mac owners having
    their heads in the sand)

    See below....

    http://www.eweek.com/c/a/Security/Apple-Updates-Mac-OS-X-AntiMalware-Security-Feature-516303/

    ------------------------

    Apple Updates Mac OS X Anti-Malware Security Feature


    Share
    By: Brian Prince
    2010-06-18
    Article Rating: / 0


    There are 0 user comments on this Security story.

    Rate This Article:

    Poor Best


    E-mail

    Print PDF Version


    Apple quietly updated a security feature added to Mac OS X last year
    to protect against a backdoor Trojan known as HellRTS.


    Apple has quietly slipped an update to the anti-malware security
    protections in its Mac OS X operating system.

    Earlier this week, Apple released Mac OS X 10.6.4 - the latest
    edition of Snow Leopard ~V with fixes for more than two dozen
    security holes. In that release, Apple added a malware signature
    for a Trojan known as HellRTS to the XProtect.plist file in
    the Mac.Resource Library:




    XProtect was added to the operating system last year. At the
    time, however, Apple only included detection for two known
    Mac Trojans. According to Sophos Senior Technology Consultant
    Graham Cluley, the recent update adds protection for a Trojan
    that has been distributed by attackers under the guise of iPhoto,
    the photo application that ships on Mac computers.

    ~SIf you did get infected by this malware then hackers would
    be able to send spam email from your Mac, take screenshots
    of what you are doing, access your files and clipboard and
    much more,~T he blogged.

    ~SUnfortunately, many Mac users seem oblivious to security
    threats which can run on their computers~EThere's a lot less
    malicious software for Mac computers than Windows PCs, of
    course, but the fact that so many Mac owners don't take security
    seriously enough, and haven't bothered installing an antivirus,
    might mean they are a soft target for hackers in the future,~T Cluley added.

    The Mac update that included the additional protection for XProtect
    also shipped with a vulnerable version of Adobe Flash Player (10.0.45.2).
    Adobe Systems is advising Mac users who downloaded the update to visit
    their site and download the latest version of Flash, 10.1.53.64.
    Those who already have the most current version of Flash installed
    do not appear to be downgraded by the Apple update, noted Wendy
    Poland, security response program manager at Adobe.
     
    Me, ...again!, Jun 19, 2010
    #1
    1. Advertisements

  2. Me, ...again!

    Your Name Guest

    None worth worring about since you have to actively install the malware
    yourself first by downloading pirate software.



    See, pirate versions of (fake) iPhoto, so you get what you deserve.

    Also, those comments are by an idiot trying to sell unnecessaary anti-virus
    software to Mac users ... what else did you expect hime to say?!? "There are
    no real Mac viruses, so don't bother buying our software." :)
     
    Your Name, Jun 19, 2010
    #2
    1. Advertisements

  3. This, below, is just one link, out of many, that discusses the topic....

    Posted in the public interest....
    ------------------------
    http://www.thexlab.com/faqs/malspyware.html

    ------------------------------

    Detecting and avoiding malware and spyware

    The May 2004 discovery of two "critical" security flaws in Mac® OS X ,
    both of which were closed by applying subsequent security updates,
    triggered considerable interest in the possible exposure of Mac OS X
    users to malware and spyware. Malware is any application that might
    do intentional harm to your system; viruses are considered to be a
    special type of malware. Spyware is any application that captures
    and discloses your personal information without your knowledge or approval.

    This FAQ:
    Addresses recent developments in malware and spyware targeting the Mac.
    Provides general advice for detecting and avoiding both malware and spyware.
    Applies to Mac OS X 10.2 Jaguar through Mac OS X 10.5 Leopard®.

    Some of the information and links referenced in this FAQ are from the
    "Security" chapter of our book, Troubleshooting Mac® OS X.
    Threats to Mac OS X

    Since we initially published this FAQ, the number of new security threats
    to Mac OS X have grown:
    The Web is a growing source of security exploits that can affect both
    Mac and PC users.
    Cross-platform technologies, such as Adobe® Flash® (SWF files) and
    PDF documents have become avenues for security exploits.
    The "Month of Apple Bugs" (MOAB) project identified numerous security
    exposures in both Mac OS X and related third-party software. Many of
    the identified vulnerabilities received corresponding Secunia Advisories.
    While Secunia assessed the impact of many of these vulnerabilities
    as "Not Critical," some were considered "Highly Critical." At the
    time of this writing, fixes have been released by both Apple and
    third-party developers for some of the Highly Critical vulnerabilities.
    Accordingly:
    Assure your software is up-to-date.
    Disable any option to "Open safe files after downloading" in your Web
    browser. In Safari®, this option is found in the General tab of Safari
    preferences.
    The OSX. Macarena virus, while considered a low-risk, "proof of concept"
    endeavor, is another indication of the efforts of some to produce a
    destructive Mac OS X virus. Related comments about this virus on the
    Symantec® Security Response Weblog are interesting.
    The Sony® Digital Rights Management (DRM) debacle affects Mac OS X,
    attempting to installing kernel extensions. This software is both a
    rootkit and spyware.
    Worms and Trojan horses targeting Mac OS X and have emerged, including:
    OSX.Exploit.Launchd, a Trojan horse released as a proof-of-concept
    that exploits a security exposure in Mac OS X 10.4 through 10.4.6.
    OSX.Inqtana.A, which propagates via Bluetooth®.
    OSX.Leap.A deletes, infects, or corrupts files and attempts to spread
    through iChat.
    SH.Renepo.A / SH.Renepo.B, aka Opener, is a rootkit that can disable
    the Mac OS X firewall, steal personal information, destroy data, and
    replicate itself to other systems on your network. That SH.Renepo
    can replicate itself to other systems on your network by copying
    itself to any mounted drive, including shared volumes, may explain
    why Symantec characterizes this threat as a virus while the US Computer
    Emergency Readiness Team (US-CERT) defines it as a Macintosh worm.
    MacOS.MW2004.Trojan, a nasty bit of malware that masquerades as a
    Microsoft® Word 2004 installer that erases the infected users Home
    folder and potentially more.
    While tricking you into installing a Worm or Trojan generally
    requires some social engineering, their malicious payloads can
    easily be packaged within apparently innocent application downloads.
    While viruses targeting the Microsoft® Windows® operating system
    generally cannot affect your Mac:
    You can spread Windows viruses by sending infected documents or
    e-mails to other users.
    Running Microsoft VirtualPC for Mac exposes PowerPC™-based Macs to
    all Windows viruses.
    Macro viruses, such as those written for Microsoft Office products,
    can infect your Mac or destroy data. One should disable automatic
    macro execution in the preferences of your Office applications.
    Implementing Boot Camp and installing Microsoft Windows on your
    Intel®-based Mac exposes that computer to the same threats as
    running Windows on a PC.

    The rise in Mac OS X exposures — including numerous Apple® Security
    Updates, several containing fixes for critical exposures, the highest
    level of threat — has prompted the SANS™ Institute to add
    Mac OS X to its list of "Top 20" Internet security vulnerabilities.

    The rising popularity of the Mac and Mac OS X is considered by
    security professionals to make it an increasingly attractive
    target for malware and spyware. We agree with this assessment.
    Prior versions of the Mac OS were also subject to security
    threats: Section 7 of the "Viruses and the Mac FAQ" cited
    "around 40 Mac-specific viruses and related threats" before
    the advent of Mac OS X.

    Detecting and avoiding malware

    For general advice on avoiding malware, read the AppleCare® Knowledge
    Base document "Safety tips for handling email attachments and content
    downloaded from the Internet." Install and use anti-virus software

    The latest anti-virus applications can detect more than viruses,
    such as malware distributed in scripts embedded within documents
    sent as e-mail attachments. Accordingly, installing and using an
    anti-virus application, such as Symantec® Norton AntiVirus®
    for Macintosh®, can help detect malware and prevent its harmful
    effects. However, as new methods of attack are always in
    development, it is vital to regularly or automatically update
    the virus definition files used by your anti-virus software. At
    The X Lab™, we use Symantec Norton AntiVirus for Macintosh.

    An increasingly popular alternative to commercial anti-virus
    applications is ClamXav, a donationware application that provides
    a graphical user interface (GUI) and Mac OS X binaries for the
    open source ClamAV (Clam AntiVirus) application. Essentially,
    this is an open source anti-virus solution for Mac OS X.

    While we have not tested ClamXav, we have read numerous comments
    from users who are very satisfied with it, including many who have
    switched to it from commercial anti-virus solutions. Graham K.
    Rogers has published an excellent review of ClamXav in his
    article "The Virus and OS X." Graham's word is always good
    enough for us, hence if cost is an issue, try ClamXav.

    Spurious arguments against using anti-virus software

    When questions arise on Mac forums concerning installing an
    anti-virus solution, various arguments usually arise against
    employing such software. We regard these arguments as spurious
    and refute them as follows.

    "There are no viruses affecting Mac OS X."

    The operant words missing from this argument are today or yet. This
    argument is spurious for the following reasons:
    As noted earlier, a number of security threats, including Trojans,
    worms, and rootkits, have been developed. These can be as destructive
    as any virus.
    Your Mac can be affected by macro viruses, Windows-specific
    threats if you run Windows under Virtual PC, and you can spread
    Windows viruses to other users even if they do not affect your computer.
    Apple continues to release Security Updates for Mac OS X. There may
    be additional security exposures in the operating system for a
    hacker to exploit.

    "The few threats to Mac OS X are not serious threats."

    This argument claims that because few were affected by the identified
    threats, or because Security Updates and Mac OS X Updates addressed
    some of these threats, that the threats need not be taken seriously.
    Nothing could be further from the truth. The mere fact that Trojans,
    rootkits, and other threats have been published should be a wake-up
    call to all Mac OS X users: nefarious people are looking to destroy
    the Mac's reputation for security when compared to Windows. Despite
    the excellent reputation of Mac OS X for security, again when compared
    to Windows, one must remember that Security Updates are continuing
    to be released for Mac OS X. Someday a clever person may find and
    publish an exploit before a Security Update can close the exposure.
    Security Updates are evidence that Mac OS X, while providing excellent
    security, is not invulnerable.

    "An anti-virus solution will not protect you from a new threat
    until its virus definitions are updated."

    In general, this is true. However, this argument is not a reason for
    avoiding an anti-virus solution for the following reasons:
    The primary reason for using an anti-virus solution is to protect
    you from known threats. For example, many Mac OS X users regularly
    download shareware and freeware applications advertised on a variety
    of Web sites. However, these web sites do not vet the actual software
    you are downloading, i.e. the download could introduce malware or
    spyware. It would be very easy for a developer to create an
    innocuous or useful application and include a rootkit or Trojan
    in the installer package. If this is the case, and the installation
    requires that you provide your Admin password, the hidden malware
    would be installed along with the application, all without your
    knowledge. An anti-virus solution, such as Norton AntiVirus, will
    protect your Mac against such threats.
    If a new security threat, such as a virus, Trojan, or worm is a
    variant of a known threat, it may contain code that matches the
    signature of the known threat on which it is based. The signature
    is code within the malware that matches the code of a known threat.
    The virus definition files used by every anti-virus solution recognize
    known threats by their signatures. In such a case, an anti-virus solution
    could protect you from the new threat.
    Anti-virus vendors have an excellent history of quickly identifying
    new threats and publishing updated virus definitions to defend against
    them. Keeping the virus definitions for your anti-virus solution
    up-to-date can significantly reduce the risk of new threats.

    "Anti-virus software consumes excessive CPU resources."

    All running applications consume CPU resources. In general, the CPU
    impact of the full range of automatic protection features of an
    anti-virus solution on a modern Mac with additional RAM and adequate
    free disk space ranges from slightly noticeable to negligible, depending
    upon the system in question and other tasks being performed by that system.
    The two primary factors that can affect overall system performance when
    using an anti-virus solution are:
    The general system characteristics of your Mac that affect performance.
    Systems with slow processors, insufficient RAM, or that are low on
    free disk space can experience performance problems with any
    application, particularly processor-intensive applications. See
    our "Problems from insufficient RAM and free hard disk space" FAQ
    for a discussion of this subject.
    How you configure the protection-related preferences of your
    anti-virus solution. For example, Symantec Norton AntiVirus 10 for
    Macintosh provides a wide range of options for tailoring its automatic
    protection facilities. These range from completely disabling automatic
    protection — meaning one should still manually invoke a scan of e-mail
    attachments and downloaded files before opening them using the
    "Norton AntiVirus" contextual-menu choice — to enabling a subset of
    automatic protection options, defining Safe Zones, and specifying
    different approaches to handling disks when mounted.
    By optimizing your Mac's performance and tailoring the
    protection-related preferences of your anti-virus solution, with
    due consideration to the threats in your computing environment,
    the CPU impact of an anti-virus solution can be minimized
    considerably, usually to the point of being unnoticeable.

    "Anti-virus software causes problems."

    This argument is again spurious. There are two primary reasons
    why an anti-virus solution might cause a problem:
    The installed version of the anti-virus solution is incompatible
    with the installed version of Mac OS X. This is the most common
    reason for problems associated with anti-virus solutions.
    When new versions of Mac OS X are released, such as from Jaguar to
    Panther® or from Panther to Tiger®, your third-party applications
    may require updates. Failure to install required updates to any
    third-party application invariably leads to problems. This is
    especially true of your anti-virus solution. For example, new
    versions of Norton AntiVirus have been released with each new
    version of Mac OS X: one must use a compatible version. The same
    is true of other anti-virus solutions. The Symantec knowledge base
    document "Compatibility between Symantec software and Mac OS X"
    specifies the versions of Norton AntiVirus that are compatible
    with specific versions of Mac OS X.
    There was a bug in the anti-virus solution. Anti-virus solutions
    are software. All software is susceptible to programming errors
    or bugs. The increasing complexity of software means that bugs may
    slip through development or testing, despite the best efforts of
    the developers. Apple still releases updates for Mac OS X that
    correct bugs in the operating system. You are just as likely to
    experience problems from bugs in Mac OS X or other third-party
    applications as an anti-virus solution. Installing software is
    a matter of trust, specifically that the developer has taken all
    necessary precautions to assure that the software is free of
    programming errors. Reputable software firms, such as
    anti-virus solution providers, take this responsibility seriously.
    The only way to mitigate the potential for problems arising from
    any software is to implement a comprehensive Backup and Recovery
    solution and use it regularly, especially before installing any
    software or software updates. Either that, or stop using computers
    until the day arrives — if ever — when all software is perfect and bug-free.
    Install Mac OS X Security Updates

    Mac OS X Security Updates regularly address security exploits and should
    generally be installed when available. Two examples of how Security
    Updates have addressed potential exploits by malware and later became
    standard security features of Mac OS X are the following:
    Security Update 2004-06-07 for Panther and Jaguar addressed the issue
    of detecting some types of malware. However, it did not address viruses,
    for which you need anti-virus software. This Security Update implemented
    a change to protect users from opening documents that could launch
    malware. The first time you double-click a document to be opened by
    a specific application, you receive an alert if you have not previously
    launched that application directly, i.e. by double-clicking the
    application's icon. The alert requires that you approve the launch
    of the application specified in the alert. This alert mechanism
    became a standard security feature of Mac OS X in Mac OS X 10.4 Tiger.
    If you do not recognize the application the alert indicates will
    be launched, do not select Open in the alert dialog. Investigate
    the application to determine its origin and potential as malware.
    Once you approve the launch of the application specified in the
    alert, no further alerts for that application will be seen unless
    you perform System cache cleaning. [1]
    Security Update 2004-05-24 for Panther and Jaguar closed another
    potential malware exploit involving Help Viewer and, in the case
    of Jaguar, Terminal. This again became a standard security feature
    of Mac OS X starting with Tiger.

    see the URL for further text deleted here.
     
    Me, ...again!, Jun 20, 2010
    #3
  4. Me, ...again!

    Your Name Guest

    Unless you're installing pirate software, there is NO, zero, nada, zip,
    true Mac OS X malware. All those Google links are just "what if"
    possibilities, and hot air from anti-virus sellers and anti-Apple morons.
     
    Your Name, Jun 20, 2010
    #4
  5. Me, ...again!

    Guest Guest

    nothing like a recent article.
    that is correct.
    no, the operant words missing are 'in the wild.' the only malware is
    what the user installs *on their own*.
    but they haven't.
    that's not an os x issue.
    that's windows, not os x.
    so what? why don't the windows users have their own anti-virus
    software? why should a mac user protect *other* computers?

    do you take antibiotics when you're healthy just to protect your
    friends and neighbors?
    yes they do and none of those exploits have actually been used for a
    virus.
    also true.
    except that the ONLY way to get them is if the user deliberately
    installs one. it *can't* just happen.
    so what? there are security updates for windows too.

    the question is have any of those issues been used for something
    nefarious and the answer is no.
    true. some day, someone might. that day has not yet happened.

    nothing anyone is doing *today* is going to help because nobody knows
    what that person will do or how s/he will do it.
    exactly correct.
    it's *always* correct, otherwise it's not a 'new threat' but an
    'existing threat.'
    all known threats require the user to participate.
    which is why you only download software from the vendor's own web site
    or a trusted site that hosts it, such as the apps store for iphones.

    that means if you want to watch porn, you don't install a new player
    *from the porn site*. use a standard player, like the one that comes
    with the mac, quicktime player.

    it also means if you want iwork, you go to the store and buy it, not
    find it on some pirate warez site, or if you really want to pirate it,
    spend some time finding out if the pirated copy is tainted or not.
    if it's so easy, why hasn't anyone done it?
    how exactly does someone provide their admin password without any
    knowledge of doing so?
    it will also corrupt your system and/or files. for one example, google
    the following: norton spacesuckingfile
    that's a big if.

    malware authors devise malware to avoid detection and get around what
    anti-virus software does. otherwise, it would not work and their time
    would be wasted.
    again, the user has to deliberately download it to get it.
    maybe so buy you'll still need an update for a new threat, which means
    nothing you do now will help.
    also true. it's never zero.
    yet people obsess over whether to get the 2.5 gz or 2.6 gz system, or
    whether an extra couple of gigs of memory will make a difference, or
    whether firewire 800 will make a difference when the hard drive itself
    is slower, etc.

    even if it's a few percent, why bother when it doesn't actually do
    anything?
    is this article a shill piece for norton? they keep mentioning it by
    name, and now a feature description?
    very definitely.
    it is not.
    the difference is that anti-virus software has its hooks deep within
    the operating system and instead of an app launching and crashing,
    incompatible anti-virus software can render the entire system
    inoperable.
    exactly, which means you have to decide which is the lesser evil: buggy
    anti-virus software that has a long history of causing problems, or the
    remote threat of viruses that *might* occur at some unknown point in
    the future.

    furthermore, anti-virus software has been known to have their own
    exploits, which means installing anti-virus software leaves you *more*
    at risk than with nothing at all.
    why add more bugs?
    bullshit.

    anti-virus vendors are among the sleaziest of all developers, from
    issuing press releases that prey upon people's emotions even when
    there's little to no threat (protect your data!!). in some cases, they
    outright lie about what their products do.
    backup is *much* more important.

    there have been several instances of data loss from software, including
    anti-virus software. there has not been any instance of data loss from
    malware.

    a backup will remedy any data loss up to the point at which the last
    backup occurred (which is within the hour for time machine users).

    it's a crap shoot if anti-virus software will do anything, especially
    if you get hit before the update runs. you'll still need a backup, or
    you might potentially lose everything and need a clean install.
     
    Guest, Jun 20, 2010
    #5
  6. I think that he should change his handle to "Chicken Little".
     
    Michelle Steiner, Jun 20, 2010
    #6
  7. Me, ...again!

    Wes Groleau Guest

    Actually, there are a few programs that have heuristics for
    “malware-like behavior†which have been able to catch new
    threats. Downside of course is the risk of a false positive.

    Please stop cross-posting to the nutcase’s fan group.

    --
    Wes Groleau

    "In the field of language teaching, Method A is the logical
    contradiction of Method B: if the assumptions from which
    A claims to be derived are correct, then B cannot work,
    and vice versa. Yet one colleague is getting excellent
    results with A and another is getting comparable results
    with B. How is this possible?"
    -- Earl W. Stevick
     
    Wes Groleau, Jun 20, 2010
    #7
  8. I think you should change your name to ostrichheadinthesand.
     
    Me, ...again!, Jun 20, 2010
    #8
  9. I think you should change your name to ostrichheadinthesand.[/QUOTE]

    As I said before, you think whatever you want to think, regardless of what
    reality is.
     
    Michelle Steiner, Jun 20, 2010
    #9
  10. The problems have a history going back at least six years.
    You are thus proclaiming that "tommorrow" is never going to come, thus
    your concludion: Macs are unsinkable.
    Haven't what?
    Macs run their apps with OS-X.
    But its about running on a Mac.
    Why get car insurance?
    Mass vacinations are needed to control the spread of bio viruses just like
    AV is needed to control spread of computer viruses.
    Unsinkable head in sand response.
    But still threats.
    So, you think a hacker couldn't "deliberately install one" on your box?
    It means that vulnerabilities are continually being discovered.
    Not according to this history so far.
    "unsinkable" or not?
    Is this a waffle?
    New threats are, by definition, what comes out since the prior update.
    Rootkits are usually placed on boxes/systems by hackers, not users (unless
    they are hacking).
    Which can be trojanized.
    Which could be trojanized, too.
    Most people don't have the resources to do that.
    It may already be done, but nobody has discovered it, yet.
    To a keystroke logger.
    My gosh...you've just proven my point: THERE is a Mac virus and YOU failed
    to detect it! ;-)
    Problem is: variants are meant to slip past AV of prior update.
    Or, the hacker does the deliberate download for you.
    All depends on what strategy you use and what level of protection you want
    to aim for.
    Your choice.
    Maybe Norton is the only AV for the Mac?
    So, sue Norton.
    So you'd rather stick your head in the sand?
    Best excuse of all: the AV is a virus, eh?
    The SW writers do it for you.
    Everyone makes mistakes.
    You'd have to prove that claim-allegation.
    Before you get infected.
    That you know of (or are willing to talk about).
    So you admit something could hit you.

    you'll still need a backup, or
     
    Me, ...again!, Jun 20, 2010
    #10
  11. Me, ...again!

    Guest Guest

    that long?
    no, i'm proclaiming that *today* there is no problem unless the user
    creates it on their own.
    been destructive.
    it's an app issue. it has nothing to do with os x. those who don't run
    the affected apps or have macros disabled (the default) are not at
    risk.
    it's windows, not os x, and windows malware cannot affect macs.
    because it's the law. what does car insurance have to do with anything?
    insurance doesn't prevent accidents.
    except that there isn't an epidemic of anything and you don't get
    vaccinations for minor stuff.
    which exploit has been used for a mac virus and when? specifics.
    so? there's a threat that a meteor could hit your house. there's a
    threat that someone might break into your house and steal your stuff
    (and hopefully whatever you use to post to usenet is first on their
    list).
    not unless he breaks into my house and figures out the password to my
    computer, no.
    so what?

    doctors are finding new diseases but that doesn't mean you're going to
    get any of them.
    which means that any anti-virus software you may have installed *can't*
    detect them until they're updated, so you are at risk.
    so you agree it's the user's fault, not something that just happens.
    you are paranoid and delusional.

    someone could backdoor a c++ compiler so any software you write
    yourself does something more than what you think it does.
    most people don't have the resources to buy software?

    wtf.

    are you advocating piracy?
    you are going to worry about something that has not been discovered and
    has not caused any problems?
    which can't be installed unless one provides their admin password in
    the first place.
    norton is *very* bad, one of the worst, but nevertheless, it requires
    the user to install it.
    and how exactly does he gain access to my machines?
    it's not.
    i don't have standing to sue them.
    nothing about that is sticking one's head in the sand. it's risk
    management.

    the chances of malware is very close to zero and the chances of buggy
    anti-virus software causing data loss or other problems is very high,
    with numerous instances having happened already.

    it doesn't take a whole lot of intelligence to figure out which one is
    the safer choice.
    read it again.
    you're at the top of that list.
    trivial.

    one anti-virus vendor claims that their product protects against
    viruses known as nvir, mdef and scores. those are viruses that affected
    system 6 and system 7, some twenty years ago. they do not work on
    powerpc processors, let alone intel processors. they require 68k
    processors. they also do not work in os x *at all*, not even in
    classic. in other words, they are not a threat at all no matter what
    you do, and they haven't been a threat for a *long* time.

    to claim that a product protects against them is pure sleaze and
    blatant deception.

    another anti-virus vendor issues press releases whenever there's even
    the slightest risk and has been implicated in actually creating malware
    to further their sales. they issued a press release a few weeks ago
    about some new malware that uploads all sorts of user data, but as it
    turns out, that software explicitly asks the user for permission to do
    so when it's installed. furthermore, they never actually said what the
    affected software was, only to buy their product to block it.
    duh.

    buy a computer, back it up immediately and assuming you're using time
    machine, you'll have multiple snapshots back to day one.
    name one.
    i never said otherwise.

    lightning could hit me too, and is more likely than getting mac malware.
     
    Guest, Jun 20, 2010
    #11
  12. Me, ...again!

    Wes Groleau Guest

    Once he breaks into your house, he doesn't need a password.
     
    Wes Groleau, Jun 20, 2010
    #12
  13. Yeah, just take the whole computer.

    Oh, yes, there are ways to get past the passwords, too.

    Data recovery services will do it for cheap (and if you want to do it
    yourself, use google).
     
    Me, ...again!, Jun 20, 2010
    #13
  14. Me, ...again!

    Guest Guest

    oh yes he does. everything is on encrypted drives. he either needs a
    password to get past the screen saver, or a physical key to unlock the
    drive if he decides to reboot it.
     
    Guest, Jun 20, 2010
    #14
  15. Me, ...again!

    Guest Guest

    true, but that means he won't be installing any malware. :)
    sometimes. it depends on the password and how much time someone is
    wiling to spend.
    data recovery services are not cheap.
     
    Guest, Jun 20, 2010
    #15
  16. Me, ...again!

    Wes Groleau Guest

    Not if installing malware is the goal.
    Single-user mode, mount media he brought
    with him, copy the malware from that.

    On the way out, grab enough easy-to-carry
    items of value to make it look like robbery
    instead of cyber-crime.
     
    Wes Groleau, Jun 20, 2010
    #16
  17. Hah! He'll be installing decryption software. You know, how they "get"
    these child pedophiles that encrypt their files, and the cops hire some
    hacker to "get the dirt" on the guy.
    There is easy to find password crack software, too.
    If you want to crack the HD bad enough, it will be cheap.
     
    Me, ...again!, Jun 21, 2010
    #17
  18. Well, we _could_ talk about that, couldn't we?

    My wife's commercial office space was broken into some years ago, stole
    the computer I was using to help her accounts.

    Guess what? Just the day before I started to back up all "data" files and
    did a wipe (replace deleted/unassigned filespace with strings of zeros).
    Been doing that since then. Actually two backups before the wipe.
    I don't know what the new Macs can do, can't do, but if it's a unix
    partition, you might be able to use a Linux boot disk and transfer the
    malware from the boot disk. IIRC, there are lots of ways to boot up a box
    without passwords.
    Yeah....bring a big gunny sack, too.

    Look for the user's backup disks, too. ;-)
     
    Me, ...again!, Jun 21, 2010
    #18
  19. There is an old FAQ for pre OS-X and said there were about 40 viruses for
    those older Macs.

    ////////////////////////
     
    Me, ...again!, Jun 21, 2010
    #19
  20. Get John Conner the hacker kid in Terminator 2 movie, he had that little
    handheld thing; hacked passwords in about 20 seconds. ;-)
     
    Me, ...again!, Jun 21, 2010
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.