Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Apple Snubs Security Firm That Spotted Mac Botnet

Soulskill posted more than 2 years ago | from the doesn't-play-well-with-others dept.

Botnet 409

Sparrowvsrevolution writes "Now that it's being increasingly targeted by botnet herders, Apple has a thing or two to learn about cooperating with friendly security researchers. Boris Sharov, the CEO of Dr. Web, the Russian security company that first reported more than half a million Macs were infected with Flashback malware last week, says when his company alerted Apple to the botnet, it never responded to him. Worse yet, on Monday Apple asked a Russian registrar to take down a domain it said was being used to host a command and control server for Flashback, but in fact was a 'sinkhole' that Dr. Web had set up to observe and analyze the botnet. Sharov describes the lack of communication and cooperation as a symptom of a company that has never before had to work closely with the security industry. 'For Microsoft, we have all the security response team's addresses,' he says. 'We don't know the antivirus group inside Apple.'"

Sorry! There are no comments related to the filter you selected.

Mac's don't get malware (5, Funny)

crazyjj (2598719) | more than 2 years ago | (#39634007)

Why would they communicate with a supposed security researcher who doesn't even know that?

Re:Mac's don't get malware (-1, Flamebait)

Anonymous Coward | more than 2 years ago | (#39634113)

Recursive apathy -> sarcasm -> idiocy loop detected, please destroy this abbey normal brain and try again.

Re:Mac's don't get malware (-1)

Anonymous Coward | more than 2 years ago | (#39634231)

Why would they communicate with a supposed security researcher who doesn't even know that?

Hello Artie McStrawman,

Can you please provide any links to folks that have claimed that Macs dont' get malware?

The strongest claim I've ever seen is that Macs aren't targetted as actively as Windows machines (at least until this point in time).

Re:Mac's don't get malware (5, Informative)

jesseck (942036) | more than 2 years ago | (#39634365)

Can you please provide any links to folks that have claimed that Macs dont' get malware?

Here you go:

Mac Commercial (produced by Apple) [youtube.com] and Apple's own webpage [apple.com]

And yes, "viruses" are not the only kind of malware out there- most people on /. know that. But no one else in my family does, and neither do the vast majority of people those two examples target for marketing. Apple's claim that Mac's don't get "viruses", in my mom's mind, equate to "Apple's don't have malware".

Re:Mac's don't get malware (1)

realitycheckplease (2487810) | more than 2 years ago | (#39634515)

I first used apple macs at the start of the 90's, they had a-v software back then (although afair it was generally pd developed and bbs distributed) ... but it was signature based a-v detection so I'd guess that apple macs had viruses in the wild 20+ years ago ....

Re:Mac's don't get malware (5, Insightful)

CharmElCheikh (1140197) | more than 2 years ago | (#39634777)

Well in all "honesty" apple's own webpage says "it doesn't get PC viruses". Technically, it doesn't; it gets Mac malware. But I know, it isn't honest, hence my first quotes, and to most people that does mean that "it doesn't get anything bad, unlike that stupid windows thingy".

Re:Mac's don't get malware (4, Insightful)

s.petry (762400) | more than 2 years ago | (#39634933)

The AV software for Apple is the same as it was for Unix and Linux. It was not that PC viruses could infect *nix. Microsoft, Norton, and McCaffee, were using propaganda marketing telling people that *nix file servers could not clean up viruses like a NT file server could and were dangerous since they could house viruses causing Windows to become infected. Since most VPs are dumb enough not to understand the unimportance of that marketing ploy, a lot of AV products sprung up for *nix and iOS.

Many of the vendors still produce AV software for OSes that don't really need it for that reason. I'll bet you can still find iOS AV software for a fee, the PT Barnum theory works as well today as it did when he was alive.

Re:Mac's don't get malware (5, Insightful)

SJHillman (1966756) | more than 2 years ago | (#39634781)

From Mac's website: "A Mac isn’t susceptible to the thousands of viruses plaguing Windows-based computers. That’s thanks to built-in defenses in OS X Lion that keep you safe, without any work on your part."

1) No shit a Mac isn't susceptible to PC viruses. PC's aren't susceptible to Mac-only malware either
2) In this case, my car isn't susceptible to Windows-based viruses thanks to built-in defenses of it's windshield. Viruses weren't written for my windshield, so that counts as a built-in defense, right?

Re:Mac's don't get malware (1, Informative)

Lumpy (12016) | more than 2 years ago | (#39634821)

Sorry but that says ,"Macs dont get PC viruses" which is 100% correct. It's just like Microsoft saying "everyone loves windows" IT's true just out of context and misleading.

Re:Mac's don't get malware (-1, Troll)

LanMan04 (790429) | more than 2 years ago | (#39635015)

Apple's claim that Mac's don't get "viruses", in my mom's mind, equate to "Apple's don't have malware".

If you don't install kracked shit from TBP on your Mac, it DOESN'T get malware.

Does your Mom do that?

Re:Mac's don't get malware (2)

Dunbal (464142) | more than 2 years ago | (#39634367)

Can you please provide any links to folks that have claimed that Macs dont' get malware?

PC's get viruses... [youtube.com] , the implication that Macs don't. There are plenty more examples although I am sure Apple has never been foolish enough to state outright that Mac's don't get malware the implication is clear often enough. And do your own fucking homework.

Re:Mac's don't get malware (1)

Anonymous Coward | more than 2 years ago | (#39634377)

Can you please provide any links to folks that have claimed that Macs dont' get malware?

Here you go. [everymacintoshuser.com]

Re:Mac's don't get malware (-1)

Anonymous Coward | more than 2 years ago | (#39634387)

Dear AC, You must not get sarcasm or the idea of a joke. Try not to be such a stuck up twat next time. Thanks your friend, AC WhoIsntADumbass

Re:Mac's don't get malware (4, Informative)

Anonymous Coward | more than 2 years ago | (#39634437)

http://www.apple.com/why-mac/better-os/#viruses [apple.com]

Safeguard your data. By doing nothing. With virtually no effort on your part, OS X defends against viruses and other malicious applications, or malware. For example, it thwarts hackers through a technique called “sandboxing” — restricting what actions programs can perform on your Mac, what files they can access, and what other programs they can launch. With FileVault 2, your data is safe and secure — even if it falls into the wrong hands. FileVault 2 encrypts the entire drive on your Mac, protecting your data with XTS-AESW 128 encryption. Initial encryption is fast and unobtrusive. It can also encrypt any removable drive, helping you secure Time Machine backups or other external drives with ease. Other automatic security features include Library Randomization, which prevents malicious commands from finding their targets, and Execute Disable, which protects the memory in your Mac from attacks. Download with peace of mind. Innocent-looking files downloaded over the Internet may contain dangerous malware in disguise. That’s why files you download using Safari, Mail, and iChat are screened to determine if they contain applications. If they do, OS X alerts you, then warns you the first time you open one.

Re:Mac's don't get malware (0)

Anonymous Coward | more than 2 years ago | (#39634491)

Here you go [apple.com]

Jesus, this was posted by the guy in the very next thread. Did you not even try before regurgitating Apple's trope?

"but this is a TROJAN! still no viruses!

Go read that Apple page again. Notice how it mixes the terms "viruses" and "malware" liberally throughout the text? That's designed to allow idiots like you to technically claim this isn't a virus but for an OS that's designed to "just work" and be for the less computer savvy, do you really think laypeople will care about the difference?

Safeguard your data. By doing nothing. (5, Funny)

rfioren (648635) | more than 2 years ago | (#39634089)

Re:Safeguard your data. By doing nothing. (1)

muon-catalyzed (2483394) | more than 2 years ago | (#39634495)

With Steve Jobs' holy ghost blessings.., I for one recommend this final solution to wipe the terror botnet hive.
http://www.youtube.com/watch?v=2s1MspmfEwg

Re:Safeguard your data. By doing nothing. (4, Funny)

Anonymous Coward | more than 2 years ago | (#39634799)

"It doesn’t get PC viruses."

In other news, my electric car doesn't suffer from problems caused by low quality gasoline.

there is no Apple AV group (4, Funny)

alen (225700) | more than 2 years ago | (#39634097)

Mac's don't get viruses. it used to be magic pixie dust protected all the Mac's but my MacBook Pro and others bought since the death of St. Steve are protected by His Spirit

Re:there is no Apple AV group (3, Informative)

HarrySquatter (1698416) | more than 2 years ago | (#39634157)

Flashback isn't a virus...

Re:there is no Apple AV group (5, Funny)

revelation60 (2036940) | more than 2 years ago | (#39634281)

It's a feature.

Re:there is no Apple AV group (1)

lcam (848192) | more than 2 years ago | (#39634633)

Well, that depends of if it's the intelligence community using the <cough/> feature, or if it's anonymous.

Re:there is no Apple AV group (5, Informative)

tacarat (696339) | more than 2 years ago | (#39634349)

The current version downloads and installs itself. No human interaction required besides viewing an infected webpage. Don't confuse the "viruses are impossible to get on a Mac" crowd more by trying to make them learn the subcategories of malicious software. The fact it was originally a trojan that required the admin password to install versus the drive by installer requiring none is something more for the academics quibble about, not the end users.


Granted, this is /., so it's academics and fanboys anyhow >.>

Re:there is no Apple AV group (0, Troll)

HarrySquatter (1698416) | more than 2 years ago | (#39634427)

That doesn't change the fact that it's still a trojan. You're assumption that a trojan has to require the user to have interaction during install is erroneous.

Re:there is no Apple AV group (5, Insightful)

amicusNYCL (1538833) | more than 2 years ago | (#39634915)

If this is a trojan, then exactly what piece of legitimate software is it piggybacking on in order to get installed? It sounds to me like it's exploiting a Java vulnerability using an applet that does not disguise itself as something useful, it is specifically to install the payload. That sounds like a traditional virus. Previous versions that were actual trojans were embedded in warez downloads.

Re:there is no Apple AV group (1)

Anonymous Coward | more than 2 years ago | (#39634173)

The Reality Distortion Field is fading...

Re:there is no Apple AV group (5, Funny)

ColdWetDog (752185) | more than 2 years ago | (#39634177)

Ah, but you're right. This isn't a virus. It's a trojan. And we all know that Trojan's protect dicks.

(sorry Apple fans, that one hung out there just a wee too much).

Re:there is no Apple AV group (0)

Anonymous Coward | more than 2 years ago | (#39634783)

Ah, but you're right. This isn't a virus. It's a trojan. And we all know that Trojan's protect dicks.

(sorry Apple fans, that one hung out there just a wee too much).

EPIC

Re:there is no Apple AV group (4, Funny)

narcc (412956) | more than 2 years ago | (#39634873)

that one hung out there just a wee too much

That's what she said!

Re:there is no Apple AV group (3, Interesting)

Anonymous Coward | more than 2 years ago | (#39634959)

When was the last time ANY computer got a "virus"? A self replicating piece of code that spread from that PC via contact with storage media, etc.?

"Viruses" are long dead. They are now worms, trojans, spyware, etc. etc. They do not spread the way a real virus spreads. Its an antiquated term than people just use to mean "malware" these days.

So apple can certainly claim they do not get "viruses". Neither do PC's.

Of course (0)

Anonymous Coward | more than 2 years ago | (#39634103)

The spirit of Steve Jobs is alive and well.

Apple Gets Bit by Worm (1)

Anonymous Coward | more than 2 years ago | (#39634117)

Security industry bitten by the hand that doesn't feed it.

Not a virus, numbnuts (-1)

Anonymous Coward | more than 2 years ago | (#39634153)

Macs don't get viruses, tardo. This is a trojan. This guy claims to be a 'security researcher' but doesn't know the difference?

Re:Not a virus, numbnuts (1)

ColdWetDog (752185) | more than 2 years ago | (#39634273)

Macs don't get viruses, tardo. This is a trojan. This guy claims to be a 'security researcher' but doesn't know the difference?

I think we might as well get over having lost this battle. All of the major media outlets (and thus the vast majority of Mindless Media consumers) are calling it a 'virus'.

But not to worry, we've got lots of other technological windmills to tilt at.

Re:Not a virus, numbnuts (1, Informative)

LanMan04 (790429) | more than 2 years ago | (#39635053)

I think we might as well get over having lost this battle. All of the major media outlets (and thus the vast majority of Mindless Media consumers) are calling it a 'virus'.

You don't get a trojan from just surfing the web. Installing kracked software from TBP and then authenticating with your admin password is a loooooong way from random innocent people getting clobbered by drive-by malware.

Re:Not a virus, numbnuts (0)

Anonymous Coward | more than 2 years ago | (#39634371)

And nobody has cared about the distinction for a long time. Trojans are always called 'viruses' with Windows based operating systems.

Re:Not a virus, numbnuts (2)

lightknight (213164) | more than 2 years ago | (#39634497)

Meh, close enough.

Trojan virus vs. trojan malware. Yes, it's technically not a virus, but it is a piece of malware that the Mac-heads have been convinced they are immune to. And it is, no doubt, the first of many; in time, if someone actually cares, perhaps a real virus (CIH style) will be created for the Mac. You know, something with a timebomb, that goes undetected, then fries the disk firmware?

Re:Not a virus, numbnuts (1)

LanMan04 (790429) | more than 2 years ago | (#39635103)

You know, something with a timebomb, that goes undetected, then fries the disk firmware?

Which would require (a) installing shady pirate software and (b) authenticating with your admin password.

They deserve what they get.

'We don't know the antivirus group inside Apple.' (2, Informative)

Anonymous Coward | more than 2 years ago | (#39634233)

Because there isn't one?

*rimshot*

Of course not. (4, Insightful)

JustAnotherIdiot (1980292) | more than 2 years ago | (#39634257)

We don't know the antivirus group inside Apple.

Apple is to arrogant to admit they have any flaws, so odds are there isn't one.
Just like with the iPhone 4 antenna, they'd rather take bad PR and have their users suffer than admit there's an issue.

Re:Of course not. (0)

Anonymous Coward | more than 2 years ago | (#39634447)

What can you expect from a company that was run by a piece-of-shit-human-being like Steve Jobs....

Re:Of course not. (4, Insightful)

Mojo66 (1131579) | more than 2 years ago | (#39634525)

As much as I love Apple products, I hate their arrogance towards anything related to security. Could break their neck.

Re:Of course not. (0)

Anonymous Coward | more than 2 years ago | (#39634867)

Know what I love? Schadenfreude!

Re:Of course not. (4, Funny)

idontgno (624372) | more than 2 years ago | (#39634567)

Good point. I bet Apple's response to this trojan is "You're holding it wrong."

Blaming the messenger (4, Informative)

cpu6502 (1960974) | more than 2 years ago | (#39634261)

"I found a security hole in your OS....."

"It's your fault scumbag. Keep quiet!" - Apple. Other companies have tried the same tactic, trying to silence/punish security people from publishing known holes. Like Microsoft. Sony. Nintendo. The Bluray Cartel.

Re:Blaming the messenger (-1, Flamebait)

HarrySquatter (1698416) | more than 2 years ago | (#39634305)

Waaaah. The peddler of some nagware junk virus scanner got the blowoff from Apple. Boo-fucking-hoo.

Re:Blaming the messenger (5, Informative)

ray_nicov (732928) | more than 2 years ago | (#39634443)

Dr. Web is one of the leading security companies (at least in Russia) and they've been around since 1992. They are by no means 'nagware' or 'junk scanner' - they tools are legitimate, powerful and useful

Re:Blaming the messenger (1)

NatasRevol (731260) | more than 2 years ago | (#39634677)

However, I think you can forgive Apple not having heard of them before now. Especially given that all of their tools are Windows focused.

Re:Blaming the messenger (4, Insightful)

SmurfButcher Bob (313810) | more than 2 years ago | (#39634911)

Eh? Not to make a "no true Scotsman" plea, but the security world is not that big. If Apple hasn't heard of them before, it means that Apple has no presence in this field. Not surprising when you consider that can't seem to keep their top-secret iphone prototypes in their pants.

Next, you'll excuse Utah for not knowing that Oracle is a giant security suck-hole. And in other news, RSA didn't realize that PDFs can carry exploits. Uh...

Re:Blaming the messenger (-1)

Anonymous Coward | more than 2 years ago | (#39634901)

Define Leading.

Of the 10 Russian security companies they are number 10. I call that trailing not leading.

I call ESET the leading one with Kasparov at #2.

'We don't know the antivirus group inside Apple.'" (5, Informative)

Anonymous Coward | more than 2 years ago | (#39634263)

Because there aren't any, I worked for them and customers that called in were routinely told there is nothing to worry about when it comes to malware.
On their corporate side you would be amazed at who states exactly the same thing when they should know better.

Just a taste:
http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description=OS+X&filter_exploit_text=&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve= [exploit-db.com]

And? (0, Flamebait)

HarrySquatter (1698416) | more than 2 years ago | (#39634265)

Yes, they don't have much communication and cooperation with the 'security industry' since it is mostly full of leeches and parasites who make money spreading fear. Now, this doesn't excuse them from failing to acknowledge issues, since that's just as bad, but the less this 'industry' leeches itself to OS X the better.

Re:And? (4, Insightful)

Baloroth (2370816) | more than 2 years ago | (#39634661)

Yes, they don't have much communication and cooperation with the 'security industry' since it is mostly full of leeches and parasites who make money spreading fear. Now, this doesn't excuse them from failing to acknowledge issues, since that's just as bad, but the less this 'industry' leeches itself to OS X the better.

Yeah, just let the trojan spread unacknowledged. Ignore it and it will eventually go away, right?

"Leeches" or not, someone needs to work on stopping malware. MS didn't step up the plate in the past, and I have little reason to think Apple will now (after all, their website still claims "Macs don't get viruses".)

Re:And? (0)

HarrySquatter (1698416) | more than 2 years ago | (#39634757)

Wow couldn't even finishing reading a post with 2 sentences? No, it's not okay to deny anything as my post explicitly said.

Re:And? (5, Insightful)

sir-gold (949031) | more than 2 years ago | (#39635063)

A leech that swims by and says "hey, did you know you are bleeding?" isn't much of a leech. Other than a bit more fame, what does dr web gain from this, it's not like they are extorting apple.

I'm curious were you picked up the idea that security researchers and fake-av sellers were somehow related?

Do you also assume that anyone yelling "fire" in a crowded building is just trying to make everyone scared? if so, I hope you are in a building fire some day so you can ignore the warning, safe in your fire-proof pants

"We don't know the antivirus group inside Apple"? (1, Informative)

MartinSchou (1360093) | more than 2 years ago | (#39634269)

Sharov describes the lack of communication and cooperation as a symptom of a company that has never before had to work closely with the security industry. 'For Microsoft, we have all the security response team's addresses,' he says. 'We don't know the antivirus group inside Apple.'"

Seriously? Is it really that difficult for a security company to search for "security" on apple's website and find this page?

https://ssl.apple.com/support/security/ [apple.com]

Re:"We don't know the antivirus group inside Apple (-1, Flamebait)

HarrySquatter (1698416) | more than 2 years ago | (#39634325)

But how does that get them free advertising for their crapware virus scanner?

Re:"We don't know the antivirus group inside Apple (-1, Flamebait)

ThinkWeak (958195) | more than 2 years ago | (#39634373)

Shhh, you'll make the trolls angry

Re:"We don't know the antivirus group inside Apple (0)

Anonymous Coward | more than 2 years ago | (#39634383)

I don't think you understand what he means, but oh well

How ya like your Mac now, fanboys?

Re:"We don't know the antivirus group inside Apple (0)

Ultra64 (318705) | more than 2 years ago | (#39634583)

"How ya like your Mac now, fanboys?"

Just fine, thank you.

OS X has what, TWO viruses now?

Wow, they sure are creeping up to the millions on Windows platforms.

Re:"We don't know the antivirus group inside Apple (3, Funny)

ifrag (984323) | more than 2 years ago | (#39634853)

OS X has what, TWO viruses now?

Soon my armies shall pour forth from the shattered sandbox, ravaging this OS and all hope of resistance. My minions will find the vulnerability, wherever you choose to hide it. Then, at long last, BSD shall reign as the prime OS.

Re:"We don't know the antivirus group inside Apple (4, Insightful)

amicusNYCL (1538833) | more than 2 years ago | (#39634987)

OS X has what, TWO viruses now?

Wow, they sure are creeping up to the millions on Windows platforms.

Enjoy it while you can, arguments like that have their days numbered.

Re:"We don't know the antivirus group inside Apple (0, Flamebait)

Anonymous Coward | more than 2 years ago | (#39634395)

That's so funny. A security link over https using an untrusted key! No wonder Apple is failing with security when they can't even get the basics right.

Re:"We don't know the antivirus group inside Apple (2)

jesseck (942036) | more than 2 years ago | (#39634425)

I'm sure that email address is to report the location of a lost and/or stolen prototype, and is emailed directly to the Commissioner.

Re:"We don't know the antivirus group inside Apple (1)

koan (80826) | more than 2 years ago | (#39634489)

Yeah and you send something to that link on that page and then what?
He means he has the DIRECT information for MS's security, meaning email and phone numbers.

Re:"We don't know the antivirus group inside Apple (0)

Anonymous Coward | more than 2 years ago | (#39634501)

I'm pretty sure what he means is he doesn't know them all by name, because of the frequency with which he reports bugs.

Re:"We don't know the antivirus group inside Apple (4, Informative)

neonv (803374) | more than 2 years ago | (#39634513)

'We don't know the antivirus group inside Apple.' means they haven't been to able to talk to them and get to know them. I saw the website, and I feel safe saying I don't know the Apple AV group. I'm sure Sharov found the website. As they said in the article, they just get no response from Apple.

Re:"We don't know the antivirus group inside Apple (1)

ray_nicov (732928) | more than 2 years ago | (#39634555)

I guess there is a difference between knowing a public email address and being on speaking terms with the people behind the address.

Re:"We don't know the antivirus group inside Apple (4, Insightful)

Chris Mattern (191822) | more than 2 years ago | (#39634561)

They did that. They sent email there. They got ignored. What they have for Microsoft, what they *don't* have for Apple, is direct phone numbers/email addresses for the right personnel.

Re:"We don't know the antivirus group inside Apple (4, Insightful)

DerekLyons (302214) | more than 2 years ago | (#39634605)

Seriously? It's that difficult to understand the difference between a generic address that goes $DIETY knows where (and mail rent to it is probably vetted by an intern) and the actual address of the responsible individual(s)/team(s)?

Re:"We don't know the antivirus group inside Apple (1)

qwe4rty (2599703) | more than 2 years ago | (#39634639)

Sharov describes the lack of communication and cooperation as a symptom of a company that has never before had to work closely with the security industry. 'For Microsoft, we have all the security response team's addresses,' he says. 'We don't know the antivirus group inside Apple.'"

Seriously? Is it really that difficult for a security company to search for "security" on apple's website and find this page?

https://ssl.apple.com/support/security/ [apple.com]

I don't see a list of security team members on that page you linked to, which is what I believe Boris was referring to when he mentioned they have "all the security response team's addresses" for Microsoft

Re:"We don't know the antivirus group inside Apple (0)

Anonymous Coward | more than 2 years ago | (#39634663)

I don't think he was talking about a public support address where his email will sit in a queue for a month, then get ignored. When you work closely with another company, you have direct phone numbers and email addresses. That's all he means.

Re:"We don't know the antivirus group inside Apple (3)

Andy Dodd (701) | more than 2 years ago | (#39634681)

That page does not have a single direct contact.

Attempts to contact Applie via info provided on that page apparently, according to Dr. Web, go nowhere.

Re:"We don't know the antivirus group inside Apple (1)

Jaktar (975138) | more than 2 years ago | (#39634941)

Read two sentences before the one you quoted, right in the summary. They did contact Apple. Apple didn't respond back.

+5 informative indeed...

Re:"We don't know the antivirus group inside Apple (4, Insightful)

moronoxyd (1000371) | more than 2 years ago | (#39635001)

Do you know the difference between communication channels for customers and those for partners and specialists?

I work in an IT support position, and sure, if I need to contact a special group (say the Exchange administrators) I could use the phone numbers used by the customers... and would waste valuable time by making the call center agent on the other end understand that I need to speak with the admins directly.
To avoid this, we have phone numbers and email addresses of those other divisions. You know: A direct line.

The security companies have direct lines to the security teams from Microsoft, and certainly Oracle, Red Had etc.
This is to everybody's advantage, as it reduces friction and increases response times.
Only Apple doesn't understand that they are part of an ecosystem where everybody relies to some extend on everybody else...

Hubris (1)

Meatbucket (2039104) | more than 2 years ago | (#39634293)

It will bite them in the ass someday

Re:Hubris (1)

SmurfButcher Bob (313810) | more than 2 years ago | (#39635055)

No, it won't. The cost of that hubris is borne by others - Schneier's proverbial "externality". If my product leaks your username, email, and password, it costs me nothing.

To paraphrase Steve J... (1, Funny)

kbob88 (951258) | more than 2 years ago | (#39634361)

"It's not the job of Russian security firms to know where our security holes are"

And also, Macs only get malware "when you hold it wrong"

Re:To paraphrase Steve J... (1)

koan (80826) | more than 2 years ago | (#39634507)

They also get malware infections when you remove them from their velvet cases.

No overwhelmingly surprising (4, Informative)

gubers33 (1302099) | more than 2 years ago | (#39634399)

Apple has had the benefit of so many years of being such a small market share that it did not make sense for people to create Trojans that targeted them. However, Microsoft has had to respond to threats over the years and had the time to develop processes to assess threats and work with security researchers. Apple has ended up behind the curve in this spectrum because of how long they had a small market share. If Apple is able to suck up their pride and work with the researchers they could end up being able to deal with such threats appropriately, but right now their pride is getting the best of them.

Re:No overwhelmingly surprising (4, Insightful)

sohmc (595388) | more than 2 years ago | (#39634517)

But in Apple's defense, the permissions structure of Macs are inherently different than on a Windows machine.

Most mac users run at normal user level, a la Linux/Unix. When the computer needs to do something at the priveleged level, it asks for a password.

Most Windows users usually run as administrator by default. Anytime some virus/trojan wants to do something, it just prompts the user with a "Hey, Windows Explorer wants to do something. Continue?"

There is something different about having to type in a password than just clicking ok. Then again, Windows has so many random dialogue boxes that most users don't read them anymore.

Re:No overwhelmingly surprising (2)

interval1066 (668936) | more than 2 years ago | (#39634775)

But in Apple's defense, the permissions structure of Macs are inherently different than on a Windows machine.

So? You still write a virius for it, you just have to find the weak spot. There have been virii for Unix-ish machines too,

Re:No overwhelmingly surprising (5, Insightful)

w_dragon (1802458) | more than 2 years ago | (#39634779)

You don't need to be admin to be a botnet member, a user process will work just fine.

Re:No overwhelmingly surprising (2)

Sir_Eptishous (873977) | more than 2 years ago | (#39635045)

I would say that Windows users, especially with Windows 7, are running less and less under an account with Administrative permissions.

Re:No overwhelmingly surprising (1)

lightknight (213164) | more than 2 years ago | (#39634521)

Pride goeth before the fall.

They don't know the antivirus group inside apple? (1)

Tanman (90298) | more than 2 years ago | (#39634411)

I don't know what they are talking about. What antivirus group inside Apple?

Not surprising.... (0)

Anonymous Coward | more than 2 years ago | (#39634415)

That's probably because Apple has no security team. They along with all their airhead customers refuse to believe the are vulnerable.

Why do we support liers? (3, Interesting)

VernorVinge (1420843) | more than 2 years ago | (#39634439)

Apple products are overpriced, insecure, not upgradable, developed by a CEO who believed integrity is optional, and makes it's outsized profits on breaking labor laws in developing countries. Why do the supposed 'creative' class continue to support this pile of dung?

Re:Why do we support liers? (0)

Anonymous Coward | more than 2 years ago | (#39634885)

Apple products are overpriced, insecure, not upgradable, developed by a CEO who believed integrity is optional, and makes it's outsized profits on breaking labor laws in developing countries. Why do the supposed 'creative' class continue to support this pile of dung?

Not to get dragged into the magic troll circle here, but.... seriously? Overpriced (alienware), insecure(Windows), not upgradeable(netbooks), sleazy CEOs(pick a firm, any firm) and cheap illicit labor(again...you have your pick) are your qualifications for hating Apple? Just Apple? Not anyone else? If those are your qualifications, what magic fair-trade, free-hardware, earth-friendly hippie device are you using? Because we'd all like one.

I'm not by any stretch denying that these problems exist, or that they're negligible. We'd all like to see secure, flexible format hardware and software that isn't bundled in DRM and doesn't cost us an arm and a leg, made by honest men earning a fair wage. And there are fine folks working every day to move us closer to that dream. Honestly, it's a dream we would all share, if we weren't so burdened and burned by cynicism and a healthy dose of the stupidity that is the real world. But at least recognize the blame isn't all on Apple's shoulders.

If you're going to hate on Apple, at least do it for the mindless sheeple fanbois. They're much easier to mock. I should know. I'm one of them. :)

Re:Why do we support liers? (1)

Securityemo (1407943) | more than 2 years ago | (#39634903)

Because the lives of the so-called 'creative class' rests inside a comfortable cocoon spun out of (the side effects of) global industry and commerce? It'd be like a fish trying to escape the water.

Re:Why do we support liers? (-1, Troll)

Anonymous Coward | more than 2 years ago | (#39634943)

You are a foaming moron with a fountian of poo coming from your mouth.

Whiny poor kid that cant afford a macbook or an iphone. Wahh little baby, wah.

Re:Why do we support liers? (3, Funny)

amicusNYCL (1538833) | more than 2 years ago | (#39635007)

It's not their fault if they think different.

Just as in the past... (1)

rullywowr (1831632) | more than 2 years ago | (#39634559)

Official Apple statement: "You're holding it wrong."

Russian altruism? Suuuuure... (1, Interesting)

KrazyDave (2559307) | more than 2 years ago | (#39634579)

Boris is trying to spin Apple's response (or lack thereof) as a sign of arrogance or unpreparedness, I don't think it it's either. I think it's Boris' attempt to publicize himself and Dr. Web and might even be behind the engineering of the threat now that Mac saturation is broad enough to make A.V. for Macs a profitable market. I don't trust the Russians or the Chinese in any regard.

Re:Russian altruism? Suuuuure... (0)

Anonymous Coward | more than 2 years ago | (#39635069)

I don't trust the Russians or the Chinese in any regard.

How do you feel about Iowans? I think they're pretty suspect, as a state. Delaware-ians as well.

What viruses don't we know about? (1)

Animats (122034) | more than 2 years ago | (#39634673)

The iPhone is a juicy target for attackers. One wonders what attacks on the iPhone are in the wild but not generally known. Especially attacks that target individuals of interest.

There is no antivirus group within apple (0)

Anonymous Coward | more than 2 years ago | (#39634733)

There is no security group within apple. You'd think security researchers would know that.

Dr Web created it (0)

Anonymous Coward | more than 2 years ago | (#39634755)

Dr Web was the only one with the stats and information and from Russia where alot of viruses come from. Am I the only one that things the bug came from them? Seems strange to me!

Not a MacOS malware (0)

Anonymous Coward | more than 2 years ago | (#39634889)

Just to get things straight: the Flashback trojan is based on the Oracle-supported Java that is being shipped with MacOS.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?