×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

A Week After Apple's Fix, Flashback Still Infects Half a Million Macs

timothy posted about 2 years ago | from the retract-all-advice-to-mom dept.

Security 161

Sparrowvsrevolution writes "Security firm Dr. Web released new statistics Friday showing that the process of eliminating Flashback from Macs is proceeding far slower than expected: On Friday the security firm, which first spotted the Mac botnet earlier this month, released new data showing that 610,000 active infected machines were counted Wednesday and 566,000 were counted Thursday. That's a slim decrease from the peak of 650,000 to 700,000 machines infected with the malware when Apple released its cleanup tool for the trojan late last week. Earlier in the week, Symantec reported that only 140,000 machines remained infected, but admitted Friday that an error in its measurement caused it to underestimate the remaining infections, and it now agrees with Dr. Web's much more pessimistic numbers."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

161 comments

first (-1, Redundant)

Anonymous Coward | about 2 years ago | (#39752265)

post?

Oh look (-1, Troll)

Anonymous Coward | about 2 years ago | (#39752287)

Apple users are even dumber than first thought. Ha.

Re:Oh look (-1)

Anonymous Coward | about 2 years ago | (#39752631)

Aww, looks like somebody can't afford a Mac. Boohoo for you.

Re:Oh look (1)

Anonymous Coward | about 2 years ago | (#39754087)

Actually I make quite a bit of money buying and reselling Macs and other fashion accessories,but I've never found a reason to keep one.

Well clearly (-1, Troll)

Anonymous Coward | about 2 years ago | (#39752319)

All half a million of those idiots are running jailbroken versions of OS X on their hackintosh netbooks and thus they cant do a magic auto-update. Psh.

Re:Well clearly (4, Funny)

jhoegl (638955) | about 2 years ago | (#39752351)

I figure it is because they dont feel they need to update since Apple products are soooo secure.

Re:Well clearly (-1)

Anonymous Coward | about 2 years ago | (#39752363)

I figure it is because they dont feel they need to update since Apple products are soooo secure.

Brilliant! Insightful and original! How long did it take you to think up that material?

Re:Well clearly (4, Interesting)

Jaktar (975138) | about 2 years ago | (#39752371)

That's what TFA says. The infected machines haven't had the updates installed. That implies that the owners either don't know that they are infected or don't care. I'm leaning towards the former.

With the number of machines that remain, it seems clear also that Mac users aren't using auto updates. What's up with that?

Re:Well clearly (4, Insightful)

Moridineas (213502) | about 2 years ago | (#39752539)

With the number of machines that remain, it seems clear also that Mac users aren't using auto updates. What's up with that?

You're surprised that users dont install updates? Or choose to skip updates when they are offered? You must be new here... (and by here, I mean, anywhere) This is hardly a problem that is unique to mac users or even ignorant users.

Re:Well clearly (-1)

Anonymous Coward | about 2 years ago | (#39753231)

Especially when the OS was advertised largely to that lazy breed of users.

Re:Well clearly (2)

zippthorne (748122) | about 2 years ago | (#39752553)

auto updates only work automatically if you're logged in as an admin user....

Re:Well clearly (4, Informative)

kybred (795293) | about 2 years ago | (#39752657)

The Software Update only notifies you of an available update and optionally downloads it in the background. It does not install the update automatically, a user has to click to start the update (and would have to provide admin authentication if they weren't logged into an admin account).

Re:Well clearly (3, Interesting)

zippthorne (748122) | about 2 years ago | (#39753035)

And once again, it doesn't do even the above if you're logged in as a regular user. You have to manually kick it off to even find out there *are* updates.

It's not hard to kick it off, but it is something you have to bother to remember to do. Which, "your parents" probably do not ever really think about.

Re:Well clearly (2)

nblender (741424) | about 2 years ago | (#39753879)

It's even more retarded than that. It tells you there's a handful of updates and makes you log off. Then you have to sit and watch while it downloads the updates on your now incapacitated desktop. Then you have to watch as it updates itunes or quicktime... Why does upgrading a media player mean you have to reboot your computer? So not only do I lose all the context in all of my terminal sessions, I have to sit and watch it download, and then watch it reboot. Then after the reboot, after I start working again, it does another software update and discovers yet more things that it can now update...

infuriating, I tells ya.

Re:Well clearly (2)

tofubeer (1746800) | about 2 years ago | (#39753919)

I maintain 6 macs, and then are always up to date... I have never seen what you described (save the occasionally having to reboot with updates)...

Re:Well clearly (0)

Anonymous Coward | about 2 years ago | (#39754129)

Your description is generally accurate, but the Java update described works in the background - no reboot required.

Re:Well clearly (-1)

Anonymous Coward | about 2 years ago | (#39754365)

Like another person stated, updating does not force a logout and does not render your system unusable while running them. Also, software update, like the update regiment for other operating systems, does not force any of updates to be selected. Any or all updates can be unselected, including iTunes and Quicktime. As for repeatedly finding new updates after an update/reboot sequence, that sounds very much like par for the course for a different operating system, not one from Apple. Apple updates are not the layers upon layers upon layers of fragmented tiny updates that a Redmond based company chooses to use as it's release model.

Re:Well clearly (1)

FormOfActionBanana (966779) | about 2 years ago | (#39754375)

This is not the typical update cycle, although I remember that one in recent memory.

Usually, a popup informs me there are updates available. I ignore it for a while, and finally click "OK". It does some updating, in the background, and finally displays a dialog box for me to reboot. I ignore that for about a day, and when I'm free and relaxed, and the battery is fully charged or whatever, I let it reboot.

Re:Well clearly (1)

FormOfActionBanana (966779) | about 2 years ago | (#39754383)

...and as far as the mystery reboots, I am fairly certain these are due to security updates that Apple doesn't tell us about. Not that I think that's a terribly good idea, but you know... the amount of headache I get from Apple Computer, in terms of preventing me from being productive, is actually pretty slim compared to the equivalent from Microsoft. And I think that's significant considering how locked down the Apple OS is. To be fair, I'm including Mac Office and Windows Office in with Microsoft Windows....

Re:Well clearly (2)

WebCrapper (667046) | about 2 years ago | (#39753311)

I'm not infected (checked), but perhaps about 50% of those that "haven't installed the updates" is because people refuse to upgrade? I refuse to pay for an upgrade that will no doubt slow my Macbook Pro down and cause random issues.

You might be shocked at the amount of "automatic" updates the mac doesn't install. Air doesn't get patched by Adobe's own patches, MSFT Office only gets patched by it's own update program, etc...

Re:Well clearly (1)

Darinbob (1142669) | about 2 years ago | (#39753797)

They don't know. How would they? Not everyone reads the news or understand what it means in cases like this. Maybe the nerds do but that's a tiny fraction. I was even confused by this as I got no explicit update pushed, though it turned out it was part of the Java update, and it only applies to Lion anyway. Maybe people just have auto-update of software turned off (which is normally a good idea, always have it ask you first)? Maybe they haven't rebooted the macs yet, which is required before infected macs will get cleaned?

Re:Well clearly (1, Troll)

symbolset (646467) | about 2 years ago | (#39752561)

When some people say that Macs don't have "that problem" they're not talking about being utterly immune. They're talking in relative terms. And in that context they are right.

Re:Well clearly (4, Insightful)

Anonymous Coward | about 2 years ago | (#39752957)

No, most of them are talking about being utterly immune. And they were always wrong.

Re:Well clearly (1)

Anonymous Coward | about 2 years ago | (#39752573)

I always wait a week or two after an update comes out for them to fix whatever they broke with the first one.
Apple is known for publishing Beta-level updates.

makes more sense (5, Interesting)

sribe (304414) | about 2 years ago | (#39752379)

I had wondered how in the hell it got that low that fast--a couple of days after Symantec reported 140,000, they or someone else reported 30,000. But checking the Java vulnerability against versions installed with Mac OS X, it seems that 10.4 and 10.5 should also be vulnerable, while Apple only patched for 10.6 and 10.7. That alone should prevent the numbers dropping so far so fast. Sigh. Smooth move Apple.

Re:makes more sense (1, Funny)

Anonymous Coward | about 2 years ago | (#39752461)

If you're too poor to upgrade your Mac every year you shouldn't own one.

What kind of hipster are you?

Re:makes more sense (4, Insightful)

toxygen01 (901511) | about 2 years ago | (#39752711)

That's right. However, according to Adium developers' statistics [1], only 13% of OS X users run 10.5 and 3.33% run 10.4. If you do the math and calculate probability with which someone can get infected, you will reach, I believe, very low numbers. 10.5 being apple's equivalent of vista, is dying every day and will be lost in the dust soon.

[1] http://www.adium.im/sparkle/#osVersion [adium.im]

Re:makes more sense (0)

Anonymous Coward | about 2 years ago | (#39752829)

In fact Apple is mailing out free Snow Leopard CDs to mobile me users i.e. people still on 10.5 and 10.4 so anybody who still has a vulnerable machine probably doesn't care at this point.

Re:makes more sense (1)

TheRaven64 (641858) | about 2 years ago | (#39754525)

Doesn't help if you've got a PowerPC Mac, of course, since it will only run 10.5, and is still fast enough for a lot of things, especially if it's something like a dual 2GHz G5 (although even a 1.5GHz G4 is faster than the old PC my mother still uses).

Still, I'm sure that these numbers will make someone at Oracle happy: at least half a million people still have machines set up to run Java applets...

Re:makes more sense (4, Interesting)

hairyfeet (841228) | about 2 years ago | (#39753909)

Wow...10.5 was released in 2007 and its ALREADY unsupported according to the wiki? damn maybe folks shouldn't have marked the AC a troll that made the joke about buying a new Mac every year. I thought the big selling point on the Mac was how "high quality" Macs were? Yet the support drops after less than 5 years? I guess that's why I never really got into macs, i just don't get it.

As for TFA can we FINALLY acknowledge and admit that what the windows guys have been saying all these years is true, that you become a big enough target and you WILL get malware? After all we've seen this with both Apple and Linux with Android, and frankly it should have been incredibly obvious with just a moment's thought. I mean where do Windows viruses come from? Well since Vista made running as a limited user mandatory the vast majority I've seen has been PEBKAC, so how can switching OSes magically turn a PEBKAC user into an admin? Answer...it can't and that was the point.

In the end one can't escape the simple fact that ALL OSes are extremely complex collections of very advanced programs and as we all know the more advanced something is the easier it is for a clueless person to break it. Sadly in this case the clueless user was Apple for not pushing out the bog standard version of Java and instead insisting on rolling their own, which would have been fine if it could do so VERY quickly but instead the apple version of java fell farther and farther behind the mainstream. At that point a major attack was inevitable, the only question was when.

If I was a paranoid person i'd have to wonder if this wasn't by design, after all who would fault Apple if they restricted or outright banned Java as a security risk now? Of course Java like Flash allows one to run web based apps which bypasses the appstore which Apple has sunk so much into so a pessimist might say that Apple wants java to go the way of flash and what better way than to remove it to better protect the user?

Re:makes more sense (3, Informative)

Yaztromo (655250) | about 2 years ago | (#39754277)

Wow...10.5 was released in 2007 and its ALREADY unsupported according to the wiki? damn maybe folks shouldn't have marked the AC a troll that made the joke about buying a new Mac every year. I thought the big selling point on the Mac was how "high quality" Macs were? Yet the support drops after less than 5 years? I guess that's why I never really got into macs, i just don't get it.

10.5 was the last version that ran on PowerPC machines. People with older PowerPC machines who wanted to keep up to date with the OS needed to upgrade to Intel hardware to run 10.6.

10.6 for existing Intel Mac owners was $25. From what I've read and seen, a massive percentage of the user base upgraded to 10.6 pretty quickly. 10.6 wasn't a massive upgrade, but by shedding all of the PowerPC support and through compiler optimization, threading and multi-core support improvements (Grand Central Dispatch, and its use by most of the core applications), improved 64 bit support (including a 64-bit kernel and 64-bit apps), and various Intel-specific improvements, 10.6 was a pretty massive upgrade from 10.5 in terms of speed. According to this press release, OS X 10.6 saw twice as many purchases in its first week of release as 10.5 (four times more than 10.4's first week), with sales declining by only 25% in the second week. As such, from a practical standpoint for most Mac users, it's a non-issue, as the majority are now running 10.6 or 10.7 (roughly 78% according to the Adium page quoted by the GP post). 10.6 was such a massive improvement and so cheap (relative to other commercial OS's) that the only real reason to stick with 10.5 was if you're still on PowerPC hardware.

In terms of hardware support according to Apple [apple.com] systems go into "Vintage" classification if they're between 5 and 7 years old (which for most of the world means "obsolete/unsupported").

If I was a paranoid person i'd have to wonder if this wasn't by design, after all who would fault Apple if they restricted or outright banned Java as a security risk now?

Apple already dropped Java from OS X 10.7. It isn't included at all, but can download and install itself if it's needed (it will typically offer to do so if you try to run anything that requires it).

The latest Java updates disable Java applet support in Safari and other browsers that use Apple's Java plug-in. You can re-enable this if you need it, however it will disable itself again after a period of disuse. To be honest, while I've long been a Java developer and have no problem with rich Java applications, Java applets are a dead technology anyhow. I haven't come across one in many, many years now.

Point being, Apple has been moving in this direction for a while. At one point (back in 10.1 IIRC) Java was supposed to be one of the top-level development languages for the Mac. Apple developed and provided the Java Cocoa bindings, which allowed UIs designed in their Interface Builder tool to be bound to Java applications, and Cocoa objects to be easily accessed via Java (and vice-versa). This was deprecated in 2005. Then Apple decided not to support Java in iOS (smart move IMO). Now it's no longer included with the OS, is only available as a downloadable add-on, and applet support is disabled by default. I don't predict they'll be getting rid of it entirely (there are a lot of Java developers on OS X, yours truly included) -- IIRC they're trying to transition to having Oracle maintain it alongside the Linux and Windows versions, instead of doing it themselves. They just want to move into a model more akin to Window's Java support -- it works fine, and applications run just fine, but you have to get it from Oracle as a separate install.

All of which reminds me -- my parents are the type who continually ignore the pop-ups that software updates are available for their Mac (no matter how many times I've told them they need to stay up-to-date). I should call them this weekend and ensure they're not infected and are up-to-date (although I suspect they're one of those who don't have Java installed at all -- their current Mac is only two months old, and shipped with 10.7 (and without Java)).

Yaz

Re:makes more sense (0)

Anonymous Coward | about 2 years ago | (#39752777)

you would know!

There are half a milion Macs? (5, Funny)

squiggleslash (241428) | about 2 years ago | (#39752399)

I had no idea, that's almost 500 per coffee shop!

Re:There are half a milion Macs? (1)

Billly Gates (198444) | about 2 years ago | (#39752431)

I had no idea, that's almost 500 per coffee shop!

I guess you have not been to a Starbucks in awhile.

Apple didn't issue fix 10.5, 16.5% of it's users (1)

Anonymous Coward | about 2 years ago | (#39752415)

10.5 makes up 16.5% of Mac users, sure a lot are on PPC and the Flashback isn't targeting it, or is it?

Also about 4-5% are still on 10.4%

Apple didn't issue Diginotar Root certs fixes for these older OS X version neither.

Come when 10.8 is released, a whopping 65% of Mac users on 10.4-10.6 will be ripe for the pickings

Because Apple only updates the last two OS X versions in circulation, then is now releasing a new OS X version every year.

Microsoft on the other hand issues updates for their OS for 10 years?

Mac's a better value? Less prone to malware? Not for too much longer...

Re:Apple didn't issue fix 10.5, 16.5% of it's user (5, Informative)

Billly Gates (198444) | about 2 years ago | (#39752467)

10.5 makes up 16.5% of Mac users, sure a lot are on PPC and the Flashback isn't targeting it, or is it?

Also about 4-5% are still on 10.4%

Apple didn't issue Diginotar Root certs fixes for these older OS X version neither.

Come when 10.8 is released, a whopping 65% of Mac users on 10.4-10.6 will be ripe for the pickings

Because Apple only updates the last two OS X versions in circulation, then is now releasing a new OS X version every year.

Microsoft on the other hand issues updates for their OS for 10 years?

Mac's a better value? Less prone to malware? Not for too much longer...

... and yet I find it hilarious when I read all the angry rants on wired.com and here on how poor old XP is going to lose support in 2 years a mere 13.5 years after launch.

This dwells into the more serious issue of the security nightmare that will come when all internet enabled computers that are more used like XP become abandonded. Personally I think it would be a good idea to disable port 80 on all devices 3 months after support ends to keep the upcoming security nightmare. It will anger many users but many malware writters will target XP if MacOSX has so many infections yet remains so small marketshare wise still. We do not allow vehicles with rags for a gas cap to go on the road right?

I understand Apple losses money to support users but something should be done. If not after a few billion lost dollars in bank accounts will create some nasty lawsuits.

Re:Apple didn't issue fix 10.5, 16.5% of it's user (4, Insightful)

jedidiah (1196) | about 2 years ago | (#39752509)

> ... and yet I find it hilarious when I read all the angry rants on wired.com and here on how poor old XP is going to lose support in 2 years a mere 13.5 years after launch.

When is the last time a new PC was sold with some version of XP installed by the hardware vendor?

THAT is your starting point for "support", not when the first version was originally released.

Re:Apple didn't issue fix 10.5, 16.5% of it's user (1)

DarwinSurvivor (1752106) | about 2 years ago | (#39752565)

I believe there were still netbooks selling with it at the beginning of last year.

Re:Apple didn't issue fix 10.5, 16.5% of it's user (1)

Billly Gates (198444) | about 2 years ago | (#39752661)

I haven't seen any in years. The ones I see come with Windows 7 starter edition. I did work at a PC shop as early as the summer of 2010 where all we sold were used machines upgraded with more ram that have XP on them. Windows 7 was still new and cool at the time for those with huge 4 gigs of ram but those days are over.

Re:Apple didn't issue fix 10.5, 16.5% of it's user (1)

PopeRatzo (965947) | about 2 years ago | (#39752931)

I haven't seen any in years.

Today at Woot Sellout section, they're offering 1.8ghz Dell desktops with WinXP for around $125. Two gig of RAM, too!

Re:Apple didn't issue fix 10.5, 16.5% of it's user (1)

shutdown -p now (807394) | about 2 years ago | (#39754281)

You could stash one today and (try to) sell it 10 years down the line. But why would it obligate, whether legally or morally, Microsoft to support it?

What can be reasonably counted is the date of the last sale of an OEM license from Microsoft to any hardware manufacturer or reseller. According to Wikipedia, OEM XP was available until October 22, 2010 - and then only for netbooks; for other PCs, no OEM licenses were sold after June 30, 2008.

Re:Apple didn't issue fix 10.5, 16.5% of it's user (1, Flamebait)

Billly Gates (198444) | about 2 years ago | (#39752599)

I have more sympathy for those who blew $2,000 for an iMac only to be dumped in 3 years vs those in 2009 got a $199 netbook special with XP. 4 to 5 years support for these low end users sounds reasonable. Apple dropped them like a hot potato. Jobs even broke his own promise of supporting powerPC users for 5 more years.

So many corporate users and those who took our advice not to use Vista, and that XP was GOD wont leave. It is like XP became the pinnacle and gold standard in cannon on what the PC is for these people.

Of course it would help if companies like Cisco actually supported newer browsers besides IE 6 and 7. It forces these companies in. 20 million by 2014 will still be on XP or more vs just 500k with old macs will be a big challenge and will get nasty. I think this is a taste of what is to come.

If I were an evil credit card hacker I would write the ultimate new code red and wait until 1 day after MS ends all support and then have a field day getting rich. MS wont do anything about it until I have a few billion in stolen money. Like a license, unsupported machines should not be on the world wide web and need to be disabled. XP users will come out with pitchforks and flaming torches with an army of lawyers sadly.

 

Re:Apple didn't issue fix 10.5, 16.5% of it's user (1)

BenoitRen (998927) | about 2 years ago | (#39752849)

Like a license, unsupported machines should not be on the world wide web and need to be disabled.

I find this to be a draconian measure. Their computer may still work perfectly fine but then it gets disabled because some big company decided to. Are you going to give them a free upgrade to Windows 7 (that may not work as well on their machine)?

What about users that can support themselves? I know there are still Windows 95, 98 and Me users out there that do and they're doing a pretty good job.

Re:Apple didn't issue fix 10.5, 16.5% of it's user (1)

6ULDV8 (226100) | about 2 years ago | (#39753339)

I have more sympathy for those who blew $2,000 for an iMac only to be dumped in 3 years

I'm not clear on how those iMac users were dumped. The upgrade from Leopard to Snow Leopard was only $29.95. The upgrade from Snow Leopard to Lion was priced the same and I expect Mountain Lion will be too. The PPC crowd will have a different experience, but that production ended about six years ago when the architecture changed. The path from Windows 95 to NT, 2000, XP, Vista and then Windows 7 cost significantly more and it required new hardware along the path as well. Microsoft does go to extraordinary length to support antique software because of user demand, but Apple has the edge on upgrade pricing. It doesn't quite make up for the extra hardware cost, but the OS is priced reasonably.

Of course it would help if companies like Cisco actually supported newer browsers besides IE 6 and 7

Hmm, I work with Cisco gear daily and rarely use a GUI, but when I do, I do it from IE 9, Firefox, Safari, Chrome... Sure, there's a compatibility warning, but it's just another click to get past it. The one device that I had issues with was the CE500, but a newer IOS fixed that and it wasn't a browser limitation anyway.

Re:Apple didn't issue fix 10.5, 16.5% of it's user (-1)

Anonymous Coward | about 2 years ago | (#39753939)

Are you the most interesting admin in the world?

lol wut? (1)

Anonymous Coward | about 2 years ago | (#39753767)

Nonsense. As a PC Vendor that would mean I can obtain an OEM license for XP in the year 2000 .. sit on my ass and sell a computer in 2012, and somehow MS is on the hook for support starting from 2012? What kind of jackass are you? I suppose.. the anti-ms troll kind.

Re:Apple didn't issue fix 10.5, 16.5% of it's user (1)

Anonymous Coward | about 2 years ago | (#39753781)

THAT is your starting point for "support", not when the first version was originally released.

Says who? MS does not sell computers. Blame the computer manufacturer. Microsoft always details when their support is running out ages before it actually does.

Re:Apple didn't issue fix 10.5, 16.5% of it's user (1)

yuhong (1378501) | about 2 years ago | (#39753897)

Except that is not how the MS support lifecycle currently works unfortunately. It guarantees mainstream support for 5 years after this version's release, or 2 years after the next version's release, whatever is later. In other words, the only reason XP is getting more than 10 years of support is the Longhorn delays (I still remember when mainstream support for it was to end in December 31, 2006!).

Re:Apple didn't issue fix 10.5, 16.5% of it's user (2)

shutdown -p now (807394) | about 2 years ago | (#39754293)

The relevant period here would be extended support rather than mainstream, since extended support still includes security fixes. And extended support lasts either 5 more years after mainstream support ends, or 2 years after the second next version is released, whichever is longer.

So, basically, you'll keep getting security fixes for the product for at least 10 years.

Re:Apple didn't issue fix 10.5, 16.5% of it's user (4, Insightful)

Moridineas (213502) | about 2 years ago | (#39752575)

I understand Apple losses money to support users but something should be done. If not after a few billion lost dollars in bank accounts will create some nasty lawsuits.

Apple has been getting more serious about security for awhile (in comparison to, "we're unix, we're ok"). Sandbox, gatekeeper, removal of automatic execution, malware removal tool, etc. They need to gt a LOT better in how they respond though.

Apple clearly understands support in general though. They routinely get excellent marks on their support. See the genius bars as an example. I personally have had out of warranty macs repaired for free. My sister had an out of warranty Macbook case top replaced when it chipped. And so forth. Support is one of the big reasons to buy an Apple, imho.

Re:Apple didn't issue fix 10.5, 16.5% of it's user (1, Interesting)

Billly Gates (198444) | about 2 years ago | (#39752671)

My issue is Macs are expensive and therefore mac users do not upgrade as often. The old Mac argument was that a PC would go obsolete in 3 years while mac users will use their machines for 7 years or more and still get support.

MacOSX does not get updates if you are just a few years old. Many people buy used macbooks because of the price and are getting let out. Many do not even know they are not supported.

I hope you are right about Apple. They should at least let their users know to upgrade for the latest security threats ... assuming you can if you are first generation intel owners or powerpc.

Re:Apple didn't issue fix 10.5, 16.5% of it's user (1)

Anonymous Coward | about 2 years ago | (#39752699)

You can sell your Mac for 75% of the price you paid for it a year later, and get the newest one

Re:Apple didn't issue fix 10.5, 16.5% of it's user (4, Informative)

Moridineas (213502) | about 2 years ago | (#39752859)

PPC macs have not been sold since 2006. They are no longer supported (we still run 2 power pc macs running 10.4 at work, fwiw, running legacy applications). They were supported through the end of 10.5 (early 2011). 5+ years.

OSX 10.6 and 10.7 are being actively updated. I hate 10.7 and have stuck with 10.6.

First generation Intel Macs were released running 10.4. First generation Intel macs can run OSX 10.7, so they are still supported. They will no longer be supported with 10.8. ~6 years.

Apple seems to roughly support hardware for at least 5 years (given that we've gone through a PPC->Intel transition AND a 32-bit to 64-bit transition in the last ~7 years, not too shabby). I hope they will keep updating 10.6 now that they are hurrying up their OS release schedules.

Re:Apple didn't issue fix 10.5, 16.5% of it's user (3, Informative)

Anonymous Coward | about 2 years ago | (#39753389)

First generation Intel Macs are not supported on 10.7.

Re:Apple didn't issue fix 10.5, 16.5% of it's user (1)

suprem1ty (1854894) | about 2 years ago | (#39753557)

Whys he been modded down... hes right. First generation Intel Macs ran the core duo - a 32bit processor. Lion requires 64bit (Core2 and up)

Re:Apple didn't issue fix 10.5, 16.5% of it's user (1)

Theaetetus (590071) | about 2 years ago | (#39753101)

Personally I think it would be a good idea to disable port 80 on all devices 3 months after support ends to keep the upcoming security nightmare. It will anger many users but many malware writters will target XP if MacOSX has so many infections yet remains so small marketshare wise still. We do not allow vehicles with rags for a gas cap to go on the road right?

Just out of curiosity, what was your opinion when Sony removed Boot Other OS from the PS3? "It's their right to patch systems if you want to keep using their servers" or "they're removing a valued feature without asking the users, this is fraud and theft!"

Re:Apple didn't issue fix 10.5, 16.5% of it's user (1)

supremebob (574732) | about 2 years ago | (#39753171)

What's scary is the number of NEW embedded systems like Point Of Sale, ATM, and factory control systems that are still shipping with Windows XP. There are still a bunch of software vendors that STILL have not updated their software to work with Windows 7.... and Windows 8 is right around the corner.

Re:Apple didn't issue fix 10.5, 16.5% of it's user (1)

LoadWB (592248) | about 2 years ago | (#39753745)

I'm RELIEVED to know that new systems are using XP. I can't tell you how many systems I run across still running 2000. Make me think, though, that since the Armageddon predicted over the deprecation of 2000 never materialized, perhaps we'll dodge the bullet with XP, as well.

Re:Apple didn't issue fix 10.5, 16.5% of it's user (1)

yuhong (1378501) | about 2 years ago | (#39753917)

AFAIK Stuxnet was developed before Win2000 ended support and was discovered just after, which means it did target Win2K, but patches for the vulns Stuxnet targeted are not available for Win2k without a CSA. This is a targeted attack though.

semantics of the term "Trojan" (5, Informative)

Anonymous Coward | about 2 years ago | (#39752463)

According to wikipedia [wikipedia.org] , Flashback uses web redirects and javascript to automatically load a Java applet that contains the vulnerability.

In my book, it's only a Trojan if a real person is duped into executing it, and IMHO an infected legitimate website redirecting someone to a malicious website that automatically runs something that infects the user's computer does not count as duping a person into executing something.

TL;DR: Flashback is not a trojan. We need a new term for this type of threat.

Re:semantics of the term "Trojan" (2)

Billly Gates (198444) | about 2 years ago | (#39752647)

It is both a trojan and a malware drive bye.

If you do not click on it, it is malware and will use a memory corruption bug to infect your account. You can delete your account to delete it. If you do click on it the malware turns into a deadlier trojan that runs as administrator and is more difficult to remove.

Most malware these days regardless of type target multiple vulnerabilities. Since IE and Chrome have a sandbox ... what is up with Firefox not having one? ... you need to first get past the sanbox. After that target something in Windows and a bonus if you can do it as a standard user to infect an administrative service or permission on a file. So they use several techniques.

Many infect your machine then use a backdoor installer to do more damage after penetrating the systems defenses so in essence they download and execute trojans

Re:semantics of the term "Trojan" (1)

timothyf (615594) | about 2 years ago | (#39752759)

Did the user perform an innocuous action that lead to the trojan being run? It sounds like you have to visit a website hosting the trojan with a vulnerable computer (a user-initiated action, btw) and you're infected. That seems to meet the definition of a trojan to me. If you just connect a vulnerable Mac to the network and let it sit, it won't be compromised this way.

So yes, Trojan is accurate. A user is tricked into downloading and running something malicious. A user could theoretically avoid an infection if they knew that the site was hosting the trojan, just like they could avoid running a "porn screensaver" a friend emailed them if they knew it contained a trojan. We've only developed a rule-of-thumb defense against the latter case because it's abused so frequently and exploits are relatively scarce when compared to ignorant humans.

Re:semantics of the term "Trojan" (2)

vux984 (928602) | about 2 years ago | (#39754473)

Did the user perform an innocuous action that lead to the trojan being run?

So if you perform an innocuous action that leads to you getting infected with malware then its a trojan?

Gotcha.

So if the user were to perform an innocuous action like...

If you just connect a vulnerable Mac to the network [a user initiated action, btw] and let it sit...

Then any infection that leads to is a trojan.

QED.

A user could theoretically avoid an infection if they knew that the site was hosting the trojan

True. And a user could also theoretically avoid an infection if they knew the network was teeming with viruses by not connecting to it too.

So yes, even the most classical worm can be accurately described as a trojan if we're willing to contort. After all you can only get a worm if you physically attach your vulnerable PC to an infected network...

Re:semantics of the term "Trojan" (1)

ezwip (974076) | about 2 years ago | (#39753085)

If they have some type of backdoor on your machine that places you on a botnet I think it should be called a trojan. How it arrived there is irrelevant.

Re:semantics of the term "Trojan" (0)

Anonymous Coward | about 2 years ago | (#39754209)

TL;DR: Flashback is not a trojan. We need a new term for this type of threat.

Most people just call it a "Virus", although the Pedants call it Malware.

dr. web needs to stop trying to shakedown apple (-1)

Anonymous Coward | about 2 years ago | (#39752495)

fuck off russian mob scumbags

Re:dr. web needs to stop trying to shakedown apple (0)

BronsCon (927697) | about 2 years ago | (#39752739)

Dr. Web is a legitimate AV vendor; they have been providing AV solutions for Linux for years, mostly to scan for Windows viruses and, now, some OSX malware, as well. I think they might even detect some Linux threats, but I've as yet not encountered one.

Re:dr. web needs to stop trying to shakedown apple (1)

BronsCon (927697) | about 2 years ago | (#39754061)

Modded overrated? Why? For speaking the truth? If you disagree, post a reply explaining why I'm wrong. I've personally used their Linux AV scanner for the last 5 years, to scan attachments on mail passing through my servers.

20 years... (0)

Anonymous Coward | about 2 years ago | (#39752555)

... running Linux, and still haven't got a virus.

I'm starting to feel left out here.

Re:20 years... (0)

Anonymous Coward | about 2 years ago | (#39753365)

The Balmer Boys will tell you that's because Linux is only .002% market share and Windows is for serious users, because they know how to open regedit after they downloaded their monthly gig of vuln patches.

Re:20 years... (1)

beelsebob (529313) | about 2 years ago | (#39754423)

Nearly 30 years running MacOS and still haven't got a virus... What makes you think your anecdote means jack shit?

There has been little else more pleasant in life (-1, Troll)

Spiked_Three (626260) | about 2 years ago | (#39752691)

Hackers now attack the mac because it's a) easier and b) the user are more likely have something worth stealing (aka dumber users)
Apple can't even issue a patch fix without fucking it up

a wopping market share of 11% eh? LOL.

Re:There has been little else more pleasant in lif (3, Insightful)

Billly Gates (198444) | about 2 years ago | (#39752751)

Windows and even IE has been getting harder and harder to crack in after the laughing bad issue with XP pre SP1 and IE 6. Windows 7 has ASLR, DEP with all services, special VC2010 exception checking at runtime executable support, and sanboxing. Windows 8 and IE 10 have 2 sandboxes to get an exploit pass.

Ask any enterprise who migrated from XP to Windows 7 and they all say a drop in malware and virus infections is the first thing they notice.

Maybe MacOSX is an easier target?

The fact that most MacOSX users do not run anti virus software is also troubling. I say its essential now as a good one will look at behaviors and sandbox critical files and processes. Avast has a beta for MacOSX already if you hate Norton.

Re:There has been little else more pleasant in lif (4, Informative)

LinuxIsGarbage (1658307) | about 2 years ago | (#39752917)

Ask any enterprise who migrated from XP to Windows 7 and they all say a drop in malware and virus infections is the first thing they notice.

Flash drive Autorun viruses!

By default XP SP1 and newer (IIRC) while not automatically running autorun.inf files from flash drives, will give you the "What do you want to do" prompt including the autorun option. If you decline that, but double click the drive in my computer it will go ahead and run the autorun with no warning or indication. The default action on Windows 7 is to not even try to run autorun from flash drives.

On any computer I have control over (personal or for work) I completely disable autorun because:
a) It's annoying
b) It's dangerous.

Two large corporations I've worked for recently (still using XP) did not disable autorun! It's amazing how much autorun malware runs rampant. Crappy overpriced Symantec or McAfee don't pick them up either. I alert people when I stick their flash drive in my computer and notice hidden autorun.inf files, and hidden mischievous folders with random file names. I usually get stunned looks from them.

I also get stunned looks from IT when I point out the gaping, tractor-trailer sized hole in their security.

Re:There has been little else more pleasant in lif (0)

Anonymous Coward | about 2 years ago | (#39753269)

Hey genius, the "hidden mischievous files" are probably from other operating systems, GNOME always puts a bunch of hidden files on removable drivers as does OS X. Maybe you should get a clue.

Ars Technica shows its gone up to 650k (2)

Billly Gates (198444) | about 2 years ago | (#39752713)

The article is here [arstechnica.com] .

I think many people who assume they are invulnerable and have older macs probably have no clue they are even infected. I am curious what the percentage of older MacOSX installations are? Not everyone can afford or want to buy an expensive iMac/Powerbook every 3 years.

otherwise engaged (4, Funny)

PopeRatzo (965947) | about 2 years ago | (#39752805)

A Week After Apple's Fix, Flashback Still Infects Half a Million Macs

To be fair, Apple users may have more important things to do than install hotfixes. For example, engaging in a love that dare not speak its name can be very time-consuming.

I've heard...

Re:otherwise engaged (-1)

Anonymous Coward | about 2 years ago | (#39753699)

Yes, there's many an Apple fan that likes to drop anchor in poo bay!

In my day, we called them 'sausage jockeys', but I suppose that's frowned upon now?

Welcome to grown up computing (2)

sandytaru (1158959) | about 2 years ago | (#39752823)

I for one welcome our Mac brethren to the world of Real Computing, where your device will get infected if you don't have any anti-virus protection, and will still get infected even if you do have anti-virus protection if you're ignorant.

Re:Welcome to grown up computing (3, Insightful)

Anonymous Coward | about 2 years ago | (#39753141)

UNIX has been where grown-ups go to compute for the last 40 years, where have you been?

Re:Welcome to grown up computing (-1)

Anonymous Coward | about 2 years ago | (#39753395)

I remember when Windows was for noobs. It's hysterical listening to Windows people go on about how awesome they are. It's like winning the special olympics for whatever it is they think they're awesome at.

Re:Welcome to grown up computing (1)

tonywestonuk (261622) | about 2 years ago | (#39753779)

You think anti-virus would have protected mac users from this?

It wouldn't.

Re:Welcome to grown up computing (1)

cbhacking (979169) | about 2 years ago | (#39754021)

Actually, you're completely wrong. Not because the real-time scan would have caught the exploit applet at first (although any decent antivirus has now had the definition for all known variants for a few weeks) but because this malware explicitly targets people who don't give a damn about their computer's security.

The drive-by download's payload is an installer. Before it installs the botnet kit, the installer checks the filesystem for a list of security programs, including antivirus software. If it find any, it aborts the install and erases itself.

Security-conscious people are more likely to detect the malware earlier and raise a fuss. The longer you go undetected, the more money you earn (and botnets - in fact, almost all widespread malware - is about making money).

The numbers (5, Interesting)

glitch0 (859137) | about 2 years ago | (#39753009)

I'm not discrediting these guys and I'm honestly curious: How to they arrive at these numbers? How does one determine if a computer is infected without access to said computer?

Do they port scan 1000 random machines and extrapolate from there? I'm genuinely curious to know their methods. How could they arrive at such a precise number? Surely they must only have a sample of macs and use statistical models to extrapolate, right? They can't scan all the macs, right? right?

How do they do it?!?!

Re:The numbers (1)

Anonymous Coward | about 2 years ago | (#39753381)

They Run the Botnet that is how they know :-D

Re:The numbers (1)

Yaztromo (655250) | about 2 years ago | (#39754313)

Do they port scan 1000 random machines and extrapolate from there? I'm genuinely curious to know their methods. How could they arrive at such a precise number? Surely they must only have a sample of macs and use statistical models to extrapolate, right? They can't scan all the macs, right? right?
How do they do it?!?!

My understanding is that infected Macs try to contact a command-and-control server with a unique identifier in order to get the trojan payload. Several of the anti-virus/security companies have ben able to hijack the command-and-control system to insert their own system (probably via DNS entry changes at some major ISPs) that infected Macs then try to connect to. They record the unique ID's in the request messages, and then extrapolate the results accordingly.

Yaz.

Apple articles always frustrate me (1, Interesting)

Anonymous Coward | about 2 years ago | (#39753061)

I always come to slashdot first, as an only marginally tech proficient individual. This has always been great when I owned a PC, however, it's useless now that the household went mac. All I see are the same crappy responses. Something about it "just working". Something about the cost of a mac versus PC. Something about mac users being smug. Something about mac users not being smart enough to worry about virus because "mac's don't get them." A screed about closed garden, with a side of open source politics thrown in.

I really do wish that the articles on Apple could actually be useful and we could discuss, if this is hitting computers that were patched, or not. How do you check your computer, with links to whatever that site was that gave a step by step. Whether or not Apple's fix's are actually fixing, or if us Mac folks should look for a third party solution. That kind of information is always abounding on other articles, why not here?

Re:Apple articles always frustrate me (3, Insightful)

loosescrews (1916996) | about 2 years ago | (#39754231)

There actually was an article on Slashdot that had a link to the information you mentioned. It said how to check to see if you were infected and told how to remove it. By asking why something something that was posted wasn't posted, you are doing little to improve our collective opinion of Mac users.

I wish Microsoft... (3, Interesting)

sideslash (1865434) | about 2 years ago | (#39753331)

...would hire those two dudes from the "I'm a Mac and I'm a PC" commercial for a reunion commercial. I'm sure Apple would sue, though, because Apple only has a sense of humor when they are making fun of other people.

Re:I wish Microsoft... (0)

Anonymous Coward | about 2 years ago | (#39753443)

Yeah but dude if you use Windows you are kind of a loser. I mean any professional in music, film or design is going to be using Mac and any real hardcore geek will be using Linux or FreeBSD...

Re:I wish Microsoft... (0)

Anonymous Coward | about 2 years ago | (#39754311)

So what you're saying is that gays and people without a life don't use Windows. That's probably why it makes a good choice for the rest of us.

noooo leave apple alone (1)

Anonymous Coward | about 2 years ago | (#39753391)

nooo, leave apple alone !
i guess its time to bite the dust
they got what they deserved

Long has gone the time... (0)

Anonymous Coward | about 2 years ago | (#39753645)

...when Apple could write statements like this:

As you might imagine, we are upset at Windows for not being more hardy against such viruses, and even more upset with ourselves for not catching it.

http://www.apple.com/support/windowsvirus/ [apple.com]

Still no fix for Leopard (2)

pesc (147035) | about 2 years ago | (#39754263)

If you bought your Mac three years ago and never bought an OS upgrade, you are likely running Leopard.

Apple has still not provided any fix or upgrade that addresses this malware for Leopard. Only for Snow Leopard and Lion.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...