Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

First Scareware For the Mac

kdawson posted more than 6 years ago | from the rogue-cleaning-tool dept.

Security 301

I Don't Believe in Imaginary Property sends us news from F-Secure of what they claim is the first rogue cleaning tool for the Mac. MacSweeper is a Mac version of Cleanator, hosted from a colo somewhere in the Ukraine. The article points out that the company's About page is lifted verbatim from Symantec's site. With the Mac's market share closing in on double digits, perhaps it's not surprising to see the platform targeted with crapware as PCs have been for years. The F-Secure author adds as a footnote that a journalist said to him something you don't hear every day: "I visited the macsweeper.com website. I know I probably shouldn't have but I used a Windows PC so I knew I wouldn't get infected."

cancel ×

301 comments

Sorry! There are no comments related to the filter you selected.

Oh no! (0, Flamebait)

luftrofl (1212770) | more than 6 years ago | (#22059418)

Don't show this to everyone claiming that macs don't get viruses!

Re:Oh no! (2)

Fluk3 (742259) | more than 6 years ago | (#22059522)

"Claiming"?

Re:Oh no! (1, Funny)

moderatorrater (1095745) | more than 6 years ago | (#22059684)

Would you prefer "Proclaiming", or "acting all snobbish while saying", or "falsely believing"?

Re:Oh no! (5, Insightful)

Tsiangkun (746511) | more than 6 years ago | (#22060282)

I'd prefer to focus on the ZERO self propagating pieces of malware in the wild.

Re:Oh no! (0, Insightful)

Anonymous Coward | more than 6 years ago | (#22060450)

Don't forget to focus on the MANY pieces of common third-party software you won't be able to run in your malware-free haven, or the number of third-party products where the performance of your machine will go to waste because there was no point the third party writing up-to-date, optimized drivers and utilities on a platform used by a tiny fraction of their userbase.

Re:Oh no! (1)

webmaster404 (1148909) | more than 6 years ago | (#22060408)

Everything can get viruses that can run code on them. This includes the PSP, Linux, BeOS, the DS, ETC. However it is true that Linux/Unix have a much, much lower risk of malware then Windows.

Re:Oh no! (-1, Troll)

toadlife (301863) | more than 6 years ago | (#22060532)

However it is true that Linux/Unix have a much, much lower risk of malware then Windows.
And why do you think that is? Does UNIX have some sort of magic pixie dust that prevent people from doing stupid things?

gamespot gave it 11 out of 10 (5, Funny)

User 956 (568564) | more than 6 years ago | (#22059428)

With the Mac's market share closing in on double digits, perhaps it's not surprising to see the platform targeted with crapware as PCs have been for years.

I didn't realize Kane & Lynch had been announced for the Mac platform

Not the smartest journo (5, Insightful)

MLCT (1148749) | more than 6 years ago | (#22059430)

The journalist should have visited using a linux livecd. If the site hosts mac malware then it is a pretty good bet they already have established "businesses" in the field of windows malware.

Re:Not the smartest journo (5, Funny)

Chyeld (713439) | more than 6 years ago | (#22059504)

Real security experts telnet to port 80 and hand craft their HTTP requests. It's the only way to be sure!

Re:Not the smartest journo (1)

WillAffleckUW (858324) | more than 6 years ago | (#22059536)

Real security experts telnet to port 80 and hand craft their HTTP requests. It's the only way to be sure!

I prefer port 8080 myself, but then I used to check the CERN beamline just for fun.

Re:Not the smartest journo (1)

xannash (861526) | more than 6 years ago | (#22059616)

That may be the way "REAL" security experts do it. You need to keep in mind the person is a journalist and propably not a security expert. Besides if you were to use a Linux LiveCD to login and have no HDD or Flash Drive plugged into the machine, no damage would be done, at all.

Re:Not the smartest journo (0)

Anonymous Coward | more than 6 years ago | (#22060510)

I take it you are new to computers.

Re:Not the smartest journo (0)

Anonymous Coward | more than 6 years ago | (#22059720)

nah, the real security experts manually tap out the cryptic series of zeros and ones required to make the request.

Re:Not the smartest journo (3, Funny)

somersault (912633) | more than 6 years ago | (#22059754)

at 56000 baud

Re:Not the smartest journo (4, Funny)

Gideon Fubar (833343) | more than 6 years ago | (#22060152)

you can't get 56000 through an acoustic coupler..

Re:Not the smartest journo (1)

vbraga (228124) | more than 6 years ago | (#22060202)

uphill, both ways.

Re:Not the smartest journo (1)

hdparm (575302) | more than 6 years ago | (#22060308)

through snow

Re:Not the smartest journo (4, Funny)

Phroggy (441) | more than 6 years ago | (#22060362)

Get off my lawn!

Re:Not the smartest journo (1)

Tim99 (984437) | more than 6 years ago | (#22060462)

Or for real safety, try 1200 baud from a MicroVAX...

Re:Not the smartest journo (0)

Anonymous Coward | more than 6 years ago | (#22059944)

Re:Not the smartest journo (1)

mysidia (191772) | more than 6 years ago | (#22059990)

Real security experts craft the raw TCP packets to request the page, inject them into the network by hand.

(Capture the responses with tcpdump, and analyze them with hexdump: to avoid the risk of the site exploiting a terminal control code vulnerability (ANSI escape sequences) or telnet protocol vulnerability.

Re:Not the smartest journo (1)

Max Littlemore (1001285) | more than 6 years ago | (#22060180)

Real security experts telnet to port 80 and hand craft their HTTP requests.

Pffft. Noone who knows anything about security uses telnet anymore.

Really real security experts ssh to port 80 and hand craft their HTTP requests.

Re:Not the smartest journo (1)

Zaphod The 42nd (1205578) | more than 6 years ago | (#22060242)

screw that, you're still vulnerable. The truly enlightened expert has already replaced his vocal cords with a modulator, allowing him to telnet via a phone line and manually interpret the code in real-time.

Re:Not the smartest journo (1)

aniefer (910494) | more than 6 years ago | (#22060270)

I've only ever done this for SMTP. Hardcore man!

Re:Not the smartest journo (1)

amirulbahr (1216502) | more than 6 years ago | (#22060508)

That's how I posted this comment. The hard part was remembering those darn cookies to send back. ^D

Re:Not the smartest journo (1, Redundant)

pilgrim23 (716938) | more than 6 years ago | (#22059528)

Remember the Brit "journalist" who posted his own data to prove ident theft a hoax? Sounds like this fellow attended the same training seminars...
as to the crapware: gosh and golly gee! Now that I have expressed apropriate concern let us move on...

Re:Not the smartest journo (1)

Angostura (703910) | more than 6 years ago | (#22060232)

Clarkeson is a presenter and columnist - not a journalist.

Re:Not the smartest journo (5, Funny)

MrKevvy (85565) | more than 6 years ago | (#22059690)

re: "If the site hosts mac malware then it is a pretty good bet they already have established "businesses" in the field of windows malware."

If the site was detecting the user agent or using some other method of determining platform and delivering targeted malware based on it, I doubt they would have also been delivering a fake Mac scan to a Windows browser as they did in the article.

Re:Not the smartest journo (0)

Anonymous Coward | more than 6 years ago | (#22059700)

Way to miss the fucking point...

Re:Not the smartest journo (-1, Flamebait)

Anonymous Coward | more than 6 years ago | (#22060008)

Go read the article (and all the news these days...): Apple is getting 10% of the Personal Desktops market, Windows has the lasting 90%, so stupid spoiled American morons that use Linux are becoming a negative thing. So, NOBODY uses Linuxes livez Cdz anymore. LINUX IS DEAD for desktops!!!! Ubuntu was the most stupid thing that happened on the history of IT!!! It destroyed Linux hope forever!!!

Cross platform spyware! (1)

devman (1163205) | more than 6 years ago | (#22059432)

it was only a matter of time!

Re:Cross platform spyware! (4, Funny)

Shados (741919) | more than 6 years ago | (#22059550)

Write Once, Piss People Off Everywhere?

NIGGERS for Mac? (-1, Troll)

Anonymous Coward | more than 6 years ago | (#22059442)

MacNigger Air?

I knew I wouldn't get infected... (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#22059480)

because my Windows PC already is infected.

Isn't any "cleaning tool" rogue on a mac? (5, Interesting)

Anonymous Coward | more than 6 years ago | (#22059482)

The category of "cleaning tools" was rather dodgy even before the trojaned ones started showing up. The notion that getting infected by god knows what, running a little wizard, and being all ok again is insane. Both the notion that one can reliably detect malware that has already had time to romp with your system and the idea that infection is so routine that there should be tools to be run every few days for it are pretty gross.

And now we have an example of this fine species showing up on a platform that doesn't really have malware. How could anybody trust a cleaner for a platform that doesn't, as yet, need cleaning?

Re:Isn't any "cleaning tool" rogue on a mac? (2, Informative)

moderatorrater (1095745) | more than 6 years ago | (#22059722)

It's been my experience that 90% of the PCs that require cleaning got in that state because the owner's installed something they shouldn't have. In a way, this program is attempting to create an environment where one would be needed.

Re:Isn't any "cleaning tool" rogue on a mac? (2, Interesting)

Anonymous Coward | more than 6 years ago | (#22059766)

The category of "cleaning tools" was rather dodgy even before the trojaned ones started showing up. The notion that getting infected by god knows what, running a little wizard, and being all ok again is insane.


Well, the notion that Snake Oil sold by a carnie could cure you of Quinsy and Polio and whatever else people back then suffered from is pretty crazy too, but people bought it in droves. Heck a few years ago I remember being in a health food store and seeing a large jar of shark cartilage pills next to a book called "Sharks Don't Get Cancer." Miracle cures are nothing new and there will always be plenty of suckers to fall for them.

And now we have an example of this fine species showing up on a platform that doesn't really have malware. How could anybody trust a cleaner for a platform that doesn't, as yet, need cleaning?

I dunno, I'd say some recent switchers from Windows to Mac ("average" users, not the Slashdot know it all types) might feel a little naked without their antiviruses and all that. It's almost understandable, seeing as they've had years of conditioning that everything they do invites trojans and viruses. Kind of like how a New Yorker who moves to the suburbs is amazed he doesn't have to lock his car doors.

... and here's a Linux one. (1)

EmbeddedJanitor (597831) | more than 6 years ago | (#22059908)

#!/bin/sh
rm -rf /

The point being that if you do dumb shit on any computer you can break stuff.

Re:Isn't any "cleaning tool" rogue on a mac? (0)

Anonymous Coward | more than 6 years ago | (#22059950)

the Mac market share nearly doubled in the last few years, it wouldn't surprise me a bit if the people who fell for this were the same that fell for it on Windows as that's pretty much the only thing they knew. On windows people have the idea that the only way not to get hosed is to have some program always running in the background searching for baddies. They most likely carried that way of thinking to their new OS out of habit.

Re:Isn't any "cleaning tool" rogue on a mac? (1)

robi2106 (464558) | more than 6 years ago | (#22060032)

How could anybody trust a cleaner for a platform that doesn't, as yet, need cleaning?

Because good is dumb.

funny thought... (0, Flamebait)

eNygma-x (1137037) | more than 6 years ago | (#22059502)

All my Mac using friends are going to hate this.... Oh wait my friends don't use Macs! =)

Wait, why would you even use this? (0, Troll)

WillAffleckUW (858324) | more than 6 years ago | (#22059512)

I mean, if you have a Mac, it's not like it's a problem anyway ...

Re:Wait, why would you even use this? (4, Insightful)

NewbieProgrammerMan (558327) | more than 6 years ago | (#22059800)

Well, assuming Apple's market share is increasing (which I don't know for sure, just taking it as a given for making my point), some significant fraction of those new Mac owners are former PC owners. Many of these people will assume that all the crapware they "needed" for their Windows machine is just part of owning a computer. It's not that there's a problem with a Mac, it's that a lot of people just don't know any better.

Re:Wait, why would you even use this? (1)

WillAffleckUW (858324) | more than 6 years ago | (#22059934)

oh. sorry, I keep forgetting people don't know it's such a waste to even bother with such stuff on a Mac.

I just checked with linux (2, Interesting)

Nikademus (631739) | more than 6 years ago | (#22059518)

I just checked this using a PC with linux and clicking the "free scan' prompted me to download a .dmg program. I somehow doubt the dmg could have been executed on a PC...

Either they changed their website, either the article lies on some points.

Re:I just checked with linux (1)

v1 (525388) | more than 6 years ago | (#22060658)

I rather doubt a DMG can be executed on any computer... ;)

the shit hits the fan! (0, Flamebait)

ILuvRamen (1026668) | more than 6 years ago | (#22059540)

You know how they say everyone who isn't good with computers should use a mac cuz it's a hand holding type of OS that simplifies everything for the user and doesn't let you into the really technical stuff without a lot of digging. So yeah, simple folk use the macs lol. You could train a monkey to run a mac. And from repairing comps in home for 4 year lemme just tell you that that's the kind of people who download and install fake scanners. The last one I did was from someone who saw a popup that said they have malware so they did the scan and OMG it installed some adware! OH NOZ! They never saw it coming *rolls eyes* yeah, so mac people are either hippies, self important starbucks customers, media ediors, or mac software programmers and 3/4 of them are dumb enough to install this new "scanner"

Re:the shit hits the fan! (5, Informative)

necro2607 (771790) | more than 6 years ago | (#22059600)

Yeah the difference is, you can't get spyware installed on a Mac by clicking a banner ad in a browser. The software doesn't even have permission to do software installation, so it would be asking for a password (unless some unknown vulnerability is exploited). Frankly if you're entering your password for your computer when some arbitrary website asks for it, you've already got have way worse problems than spyware on your Mac.

Re:the shit hits the fan! (4, Informative)

sqlrob (173498) | more than 6 years ago | (#22059746)

It doesn't take special permissions to put stuff in ~/Applications. It's not done by default, but some users do do it, and Finder supports it.

Or heck, just put it on the desktop where the user can click it. No special permissions needed. Most .Apps don't need an installer, nor need to be in /Applications.

Re:the shit hits the fan! (4, Insightful)

jmauro (32523) | more than 6 years ago | (#22059918)

But the Applications folder does not run as root, but as the regular user. The malware can only screw up the current users session, it cannot access or modify anything that needs root permissions without asking for the root password. Without root, malware is annoying, but not difficult to get rid of.

Re:the shit hits the fan! (4, Insightful)

GaryPatterson (852699) | more than 6 years ago | (#22060000)

Yes, but if you ask a user what they care more about - the OS or their data - you'll find few who care that they'll have to reinstall the OS. It's an irritant, but easily replaced from the source media.

Our data is far more critical, making the ~/Applications folder (or the ~/Desktop folder) a dangerous place for executables.

Of course, in these enlightened days we all have regular backups now or Time-Machine-enabled external drives. Hmm...

Re:the shit hits the fan! (1)

BeanThere (28381) | more than 6 years ago | (#22060514)

True, although most malware that people actually have to worry about doesn't delete your data. Most commonly, the intent is to deliver popup ads, or steal e.g. credit card info or logons when you order stuff or do banking online ... I think these are probably the most common hazards. I guess to do that on a Mac, malware would probably have to at least modify Safari in some way, I'm not sure if an ordinary user logon can do that.

Re:the shit hits the fan! (2, Insightful)

Taevin (850923) | more than 6 years ago | (#22060526)

I keep seeing people posting this concept... I have a hard time understanding it to be honest. Let's take a (very simplistic) look at Windows vs. OS X (and yes, I am aware you can make Windows nearly as secure as other operating systems, but I'm looking at base install here): Windows:
  • User Data: not protected
  • System Data: not protected
OS X:
  • User Data: not protected
  • System Data: protected
Ok, sure, OS X is not perfectly safe. Clearly it is the better choice though in terms of protecting system data. I really only made this reply because some of these posts (not necessarily the one I'm replying to) seem to be implying the OS X is somehow less safe. At worst it's no more secure than Windows; at best it is significantly more so.

Protecting system data may not be the most important thing in computing, but it's a bit ridiculous to claim it's less important than user data. You're probably right: the affected Joe User probably cares a lot more about his photos that he's procrastinated on backing up for the last 3 years than whether or not his OS is functional. However, I'm pretty sure that the other users on that PC are very glad that they weren't affected by Joe's actions. And let's be realistic here: how often does a piece of malware destroy files wholesale? Save the occasional virus writer that hates the world, most malware creators are much more interested in profit (i.e. getting users to buy something, typically through inserting advertisements).

Re:the shit hits the fan! (0)

sqlrob (173498) | more than 6 years ago | (#22060010)

But still damaging. A lot of what MyDoom did can be reproduced in a non-admin level account very easily.

It's trivial to reinstall in OS to clean something. Recovering the data is the issue.

Re:the shit hits the fan! (2, Insightful)

willyhill (965620) | more than 6 years ago | (#22060098)

The malware can only screw up the current users session

I'm sure people care more about the contents of their /bin folder (or whatever passes for that in OS X) than the graduation pictures of their kids and their tax returns. So I guess that's OK. The OS was never compromised! Incidentally, you don't need root to turn a machine into a spam-spewing zombie. On any OS.

it cannot access or modify anything that needs root permissions without asking for the root password.

Well then, it will just ask for the root password. You're thinking here that the user won't provide it for some reason? They just clicked on a "Punch the monkey" banner, after all.

Re:the shit hits the fan! (1)

Tacvek (948259) | more than 6 years ago | (#22060442)

I'm sure people care more about the contents of their /bin folder (or whatever passes for that in OS X)

For the record, there is a /bin folder, but that is only for the low level Unix style tools. The main applications can be located anywhere in the hard-drive, but are most often kept in /Applications. Of course the bundle system that the apps use make browsing the installed applications as easy as browsing the /Applications folder, which is why there is no real need for a statr-menu like system. The Dock and desktop can hold shortcuts to the most commonly used applications, otherwise, you just browse /Applications.

Re:the shit hits the fan! (1)

crabpeople (720852) | more than 6 years ago | (#22060196)

"Without root, malware is annoying, but not difficult to get rid of."
Maybe im just an expert on windows malware, but pretty much all of them install as root and they are for the most part not difficult to get rid of. You just have to learn where things can hook into, and have some common tools by your side. For joe user, I would argue that its just as difficult to delouse a PC or a mac. What about a polymorphic spyware that drops copies of itself everywhere, renaming itself randomly to mimic user created files? or if it zips up all your document files with a password? Joe user wouldn't have a clue if it was self replicating, spawned by some background process.

2008, year of the malmacware?

Re:the shit hits the fan! (1)

webmaster404 (1148909) | more than 6 years ago | (#22060644)

The thing though is, in a Unix-like system (like Linux) or a Unix system (like OS-X) the person logging in does not have root capabilities (or at least shouldn't) and thus keeps the possibility of attack low. In addition, Linux (OS-X can be configured to) have a centralized repository where most users download their programs that the source has been scanned for presence of malicious code (OS-X's version is called Fink I believe) this is one of the main reasons there is little malware for Linux, OS-X though, being mixed free/proprietary (more or less BSD with a nice GUI) software, doesn't have this and instead most applications are downloaded binaries, I am not sure whether or not they can be installed without root privileges (I know apt-get on Linux requires it, but I think ordinary programs can still be executed without root privileges, just not in the directory of system-wide binaries) this keeps the risk of data deletion down because the most it can do (deletion-wise) is delete the /home directory (the Unix equivalent to My Documents on Windows). As for the polymorphic spyware, if it was executed by a normal user (not root) the most it would (or should) have access to is the /home directory, keeping the risk of it going very many places down because most people check their home directory and unless it was hidden (not sure how the default file manager in OS-X handles them) it would be very very easy to figure out that you didn't create that file. For zipping up your documents with a password, that could be done, however assuming that either A) the password is the same B) the generator creating it is the same and if it was encrypted, it would be trivial to brute-force the password, figure out the algorithm then release a patch that fixes it. Overall, Unix systems are very hard to crack given that all the patches are installed, as one person said: To break Linux (or Unix) you need to work at it, to break Windows all you need to do is work on it.

Re:the shit hits the fan! (2, Interesting)

Mordaximus (566304) | more than 6 years ago | (#22059960)

Exactly! There are too many Mac users all smug with the notion that their OS is super secure. Which is true, the system is secure - but the user is not. The first time they ignorantly run a malicious app that clean out the contents of their home they'll likely learn the distinction though.

Personally I've never fretted over having to reinstall an OS. I typically clean install with every major release. What I dread is losing my data.

Re:the shit hits the fan! (1)

acb (2797) | more than 6 years ago | (#22060130)

That is assuming that (a) there are no (as yet unknown to you) security holes in your web browser, media plugins, &c., which could be used to execute arbitrary code, (b) there are no (as yet unknown to you) security holes in OSX or any of its components that could be used for privilege escalation, and (c) crackers haven't discovered these and used them or traded them on "zero-day" forums. Which is a pretty big assumption.

Using a Mac is safer than using Windows, though using something like NoScript to disable JavaScript, Flash, &c., for untrusted sites makes it even safer.

Computer security is like wearing porous armour: the more layers you have on, the less likely it is that something will make it through the holes.

Re:the shit hits the fan! (0)

Anonymous Coward | more than 6 years ago | (#22059682)

Thats a funny generalization you made. I know of at least 8 of the top ranked 50 universities in USA where the entire computer science department and their students uses macs primarily.

Re:the shit hits the fan! (0)

Anonymous Coward | more than 6 years ago | (#22060290)

has it occurred to you that being able to repair one type of machine doesn't make you an expert in another type of machine that you've never actually seen up close? also.. i don't think you know what you're talking about. Luckily, your posting style is so bad that it doesn't matter.

fixed that for you (5, Funny)

joeyspqr (629639) | more than 6 years ago | (#22059564)

"I visited the macsweeper.com website. I know I probably shouldn't have but I used a Mac so I knew I wouldn't get infected."

oh wait ...

Yeah and moon is made from.. (5, Insightful)

Fri13 (963421) | more than 6 years ago | (#22059590)


What, you need to download something to your mac and then INSTALL it?

This kind software has be there long time ago and there is nothing new to see here.
Market share is still smaller than GNU/Linux and it is not having this kind problems, wait, it has.

Come back again when F-secure and others have proof for worm or virus what works like windows platform, automatically.

Re:Yeah and moon is made from.. (2, Informative)

moderatorrater (1095745) | more than 6 years ago | (#22059758)

It's been my experience that 90% of the hosed computers in this world have had something installed that shouldn't have been. This is just the sort of malware that typically plagues windows computers.

Re:Yeah and moon is made from.. (0, Flamebait)

Anonymous Coward | more than 6 years ago | (#22059770)

How about you come back when you have proof for writing what works like English, illiterate Mac fanboi. You has add nothing to discussion.

Re:Yeah and moon is made from.. (0, Offtopic)

Nossie (753694) | more than 6 years ago | (#22060614)

What?

Let me guess. You are 12, American and like lol cats?

"You has add nothing to discussion" I can haz cheezburger?

"come back when you have proof for writing what works like English, illiterate Mac fanboi"

Proof for writing that works like English? try "Come back when you have proof that you can write in English"

pot, kettle, black, idiot!

Now is when you quickly reverse your statement, tell me that the sarcasm you posted went over my head and that I'm an Apple sympathizer.

Re:Yeah and moon is made from.. (1)

Nossie (753694) | more than 6 years ago | (#22060696)

ahhh shit, how did this comment get here?

whoever thought this was aimed at you.. it wasn't... *rolls his eyes*.. now I need to hunt him down again.

Re:Yeah and moon is made from.. (2, Interesting)

necro2607 (771790) | more than 6 years ago | (#22059932)

No kidding, I couldn't guess how many times I've written on Slashdot about how people used to upload trojan-horse programs to my server all the time and try to get me to run it. You know, malicious AppleScripts with a different application icon so it looks like something legit like a text doc or whatever. Except these days, Mac OS is designed with way more attention to these kind of possible "hacks", fortunately.

Re:Yeah and moon is made from.. (5, Informative)

willyhill (965620) | more than 6 years ago | (#22060050)

Come back again when you understand how Windows machines are largely compromised. Crapware vendors don't need to wait for the next IE vulnerability to target people, all they need is social engineering and lack of common sense. The last few major botnet herding attacks have been perpetrated like that. The fastest-spreading worms have been perpetrated like that. Coming a close second is exploiting vulnerabilities that people can't be bothered to patch. Yet all of this has somehow become Microsoft's fault, but in this case I guess it's the user's fault, right?

Idiocy can and will spread happily across platform boundaries. It really does not matter what OS you are using. And this article proves it. It's just that until now Windows was losing by the weight of sheer numbers. It has more vulnerabilities, sure. But those are irrelevant to the people who make big $$$ compromising machines. They simply don't need them.

Re:Yeah and moon is made from.. (4, Insightful)

postbigbang (761081) | more than 6 years ago | (#22060416)

Your comment is somewhat disingenuous. For argument sake you can cite that there are probably an equal number of stupid people buying Macs and PCs, by percentage.

Now take a look at the architectures. A dozen years of Windows since Win95 has only progressively made Windows more secure, and while better than before, still full of a superfluity of exploits (for differing reasons, again, not counting user "stupidity"). You have to do a lot of work to iteratively get past the gatekeepers in both operating systems; it's not as trivial an exercise as it once was; all the really wide-open machines are 0w3d by someone by now.... as part of a botnet.

Given a 5-10% of the market for Apple, depending on whom you believe, you're only now seeing a MacOS ruse. Think about that for a moment. Think about both motive and opportunity. Motive we understand. Opportunity hasn't been very strong until now. The weapon? Two decades in to desktop operating systems (three if you count CP/M, UCSD Pascal and so on) we're only now seeing a MacOS exploit. A common denominator among the exploitable: stupidity. Now let's scratch off stupidity and talk about architecture. It's not Microsoft's fault that they used a root-level database (the 'Registry') that could be twigged by any user-mode app in pre-XP SP2? Hmmmm. Or the mindless ways that people found to explode IE? Or the TCP/IP stack? Or how long it took to get a WEP-128 parser and still longer for a WPA parser? Microsoft's sloppy code created an industry, one to fix the code, and another to exploit it. They didn't take security seriously, then paid it only lipservice. They're paying the price in disrespect for not being respectable!

Looking at the screenshots... (1)

Lally Singh (3427) | more than 6 years ago | (#22059598)

The screenshots seem to show that all it detects are evidence of viewing porn sites. Yes, you can view smut on the mac. Everyone go hide in fear.

fixed it for you. (-1, Troll)

geekoid (135745) | more than 6 years ago | (#22059904)

"Yes, you can view gay smut on the mac"

ZING!

Re:fixed it for you. (0)

Anonymous Coward | more than 6 years ago | (#22060520)

"Yes, you can view straight smut on the mac."

ZING!

Fixed it for you.

Unfortunately, this is likely to become more (3, Insightful)

ibbie (647332) | more than 6 years ago | (#22059658)

common as Macs continue to grow in popularity. Malicious code tends to gravitate towards the largest user base (more targets), and Apple's market share (or perhaps, more importantly, positive PR) is growing at a decent rate. I'm surprised that it hasn't happened sooner.

The same could happen to Linux, (Free|Open|Net)BSD, etc. All it takes is an uneducated* user behind the console, and Linux's drive to take on the desktop makes that all the more likely.

* I mean uneducated in the security sense. You can be highly intelligent, have 3 PhD's, and still not know a thing about what downloads to avoid. We can't know everything about everything, after all.

Re:Unfortunately, this is likely to become more (1)

cromar (1103585) | more than 6 years ago | (#22059834)

The same could happen to Linux, (Free|Open|Net)BSD, etc.

What? A trojan [slashdot.org] on [symantec.com] Linux [symantec.com] ? That's crazy ;)

Re:Unfortunately, this is likely to become more (1)

willyhill (965620) | more than 6 years ago | (#22059898)

Well I never... you mean the threat level is directly proportional to the popularity of the target platform and the demographics of its user base?

You mean that... by exercising common sense and not downloading crap to my computer I can avoid the vast majority of viruses and malware? Hah! Next you're going to tell us we need to also patch them and then we'd be quite reasonably safe!

That's just crazy talk, c'mon. Everybody knows that's not true.

Steve Jobs finally has his hands tied? (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#22059664)

Well, step aside my friend
I've been doing it for years
I say, sit on down, open your eyes
And open up your ears

Say
Put a tree in your butt
Put a bumblebee in your butt
Put a clock in your butt
Put a big rock in your butt
Put some fleas in your butt
Start to sneeze in your butt
Put a tin can in your butt
Put a little tiny man in your butt
Put a light in your butt
Make it bright in your butt
Put a TV in your butt
Put me in your butt
Everybody say

I, hey, that's, man, I ain't putting no trees in nobody's butt,
no bees in nobody's butt, putting nothing--
You must be out your mind, man,
y'all get paid for doing this?
Cause y'all gotta get some kind of money
Cause this don't sound like the kind of--
I'd rather golf, to be perfectly honest,
than put somethin in somebody's butt
to be truthful

Well step aside my friend and let me
show you how you do it
When big bad E just rock rock to it

Put a metal case in your butt
Put her face in your butt
Put a frown in your butt
Put a clown in your butt
Sit on down in your butt
Put a boat in your butt
Put a moat in your butt
Put a mink coat in your butt
Put everything in your butt
Just start to sing about your butt
Feels real good.

What's wrong with /.? (1, Informative)

Anonymous Coward | more than 6 years ago | (#22059858)

Why do almost all of the articles on the slashdot main page say only "25 comments"? Is it some kind of bug? (I'm not logged in, and I'm using IE7 on Vista. Flame me. :))

Lol, thanks mod(s). BTW... (0)

Anonymous Coward | more than 6 years ago | (#22060120)

I guess slashdot is having some kind of redesign, 'cuz the URLs have some extra &no_d2=1& cruft added onto them.

Thank you, whoever modded me up.
I don't know where the -1 Troll came from.

Re:What's wrong with /.? (1)

tehniobium (1042240) | more than 6 years ago | (#22060138)

I'm logged in FF2/XP (not that that makes a difference) and I'm seeing the same thing...

wierd oO

Re:What's wrong with /.? (1)

celle (906675) | more than 6 years ago | (#22060530)

"No kitty, thats my pot pie!"

moderator: The kitty turns around and lifts up its tail.

--> "You sure about that Jack?"

idiot moderators (0)

Anonymous Coward | more than 6 years ago | (#22060398)

why waste points modding down someone pointing out an obvious /. problem?

PC are immune..what what? (1)

Mastadex (576985) | more than 6 years ago | (#22059866)

I know I probably shouldn't have but I used a Windows PC so I knew I wouldn't get infected.
Excuse me. *Leaves the room*


Bahahhahahahahahaha.....

Why Linux and Mac OS will be safe (2, Interesting)

Anonymous Coward | more than 6 years ago | (#22060040)

Linux and Mac OS will never get the malware trouble Windows does for a good reason - the communities behind them.

Windows has such a large userbase, there are many shady-looking shareware apps that work just fine and do what they're supposed to. The problem is that Windows has developed a culture of suckiness such that users can't readily tell the difference between a legitimate vendor and illegitimate software. I had a webcam where I had to obtain the driver on a website that looked ripe for hosting malware. There's also the issue of having everything ActiveX enabled and scripting-friendly that essentialy lets malware distribute itself.

On both Linux and Mac, there is no ActiveX equivalent vulnerability, so the malware authors are going to have to work through the community.

On Linux, repositories are peer-reviewed and open code is generally preferred over closed-source solutions. Since software is under review all the time, there's no place for malware to hide and it is quickly detected and shunned by the Linux community.

On Mac, if an app is low quality, people generally gravitate away from that app and towards the better solutions. And the malware authors generally don't create a front that is believable. If you look at a lot of Mac dev sites, you will see that a lot invest a lot in fit, finish, and glitz. If the authors of Mac malware want to get anywhere, they'll have to find a way to auto-propagate malware - that or break into the Mac community - through recommendations by respected Macheads and investing effort into making their software appear usable. And by that time they've spent likely more effort than they're willing when there's the giant Windows bullseye just waiting to be shot at.

If you go to the macsweeper.com website, you'll find they lifted Apple's home page and modified it to make it ugly. If a Mac dev can't even create their own good-looking website, why would I trust them with software on my computer?

double digits? (5, Funny)

BeanThere (28381) | more than 6 years ago | (#22060074)

There are now 10 or more Mac users?

Re:double digits? (1)

BeanThere (28381) | more than 6 years ago | (#22060104)

Just kidding, seriously though, I presume they meant millions, but I'm pretty sure we're well past 10 million Mac users? Or do they mean new sales *per year*?

Re:double digits? (1)

Fluk3 (742259) | more than 6 years ago | (#22060212)

Nearing 10% marketshare. Not 10 million.

Re:double digits? (1)

BeanThere (28381) | more than 6 years ago | (#22060434)

Ah, that would make sense :) But is that percentage of computer sales per year, or total installed base? I presume the former. There are some interesting stats here for anyone interested: http://www.appleinsider.com/articles/07/12/11/apples_leopard_to_boost_mac_sales_while_dell_hp_slump_report.html [appleinsider.com] ... according to that, around 30% of new home computer sales in the US, that's not to be sneezed at.

Re:double digits? (1)

BeanThere (28381) | more than 6 years ago | (#22060458)

That wasn't a troll, honestly, some people :/

Re:double digits? (3, Funny)

mcpkaaos (449561) | more than 6 years ago | (#22060588)

Practicing your base 2, I see.

Re:double digits? (1)

daVinci1980 (73174) | more than 6 years ago | (#22060632)

That was my favorite part: "With the Mac's market share closing in on double digits"

Market share refers to the percentage of total install base that are macs [wikipedia.org] .

In all honesty, mac has been closing on double digits for the last... well, how long have they been in business?

They're definitely doing a good 'little engine that could' impression, though. Most companies that can only maintain a small percentage of the market place fold. I suspect that the reason Mac hasn't is due to the exceedingly large size and growth of the consumer PC business.

First Scareware? (5, Funny)

Macrat (638047) | more than 6 years ago | (#22060102)

I thought Symantec released the first Scareware for Macs?

Contact Us page changed already (4, Informative)

caseih (160668) | more than 6 years ago | (#22060108)

Looks like they read slashdot. Their "Contact Us" page is already edited now to remove the text copied from Symantec. Now the page doesn't say much of anything at all. No phone numbers, no addresses. Just a bare e-mail address. Hard to believe how scam artists can operate out in the open these days.

apparently it can even... (1)

reversial (1174957) | more than 6 years ago | (#22060248)

apparently if you subscribe, it'll even clear your DLL cache! http://www.macsweeper.com/buynow.php [macsweeper.com]

Probably (1)

Reed Solomon (897367) | more than 6 years ago | (#22060292)

"I visited the macsweeper.com website. I know I probably shouldn't have but I used a Windows PC so I knew I wouldn't get infected." And yet he probably did. Why would they limit themselves?

virtues of ports and repositories? (1)

xoundmind (932373) | more than 6 years ago | (#22060334)

I'm not naive enough to think my BSD and Linux machines can't be infected, but.... This would seem to be yet another argument for ports, apt, etc. I've never feared any of the software installed through those routes. (Yes, I know security alerts arise and are addresses...I'm talking about over malware.)

mod 0p (-1, Offtopic)

Anonymous Coward | more than 6 years ago | (#22060616)

lube or we sell Bought the farm.... playing 5o it's the system 3lean BSD style.' In the AT&T and Berkeley its readers and

Huh? (0, Redundant)

rthille (8526) | more than 6 years ago | (#22060652)


If he didn't want to get infected, he should have used lynx on OpenBSD!
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?