What is Digg?69 Comments
- ThinkBox, on 10/12/2007, -0/+40So this is about as much news as...
"Stupid People in Cars a Target for Wrecks, Some Expert Warn." - SBelyea, on 10/12/2007, -3/+26All it takes is the user to enter their administrator password. All the safeguards in the world can't stop a determined idiot from destroying his machine.
- gyroscope, on 10/12/2007, -1/+19Why would the switch to Intel increase the likelihood of viruses? Aren't viruses about software?
- SniperGX1, on 10/12/2007, -3/+18People that have something to gain in the sale of bloated overpriced virus solutions from mcafee and symmantec tend to overlook the facts. Just once I would like someone to explain how you are going to have a virus on a BSD system when users are not running as root.
- inactive, on 10/12/2007, -2/+14Someone wake me up when there is an actual documented case of a virus on OSX.
..yawn.. - mikm, on 10/12/2007, -3/+11Bugs in the OS? Social engineering?
- noseeme, on 10/12/2007, -1/+8Members of the Associated Press are pseudo-journalists? I'm gonna disagree with that.
- avatarpalin, on 10/12/2007, -1/+7ahhhhh its that time of year again.... THERE MIGHT BE A VIRUS ONE DAY..... REALLY!! go out and buy buy buy
-online version of a man with a sandwich board claiming the end is nigh- - KCorax, on 10/12/2007, -1/+6"Go buy Sophos or McAfee or Norton or go get a ClamAV opensource package and protect yourself. End of story."
This excuse is ***** when it comes to windows and guess what: it's still ***** when it comes to OSX - JQP123, on 10/12/2007, -1/+6"... that is just really rare."
Not as rare as some people seem to think. I have a Win95 (yes, as in 1995) machine that has been connected to the Internet 24/7 for over 4 years. The only OS update has been to the TCP/IP stack (WinSock 2). It still checks out clean. I do have a hardware based firewall in front of it.
From my experience with other people's machines, the vast majority of Windows viruses appear to be user installed. Screen savers, browser tool thingies and porn "codecs" being high on the list of suspects. - grayapple, on 10/12/2007, -2/+7Hold on, isn't this the trojan that hit back in feb that only a small number of people got?
- noseeme, on 10/12/2007, -3/+8Wow, that is seriously an accomplishment.. I am not biased against Windows, but that is just really rare.
Do you really know it didn't get infected if you didn't have antivirus on it? Try downloading a free one and do a scan. :) - raremage, on 10/12/2007, -0/+5I switched my main work system to a powerbook about 18 months ago. I'm writing this on a relatively new MBP15. Just setting some perspective to the comments, because I guess I AM a switcher, although my home gaming rig, and all the other computers at my company, still run Windows. Before I started the company I am with now, I used to work for MSFT.
Statistically, it has made sense for years now that exploits and attacks would be discovered / made against Windows systems because the market share was (and still is) so dominating. Having said that, as Linux gained in popularity, more and more exploits have become known (if not particularly publicized) because the attack surface (aka install base) has increased so dramatically. Now the same thing goes for Macs, as the install base again begins to increase, more and more folks will start looking at them as a place to attack.
It certainly doesn't help that lately malware has started to become a 'business' (well, 'for profit' may be more accurate) and as the market share grows, so grows the number of malware packages. Another factor will be the simple fact that Mac users have ignored virus protections for so long, that they may continue to assume it simply isn't necessary. Virex is so clunky that I dropped it - I'm sure others would say the same.
New attacks will continue to happen as market share increases - and AV vendors will try to leverage that fact. But it doesn't make it untrue. All software has bugs; OSX exploits will begin to surface more and more.
I did like this line though: "He and at least one other person who clicked on the links were infected by what security experts call the first-ever virus for Mac OS X, the operating system that has shipped with every Mac sold since 2001 and has survived virtually unscathed from the onslaught of malware unleashed on the Internet in recent years." AT LEAST ONE OTHER PERSON. rather a frightening statistic, eh? Unrealistic as well. - Angostura, on 10/12/2007, -0/+5Yes you are right. Virtually all viruses target software holes rather than specific hardware vulnerabilities; which is why Linux on x86 doesn't get Windows viruses. It is just about possible to craft a cross-OS virus but it's bloody tricky.
- CryingWolf, on 10/12/2007, -0/+5And add to that, put in a password to install it.
- Darksev, on 10/12/2007, -0/+5"a series of links that promised pictures of an unreleased update to his computer's operating system."
Since the article is short on legitimate, viable threats, I assume this is the activity we need to watch for....stupidity. I propose we create an anti-stupid application, which installs in the users chair, and delivers a mild (or not so) electrical shock when anything like the above is done. - grayapple, on 10/12/2007, -0/+4What version of MacOSX was he running? - they don't say!
Anyway, To keep a mac safe don't use the Root account, stick on the firewall, don't type your password into anything that looks dodgy thats asking for it and don't buy virus software, use open source like CalmX or what ever it's called.
Same goes for Windows systems basically, just run a spyware/antivirus scan on them once a week. - t3hX, on 10/12/2007, -1/+5Yes. It is.
- t3hX, on 10/12/2007, -0/+4Is it really a virus if you have to click a link to open it and install it?
- achoi, on 10/12/2007, -1/+5@noseeme
I know a number of people that know how to harden their windows machines at home and run them fine without any AV software. Most of them are (you guessed it) linux sysadmins. Virus makers target the lazy and/or ignorant users since their chance for success goes up as the target gets easier. - modusop, on 10/12/2007, -0/+3The university forced the professor to take down the challenge FYI, not because the macs weren't standing up to it; they didn't want a bunch of black hats messing around with university computers.
- bubbagump, on 10/12/2007, -2/+5Hubris is dangerous, yes. However, there have been none yet...and those that have been called a virus were nothing more than social engineering requiring multiple steps by the user to cause problems.
Recently, a mac was put on the net for several hours with an open invitation to hack it...it stood up to the torrent of attacks. I'm still not even remotely worried. - mugatu, on 10/12/2007, -0/+3@wedgea18
No, any user can run a script or program under his/her own privileges -- It is only if it is to be a system-wide change, kernel extension, etc. that would require a root password. - OmniMe, on 10/12/2007, -0/+3This article is way to vague in detail about what did he click on, who are the experts, is it REALLY a virus or popups? It wasn't worth the bandwith to download the page to my browser. This just looks like some reporter trying to make news out of nothing.
- CryingWolf, on 10/12/2007, -0/+3The article does not reference any virus or the experts. Even running with admin privileges on a Mac it will ask for a password when installing software (including viruses) There was a vulnerability in Safari, I don't remember what it was about, but I run Firefox on both my Windows PC and on my Mac, so I can have the same UI.
In the end a little thought can go a long way on a Mac. You can run everything from Standard User. When installing programs it will ask for both username and password of the admin account. Run Firefox etc. I haven't really felt the need to run a virus program on the my Mac. - cohman2001, on 10/12/2007, -0/+2I know thats bull-***** because I just bought myself a iMac from the Apple Store, and the biggest part of my reason to switch was that there were only a handfull of viruses. If that.
- rompom7, on 10/12/2007, -3/+5Software is more about hardware than most assume.
Infact, yes, the switch to Intel would increase the likelihood of viruses.. but by so little it wouldn't even matter. And it stems from the fact that Mac CPU's were closed and, now they are switching to a more common platform meaning the process of writing machine code for a Mac is similar to that of Windows. - adml_shake, on 10/12/2007, -1/+3"From my experience with other people's machines, the vast majority of Windows viruses appear to be user installed. Screen savers, browser tool thingies and porn "codecs" being high on the list of suspects."
I have to agree with that. I know people that run no AV what so ever. My uncle for example uses his computer for work email (he takes no email from people he doesn't know, and opens no attatchments. If people want to send him something he makes them get up and use the fax) and to surf about 5 different sites. He's been doing this for years and I scan his computer each time i'm over and i've yet to find even a single piece of spyware or anything. It's all about how you surf... - t3hX, on 10/12/2007, -0/+2Also, the thing got dugg and slashdotted at once, and was taking up a constant 35MBits of bandwidth, slowing the rest of the network to a crawl. The thing didn't crash under this load, that's pretty good.
- KaosX, on 10/12/2007, -0/+2here's the deal.
If they can figure out a virus that can cripple my OS X server system without requiring interaction on my part in any way I'll go back to using linux/windows solely forever. I use almost every operating system out there mac/linux/windows and I just find OS X to be the most stable/powerful.
I understand the geek factor of getting linux to work the way you want, Ive gone through those phases a few times over. I understand wanting to tweak a gamin box on windows, or having the simplicity of having tons of software that's easy to install etc etc etc.
Mac kind of gives me the best of both worlds (sans gaming sadly) The power is under the hood if I need it, installing software in most cases is as simple as dragging and dropping.
Its all personal preference...so leave it at that.
I wish all the anti-mac windows fanboys would get the stick out of their ass just like I wish alot of the blind mac/linux fanboys would get the stick out of theirs. - mugatu, on 10/12/2007, -1/+3As an experienced UNIX admin and avid OSX user, I find it fairly naive that many people think that OSX is somehow 'safer' because the user doesn't run as 'root' or the admin user. To me, sure, the system integrity may be safe in the case of a virus/trojan/what have you. But the real value to a system for 99.9% of users is the user data. If a destructive virus is released that simply executes 'rm -rf $HOME/*', that would be just as harmful to me as something that could run as root.
- The_Decryptor, on 10/12/2007, -1/+3Hears a better idea, just don't go and enable the root account (it's disabled by default on macs)
- t3hX, on 10/12/2007, -5/+7And i'm going to laugh mine off when your comment gets infected by the thumbs down virus.
- inactive, on 10/12/2007, -1/+3symantec and mcafee might make OSX apps, but I sure as hell wouldn't want ANY symantec ***** on my PC or a Mac if I had one!
Apart from the replication bit, symantec fulfills all the things that a virus does. Major slowdowns, constant crashes, impossible to uninstall, bloated code (though I gues smost virii are pretty compact).
There is no force in heaven or on earth that will make me install NAV on any PC/Mac! - threemagic, on 10/12/2007, -0/+2Kendal:
I hate that arguement: there just isn't enough of them around.
Linux has been hosting the majority of websites for years on end. How many virii are available?? And how many linux boxes are there compared to windows.
So by this we can gather that virii writing has nothing to do with population. - ArchonMagnus, on 10/12/2007, -0/+1The "XP on a mac" was just a way to get the Windows OS on Apple hardware. Windows XP has the same level of vulnerability on any combination of hardware (Apple or otherwise).
- happbando, on 10/12/2007, -0/+1Known Bugs:
Mac OS X: 84
Windows XP: 80,000 - The_Decryptor, on 10/12/2007, -1/+2Yeah, only really matters if it's written in assembler.
- jmknapp, on 10/12/2007, -3/+4Because most of the viral payloads as written contain Intel DNA--err, assembly code. If a buffer overflow exploit manages to overwrite the heap for some program that exists on diverse platforms, if the payload is Intel machine code then it will just cause non-Intel machines to crash, not get rooted. But now Intel Macs may be affected by these types of exploits.
- geekdreams, on 10/12/2007, -9/+10Why? I never had that crap on my Windows machine and it never got infected.
- inactive, on 10/12/2007, -0/+1It's just hype. Really no one cares about it except the media. The truth is there will never be as many exploits on Mac OSX as there are on some other operating systems. (I'm not going to mention any names but you know what I'm talking about) There may always be an app that looks legit but when you run it bad things happen. With OSX it's hard for things to run on their own without the user executing them or for a malicious app, that was accidentally opened, to do a huge amount of damage. For now, spending money on protection products are a waste. I'm not saying this will change even as soon as in the near future but for now it's plainly a waste. I have used some of these products but to me the seem like a pretty GUI that provides a false sense of security. This seems to often lead to people thinking that their, "safe," and that they can run whatever they want now.
- wedgea18, on 10/12/2007, -1/+2Any program, or virus, would need root priveleges to install itself, correct? So would it be safe to say that it would take an inexperienced user to punch his root-pass in everytime he was asked for something to get through and penetrate the system, even the home data?
Even in the Windows world, I'm a tech-support guy, most of the harder problems I face are results of the User-stupidity Virus... - rocjoe71, on 10/12/2007, -0/+1Try a buffer overrun on a service already running as root.
All it takes is a buffer overrun in a kernel process and its game over. TCP/IP stack, file I/O, printing, your window manager-- all of these reach the kernel at some point and are therefore vectors for a buffer overrun. - raremage, on 10/12/2007, -0/+1Those are both fair points as well, but someone will undoubtedly discover a passive exploit eventually. As the userbase grows, more people will start looking at ways to crack the systems.
- wedgea18, on 10/12/2007, -0/+1Bravo.
I think that's why psuedo is such an attractive name to hide behind. - cakefart, on 10/12/2007, -0/+1What, I've seen this headline now once a month for five years?
- starbirix, on 10/12/2007, -0/+1I agree. With as little chutzpah as the last "huge OMG scary!!1!!!" OSX virus scare had I'm a little disappointed that this has gotten attention.
- threemagic, on 10/12/2007, -0/+0All machines can be hacked...there is a difference. We are talking about the propogation of virii.
- Kendal, on 10/12/2007, -0/+0Threemagic:
I hate the argument too, but that doesn't mean it's not legit.
Linux hasn't been smacked because nobody's put their mind to it yet.
You could do it one of three ways;
1. Prescan the net for all the vulnerable Linux boxes, split the list up among 10 deployments of a Linux virus, have each one infect the next two IPs on the list and then split the list between each, every (vulnerable) Linux box on the internet should be infected in less than a minute.
2. Develop a scanning virus which resides on XP, but scans for an deploys malicous code to Linux.
3. Develop a cross platform virus.
Density of population delivers success from 'hit and miss,' because the vulnerability is the foothold of the virus. A sparse population is protected from this, even if the vulnerability is common, because traffic is more indirect, the virus has to take more steps, scan more, and is more prone to being intercepted. Only prescanning, or self scanning, or cross-platform host/deployment will work in this case.
It's not so much a meatter of there not being enough Macs, but that the environment is virus-hostile, and incompatable to the code. -
Show 51 - 68 of 68 discussions
Digg is coming to a city (and computer) near you! Check out all the details on our 
© Digg Inc. 2009
— Content created and posted by Digg users is