I worked in Geek Squad for 5 years (finally started making a enough money doing freelance development to quit this past december).
I've done malware removal on 5-10 computers a day, 5 days a week for most of that time. So I've seen thousands of malware infections on the average consumer's computer. I've seen more different malware infections than just about anyone outside of an antivirus research lab.
When I first started most of malware came from users downloading files from P2P sites. However, for the last 2 years nearly all the malware I found was installed via a drive-by download that happened without user input.
You can talk all you like about avoiding porn sites and installing AV software, but it's not that simple. The majority of the computers I worked on had current AV programs--they weren't able to prevent the infections. The situation with malware and windows is absolutely terrible, and it doesn't only happen to idiots who stuff their drives with porn.
Macs have security flaws--they aren't perfect, but when compared to the malware ghetto I've dealt with over the years, calling this a mac malware problem an "explosion" is just ridiculous.
Selection bias? Your conclusion that windows is a malware ghetto based on your experience at the geek squad is like a Doctor saying 'everyone is sick, because all I see everyday are sick people'.
I think the meaning was that Windows is a malware ghetto compared to Mac. More akin to a Doctor noticing that 95% of his patients are blondes and declaring that blondes tend to get sick more.
The significance of this is offset by the base rate though: unlike Windows PCs, blondes don't constitute 90% of the sample group.
Definitely a selection bias--I mentioned that previously in a post down below.
I'm not saying everyone is sick though. I'm saying I've seen thousands of windows machines with malware and a lot of the time it wasn't just an uneducated user problem.
My first store was also about an hour away from the nearest mac store so I also saw a pretty fair amount of macs while working there. They came in all the time for hardware issues so obviously they aren't perfect--But I never once saw one with malware--not in 5 years.
I don't think that they are magically immune to malware and some of it can be explained by smaller market share, but whatever the reason from my experience dealing with thousands of windows pcs and hundreds of macs--malware on macs is so insignificant that it doesn't exist.
5 years ago people were saying that malware for macs was coming (In fact Best Buy was pushing AV installs for macs when we first started carrying them), but it didn't materialize.
For the average user--if you buy a windows machine you will probably have to deal with malware, but if you go with a mac the chance is so low that is virutally nonexistent.
Based on the general state of the computer, and many times customers asked me to try to identify the source of the infection.
To do this I checked the history for recently visited sites.
Before most browsers had private browse modes, and the ability to only delete recently browsed data, a non empty history with no obvious porn listings could usually be taken at face value.
In my experience a lot of users, those that know more than nothing but aren't quite adept enough to not get malware, know how to selectively delete their history.
That's no to say that dodgy porn sites are the only vectors. In fact I find the most common vector for viruses these days is stupidity. The nastiest viruses to remove are the ones that can't install themselves, spread themselves, make no attempt to hide from antivirus, but have a whopping huge payload ready for whoever will run omg_awesome_kitten_pic.jpg.exe (which they've downloaded from Limewire, or Bittorrent, or has been IM'd to them over MSN).
I've seen plenty of the same fake AV malware that installs itself via drive-by downloads on computers with up to date firefox installs.
Security patches aren't instant. Updating your browser helps sure, but it's not a real solution.
There is a tendency for people like us to assume every time we see someone with a malware infection that it must be because the user is a moron who: still uses Kazaa, doesn't know about the good porn sites, is browsing on IE6 and installs anything that a popup asks him too. That just isn't true.
It's not just idiots, the average non-moron windows user is massively vulnerable to malware.
In my experience (I'll limit it to friends and family b/c of the obvious selection bias of including Geek Squad customers), nearly every (non developer) windows user I know has had at least one malware infection over the last few years that required either my help, or a system restore.
I would guess that some of that is b/c my developer friends are less likely to need my help with malware, so they don't tell me about it.
Another guess but the rest of it is probably behavior based. Developers are less likely to spend all day on facebook playing flash games, more likely to have flashblock and adblock installed etc..
Why is it the browsers job to secure your system? It doesn't matter if it's IE 1 or Chrome 12 if any application tries to install itself without user intervention the system should stop it by default.
The users who are most likely to be infected by this stuff are the same users that Apple caters to in person in their stores.
Many Apple customers (at least the ones that I know) have become used to in-store "geniuses" fixing their difficult computer problems -- setting up their email, installing software, that kind of thing.
This is going to be very difficult for Apple stores to handle.
It's not really that hard, Windows support guys have been doing it forever. And, like almost everything else, it's easier on a mac (my mom got this malware... on mother's day)
The problem is: naive user + attack vector (bad default Safari options) + malicious attacker (advertising network).
The solution is:
* Cleanup - Kill process form activity monitor, delete app from Applications, and installers from Downloads folder (kinda shocked that there isn't more to it).
* Inform - Teach user about basic practices.
* Close vector - Safari's Automatically open safe files after download checkbox.
* Block attacker - Install AdBlock for Safari (Bonus points).
All of the above, except the 'informing' part, takes all of two minutes to do, so I think the "Geniuses" at the Apple Stores can manage.
To those entrepreneurs whose business model is based on ads... sorry, but Adblock is the new Antivirus. I install it alongside any software updates or antivirus software (even on Macs, now).
I have often seen this mantra repeated, but I can't believe that this is enough to dissuade every single hacker. With Macs approaching 10% of the market this has got to be worth somebodies time to have a go. And yet, I know a lot of folks with Macs and not a single one has ever had malware issues. Either nobody is getting hit, or they are getting hit with stuff so good and stealthy that they just don't know it :-) I'm certainly not arguing that Macs are invulnerable (far from it), I'm just genuinely curious why somebody somewhere isn't stepping in to fill the malware niche.
Malware might bring money in, but that doesn't make it a business. You can't exactly corner the market or rely on word of mouth; your targets are largely random and diverse. When you have a random choice, the only rational decision is to pick the most likely option: Windows.
Yeah, I'm surprised if no hacker just wants to penetrate the Mac to be able to claim victory, like "Steve Jobs, you thought macs couldn't get viruses. Let me prove you wrong"... or something like that?
Yesterday I saw some mac osx malware being served up from a website listed in google image search results.
The search was Flamenco or something like that. My girlfriend pulled me over to show me that this website was saying it was from apple security and that I needed to download a tool to remove the Trojan.
Having just come back from a visit to Turkey, we found the Trojan reference funny.
I think if she was surfing with safari the .zip file would have extracted automatically, which I think would have caused many people to run whatever evil was stored inside.
As far as I'm concerned, when I read this I had no problems with what Apple is doing. They got a memo stating that Apple is looking into it, and don't confirm/deny malware.
That's what they're supposed to do, no? This is hardly a cover up. Apple is simply reminding their support staff to not make promises they can't keep. This is a holdover till they have a solution. If their permanent solution is a cover up, that's a whole other story.
I agree... although it would be nice if they would step up for their customers in this regard, I just don't see a scandal here. (That's just The Register's style of reporting I guess, not to diss them or anything.)
However, the letter itself is interesting in that it confirms Mac malware is becoming a real issue.
>The con artists behind Mac Defender hook their victims by presenting Mac-using web surfers with images that depict an antivirus scan taking place on their machines. The images falsely claim users are infected with serious malware and urge them to download and install the antivirus package. Those who fall for the ruse are then infected.
Yes. It's malware. It has infected the computer. Because they downloaded and installed it willingly. But "infection" implies "virus" to most people, and this is nothing of the sort.
I hope Apple solve this by creating a consumer version or mode of OS X with a sandbox similar to iOS. I'd love if my mom had no way of installing software that could break the computer, without doing scary sounding stuff like "jailbreaking" or "enable developer mode".
The real news is not that Apple won't remove malware, it's that Apple is apparently actively working to conceal the truth and perpetuate the Mac-selling legend that Macs cannot get viruses.
It's not a virus. It's malware. Users install it, and it sends them to porn sites.
If you run "sudo rm -rld /*" on a Mac, it may not run so well either.
Of course, it may be a sign that more sophisticated malware (i.e. real viruses, and other stuff that actually exploits the Mac's vulnerabilities) will be on the way.
> Of course, it may be a sign that more sophisticated malware (i.e. real viruses, and other stuff that actually exploits the Mac's vulnerabilities) will be on the way.
Once an OS has the attention of malware writers (even user-installed malware like this), real malware won't be far behind. Especially when you consider how much easier exploitation is on OS X than, say, Windows or Linux. It's 2011, but OS X still doesn't have useful ASLR -- supposed to be coming in 10.7, but it was also supposed to come in 10.6, so we'll see how that goes.
> when you consider how much easier exploitation is on OS X than, say, Windows or Linux.
[citation needed]
It wasn't until Windows 7 that windows finally got a reasonable security approach. I don't know what install bases look like these days but most PCs I interact with are still on XP which is obviously not harder to exploit that OS X.
It's not a virus. It's malware. Users install it, and it sends them to porn sites.
To you and to fellow readers of this site.
However to the average Joe, there is no difference between the terms "virus", "malware" and "my computer is now doing things that I don't like that I didn't want it to do and it's interfering with me using my computer and I can't stop it"
Apple is doing the most sensible thing for their business. An uptick in users installing adware on their computers (yes, you have to manually install it) is a far cry from having a platform blighted by drive-by infections and autonomously spreading worms as Windows was in years past.
However, from a marketing point of view it's a lot harder to sell. Compare:
You can't get viruses on Mac.
with:
Using a Mac you are very unlikely to get a virus, and provided you don't download and install anything shady ad/spyware isn't a concern either.
The second statement is true of Macs today, and still presents an advantage over Windows, but "No viruses" is a much simpler message, and one it seems they are trying to keep (superficially) intact.
> An uptick in users installing adware on their computers (yes, you have to manually install it) is a far cry from having a platform blighted by drive-by infections and autonomously spreading worms as Windows was in years past.
Well yes, but lately how are these drive-by installations happening? Mostly through holes in third-party software. My concern, as a Mac user, is that there's no fundamental reason it should be any harder to attack OS X this way; it's just that up until now Windows has been a vastly more profitable target. And that is changing.
If you're a careful and conscientious user I'd honestly say you're safer on Windows at this point, because Windows is used to being attacked. It's used to defending itself against this kind of threat. You have this ecosystem of powerful antivirus programs like MSE or AntiVir that update themselves constantly, and innumerable other third-party tools such as Secunia PSI as preventative measures, and these just don't really exist on OS X yet. Windows also yet has some exploit mitigation facilities that OS X lacks, such as ASLR and kernel patch protection.
It will be a while before OS X has developed such an ecosystem of its own, and we just have to hope the adjustment period won't be too painful.
And hopefully they never will. This is the stupidest possible way of protecting your computer. The proper solution is a more modern security system like SELinux instead of this outdated user/group/others approach.
> nope. by the user running an installer when requested by a browser ad popup.
I agree that this is how most malware happens in general, but I was talking specifically about the subset of malware installations that are drive-by downloads, i.e. which are performed without user interaction:
The first point your link makes is that Drive-by downloads includes user intervention: "Downloads which a person authorized but without understanding the consequences".
Apple lies about the capability, strengths, and shortcomings of their products all the time, and have done so for as long as I can remember. It just seems to be their standard practice.
No, they just don't bog their messages down with caveats, which just serve to confuse people. Effective communication sometimes sacrifices some small measure of accuracy. You see this in conversation all the time.
The parent post may be a bit generalizing, but how exactly is "the safety of your system also depends on the user's actions" a confusing caveat? Because that is the point being suppressed/omitted in the present case.
As a PC turned Mac user for the last 3 years, this is truly the best thing about working on the Mac platform. My girlfriend is still on her shitty HP laptop and it is so incredibly painful to watch her worry about viruses and malware on a daily basis.
I hope Apple's policy around this is not going to be sweep it under the rug because it could get out of control as Apple market share grows and more effort is dedicated towards hacking the Mac.
As stupid as this story is, it is still something that Apple is gonna have to probably start paying more and more attention to, given the trajectory of Apple market share in the future and the increased effort will be taken towards the Mac platform.
My girlfriend is still on her shitty HP laptop and it is so incredibly painful to watch her worry about viruses and malware on a daily basis.
WTF is your gf doing on a daily basis? Does she do reviews of shady porn sites? Install MSE (it's free) on your gf's computer and tell her not to install programs sent in email from people. Then tell her to stop worrying.
And if she does do reviews of shady porn sites, tell her to use a VM.
This blame the user bullshit has to end. My own girlfriend got a virus (it was hostage-ware to be precise) last year and doesn't visit porn sites, runs up-to-date anti-virus, and keeps Windows up-to-date and patched. She knows better to run random shit sent to her via email. She's very defensive and doesn't even open an email that looks shady. It was probably a drive-by-download, Flash, PDF, or Java, I don't know. Running combofix, anti-spyware scanners, and everything I could find on forums didn't help. She wasn't happy that I had to wipe her HDD.
All it takes is one or two mistakes. Typo in URL, click a link, blindly click past a prompt that you should be reading, and you have malware and you probably didn't even notice it, no matter how smart your girlfriend is.
Ad networks. Or just a reputable site screwing up. People often mention porn sites or incorrect urls, but it's worth repeating that the user doesn't necessarily have to do anything wrong.
Honestly, if you worry about viruses, it's your own fault. Period. Either get a different kind of computer. Don't use a computer. Or don't use the internet. Worrying about an event that isn't likely to happen with reasonable precautions is irrational.
Sure zero-days happen that aren't patched yet, but those are rare. Nuclear meltdowns happen to, but I don't worry about it.
My point wasn't that it was her fault for getting a virus. But rather why is she worrying about it on a daily basis? The only sensible rationale is that she's doing something where the risk is relatively high.
And if it is painful to watch her worry about viruses, you should do something. Either get her to do something less risky -- whether its change OSes, stop using the internet, etc... Or get counseling for her. I've just never heard of someone so worried about it, and further never seen anyone in pain due to the irrational worries of computer viruses in a loved one.
And I know I sound like a jerk for saying all of this, but honestly, I think you'd both be much happier with some relatively simple changes in life.
The real 'shitty' thing about HP, and many other Windows laptops isn't even the malware, it's the @#$@# that the manufactures pre-install on these laptops and desktops that they sell. Three years ago my gf and I ordered HP laptops and had to use a program called Crap Remover to get rid of all the Nortan Antivirus junk, the HP software bundled junk and all the preinstalled crapware junk they put on it. After that it ran fine (as fine as Vista got that is) with MSE.
A positive step for Lion is that they've started actively engaging members of the exploit research community, although details are scarce on what that means or how seriously they'll take their advice.
Proper ASLR and sandboxing Safari by default would help a lot, I think.
This isn't about an exploitable, remote attack vector. This is about giving someone instructions on installing software to hijack their computer and them willingly complying.
Mac Protector (another name for Mac Defender) tried to install on my wive's new MacBook Pro the other day when she went to live.com to get the last of her contacts and some emails. She knew not to provide it with permission to install and panic and disaster was adverted.
Mac Defender does look pretty real though and I could see how the uninformed or people that easily panic would give it permission to install. As one second your on the web then a 'window' pops up saying your infected with Virus and to get the latest downloads ect., and it all looks convincingly real.
I don't regret switching to Mac myself as my Mac runs so much smoother then any Windows PC, plus installation of software is a breeze, my MacBook Pro starts up in 15 seconds and it just works right out the box. There was no crapware pre-installed like my old HP laptop.
Additionally, when I researched looking into purchasing my MacBook Pro I saw that Apple does recommend using Anti-virus software and I do have it installed, with no issues and it doesn't slow my MacBook Pro down a bit.
awesome. even malware has higher usability on mac, than it has on other platforms. and if you pay for the snake oil.. errrr... remedy, the virus is gone. the virus writers are pretty awesome social engineers.
Little Snitch can do this currently, if you're looking. Outbound firewalls are somewhat annoying, though, as you have to authorize every single program at least once, which makes me think that Apple is unlikely to add one that runs by default.
Just wondering, could a trojan somehow control safari (or other approved apps) via a script, and then upload files to the hacker's server, circumventing little snitch and other outgoing firewalls?
The one thing Lion has going for it here is that apps can declare their intention to do certain things and then be prohibited from doing anything else. So, for example, a non networked app can tell the OS it has no interest in using network APIs and will then be sandboxed from them (so if its code is violated it won't be able to suddenly start phoning home). But, of course, this requires effort on developers' parts to support the feature. The key thing is that Apple's own apps are likely to use this feature.
But if you download some random piece of software and then run it and the OS says "are you sure?" and you answer yes then you're boned.
And again, if you already said "yeah" to "run this bizarro app from disreputable source", are you going to say "omfg no" when asked if it can use the network?
It says right in the article that AppleCare doesn't cover what users do to their machines. Microsoft doesn't remove malware that Windows users install either.
This thing is coming from Ed Bott's Microsoft column on ZDNet, where he's been hitting this hard for the second day in a row based on an "investigation" that involved him scouring the Apple discussion forums for a couple of hours. Two hundred clueless posts on a web forum out of a userbase of millions doesn't mean there's a "malware explosion," as he described it. Why are people falling for this flamebait?
"Call 1-866-PCSAFETY or call 1-866-727-2338 to contact security support."
> Two hundred clueless posts on a web forum out of a userbase of millions doesn't mean there's a "malware explosion," as he described it. Why are people falling for this flamebait?
If Apple is issuing special instructions to its support staff about this malware, then clearly this is a pronounced problem.
Not only that but Microsoft has an anti-virus anti-malware application. AND as part of Windows Update they regularly run the malicious program removal tool.
And I suspect MS would ship antivirus built into Windows if they could. Unfortunately, antitrust makes packaging things that make sense a non-starter if other companies sell it.
Oh they absolutely would. Heck, Windows Defender is the same engine as MSE, they just had to limit its functionality to keep from getting sued. They were even threatened by the third-party antivirus companies when they promoted a link to MSE in Microsoft Update.
But hopefully they can take a more proactive course now that the DoJ's oversight is ending:
That works well with browsers because virtually all browsers are free. With antivirus McAfree and Norton will almost certainly complain if they're not included. And I suspect they'd propose they can host their 3-month trial versions. Yada yada yada... it's a lot messier.
Not only that, but Microsoft isn't a direct retailer, they're a wholesaler. If you have a problem with your machine, it's the responsibility of the person who sold it to you to ensure it is fit for purpose, not the upstream provider.
Well, if you buy direct from Microsoft, then yes, they need to help you with their product. The overwhelming majority of microsoft products are bought through other agents, though (I was unaware they even had retail).
Not to mention that Apple is the only company to have started building a defence to the 'clueless user' problem,with the Mac App Store. It's going to become increasingly more difficult for trojan horse authors to convince users to install their non-App Store application, the more that people become accustomed to that being the way to install software on a Mac.
The Mac Defender malware is pretty harmless. It downloads as a zip file, and users must manually click through the entire installer just to get it installed. How many Windows viruses are delivered as a setup.exe where you have to click next about 3 times and enter your admin password just to install it?
As usual anti-mac trolls love to jump on the bandwagon and bash the platform with one of the best security track records running.
Most Windows viruses these days have the exact same attack vector, simply tricking the user into installing them. All we're seeing here is that: (1) Despite the marketing, the Mac is not magically immune to these things any more than Windows is, and (2) now that OS X has obtained a reasonable market share it's finally become worth attacking.
Neither of these things should be surprising to anyone, and hopefully the antimalware situation on OS X will improve before progressively more insidious Mac viruses are released.
By definition a "virus" does not have this "attack vector". A virus spreads with no conscious user intervention. This is a "trojan" -- something the user inflicts on themselves, and neither the Mac nor Windows have any real protection against trojans.
Mac OS X 10.6 has virus detection built into the OS. Only a couple of viruses are detected because, oddly enough, that's all that have been found. Again, "viruses" not "trojans".
Most "anti-virus" software is worse than malware on its own -- it slows down the computer it's used on. Microsoft Windows, out of the box, will shut down your computer without asking you, quitting out of applications on the way. This, again, is exactly the kind of thing malware does.
Well if you want to get pedantic, a "virus" spreads by infecting legitimate executables, a technique that hasn't been viable since the days of "Don't Copy That Floppy". In everyday use, the word "virus" is synonymous with "malware" and almost always refers to a trojan or drive-by.
> and neither the Mac nor Windows have any real protection against trojans.
It is impossible for any operating system to prevent trojans. As long as the person at the keyboard has admin access, no matter how convoluted the process, they can install whatever malicious program they want.
I'm so tired of this strawman. The Mac was never "magically immune" to malware. Just because technically challenged people believe that doesn't make it true, and there is no reason for us to "disprove" it with great fanfare every chance we get.
But aren't Macs billed as computers for "technically challenged" people? If a large portion of them believe they are getting a "magically immune" machine, wouldn't it make sense to try to remind them that this is not actually the case?
> and hopefully the antimalware situation on OS X will improve before progressively
I don't think antimalware is anything I'd ever want to run on a computer I control. Unfortunately, I think we're being pushed into a world where all applications are vetted and purchased through a trusted marketplace, eliminating this vector.
> I don't think antimalware is anything I'd ever want to run on a computer I control.
Why not? I mean this as an honest question.
EDIT: If you're concerned about performance or system resources, try a PC with MSE sometime, I think you'll be pleasantly surprised at how unobtrusive good antimalware can be.
For my purposes, MSE has been a very large resource hog at inopportune moments. I've taken to shutting it down any time I do anything which touches a lot of files or simply consumes a lot of CPU - the speed difference is often easily visible.
This, for a product which hasn't found a single thing on any of my machines. Ever. It's great that they offer it, but it has been worthless for my use.
For viruses alone, I had been running McAfee's business edition (my school provided it). That was generally far less of a resource hog when doing something that needed compute power.
Have you ever ran a windows machine without all this stupid virus/malware software running? It's dramatically faster. Anti-malware/virus software was a stupid road to go down, the proper solution is to have better security on the machine.
I run MSE, I barely notice it speed wise, and haven't had any malware or viruses.
On your comment:
> the proper solution is to have better security on the machine.
Strongly disagree; if you look at this MacDefender issue, there is no flaw in OSX that is causing infection, users are installing it on their own accord. But what anti-malware/virus software can do here is warn or prevent the user from installing this in the first place, as it should detect the virus/malware signature.
This is why you need it even if the underlying OS is secure, to try protect users from themselves.
>I run MSE, I barely notice it speed wise, and haven't had any malware or viruses.
I run several things on both Windows and Mac. The Mac version feels a lot faster. If I shut off all the virus stuff the windows stuff is still slower but not as dramatic. It depends on what the code does, obviously. Any disk or network read/writes take a hit so if you're doing a lot of those it really adds up.
>Strongly disagree; if you look at this MacDefender issue, there is no flaw in OSX that is causing infection, users are installing it on their own accord.
The solution to this is what Apple has already started doing: provide just one place for these kinds of people to get software. Just buy it in the App store. That is the proper approach to "protect users from themselves", not put a 20-30% performance penalty on all Macs.
On the speed front, I'm talking specifically about MSE (that I don't notice it's affect) - I've had bad experiences with Norton grinding my PC down, horrible invasive product that one! Can't comment on Mac v PC speed impact.
I agree with you on the App Store front, think it will help to reduce viruses/malware (I think Windows 8 app store will be a huge win too), but it's unlikely that an app store will be the sole place to get software for some time to come. So until it's impossible to manually install software off the internet, I think we're going to need anti-malware/virus software.
I would leave it as is. After people get viruses from downloading software a few times and are told they should have used the app store they will switch soon enough. Virus software is a horrible patch that enables users to continue bad behavior.
I am totally on board with the fact that there are some programs that do this - Norton's suite of anti-malware programs is basically regarded as malware itself. And it even comes preinstalled on a lot of computers.
But other programs work without a hitch.
Flashblock (or AdBlock/Ad Muncher/NoScript) also slows down my browser, but I can't be annoyed at an infinitesimal allocation of my resources to the extension.
"[Bott] cited an internal document titled "About 'Mac Defender' Malware," which was last updated on May 16 and says that the trojan, which surfaced earlier this month and masquerades as legitimate security software for the OS X platform"
I find it ironic that Bott's fear mongering is leading the naive to download shady anti-virus software that is actually adware. These articles are really just contributing to the problem by misinforming people. Ed Bott is the equivalent of Glen Beck.
I think that it's reasonable if Apple doesn't want to provide support for fixing malware problems on systems that they've sold regardless of how any other company chooses to handle such issues. Also, this issue is obviously independent of OS as the exploited security hole is the users' lack of understanding. That said, the reason that I thought this article was hackernews worthy is because Apple is encouraging employees to knowingly withhold information about malicious software running on users' computers. I personally find that to be an inappropriate approach in almost any situation. What are your thoughts on this aspect of the article?
As the OS gets more popular, Apple will need to add the kind of protective features present in Windows to deal with this sort of problem. Dismissing it isn't gonna work - this kind of malware is the problem these days rather than viruses. As a savvy user, I've never found the need to run antivirus software on Windows, but it would be the height of arrogance for me to scoff at the problems others do have and blame it on their stupidity.
As is the way with these things, Apple will stonewall, but I expect eventually handle the issue. In the mean time some of the congregation will snort in derision and deny there's a problem.
Apple is not going to solve the problem of gullible people typing their credit card info into a scammer's form, any Mac based solution (of which the obvious will be to lock down installation to the Mac App Store) is just going to push scammers back on the web.
No, but they can help solve the problem of gullible people downloading and running installers for known malware.
Honestly, listening to some Mac user responses to this problem, it's like entering a timewarp back to when all the measures implemented on Windows/IE to deal with this stuff hadn't even been thought up.
Possibly a quick fix, until it's addressed, is for folk on OSX to do their web surfing in a Windows VM, using a security-focussed browser designed for non-technical people, such as IE9. ;-)
>Honestly, listening to some Mac user responses to this problem, it's like entering a timewarp back to when all the measures implemented on Windows/IE to deal with this stuff hadn't even been thought up.
That's because many of the measures implemented on windows are fundamentally flawed. Virus/Malware scanners? Really? So we want to turn infecting people's computers into a business?
The MS approach has always been to make money on working around defects. I really, really hope Apple doesn't decide to go down this route.
> The MS approach has always been to make money on working around defects.
Internet Explorer and Windows Defender are both free.
Also, the defect in this instance is allowing users to install software on their PCs and not helping them avoid installing malware. As this story shows, this is a defect that is shared and arguably worse on OSX.
Well, millions or billions have been made on anti-virus software. The overhead to have every file or network operation read by some scanning program is too much. This needs to be avoided at all costs. Especially since there are better ways.
Again, the proper solution for the kind of people who would actually install a virus manually is to simply point them at the App store.
"According to a third article penned by Bott, AppleCare reps are seeing a four- to five-fold increase in the number of calls requesting support for rogue antivirus scams targeting the Mac"
So now a handful of incidents is cause for uproar?
"Porn sites just started popping up on my MacBook Pro," one user wrote. "Is this a virus? I have never had a virus on a Mac before and I have been using Macs for years. Please help!"
I've done malware removal on 5-10 computers a day, 5 days a week for most of that time. So I've seen thousands of malware infections on the average consumer's computer. I've seen more different malware infections than just about anyone outside of an antivirus research lab.
When I first started most of malware came from users downloading files from P2P sites. However, for the last 2 years nearly all the malware I found was installed via a drive-by download that happened without user input.
You can talk all you like about avoiding porn sites and installing AV software, but it's not that simple. The majority of the computers I worked on had current AV programs--they weren't able to prevent the infections. The situation with malware and windows is absolutely terrible, and it doesn't only happen to idiots who stuff their drives with porn.
Macs have security flaws--they aren't perfect, but when compared to the malware ghetto I've dealt with over the years, calling this a mac malware problem an "explosion" is just ridiculous.