[PCWorld]

Post your comments for Flashback Still Plagues Macs here

[jbelkin]

Has anyone independently verified any of these numbers other than a PRESS RELEASE from comapnies selling security services. So far, the actual number of people who have seen this virus/malware - ZERO. Press releases - 20. actual macs infected - zero?

[imaginarynumber]

jbelkin, on 22 April 2012 - 10:20 AM, said:

Has anyone independently verified any of these numbers other than a PRESS RELEASE from comapnies selling security services. So far, the actual number of people who have seen this virus/malware - ZERO. Press releases - 20. actual macs infected - zero?

So who would you believe?

Surely Apple attempting to provide a "fix", albeit it in a rather tardy manner, implies that there is an issue?

[deepsand]

jbelkin, on 22 April 2012 - 10:20 AM, said:

Has anyone independently verified any of these numbers other than a PRESS RELEASE from comapnies selling security services. So far, the actual number of people who have seen this virus/malware - ZERO. Press releases - 20. actual macs infected - zero?

Proof, please.

[nonseq]

imaginarynumber, on 22 April 2012 - 11:14 AM, said:

jbelkin, on 22 April 2012 - 10:20 AM, said:

Has anyone independently verified any of these numbers other than a PRESS RELEASE from comapnies selling security services. So far, the actual number of people who have seen this virus/malware - ZERO. Press releases - 20. actual macs infected - zero?

So who would you believe?

Surely Apple attempting to provide a "fix", albeit it in a rather tardy manner, implies that there is an issue?

Is Apple really "tardy?" How long did it take Oracle to provide a fix to Java?

[RickDobbelmannqbtt]

OPEN SOURCE > CLOSED SOURCE

Issue would be a non-issue if Apple would open their source. That is unless they do not want to expose all of their other holes they have not discouvered or have no idea how to fix.

After all what is OSX? OSX is a set of CLOSED SOURCE apps a gui stacked on top of a 100% free operating system called Darwin.

Darwin is an open source POSIX-compliant computer operating system released by Apple Inc. in 2000

Darwin forms the core set of components upon which Mac OS X and iOS are based and is licensed as public source

Where ALL developers come in to security problems is when they close their source on their own code. Which in a business model makes sense but as a security model doesn't. Flashback is the direct result of the closed source apps stacked on top of darwin.

Security through obscurity doesn't work.

I agree with most of you OSX is far superior to Windows with security. But OSX also relies on security through Security through obscurity for its set of apps and gui and other parts of the stack.

This post has been edited by RickDobbelmannqbtt: 22 April 2012 - 01:42 PM

[deepsand]

RickDobbelmannqbtt, on 22 April 2012 - 01:21 PM, said:

Issue would be a non-issue if Apple would open their source.

Dream on. Linux had a vulnerability go undetected for 8 years. The only reason that no harm ensued is because the installed base is too small to be worth the effort to attack.

Open source aficionados are neither omniscient, omnipresent, nor omnipotent.

Why do you open source zealots always have to take discussions of a specific issue off-topic

This post has been edited by deepsand: 22 April 2012 - 02:20 PM

[nonseq]

deepsand, on 22 April 2012 - 02:18 PM, said:

RickDobbelmannqbtt, on 22 April 2012 - 01:21 PM, said:

Issue would be a non-issue if Apple would open their source.

Dream on. Linux had a vulnerability go undetected for 8 years. The only reason that no harm ensued is because the installed base is too small to be worth the effort to attack.

Open source aficionados are neither omniscient, omnipresent, nor omnipotent.

Why do you open source zealots always have to take discussions of a specific issue off-topic

And this is one claim made over and over again that has never been substantiated. Do we have to take the claimant's word? What, if any are his/her credentials beyond arrogance and pontification?

Rick, from here on in, don't just make claims about Open Source. Prove them. And not with empty jingoism and rantings of a zealot.

This post has been edited by nonseq: 22 April 2012 - 02:50 PM

[imaginarynumber]

nonseq, on 22 April 2012 - 01:02 PM, said:

imaginarynumber, on 22 April 2012 - 11:14 AM, said:

jbelkin, on 22 April 2012 - 10:20 AM, said:

Has anyone independently verified any of these numbers other than a PRESS RELEASE from comapnies selling security services. So far, the actual number of people who have seen this virus/malware - ZERO. Press releases - 20. actual macs infected - zero?

So who would you believe?

Surely Apple attempting to provide a "fix", albeit it in a rather tardy manner, implies that there is an issue?

Is Apple really "tardy?" How long did it take Oracle to provide a fix to Java?

Granted a "potential vulnerability" was reported to Oracle in July 2011. Oracle released a fix for it and 13 other flaws in mid February, Apple waited another 2 months before releasing their "fix". That strikes me as being tardy.

Even if Oracle had provided the fix quicker it is likely that Mac owners would still have been infected in the same numbers. The suggestion is that malware writers reverse engineer windows fixes safe in the knowledge that Apple will be slow to provide their own patches.

[nonseq]

imaginarynumber, on 22 April 2012 - 02:59 PM, said:

nonseq, on 22 April 2012 - 01:02 PM, said:

imaginarynumber, on 22 April 2012 - 11:14 AM, said:

jbelkin, on 22 April 2012 - 10:20 AM, said:

Has anyone independently verified any of these numbers other than a PRESS RELEASE from comapnies selling security services. So far, the actual number of people who have seen this virus/malware - ZERO. Press releases - 20. actual macs infected - zero?

So who would you believe?

Surely Apple attempting to provide a "fix", albeit it in a rather tardy manner, implies that there is an issue?

Is Apple really "tardy?" How long did it take Oracle to provide a fix to Java?

Granted a "potential vulnerability" was reported to Oracle in July 2011. Oracle released a fix for it and 13 other flaws in mid February, Apple waited another 2 months before releasing their "fix". That strikes me as being tardy.

Even if Oracle had provided the fix quicker it is likely that Mac owners would still have been infected in the same numbers. The suggestion is that malware writers reverse engineer windows fixes safe in the knowledge that Apple will be slow to provide their own patches.

Had Oracle released earlier would Apple have taken as long to do their work? Probably. With a few exceptions, Apple has not rushed out fixes that may or may not have been complete or secure. At least that's my take. So, Oracle took 6 months to address the issue and barely an eyebrow is lifted. Apple, which is not responsible for Java, implemented their fix deliberately.

I have serious questions about the accuracy and veracity of Dr. Web's findings. It seems to be a play to gain public attention as well as acknowledgement from Apple. I think that given more scrutiny Kapersky Labs is far more accurate in their evaluation. But I'm not an expert so your or anyone else's opinion is just as valid as my own.

Again, I don't think that Apple is slow as much as deliberate. But that's just me.

[kbconsulting]

[/quote]

So who would you believe?

Surely Apple attempting to provide a "fix", albeit it in a rather tardy manner, implies that there is an issue?
[/quote]

I don't think any of this is real, I have talked to about 100 Mac users and not a single one has it, but many have put on security software that is useless as they read about threats. And if they can "sinkhole" the servers they could simply issue comp ands for the "infected" machines to self remove it, but that would not make them any money or provide the fear that they feed off.

[deepsand]

kbconsulting, on 22 April 2012 - 03:32 PM, said:

Quote

So who would you believe?

Surely Apple attempting to provide a "fix", albeit it in a rather tardy manner, implies that there is an issue?

I don't think any of this is real, I have talked to about 100 Mac users and not a single one has it, but many have put on security software that is useless as they read about threats.

As for the 100 users cited, how many of them have the specific Java app/version in question installed on a vulnerable OS? Of those that meet both necessary conditions, how many of them scanned their machines for said malware?

And, how would they know that the security software they installed is useless?

kbconsulting, on 22 April 2012 - 03:32 PM, said:

And if they can "sinkhole" the servers they could simply issue comp ands for the "infected" machines to self remove it, but that would not make them any money or provide the fear that they feed off.

Why on earth would the creator of a piece of malware include in it its own uninstaller?

Sounds like another who believes that there is a conspiracy amongst the providers of security information and products to deliberately create a need and demand for their services.

This post has been edited by deepsand: 22 April 2012 - 03:50 PM

[zeth006]

kbconsulting, on 22 April 2012 - 03:32 PM, said:

I don't think any of this is real, I have talked to about 100 Mac users and not a single one has it, but many have put on security software that is useless as they read about threats. And if they can "sinkhole" the servers they could simply issue comp ands for the "infected" machines to self remove it, but that would not make them any money or provide the fear that they feed off.

So you actually went out and interviewed all 100 of them and verified what security software they were running?


What if I told you I interviewed 1,000 Mac owners who all reportedly were hit by Flashback? Should everyone believe me?

[deepsand]

Your 1000 beats kbconsulting's 100.

You win.

[imaginarynumber]

kbconsulting, on 22 April 2012 - 03:32 PM, said:

I don't think any of this is real, I have talked to about 100 Mac users and not a single one has it, but many have put on security software that is useless as they read about threats. And if they can "sinkhole" the servers they could simply issue comp ands for the "infected" machines to self remove it, but that would not make them any money or provide the fear that they feed off.

I should imagine that any white hat attempts to send commands would be illegal.

when you refer to the panic installing of AV software are you suggesting that it is useless because Macs can't be infected?

I understand your cynicism regarding AV firms reporting exploits but the reports are being confirmed by respected and established firms, firms who understand the risks of crying wolf.