HardOCP News
[H] News
- Joined
- Dec 31, 1969
- Messages
- 0
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
More Than 600,000 Macs Infected With Flashback Botnet
- Thread starter HardOCP News
- Start date
AthlonXP
Fully [H]
- Joined
- Oct 14, 2001
- Messages
- 20,588
Security through obscurity is how most mac users live, but if you just keep up with the latest updates you should be fine.
Was this something that could have been avoided by simply having an up to date system? From what it sounds like, they were patching it reactively.
GoodBoy
2[H]4U
- Joined
- Nov 29, 2004
- Messages
- 2,745
oh god oh god oh god oh god oh god oh god oh god oh god !!
fuck
oh wait, I don't have a mac!
bahaaaa!
fuck
oh wait, I don't have a mac!
bahaaaa!
Dark Shade
[H]ard|Gawd
- Joined
- May 2, 2006
- Messages
- 1,872
It isn't [H] without a daily Mac-bashing thread
Congrats guys
Congrats guys
InorganicMatter
[H]F Junkie
- Joined
- Oct 19, 2004
- Messages
- 15,461
Far be it from me to defend Apple, but this wouldn't happen if their users were updating their OS regularly (as they should).
The fact that all Macs have auto updating set to maximum-annoyance-level by default just means all their users were hitting cancel to the prompts.
The fact that all Macs have auto updating set to maximum-annoyance-level by default just means all their users were hitting cancel to the prompts.
txfeinbergs
Limp Gawd
- Joined
- Sep 6, 2004
- Messages
- 308
Many [H] users are also very arrogant, thinking that because they don't use a given companies products, they are more superior than someone who does.
Hardware wise, yea, it's superior. People don't belittle Macs without reason. They're overpriced pieces of tech that hide inferior hardware with sheets of white plastic and charge inflated prices.
I don't necessarily hate OSX, though. It feels and behaves like a dumbed down version of Linux which isn't a bad thing. What I do hate is that you can't do a god damn thing unless you've got Apple's permission.
TechLarry
RIP [H] Brother - June 1, 2022
- Joined
- Aug 9, 2005
- Messages
- 30,481
Wow. Fear much?
Not really, Apple is one of the less reactive vendors concerning security. Like quality issues, they tend to ignore the problem at first.
Remember, they left a remote root exploit (you just had to visit a web page) unpatched for 4 weeks.
Starcrossed
2[H]4U
- Joined
- Sep 27, 2008
- Messages
- 2,160
I've been trying to get a job at the "Genius Bar," forever..
InorganicMatter
[H]F Junkie
- Joined
- Oct 19, 2004
- Messages
- 15,461
I wouldn't call it fear. Lots (most) users here spend positively inordinate quantities of money on their computers, and many feel a need to justify their purchase.
Apple, a company frequently criticized as selling computers that are overpriced, is an easy target for this justification. (E.g.: "Hahaha, you spent $2k on a CRAP computer, looks what my $2k got me!")
The reality is that anyone who spends more than $750 on a non-workstation PC is an idiot, regardless of the brand.
InorganicMatter
[H]F Junkie
- Joined
- Oct 19, 2004
- Messages
- 15,461
I hear the Genius Bar is actually a pretty sweet job, considering the required education/background (or lack thereof) that it requires.
if i were a malware writer i'd target the Mac OS - the users seem to have more money and probably would be less likely to report the problem due to emabarassment and probably unaware that a problem exists thinking that is the way the system is supposed to work. Then just wait until it starts spreading to iOS - LMFAO
Sounds like Java and Flash updates :-P
wonderfield
Supreme [H]ardness
- Joined
- Dec 11, 2011
- Messages
- 7,396
The irony here is delightful.
It isn't [H] without a daily Mac-bashing thread
Congrats guys
YOUR WELCOME!
my take also, malware/virus writers are finally waking up. Anti-virus ant not blindly clicking [OK] FTW!
InorganicMatter
[H]F Junkie
- Joined
- Oct 19, 2004
- Messages
- 15,461
I am fairly certain Apple handles the integration and updating of both of those in Mac OS X. At least I know for sure they do with Java, I think they do with Flash as well.
Yeah, I have to chime in. My father-in-law owns a Mac. When I was first married, he constantly criticized PC's for their "user-unfriendly" OS and being "unreliable pieces of garbage". He called his iMac a "Cadillac" compared to PCs.
What have I done for the past 7 years of marriage? Educate him about how crappy his POS Mac is, and the horrific support the no-brains at the Apple store are. My shortened list:
1. RAM upgrade. Cost him $400 for the Apple store to rip apart his Mac to double the RAM.
2. Crap screen contrast. He can't see very well, and his screen has HORRIBLE contrast.
3. Backup. It formatted his external hard drive without even asking him, to make "Time Machine" backup, losing about 4 years of writing. Luckily a USB flash drive backup saved the day.
4. OS "upgrades". Every single time an upgrade comes out, he upgrades....and it ALWAYS screws his system up needing a full reinstall.
5. Hard drive upgrade fiasco. I don't want to detail this one. Suffice it to say, he has critically sensitive corporate information floating around somewhere at Apple.
6. Lies Lies Lies. I'm sure most folks who work at the Apple store are okay. But his local one spewed crap after crap regarding the speed of his new iMac. "its a hundred times faster than an equivalent PC" "It has the fastest 3D graphics" "You'll never run out of storage" "We've never had hardware problems". What happened afterwards when I grilled the guy was worthy of YouTube fame...too bad I didn't have it recorded.
If the *typical* Mac owner (hardly anyone who is reading this, BTW...) is as gullible as what I gather from what BS the Apple store employees used to sell hardware, I don't pity anyone infected by this.
Of course, saying this, my father-in-law probably has the Flashback Botnet infecting his "invincible" Mac.....and guess what MY job is this weekend?
/end rant
What have I done for the past 7 years of marriage? Educate him about how crappy his POS Mac is, and the horrific support the no-brains at the Apple store are. My shortened list:
1. RAM upgrade. Cost him $400 for the Apple store to rip apart his Mac to double the RAM.
2. Crap screen contrast. He can't see very well, and his screen has HORRIBLE contrast.
3. Backup. It formatted his external hard drive without even asking him, to make "Time Machine" backup, losing about 4 years of writing. Luckily a USB flash drive backup saved the day.
4. OS "upgrades". Every single time an upgrade comes out, he upgrades....and it ALWAYS screws his system up needing a full reinstall.
5. Hard drive upgrade fiasco. I don't want to detail this one. Suffice it to say, he has critically sensitive corporate information floating around somewhere at Apple.
6. Lies Lies Lies. I'm sure most folks who work at the Apple store are okay. But his local one spewed crap after crap regarding the speed of his new iMac. "its a hundred times faster than an equivalent PC" "It has the fastest 3D graphics" "You'll never run out of storage" "We've never had hardware problems". What happened afterwards when I grilled the guy was worthy of YouTube fame...too bad I didn't have it recorded.
If the *typical* Mac owner (hardly anyone who is reading this, BTW...) is as gullible as what I gather from what BS the Apple store employees used to sell hardware, I don't pity anyone infected by this.
Of course, saying this, my father-in-law probably has the Flashback Botnet infecting his "invincible" Mac.....and guess what MY job is this weekend?
/end rant
Riccochet
Fully [H]
- Joined
- Apr 11, 2007
- Messages
- 29,888
Oh I know, like how Linux handles everything using package update manager. I meant on the PC, how most users I know hit Cancel when Flash and Java updater pops up constantly.
![Zarathustra[H]](https://cdn.hardforum.com/data/avatars/m/9/9298.jpg?1707758471){kind=avatar}
Zarathustra[H]
Extremely [H]
- Joined
- Oct 29, 2000
- Messages
- 38,830
The reality is that anyone who spends more than $750 on a non-workstation PC is an idiot, regardless of the brand.
I would argue that even most workstations need nowhere near that level of power.
Most work = MS Office, Outlook and a few web based applications. You don't need an expensive computer for this.
If anything, the place expensive computers are able to give the most reward is in games...
Zarathustra[H]
Extremely [H]
- Joined
- Oct 29, 2000
- Messages
- 38,830
The patch was released on April 3rd. Unclear how long Apple knew about the exploit before that, but essentially, most of the 600,000 computers in this article would have been infected before Apple released the patch, so no, they wouldn't have been able to avoid the issue by patching.
Zarathustra[H]
Extremely [H]
- Joined
- Oct 29, 2000
- Messages
- 38,830
Which isn't a bad thing to do. I run in a limited user account never give admin priveleges to something that pops up. it's ridiculous how easy it would be to write a flash popup that looks and behaves like a flash upgrade or java upgrade popup, but when you give it your admin password, it instead infects you with a botnet.
When I see one of those popups, I always download the updates manually.
Which iMac?
InorganicMatter
[H]F Junkie
- Joined
- Oct 19, 2004
- Messages
- 15,461
Zarathustra[H];1038577770 said:
Well yes, like you said it depends on the use.
I know a film editor who has an Intel i7, and is looking to go to a 2p/4p workstation because he measures rendering time saved in hours/days.
Zarathustra[H]
Extremely [H]
- Joined
- Oct 29, 2000
- Messages
- 38,830
If Apple would simply acknowledge that exploits/trojans/viruses for Mac's do exist, and provide something like Ms Security Essentials with OS X, frequently updated with removal tools for all the latest discovered exploits, something like this would be much less of a deal.
InorganicMatter
[H]F Junkie
- Joined
- Oct 19, 2004
- Messages
- 15,461
It doesn't help the matter that Flash and Java have new "ZOMG SUPER CRITICAL!" updates on a weekly basis.
It's funny, Silverlight and .NET don't have anywhere close to the amount of critical bugs and patch rushes that competitors have...and those platforms have MUCH more potential to access things they shouldn't than Java/Flash.
*nix? I wouldn't go that far Root is a godsend. Remember it wasn't until win7 that Microsoft introduced their "allow permission" feature. Prior to that it was essentially a 'whatever happens happens' attitude to security and computing. Not necessarily a bad thing, mind you. For folks like us who know what we're doing and can fix any issues it's probably easier.
Yes I want to access that registry file. Yes I'm sure. Yes I'm double sure... amagadz just let me get to the damn registry file!
With win8 and Metro the same reasons people degrade the Mac OS approach will be evident in windows too. Oversimplified and walled. They both feel like I'm having my hand held
Root is a godsend. Remember it wasn't until win7 that Microsoft introduced their "allow permission" feature. Prior to that it was essentially a 'whatever happens happens' attitude to security and computing. Not necessarily a bad thing, mind you. For folks like us who know what we're doing and can fix any issues it's probably easier. Yes I want to access that registry file. Yes I'm sure. Yes I'm double sure... amagadz just let me get to the damn registry file!
With win8 and Metro the same reasons people degrade the Mac OS approach will be evident in windows too. Oversimplified and walled. They both feel like I'm having my hand held
Built-in 22" screen, and I think its a 2.5Ghz CPU, 500GB HDD. Model number, I haven't a clue.
The reality is that anyone who spends more than $750 on a non-workstation DESKTOP PC is an idiot, regardless of the brand.
Chances are, if you're buying a laptop computer for less than $750, then you're replacing it or "dealing with it's annoyances" after a year or two. Laptops don't hit their sweet spot until the $1000-1200 range IMO. Then you get a reliable machine that will function for 3 years or more, with no troubles assuming you're buying corporate gear, and not a "gaming laptop".
We only have a few clients with Mac's in their offices, but we haven't seen any cases of this yet. Sounds like the user has to jump through some hoops in order to install it, AND not have an updated system, so the threat itself seems to be blown out of proportion. That being said, I do wish more malware was designed for Mac systems, but the fact is it's easier to get financial information from Mac users through social engineering than it is through malware anyways, and with a <10% footprint, there's no reason to write malware for it even if it is the least secure platform out there.