[Gomez]

ping

[Wayne07]

The difference in the stories is that most recent is actually reporting on something real, where the others are just FUD. As you allude to in your title, it really is like the boy who cried wolf. This is now something to take seriously, but will people after all the false alarms?

[PGR88]

damn. I just bought an Apple MAC with OS X.

I never believed the apple store’s saleman’s blanket statements about “never having to worry about viruses” but didn’t think it would come this quickly!

[proxy_user]

Yes, but they have to trick you into voluntarily installing the software and typing in your administrative password, don’t they? No one with any knowledge of security would do such a thing.

[Swordmaker]

Are we Mac users quaking in our boots yet? Nope! PING!

The "kit" that the underground group is completing is just a collection of tools that have been around for the last few years... it's nothing new, nothing earth shaking, nothing that is going to make something suddenly magically work that didn't work before. It just collects all the things that have been tried and failed and makes them available in one place for script kiddies to buy and to try again and fail again. At worst, we will see a few MORE Trojan Horse programs for OSX to warn us about... and to prevent them downloading... because this kit has the known families of Trojan horse engines in it. Whoopee-do. The door is closed on those.

Please, No Flame Wars!
Discuss technical issues, software, and hardware.
Don't attack people!
Don't respond to the Anti-Apple Thread Trolls!
PLEASE, IGNORE THEM!!!

Apple Security Scare (YAWN) again Ping!

If you want on or off the Mac Ping List, Freepmail me.

[TheBattman]

There is some truth to this statement - but not the way the author intended:

The "big" part refers to market share - and while one can see that as a significant reason Windows has been the primary focus of malware pushers, the second part - the "juicy"- is the real open door. Malware pushers are like any other criminal - they look for lucrative - and they look for easy targets. Windows, for a variety of reasons I won't waste time rehashing here, has long been filled with countless back doors, faults, and gaping holes. Microsoft has slowly tightened things up - but some of the insecurities are related to factors that are not so easy to just "close" - including legacy support and the open handles that are necessary for Windows to run on any cobbled together hardware one can assemble (one of the good/but bad facts of the more "open" hardware that Windows runs on... to be able to do that requires lots of access and "open doors"). Microsoft has tightened the screws down somewhat - but the evidence is - there are still vulnerabilities that can cause real problems.

Then we turn to the Apple OS (a UNIX implementation). The whole concept - even if a malware writer were to come up with a "working" model - because of the separation and delineation between portions of the Kernel, serious breeches of security and/or operating system are not likely. I didn't say impossible - but it does require a great deal more effort, and a willing user with administrative permissions. There have been a handful of "proof on concept" bugs demonstrated that can affect the Mac OS. Yet how many have actually appeared "in the wild", causing data loss, security breaches, or hardware hijacking? I have yet to find a credible report of such. Why? The installed user base of OS X computers connected to the 'net is in the hundreds of millions. Is that not a large enough target to draw lots of attention, especially if these were "easy targets" as these writers would like to imply? Remember - criminal-types LOVE easy targets. Most crooks will target the unarmed little-old-lady with $20 in her purse over the dude packing a .45 on his waist, but carrying $50. Its about easy targets. I am sure, as Apple's market share continues to increase, that there will be more attempts. A publication I read monthly has a section of stories where crooks try to rip off/attack armed citizens... and the outcome (not so good for the criminal). And I wouldn't even be surprise if some day, some wise-jerk develops a real, and functioning bit of malware that can really hose a Mac. It is technically possible. I figure it is more likely to be someone with a grudge or a name to make than someone who is actually trying to steal data. But whatever -

Kind of like choosing where to live. You can live in a city with a serious drug/high crime problem, or you can choose to live in a city that has very low crime statistics. Maybe the high-crime city is bigger. Maybe it has a few more stores or restaurants. But which one is going to feel (and be, statistically) safer?