Forum Settings
       
Reply To Thread

Flashback trojanFollow

#1 Apr 08 2012 at 10:00 PM Rating: Good
*****
15,512 posts
Maybe if you hipsters installed Xcode instead of Photoshop you wouldn't be infected Smiley: cool

When Linux gets its own trojan, it will finally be the year of Linux on the desktop
#2 Apr 09 2012 at 1:14 AM Rating: Excellent
Avatar
******
29,919 posts
The best part about that was the whole thing about the 250 macs inside Apple headquarters in Cupertino that were infected.

Shoot you macs and buy a real computer!
____________________________
Arch Duke Kaolian Drachensborn, lvl 95 Ranger, Unrest Server
Tech support forum | FAQ (Support) | Mobile Zam: http://m.zam.com (Premium only)
Forum Rules
#3 Apr 09 2012 at 3:47 AM Rating: Decent
Scholar
***
2,496 posts
Dread Lörd Kaolian wrote:
The best part about that was the whole thing about the 250 macs inside Apple headquarters in Cupertino that were infected.


Smiley: lol
#4 Apr 09 2012 at 4:12 AM Rating: Good
Citizen's Arrest!
******
29,527 posts
Dread Lörd Kaolian wrote:
The best part about that was the whole thing about the 250 macs inside Apple headquarters in Cupertino that were infected.
Is there a part in the article or related article that says that? Because I would love to post that on my brother-in-law's Facebook.
#5 Apr 09 2012 at 7:55 AM Rating: Excellent
Avatar
******
29,919 posts
Ok, so technically they might not be inside the headquarters building itseolf, though I remember seeing at least one article that said they were, but now I can't find that one.

http://www.wtsp.com/news/topstories/article/249247/250/Over-600000-Macs-infected-with-Flashback-botnet-patch-released

Dr. Web originally reported Wednesday that 550,000 Macintosh computers were infected by the growing Mac botnet. But later in the day, Dr. Web malware analyst Sorokin Ivan announced on Twitter that the number of Macs infected with Flashback had increased to 600,000, with 274 of those based in Cupertino, Calif.

____________________________
Arch Duke Kaolian Drachensborn, lvl 95 Ranger, Unrest Server
Tech support forum | FAQ (Support) | Mobile Zam: http://m.zam.com (Premium only)
Forum Rules
#6 Apr 09 2012 at 7:59 AM Rating: Good
Muggle@#%^er
******
20,024 posts
I really, really wouldn't be surprised if we saw a class action suit against Apple for this, due to their no-virus marketing. I know people who were convinced that the Mac was immune to malware.
____________________________
IDrownFish wrote:
Anyways, you all are horrible, @#%^ed up people

lolgaxe wrote:
Never underestimate the healing power of a massive dong.
#7 Apr 09 2012 at 8:22 AM Rating: Good
Citizen's Arrest!
******
29,527 posts
idiggory, King of Bards wrote:
I really, really wouldn't be surprised if we saw a class action suit against Apple for this, due to their no-virus marketing. I know people who were convinced that the Mac was immune to malware.
My brother in law mentions that people should switch to Macs every time there's news of another virus. Which is why I find this funny.
#8 Apr 09 2012 at 8:24 AM Rating: Excellent
*******
50,767 posts
I'd switch to a Mac if I wanted an overpriced paperweight.
____________________________
George Carlin wrote:
I think it’s the duty of the comedian to find out where the line is drawn and cross it deliberately.
#9 Apr 09 2012 at 8:30 AM Rating: Good
Muggle@#%^er
******
20,024 posts
lolgaxe wrote:
I'd switch to a Mac if I wanted an overpriced paperweight.

My first laptop was a Vaio. >_< Granted, I got it for a few hundred cheaper than what it marketed for, making it actually a deal, but still. Now I'm using a $500 HP with a Sandy Bridge quad core processor, and it's just hilarious how much of a better deal this was, even accounting for the 4 year advance in technology and production.
____________________________
IDrownFish wrote:
Anyways, you all are horrible, @#%^ed up people

lolgaxe wrote:
Never underestimate the healing power of a massive dong.
#10 Apr 09 2012 at 8:55 AM Rating: Good
*****
15,512 posts
They hard coded an exception for people who have Xcode installed so I'm safe Smiley: cool
Feels pretty good, man
#11 Apr 09 2012 at 12:06 PM Rating: Good
****
5,599 posts
idiggory, King of Bards wrote:
lolgaxe wrote:
I'd switch to a Mac if I wanted an overpriced paperweight.

My first laptop was a Vaio. >_< Granted, I got it for a few hundred cheaper than what it marketed for, making it actually a deal, but still. Now I'm using a $500 HP with a Sandy Bridge quad core processor, and it's just hilarious how much of a better deal this was, even accounting for the 4 year advance in technology and production.


I love how much *** the Sandy Bridge processors kick.
____________________________
idiggory, King of Bards wrote:
I have a racist ****.

Steam: TuxedoFish
battle.net: Fishy #1649
GW2: Fishy.4129
#12 Apr 09 2012 at 3:07 PM Rating: Good
Muggle@#%^er
******
20,024 posts
IDrownFish of the Seven Seas wrote:
idiggory, King of Bards wrote:
lolgaxe wrote:
I'd switch to a Mac if I wanted an overpriced paperweight.

My first laptop was a Vaio. >_< Granted, I got it for a few hundred cheaper than what it marketed for, making it actually a deal, but still. Now I'm using a $500 HP with a Sandy Bridge quad core processor, and it's just hilarious how much of a better deal this was, even accounting for the 4 year advance in technology and production.


I love how much *** the Sandy Bridge processors kick.

They really, really do. It's actually a little bit insane to have this much processing power for such a low budget. Thumbs up to intel for that one.
____________________________
IDrownFish wrote:
Anyways, you all are horrible, @#%^ed up people

lolgaxe wrote:
Never underestimate the healing power of a massive dong.
#13 Apr 09 2012 at 3:42 PM Rating: Good
@#%^
*****
15,953 posts
lolgaxe wrote:
I'd switch to a Mac if I wanted an overpriced paperweight.


Don't forget about the pretty!
____________________________
"I have lost my way
But I hear a tale
About a heaven in Alberta
Where they've got all hell for a basement"

#14 Apr 09 2012 at 5:38 PM Rating: Good
Encyclopedia
******
35,568 posts
Sweetums wrote:
Maybe if you hipsters installed Xcode instead of Photoshop you wouldn't be infected Smiley: cool

When Linux gets its own trojan, it will finally be the year of Linux on the desktop


Any operating system can be affected by a trojan hack. The difference is how much the system itself is affected versus just the user environment and account. Frankly, macs are only slightly better than windows at separating system processes and user processes. Any any system primarily designed/configured for single user desktop use is going to end out being vulnerable to all sorts of things.

I always kinda shake my head at the linux cheerleaders who rave about how much more protected they are from viruses and whatnot with their systems, while installing locally on their PC and using the root account to run everything (cause that way I've got the power!!!).

Edited, Apr 9th 2012 4:40pm by gbaji
____________________________
King Nobby wrote:
More words please
#15 Apr 09 2012 at 7:35 PM Rating: Excellent
*****
15,512 posts
Well, of course any OS can be affected by a trojan. No code (with the exception of TeX, perhaps?) is perfect. I'm just making the dusty year of Linux on the Desktop joke.

Windows and OSX just tend to attract more viruses than Linux since they're pretty mainstream and attract a higher proportion of people who aren't necessarily computer-savvy. Linux has more of a neckbeard audience.

Windows apparently has a decent security model (I really don't know much about security in general and I won't pretend to be any sort of expert) but it's been royally @#%^ed by developers expecting root access, and crufty backwards compatibility doesn't help this mindset change. It's definitely hampered by its history as a single user OS, since OSX (or at least the BSD from which it's derived), Linux and other *nixes were built to be networked and have multiple users from the beginning. Thankfully, they're starting to make user accounts less inconvenient in Windows.

OSX's default admin account seems to be an account with sudo privileges, since the root user is disabled by default. You have to dig around in the preferences for it.

However, this specific trojan didn't actually need admin access; even if you didn't enter your password when prompted it would still infect you.


Edited, Apr 9th 2012 8:50pm by Sweetums
#16 Apr 09 2012 at 9:41 PM Rating: Decent
Sweetums wrote:
Windows apparently has a decent security model (I really don't know much about security in general and I won't pretend to be any sort of expert) but it's been royally @#%^ed by developers expecting root access

...

OSX's default admin account seems to be an account with sudo privileges, since the root user is disabled by default. You have to dig around in the preferences for it.


This is the default security model in Windows 7. Windows 7 users may think of the "Run as Administrator" context menu option a form of sudo for windows. By default, even the local administrator user doesn't have certain OS rights. For example, to use certain command line utilities to update windows configuration settings, you need to find a shortcut to the command prompt (cmd.exe) and run it as administrator so the context of the programs run within it gain those necessary rights.

By and large, the biggest security holes in windows are still dependent on user stupidity. I can't tell you how many users I've seen tricked into actively executing a virus loader through some form of fake antivirus popup (yes, there are ones that manage to defeat modern browser popup blockers) or an email asking them to click a link to "claim a package" that "UPS" is holding for them. As Mac and OSX scoop up a larger portion of the user base, it's inevitable that the mac user space will be deluged with this same stupidity.

I always used to laugh when Apple fanboys boasted about the low numbers of Mac viruses in the wild because all that really meant is that the product failed to grab a large enough portion of the market to be relevant.


Edited, Apr 9th 2012 10:42pm by BrownDuck
#17 Apr 09 2012 at 11:34 PM Rating: Excellent
*****
15,512 posts
Oh, no doubt about it. The main thing protecting those guys is that Windows binaries don't work in OSX.

I never really got viruses in Windows so the whole "zomg security" thing gets pretty tiresome, especially when it feels like you have to restart after every sort of software update which definitely prevents me from bothering a lot of the time. Don't remember doing that so often with Ubuntu and I miss that, but I haven't used it in years so I could be misremembering.

When some random person asked me if Macs ever got viruses after their computer went kaputt (this was seriously bizarre, who does that?), I futzed around with their computer I told them they didn't have a virus, just a dead hard drive. I guess the whole Macs are invincible meme reaches pretty far.



Edited, Apr 10th 2012 12:46am by Sweetums
#18 Apr 10 2012 at 2:54 PM Rating: Good
Encyclopedia
******
35,568 posts
BrownDuck wrote:
Sweetums wrote:
Windows apparently has a decent security model (I really don't know much about security in general and I won't pretend to be any sort of expert) but it's been royally @#%^ed by developers expecting root access

...

OSX's default admin account seems to be an account with sudo privileges, since the root user is disabled by default. You have to dig around in the preferences for it.


This is the default security model in Windows 7. Windows 7 users may think of the "Run as Administrator" context menu option a form of sudo for windows. By default, even the local administrator user doesn't have certain OS rights. For example, to use certain command line utilities to update windows configuration settings, you need to find a shortcut to the command prompt (cmd.exe) and run it as administrator so the context of the programs run within it gain those necessary rights.


Windows still has some security problems though that are inherent to the very design of the OS. The start and end of it is the very concept of a system registry. They've made efforts to modularize it, but because they've had this mechanisms for managing application resources from day one they still have to support something that is similar in design (and thus similarly insecure).

As Sweetums correctly points out, software developers make this worse by writing their code such that it expects to be able to both read and write to various registry files not just on installation, but while running. It's scary the number of software applications out there for which the solution to various problems (automated patching and updating are the biggest culprits) is to run as administrator. Well, if I have to run half the software on the planet as administrator then even with a "run as" option, I'm likely to just log in as administrator in the first place and avoid all those hassles. Almost can't blame users for doing this.

And some (most?) software is written in such a way that you can't just run some components as administrator and the rest as a regular user anyway. Windows security, like all OS security, is predicated on levels of trust between various components of the system. The best way to prevent the part of the OS that's interacting with some outside programs from putting other parts at risk is to not give trust between those two parts. And there are ways of doing this *if* the OS was designed from day one to do it. Windows wasn't (and still isn't). That's why it becomes vulnerable.

Quote:
By and large, the biggest security holes in windows are still dependent on user stupidity. I can't tell you how many users I've seen tricked into actively executing a virus loader through some form of fake antivirus popup (yes, there are ones that manage to defeat modern browser popup blockers) or an email asking them to click a link to "claim a package" that "UPS" is holding for them. As Mac and OSX scoop up a larger portion of the user base, it's inevitable that the mac user space will be deluged with this same stupidity.


Yup. User space is always vulnerable. Doesn't matter which OS you're on. I can write a simple virus to infect a user's unix account in probably about 10 minutes. I could even write it in such a way that it can spread to other users over time and do various nasty stuff. However, the entirety of that nasty stuff is pretty much limited to what that user can do. Which in the unix world is limited to control of his account and files. So while the infected user may be inconvenienced, it's much harder to actually infect the systems themselves. In the Windows world, one user getting infected can result in the system getting infected. And heaven forbid if you've given trust within your domain in a stupid way, because now other systems can be infected.


And honestly don't get me started on (virus) Exchange servers. Whoever at MS thought that shared/compressed data space for all users on a server was a super idea should be strung up by the fingernails. I mean, I get this from a database perspective, but doing this with random stuff people receive in their inboxes? Disaster waiting to happen.

Quote:
I always used to laugh when Apple fanboys boasted about the low numbers of Mac viruses in the wild because all that really meant is that the product failed to grab a large enough portion of the market to be relevant.


I laugh at Apple fanboys in general. They're the epitome of people who buy stuff because they think it makes them look smarter or special. Yeah... No. It doesn't.
____________________________
King Nobby wrote:
More words please
#19 Apr 10 2012 at 2:57 PM Rating: Good
@#%^
*****
15,953 posts
In after Singdall is banned.
____________________________
"I have lost my way
But I hear a tale
About a heaven in Alberta
Where they've got all hell for a basement"

#20 Apr 10 2012 at 6:56 PM Rating: Good
*****
15,512 posts
Iamadam wrote:
In after Singdall is banned.
M$ made the mods do it
#21 Apr 10 2012 at 7:58 PM Rating: Good
Sweetums wrote:
Iamadam wrote:
In after Singdall is banned.
M$ made the mods do it
He was a security hole.
#22 Apr 10 2012 at 8:58 PM Rating: Good
*****
15,512 posts
BrownDuck wrote:
Sweetums wrote:
Iamadam wrote:
In after Singdall is banned.
M$ made the mods do it
He was a security hole.
Only because he was speaking TRUTH TO POWER AND STOPPING FUD IN ITS TRACKS

DOWN WITH MICRO$OFT
Reply To Thread

Colors Smileys Quote OriginalQuote Checked Help

 

Recent Visitors: 120 All times are in CST
Anonymous Guests (120)