Jump to content
BlackHatClass

To all you who say macs can't/don't get viruses

Recommended Posts

Read this and please don't be ignorant.

 

http://bits.blogs.nytimes.com/2012/04/06/widespread-computer-virus-indicates-mac-users-no-longer-safe/?hp

 

If you are one of the users that already knew macs are vulnerable pay no attention. I've just seen a few noobs who think they are safe with no anti virus etc.

Share this post


Link to post
Share on other sites

I'm waiting for critical mass: when Apple has convinced enough idiots that they really need a Mac that all the PC virus writers switch. There's going to be SUCH a mess, given that they market almost exclusively to the "shiny things" statistic.

Share this post


Link to post
Share on other sites

The Flashback virus already infects over 1.5% of all Mac OS running computers (600 000+ computers), and the number has been steadily increasing.

Share this post


Link to post
Share on other sites

They just issued the patch. It's been known for a couple months now, but yes. Those who haven't secured their stuff, are retarded.

 

It's going to be a long while before hackers "switch" to macs. Window machines are everywhere and way more affordable. Typically people with macs know a bit more about their stuff. (I didn't say everyone)

 

So for them to switch to macs exclusively, going to have to be a massive change in culture.

Share this post


Link to post
Share on other sites

It was only a matter of time until Mac OS X was going to be targeted by attackers.

 

Both Flashback and Sabpab exploited the same vulnerability within Java on OS X (which has now been patched by Apple, many weeks after Microsoft patched the same flaw on the Windows version of Java). Both Flashback and Sabpab exploited the same flaw.

 

But the floodgates are opening, so those who don't secure their operating system have it in for themselves.

Share this post


Link to post
Share on other sites
Typically people with macs know a bit more about their stuff. (I didn't say everyone)

 

That's an intriguing statement. In my (many) years of IT work in a very wide spread of roles, my experience has been totally the opposite. I've run into maybe 20% of PC users who were too stupid to be allowed to use sharp utensils and about the same percentage of Mac users who were smart enough to walk and chew gum at the same time. The average Mac user was completely stupid about the technology they were using. And I mean *completely*.

Share this post


Link to post
Share on other sites

I always update my system, and any and EVERY OS can get a virus, regardless of what it is. If someone wants to write malicious code for a specific OS, they can and will. It's just as said before, more people use windows so that is the first OS hackers target.

Share this post


Link to post
Share on other sites

I really consider this pretty insignificant (and I am a Mac user) because if you practice safe browsing (don't go too far down Google listings, hover over links, etc) then it is, IMO, pretty unlikely that you'll get infected. I have a great AV, and in the 6 months that I have had it, I have never reached a single malicious/exploit website (It would alert me if I did).

 

You PC fanboys can celebrate, however, if I remember correctly, Oracle is going to take over Java for Mac with SE7, bringing Java updates to the Mac at the same time as Windows, closing that window of opportunity to exploit unpatched Java installations. It's not like Windows doesn't have malware written for it.

 

If I didn't run a website, I would instantly shirk AV, however I really want to make sure my users stay safe and that my site does not end up hacked via password key logging. Terribly unlikely, but I am just paranoid about security (I never use cPanel without SSL, always have multiple AVs running on PCs, scan all of my downloads with an AV, etc).

Share this post


Link to post
Share on other sites

I really consider this pretty insignificant (and I am a Mac user) because if you practice safe browsing (don't go too far down Google listings, hover over links, etc) then it is, IMO, pretty unlikely that you'll get infected. I have a great AV, and in the 6 months that I have had it, I have never reached a single malicious/exploit website (It would alert me if I did).

 

You PC fanboys can celebrate, however, if I remember correctly, Oracle is going to take over Java for Mac with SE7, bringing Java updates to the Mac at the same time as Windows, closing that window of opportunity to exploit unpatched Java installations. It's not like Windows doesn't have malware written for it.

 

If I didn't run a website, I would instantly shirk AV, however I really want to make sure my users stay safe and that my site does not end up hacked via password key logging. Terribly unlikely, but I am just paranoid about security (I never use cPanel without SSL, always have multiple AVs running on PCs, scan all of my downloads with an AV, etc).

The point is, Mac fanboys have slammed Windows for being insecure, even if it's third party applications that are the vulnerability (Such as Java). Now the same vulnerability has been exploited on a Mac, suddenly the tables have been turned.

 

Sure, the risk is pretty low at the moment, but Windows was once a virus/malware free operating system too.

 

The point is, as OS X is becoming more and more popular, it's painting a bigger target on itself for people to bother writing viruses or malware for it.

Share this post


Link to post
Share on other sites

This issue has actually scared me as I've convinced my mother that she should have a MacBook Pro for herself for the reason it's virus free.

 

I remember talking to a Mac expert saying that were just a handful of mac virus (something like 10). That was one of the reasons I started surfing the web on my Mac instead of my Windows tower. It bought it would be more secure especially when I do online banking or paypal.

 

I'm still going to be sticking with my Mac for all of this and I still won't be running any antivirus on it.

Share this post


Link to post
Share on other sites

This issue has actually scared me as I've convinced my mother that she should have a MacBook Pro for herself for the reason it's virus free.

 

No platform is virus-free.

 

I'm still going to be sticking with my Mac for all of this and I still won't be running any antivirus on it.

 

That's just asking for trouble, especially when you can pick up an AV for free. I still remember the first thing the lecturer said in the first security lecture I took in my computer science degree (which he'd paraphrased from someone famous, I believe): "The only secure computer is one that's in a concrete bunker, with no connection to the outside world, no programs installed on it and the power switched off. And even then, I'm not 100% sure." :D

Share this post


Link to post
Share on other sites

Every computer gets a virus no matter what OS they are, you just need to protect yourself from those viruses. There are no such thing as "virus-free" computers. They don't exist, ever. They will get exploited one way or another.

Share this post


Link to post
Share on other sites

The point is, Mac fanboys have slammed Windows for being insecure, even if it's third party applications that are the vulnerability (Such as Java). Now the same vulnerability has been exploited on a Mac, suddenly the tables have been turned.

 

No, Windows has been slammed because of its ACL permissions which allow virus to wreak more havoc than a Mac virus.

 

Example, your default Windows users runs as "root/admin", which in Mac(Unix) or Linux this isn't the case, you have to "su/sudo" to root. Makes a difference when running software, or in this case running viruses.

 

When I used Mac OS X, I never ran Virus software, on my current Linux I dont either, and never caught a virus or been hacked. But on Windows, thats another story.

Share this post


Link to post
Share on other sites

No, Windows has been slammed because of its ACL permissions which allow virus to wreak more havoc than a Mac virus.

 

Example, your default Windows users runs as "root/admin", which in Mac(Unix) or Linux this isn't the case, you have to "su/sudo" to root. Makes a difference when running software, or in this case running viruses.

 

When I used Mac OS X, I never ran Virus software, on my current Linux I dont either, and never caught a virus or been hacked. But on Windows, thats another story.

It's the same Java vulnerability that is being exploited on both. Yes, Windows is more insecure, but the attackers have had much more attempts to exploit Windows than they have with OS X. Wasn't there a vulnerability in OS X that gave an attacker root access, bypassing the root password?

Edited by CHiLL

Share this post


Link to post
Share on other sites

It's the same Java vulnerability that is being exploited on both. Yes, Windows is more insecure, but the attackers have had much more attempts to exploit Windows than they have with OS X. Wasn't there a vulnerability in OS X that gave an attacker root access, bypassing the root password?

Mac OS X is Unix based, all Unix/BSD/Linux based operating systems are potentially vulnerable to rootkits. I'm not sure what you are referring to, but that's what it sounds like, which has always been possible.

 

But you're more likely to suffer from a buffer overflow hack than an actual rootkit, since with a rootkit you would have needed to gain access to the system, and get the script to run with proper permissions, and Apple does a good job of securing the Darwin kernel and underlying software

Edited by redinit

Share this post


Link to post
Share on other sites

Mac OS X is Unix based, all Unix/BSD/Linux based operating systems are potentially vulnerable to rootkits. I'm not sure what you are referring to, but that's what it sounds like, which has always been possible.

 

But you're more likely to suffer from a buffer overflow hack than an actual rootkit, since with a rootkit you would have needed to gain access to the system, and get the script to run with proper permissions, and Apple does a good job of securing the Darwin kernel and underlying software

Yeah.

 

I'm not saying that Windows is more secure, or anything like that, as that would be ludicrous. However, Mac fanboys have always gloated over the fact that they don't get viruses or malware. However the tide is changing.

Share this post


Link to post
Share on other sites

Yeah.

 

I'm not saying that Windows is more secure, or anything like that, as that would be ludicrous. However, Mac fanboys have always gloated over the fact that they don't get viruses or malware. However the tide is changing.

Hipsters are the new fanboys.

 

I do prefer Unix based OS over Windows, but I've never been one to force it on people, because at the end of the day an OS is just a tool we use, and most people don't even know the difference.

 

 

Me: (Using Ubuntu w/ Compiz)

Friend: whats that

Me: Linux

Friend: Does it get internet?

True story

Share this post


Link to post
Share on other sites

I do prefer Unix based OS over Windows, but I've never been one to force it on people, because at the end of the day an OS is just a tool we use, and most people don't even know the difference.

 

At the end of the day, the OS doesn't even matter unless you happen to be a major service provider, host or massive target for abuse (*cough* Sony *cough*). For home users, it's just something people can be fanboys about - if it wasn't virus protection in an OS, it'd be user privileges or window controls or WoW/Guildwars or the default wallpaper or ... :)

 

True story

 

Excellent. Reminds me of all those "I bought you the Internet" stories with the old AOL free-hours-of-access CDs.

Share this post


Link to post
Share on other sites

It's a well-known fact in the hacker community that a lot of viruses and malicious software do exist for MAC's, and it was just a matter of time before ways to execute these softwares and viruses on regular people who thought it was impossible was found. If you bought a MAC thinking you'd be safe from viruses, I'm sorry to say, but you was very mistaken.

Share this post


Link to post
Share on other sites

It's a well-known fact in the hacker community that a lot of viruses and malicious software do exist for MAC's, and it was just a matter of time before ways to execute these softwares and viruses on regular people who thought it was impossible was found. If you bought a MAC thinking you'd be safe from viruses, I'm sorry to say, but you was very mistaken.

I still feel much safer on a Mac than I will ever on Windows. I never run antivirus or anything like that on it. But on Windows I have several

Share this post


Link to post
Share on other sites

Even though Mac's can get viruses Apple does a great job at patching them. No matter what the OS is the system will be venerable. I don't really believe in AV's because if the operator is smart enough they wouldn't need one.

Share this post


Link to post
Share on other sites

Even though Mac's can get viruses Apple does a great job at patching them. No matter what the OS is the system will be venerable. I don't really believe in AV's because if the operator is smart enough they wouldn't need one.

 

What's your IP? :D

 

That's a very, very naïve approach. Haven't you ever heard that "there's always someone smarter than you"? Unfortunately, this is especially true in the IT world, so you're just inviting trouble if you don't run an AV utility. Malware does not only propagate through user stupidity - it propagates through multiple avenues, any one of which means you could be the next easy target.

 

Get an AV. It doesn't matter what OS you run... get an AV. There are plenty of good, free ones around and not having one is like driving everywhere without a seatbelt: no, it's not likely you'll have an accident... but the day you do, you're dead.

Share this post


Link to post
Share on other sites

What's your IP? :D

 

That's a very, very naïve approach. Haven't you ever heard that "there's always someone smarter than you"? Unfortunately, this is especially true in the IT world, so you're just inviting trouble if you don't run an AV utility. Malware does not only propagate through user stupidity - it propagates through multiple avenues, any one of which means you could be the next easy target.

 

Get an AV. It doesn't matter what OS you run... get an AV. There are plenty of good, free ones around and not having one is like driving everywhere without a seatbelt: no, it's not likely you'll have an accident... but the day you do, you're dead.

 

I'd rather not get ddos'd lol so I'm not giving you my ip :P

Honestly I think a user that knows something about malware would be able to detect it and find it through processes and the registry. It's really not hard to spot malware, but I'm speaking from Windows based OS's. Macs are different.

Share this post


Link to post
Share on other sites

Even though Mac's can get viruses Apple does a great job at patching them. No matter what the OS is the system will be venerable. I don't really believe in AV's because if the operator is smart enough they wouldn't need one.

It took Apple weeks to publish the same Java patch that Flashback exploited, compared to the days on the Windows platform, so that isn't a point I'm buying.

Share this post


Link to post
Share on other sites

It took Apple weeks to publish the same Java patch that Flashback exploited, compared to the days on the Windows platform, so that isn't a point I'm buying.

 

But then you have to think of all the exploits and viruses there are for windows. It's common sense not to download random things off the internet, especially when you don't know who had them or could of binded something to them before hand. It's all operator error.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


×
×
  • Create New...