I'm glad to see that this is getting some attention, I mean Mac desktops are ridiculously overpriced so maybe this and other future more destructive mac-specific malware will help people realize their emotional/impulse-driven purchasing mistakes.
Over Half a Million Macs Infected With Malware - Page 3
Forum Index > General Forum |
EngrishTeacher
Canada1109 Posts
I'm glad to see that this is getting some attention, I mean Mac desktops are ridiculously overpriced so maybe this and other future more destructive mac-specific malware will help people realize their emotional/impulse-driven purchasing mistakes. | ||
WniO
United States2706 Posts
| ||
Whitewing
United States7483 Posts
On April 07 2012 09:57 WniO wrote: how many pcs percentage wise get infected by malware vs macs? to me this seems like a really small amount. Because there are more pcs, malware developers would rather target pcs. If you work on writing a virus, you want to get the most effect for your effort, so targeting pcs is more effective. | ||
schimmetje
Netherlands1104 Posts
The reason this is happening now is of course partially because of the popularity of Macs, but also because this kind of activity has just picked up immensely across the board. Everyone's clamoring about cyberwar, but the much bigger problem for quite a while has been cybercrime. But governments don't really get tech yet and still think they can just legislate things secure, whereas the companies who should be helping us are way more interested in acquiring shiny big new budgets. So, while I must admit some glee about seeing this kind of thing hit the news so all those "I don't need AV I have a Mac people" need to reconsider things, it's really a big problem and not just limited to a specific OS. Java's platform independentness is of course a catalyst here as well, but you can't just put it at it's feet. The whole plugin based browser extension thing has always been a problem. Just look at the security nightmare ActiveX made Internet Explorer and Outlook, or at the problems Adobe has been having keeping things sealed for years. And it's not limited to the browser either. Bugs in the handling of Office documents, video files, flaws in PDFs and Flash.. it's sad but the more userfriendly direct interaction with the web becomes, the harder it becomes to keep your system clean. So yeah, you should probably not have Java on your box if you're not using it. But that goes for a LOT of other stuff too. And you need to update and periodically check up your system, regardless of your OS. Hygiene people, it's not just about the occassional shower. Though I guess taking your machine into the shower'd fix the problem too. The real problem of course is, how many regular users are going to do that? So I guess that's probably the biggest plus of stories like this, misleading as they are really, they bring attention to the problem. But even then, we've got a pretty long road ahead. | ||
TheToast
United States4808 Posts
On April 07 2012 09:57 WniO wrote: how many pcs percentage wise get infected by malware vs macs? to me this seems like a really small amount. That's a good question, I don't know. However I'm not sure that they can be compared apples to oranges (no pun intended). A very high percentage of the world's PCs infected with malware are actually using illegal versions of Windows, that for years Microsoft has refused to provide updates for causing them to be filled with security holes. Many of them are in Asian or Eastern Europe, and there are a lot of them out there. Microsoft has finally started to reverse their policy for providing updates to illegal Windows installs though, so I'd guess that the percentage of infected PCs is dropping. 550,000 is a hell of a lot of Macs given their smaller market share, and that's just from this one piece of Malware, There could be others that haven't gotten any attention yet. -edit: @schimmetje yeah, pretty much spot on | ||
Heouf
Netherlands787 Posts
| ||
DannyJ
United States5110 Posts
On April 07 2012 09:49 Triscuit wrote: Yeah, it's not the $100 billion cash they have in the bank telling them they're successful, it's that a trojan has surfaced on their platform. A small part of that cash comes from their Macs. | ||
Labbetuss
Norway568 Posts
| ||
No_Roo
United States905 Posts
On April 07 2012 10:15 Heouf wrote: Well that is not much. So why is this even news??? There are hunderd of millions of people who own a mac. So it is probably not even 0,00000000000000000000000000001% So the article says most of the 550k infected machines are in the US or Canada, so in that sample pool of 310mil +35mil If 100% of people in the US and canada used macs, that would be more like 1.5%, but in reality apple has somewhere around 5-10% of the market share, and over half of that population (which includes children and the elderly) either do not have private internet access or own a computer at all. that 550k could potentially represent 15-30% of all macs in use over the last few months. That's actually an incredibly high amount for a single peice of malware. | ||
schimmetje
Netherlands1104 Posts
On April 07 2012 10:15 Heouf wrote: Well that is not much. So why is this even news??? There are hunderd of millions of people who own a mac. So it is probably not even 0,00000000000000000000000000001% It's *1* piece of malware. It's not "only this many Macs have been hacked". The story is misleading. | ||
ibutoss
Australia341 Posts
On April 07 2012 04:45 TheToast wrote: Not the right approach to dealing with malware that could steal personal information. Even if it's risking breaking apps, you take the risk and release critical security updates like that ASAP. According to you. Apple has more then 500,000 customers to look after and if they pushed out a buggy security update that broke millions of peoples macs for 500,000.. that wouldn't make sense right? | ||
YouMake
United States262 Posts
| ||
BlackJack
United States9272 Posts
On April 07 2012 10:15 Heouf wrote: Well that is not much. So why is this even news??? There are hunderd of millions of people who own a mac. So it is probably not even 0,00000000000000000000000000001% Math fail. It's actually .0000000000000000000000000000000000000000000000000000000000001% | ||
CrazyF1r3f0x
United States2120 Posts
On April 07 2012 09:49 Triscuit wrote: Yeah, it's not the $100 billion cash they have in the bank telling them they're successful, it's that a trojan has surfaced on their platform. To be fair, most of that money is most likely from their mobile/iPods, and not from their MACs. | ||
schimmetje
Netherlands1104 Posts
On April 07 2012 10:29 CrazyF1r3f0x wrote: To be fair, most of that money is most likely from their mobile/iPods, and not from their MACs. Most of it is yeah. But those are connected to the net as well these days. Those unattended iPhone jailbreaks and such? They use security vulnerabilities in the software to get those to work. | ||
Praetorial
United States4241 Posts
Now they receive justice for paying for overpriced and inefficient products! | ||
TheToast
United States4808 Posts
On April 07 2012 10:23 No_Roo wrote: So the article says most of the 550k infected machines are in the US or Canada, so in that sample pool of 310mil +35mil If 100% of people in the US and canada used macs, that would be more like 1.5%, but in reality apple has somewhere around 5-10% of the market share, and over half of that population (which includes children and the elderly) either do not have private internet access or own a computer at all. that 550k could potentially represent 15-30% of all macs in use over the last few months. That's actually an incredibly high amount for a single peice of malware. Well the US Census bureau's statistics seem to focus more on individuals with access to PCs and the internet and not specifically numbers of computers. So it's hard to make any determinations. But apparently 230,387,000 people in the US report to have access to a computer somewhere (home, work school). Considering that most people have more than one computer, 300 million seems like a fair though very rough estimate. source: http://www.census.gov/hhes/computer/publications/2007.html What we do know for certain is that 55% of these infections are from the US according to this security company. So that's 302,500 infected Macs in the US. Wikipedia puts the market share of OS X installed devices at 14%. If there are 300 million computers, that's 42 million OS X devices which is an infection rate of around one percent. Of course I'm essentially making an educated guess here. And that's just from this one piece of malware, I'd be willing to bet that there are far more that haven't caught anyone's attention yet. And as I said before, I think the real issue here is how poorly Apple handled the situation. On April 07 2012 10:24 ibutoss wrote: According to you. Apple has more then 500,000 customers to look after and if they pushed out a buggy security update that broke millions of peoples macs for 500,000.. that wouldn't make sense right? Well no, but neither does waiting 8 weeks to push out a critical security update. Besides, I'm sure Oracle does thoroughly test their patches before they release them so it shouldn't take this long. Waiting eight weeks when you know there is a critical security flaw in the software and already have the fix for it, that's pretty irresponsible. | ||
ibutoss
Australia341 Posts
On April 07 2012 10:48 TheToast wrote: Well no, but neither does waiting 8 weeks to push out a critical security update. Besides, I'm sure Oracle does thoroughly test their patches before they release them so it shouldn't take this long. Waiting eight weeks when you know there is a critical security flaw in the software and already have the fix for it, that's pretty irresponsible. That is true however without knowing apple's procedures I don't think you can call it irresponsible. In theory yes, they should push it out as soon as possible. However I'm sure they have very strict security update processes that must be followed in order to ensure all of the updates have been thoroughly tested on a range of mac's etc. For all we know 8 weeks could be apple's cycle time from last code commit to production release. This all comes back to what customers expect from apple, quality. Should they improve this turn around time? absolutely but not if it means sacrificing good software engineering principles. | ||
TheToast
United States4808 Posts
On April 07 2012 10:55 ibutoss wrote: That is true however without knowing apple's procedures I don't think you can call it irresponsible. In theory yes, they should push it out as soon as possible. However I'm sure they have very strict security update processes that must be followed in order to ensure all of the updates have been thoroughly tested on a range of mac's etc. For all we know 8 weeks could be apple's cycle time from last code commit to production release. This all comes back to what customers expect from apple, quality. Should they improve this turn around time? absolutely but not if it means sacrificing good software engineering principles. I bet they don't have strict procedures in place. At least that's what I assume based on what I know of their app vetting process. Someone I know who develops apps for a major company tells me quite often when they submit their apps for publishing the files aren't even opened--no one even looks at them. I can't tell you who this is or for what company because, get this, it's against Apples TOS to talk about the vetting process for apps. They've had a number of embarrassments over the years to with apps clearly violating their TOS or installing malware getting posted to the app store. So no, I don't have much confidence in them. | ||
schimmetje
Netherlands1104 Posts
On April 07 2012 10:55 ibutoss wrote: That is true however without knowing apple's procedures I don't think you can call it irresponsible. In theory yes, they should push it out as soon as possible. However I'm sure they have very strict security update processes that must be followed in order to ensure all of the updates have been thoroughly tested on a range of mac's etc. For all we know 8 weeks could be apple's cycle time from last code commit to production release. This all comes back to what customers expect from apple, quality. Should they improve this turn around time? absolutely but not if it means sacrificing good software engineering principles. Well, Oracle does take their sweet time with patches as well (usually releasing big batches of em 2-3 times a year), but they do claim 3 billion Java installs. Pretty safe to assume they'll test a bit at least. In Apple's defense, this response was actually kind of quick, usually they lag about 6 months behind Oracle, but this was an urgent issue. Because it's an urgent issue 8 weeks is still kind of too long though, the exploit for this has been out for.. something like a month I think. I don't really understand why they need to roll their own besides being control freaky however, I don't think Java even comes bundled with their latest OS anymore. | ||
| ||