Korean Job Discussion Forums

[Swampfox10mm]

http://www.zdnet.com/blog/bott/apple-continues-to-tell-support-reps-do-not-help-with-mac-malware/3375

This is nice. So macs have now been hit with malware, and the problem is so large it's been the root of nearly 50% of calls to Applecare per day. Unfortunately, Apple is more concerned about its reputation than helping customers.

A quote from the article:

[Chokse]

This is classified as a trojan horse and not a virus. There have always been trojan horses that can affect the Mac, even as far back as 15-20 years ago.

However, this is very different from a virus. A virus runs by itself, with no user help. For example, a hacker can put the virus into your system, or an email, when opened, can automatically launch the virus.

A trojan horse, on the other hand, mimics an application and requires the user to install it.

So, here's the difference: On Windows, you open the wrong email message and boom, you've got a virus. Or, as we saw recently in Korea, hackers (like North Korea) can hack into Windows systems and install programs that will allow control of the computer (Nonghyup Bank fiasco).

On Mac, you have to go to a site, download a trojan horse, choose to install it, and then put in your User ID and password for it to install.

Does it surprise you that Apple is not going to help people who have done this? Good for Apple. They shouldn't help anyone who is dumb enough to install something like this. Legitimate paid and free software is listed on many sites (Version Tracker, Mac Update, etc.). There is no excuse for someone who is dumb enough to just click on a random link and install whatever might happen to download.

Using a computer requires a certain amount of due diligence. On a PC, that means constantly running virus protection software. On a Mac, it means checking out an Application at places like Version Tracker or Mac Update before installing it willy-nilly.

Windows users who go without virus protection software and Mac users who download and install things without checking them out first, deserve to lose their files and deserve to deal with reinstalling everything.

And neither Microsoft nor Apple should help these people out. They made their bed; they can sleep in it.

[eamo]

^ wow...harsh....although I agree to a certain extent. In that, I, as a Windows user, never get viruses. Because I'm savvy and aware of how to get/avoid viruses. But a big portion of Windows users are non-techie people who will click on anything they are asked to. So giving Windows a bad name for viruses.

The only reason there aren't more viruses for Mac is because OSX is a very unpopular operating system. Less than 8% of the market. If there was money in it, there would be more Mac viruses like this one........although, this attack on Mac is useful to show that Mac OSX isn't in any way superior technically as an OS to resist malware if the user is not aware.

[Chokse]

Again, it is not a virus, so let's stop referring to it as such. It is a trojan horse. There's a huge difference between the two, especially in how difficult it is to make a virus and how easy it is to make a trojan horse.

And, if we are going to make this an argument about security, then let's be clear that Windows has viruses, trojan horses, and adware. Mac has trojan horses. So, Windows 3, Mac 1. You win.

Before you fly off the handle, I was trying to make a point using humor. Anyone who can make a program/application can make a trojan horse. It's not difficult since it must be executed by the user. Viruses are far more difficult to make since they can execute themselves, without the user's choice.

We've seen several attacks over the last several years in which computers were taken over and turned into "zombie" computers. That happens only on Windows.

And I know what you'll say next. You'll go to the argument that there aren't enough Macs for malware makers to target them. If that were true, there would be no trojan horses for the Mac either. There are, and it's because it is easy to do. The user does all the work for you.

Mac is built on Unix, which is also what the US military and the US government use for their secure computers. While not impossible, it is far more difficult to create a "true" virus for a Unix system.

And, think about all the Windows guys like you that hate Macs and Mac users so much. There must be millions out there. You'd think at least one of them would hate Mac so much that they'd create a virus for it "just to teach Mac users a lesson". Hasn't happened yet and a big reason is Unix. The trojan horses are nothing serious and have affected Macs long before OSX.

In the end, if someone screws up their computer, be it Mac or Windows, by downloading something without checking it out first, that is on them and that person should suffer any and all consequences that come with that action... and learn a lesson from it. Ignorance is not an excuse. If someone is going to buy and use a computer, that person should know at least the basics.

To make my point. You shouldn't buy a car if you are not aware that things like oil, coolant, filters, and tires need replacing every so often. If you are ignorant of this or don't bother to learn about it, then no one should feel sorry when your engine stops running.

Now, I do feel a certain amount of sympathy toward people who do encounter a real virus (one that takes control of your computer without your doing). Sometimes, this even happens when someone is running anti-virus software, and then I truly feel sorry for the person. They weren't really at fault.

But, when someone works on Windows with no anti-virus software and downloads from suspect sites, I don't feel much sympathy when that person gets a virus.

[cadurling]

[Chokse]

I agree. Users need to take the blame when they are at fault. My wife downloads so much crap onto her PC, and sure enough, every few months she gets a virus, and each time she is surprised it happened. And, even though I tell her to be more careful, she still continues to download stuff she shouldn't or open email from anyone who sends her something.

No matter what OS you may be running, if you simply use a bit of care, it is very difficult to get a virus, trojan horse, etc.

[Swampfox10mm]

I don't understand why Chokse felt he had to provide us with a definition of a virus when the original post referred to it as malware (which a trojan horse is). Are we attempting to change the argument, Chokse?

Why must anyone who posts anything perceived as negative against Apple be called a hater? We happen to own Apple products in our house.

Bringing Windows into this argument is a cop-out. We're talking Mac's, and they aren't supposed to get these kinds of infections. That makes this article very newsworthy.

I guarantee you that if you call Microsoft support and are having these kinds of problems, one of the first thing's they'll ask is if you have antivirus software. The Apple associated employees were specifically ordered not to do so (as doing so would be admitting to something that could damage Apple's reputation).

Despite owning Apple products, what makes this story so interesting is the level of hubris in the Apple community. No doubt, Apple's reaction will certainly feed more such incidents.

It will be interesting to watch.

[nstick13]

Apple issued a security update that was a fix for this. Installing the most recent update checks for this and goes through and removes the malware and any variation of it that may be on your computer.

Which would be why the reps are the phone are told not to help--doing what that update does is probably incredibly and excessively complex.

http://www.macworld.com/article/160147/2011/05/macalope_thanks_so_much.html

The Macalope, as always, has the best take on this. Pretty fair all the way around, IMO.

[Swampfox10mm]

[Chokse]

The user still has to install it, ID or not. That is a big part of the equation you seem to be glossing over. That download and double click by the user is a major difference. A virus does not require this step. A virus runs on its own. This is a major difference and one that needs to be made clear.

The reason I pointed out the difference between virus and trojan horse is because you made no clear distinction in your OP, and Eamo's grammar implied that it was a virus when he said, "The only reason there aren't more Mac viruses like this one...". To say "more Mac viruses like this one" implies there are already existing Mac viruses. There aren't. There are trojan horses, but not viruses. What Eamo should have said is, "The only reason there aren't any Mac viruses...".

I have read the articles and probably did so before you. I read about this more than a week ago (almost 2), when it first started happening. But when I read it doesn't matter. The user is still to blame for installing any trojan horse. A trojan horse, whether or not it requires an ID, still requires the user to physically install it and, therefore, puts the user at blame. This is no different than someone Jailbreaking an iPhone and then picking up some kind of malware. In the end, it is the user's fault and he/she needs to deal with the consequences.

Ultimately, this should be a lesson for anyone affected by this, that they can't go around downloading and installing whatever they want. They need to check things out if they do not come from an established software company.

[crossmr]

[Kheldar]

Chokse, you still seem to refuse to believe Macs can get viruses. If someone can write a Trojan Horse, they can just as easily write a virus. Like Eamo said, they don't bother with Macs because they make up such a small percentage of computers as a whole. The point of any malware is to infect as many computers as possible.

[Bloopity Bloop]

Macheads... :/

[Chokse]

Until there ACTUALLY is a virus for Macs, you can't say that with certainty. At this point, you are simply making an assumption that is not based on any fact other than you think it is possible. You know what they say about assuming, right?

And, the bots that took over the computers in the two "Zombie PC" fiascos that have hit Korea over the last year or two were caused by viruses that were not executed by the user. I agree that most viruses require some action by the user (opening a file in an email), there are others that do not require any action by the user. Those are dangerous and are limited to PCs only.

Will they ever come to the Mac? Nobody knows. But, until they do, you cannot assume they will or that it is even possible. To do otherwise is pure conjecture.

[Kheldar]