Get Smart about Business Spending
Two new Mac attacks surface
This is the message visitors to the porn site get which tricks them into installing an ActiveX object to watch a video but instead downloads a Trojan. This screenshot shows a Windows machine, but the malware targets Macs too.
(Credit: Paretologic)Security experts have discovered two new attacks targeting Mac users, a new version of a worm and a Trojan hidden inside a porn site.
Antivirus firm Sophos on Wednesday discovered a new version of the Mac OS X Tored worm, according to a Sophos blog post.
On Tuesday, Paretologic warned about a porn site that was downloading malware that targets both the PC and the Mac. Mac users get redirected to the pagemac.php page, which downloads a QuickTime.dmg file, the blog post says.
Sophos explained in blog post on Thursday that visitors to the malicious porn site are told they have to download an ActiveX component to view the videos. Instead, a Trojan, dubbed OSX/Jahlavc, gets downloaded.
"As we've demonstrated before, and as we'll no doubt explain again, the Mac malware threat is real," writes Sophos security researcher Graham Cluley. "Hackers are deliberately planting malicious code on Web sites, and using social engineering tricks to fool you into installing it onto your computer."
An Apple spokesperson did not immediately respond to a request for comment.
Elinor Mills covers Internet security and privacy. She joined CNET News in 2005 after working as a foreign correspondent for Reuters in Portugal and writing for The Industry Standard, the IDG News Service, and the Associated Press. E-mail Elinor. 
The article illustrates WINDOWS running INTERNET EXPLODER.
Mac users are protected because self-installing does not happen.
Everything requires password authentication on a Mac.
I wonder if Elinor Mills has ever used a Mac before.
If you click anywhere in the fake "dialog" window, the server looks at your browser user-agent. If you are on Windows, it downloads a file named VideoCodec.exe and runs it, infecting you. If you are on a Mac, it downloads a file called QuickTime.dmg. Mac users who mount the .dmg see an installer inside. Mac users who run the installer and type in their administrator password become infected with a Trojan that changes their DNS settings.
This is actually not new. This attack using exactly this technique has been around since at least early 2008. I first wrote about it last March at
http://tacit.livejournal.com/238112.html
This is old news; this Mac DNSchanging malware that gets downloaded from fake porn sites (and other fake movie sites--I have seen it on phony "news" sites and even on sites that claim to have videos on topics like how to build ultralight aircraft) has been around for more than a year.
It's not a big deal on Macs--the tricks they try to use are quite clumsy (the popup you see in a Web browser looks like a Windows dialog box, the popup talks about ActiveX which doesn't exist on a Mac). The malware, once downloaded, can not infect a computer unless the user runs the installer and then types an administrator password.
The blog has a video where the GUY IS CLEARLY USING OS X AND SAFARI.
[CNET editors' note: Prohibited content deleted.]
It takes an user to actually download the QuickTime file and install it for the trojan to work. That's a stretch. Not many people will do this.
[CNET editors' note: personal attacks deleted].
You really should buy, and use, a Mac. For one thing the OSX spell checker works in Safari. However, it does not help with the proper capitalization of words.
"I did not buy a mac because i dont want to be ignorant. This guys are tipical examples."
unfortunately you seem like the perfect example for ignorant
on a Mac you need to visit the website click yes on the popup
then select download location
mount the DMG file
and then enter your password to install it
like thats going to happen to anyone with half a brain !
If you follow the link that is in the story above (copied and pasted here for those of you that are too lazy), it explains how this is NOT about using IE. Just watch the funny video.
http://en.wikipedia.org/wiki/MAC_address - Educate yourself.
It targets BOTH Mac and PC. They took a screenshot of the Windows variant.....which happens to be Active X. ON MAC USERS......it downloads a quicktime.dmg
Why deliberately make up some MAC virus. There are some Windows users that arent out to get MAC's. [CNET editors' note: Prohibited content deleted.]
If you were on Windows, using IE, and downloaded the ActiveX file shown, that would probably be about all it would take to become infected.
See the difference? It's not about being self-centered and riding high horses - it's about an OS that is better designed in regard to security from the ground up.
The title of this article is "Two new Mac attacks surface". Even if the subject virus of the article attacks both Macs and PCs, a sensationalized title such as this would warrant a screenshot of the actual attack on a Mac OS system. The article did not provide such an item. As such in the very least it is poor journalism. I correct myself, it is ****-poor journalism.
Having read this article first, before proceeding to the blog I am already highly suspicious because of the inconsistency between the article and the provided image.
Now that I have gone to the actual blog and seen the stupid flash video on the site I must further question the integrity of the article as it seems the video was more of an "attack" against the Mac OS rather than as a guide to saying "here is a new virus and this is how it spreads".
As a "mac fanboy" I have the integrity to say I cannot subscribe to the opinions on this so called "article" based on the obvious bias of the flash video in the source blog.
As an application developer who engineers web and desktop software for both mac os and windows os computers I can definitely say the article and the blog offer very little in the sense that they can be summed up as saying "here is a new computer virus that can infect everyone".
So though I agree with you that not all windows users are out to get Macs. I don't agree with you that Mac fan boys are ignorant. The new generation of mac fan boys are people like me. People who have used both Mac OS and MS Windows and we have formed an intelligent and personally justified opinion that for us Macs are better.
And in the MAC platform, most "slower" users wouldn't even hesitate to type the password. Just as most in lets say Chrome wouldnt hesitate to click on it. IT STILL TAKES USER INTERACTION. On both platforms. Mac isnt superior in that sense because it asks for a password. They throw that on Vista and the whole world complains because it it to cumbersome.
I wont argue with you on that. I am far from believing that MS rules and is the greatest thing ever. And You will never hear me say that Apple has any less of a product. My comments to the "FAN BOYS" was not directed at educated people such as yourself. It was merely trying to point out those "FAN BOYS" that scream conspiracy every time news like this hits. I do agree that the article should have been worded better, but we dont need to nitpick. The bottom line is there is a vulnerability out there, inform yourself and know what you are doing. That was the overall point...in my eyes anyway. Not to make up some claim that is a blatant lie.
MAC != Mac
You can spot a Windows guy a mile away by that mistake. Why they can correctly write "Windows" (not in all caps), but not "Mac" or "Macintosh" or Mac OS", I'll never know.l We don't go around writing "WINDOWS" now do we, people?
This particular attack is merely a social engineering attack; that much is given. However, you have been misinformed if you believe that the authentication mechanism is airtight. The Mac has been the first one pwned at CanSecWest three years in a row, all attacking Safari with drive-by downloads (once by Dino Dai Zovi, twice by Charlie Miller).
If media coverage doesn't convince you that the Mac is indeed vulnerable to drive-by downloads, perhaps this will: http://landonf.bikemonkey.org/code/macosx/CVE-2008-5353.20090519.html
Here, we have a vulnerability in which a Java program downloaded surreptitiously through Safari executes code on the client machine. Unless Apple has finally released a patch, and unless you have it (or disable Java on your machine), a program called "/usr/bin/say" will be executed on your system.
The reason drive-by attacks are failing against Vista is because it has more than just an authentication mechanism (UAC); it has layers of mitigations, including DEP, ASLR, and kernel patch protection. The Mac does not; all it has is the equivalent of a limited user account in XP, which is nothing more than a speedbump (not to be confused with a barrier) to hackers.
The reason we have no ItW drive-by downloads for your platform as of yet is because no one in Russia or China is familiar with the shell. The Mac still has less than 10% of the global market. And more importantly, up until 2006, the Mac had an obscurity advantage that even Linux did not have... PPC. Now, Apple runs on Intel. It's only a matter of time before criminals learn how to write drive-by exploits for the Mac.
Don't get me wrong; I'm not rooting for the criminals to bombard unsuspecting Mac users, harvesting all their contacts' e-mail addresses and spamming their loved ones, or capturing their bank account numbers and cleaning them out. My aim is to help prevent these things from happening. The only solution I have is for Windows users, because I don't know the Mac's file system that well. But if I were you, I'd pray that Snow Leopard introduces a functional implementation of ASLR and DEP because, if Windows 7 proves to be an XP killer as prophesied, then hackers will have to settle for the easiest remaining target. And right now, that would be OS X Leopard.
How stupid would one need to be to be:
a) installing unknown software while
b) visiting a porn site using
c) Internet Explorer as your browser on your
d) Windows machine?
Rhetorical question: really stupid.
you'd be surprised. Jim Bob could be new and not step into any sort of workings. He just wants to see his porn, and he'll do whatever he can to get to it.
Contrary to popular belief, there are still a lot of stupid computer users out there. On all sides.
I hate to be the one to tell you this, but social engineering is OS agnostic. There are idiots using most OSs, though some have a much lower percentage than others.
He could do that by using that new Bing search engine... *shrug*.
It doesn't seem to be an ActiveX control at all, but a script trying to trick the user into running it. True, Safari doesn't use ActiveX (neither does Firefox nor any other browser besides IE), but novice Mac users wouldn't know that. I'd suggest that we give Ms. Mills the benefit of the doubt, and assume she knows what she's talking about; she likely got the info from someone who does: http://www.sophos.com/blogs/sophoslabs/v/post/4811
Don't be silly. Give me a break! Millions of Windows users would already be dead if that were even remotely plausible.
I think what sythara is saying is that Mac users would be more dumbfounded than Windows users (even Vista users), because they've been fed the memes that Apple's safety has to do with its code, and conditioned not to expect this sort of thing. And as you might know, not all present-day Mac users are old school Apple loyalists or their descendants; some of them are refugees. They threw up their hands and emigrated because they couldn't figure out how to secure Windows.
The Mac has become their haven. And if their haven were to fall under attack, they wouldn't know where else to go. Those who have used the Mac for a considerable length of time tend to be more pacified than Windows users; Linux would be even less viable for them. And besides, there are far more Linux malware than there are Mac malware (Linux has run on Intel for as long as Windows, while Macs ran on PPC up until 2006), though I doubt any of the samples include drive-by downloads.
@sythara:
That's kind of sour. If Mac users start getting infected and don't know about it, that means more people getting their identities and financial information stolen, their bank accounts cleaned out, and their loved ones spammed. This is not a laughing matter.
Completely agree with ya.
This particular attack is merely a social engineering attack; that much is given. However, you have been misinformed if you believe that the authentication mechanism is airtight. The Mac has been the first one pwned at CanSecWest three years in a row, all attacking Safari with drive-by downloads (once by Dino Dai Zovi, twice by Charlie Miller).
If media coverage doesn't convince you that the Mac is indeed vulnerable to drive-by downloads, perhaps this will: http://landonf.bikemonkey.org/code/macosx/CVE-2008-5353.20090519.html
Here, we have a vulnerability in which a Java program downloaded surreptitiously through Safari executes code on the client machine. Unless Apple has finally released a patch, and unless you have it (or disable Java on your machine), a program called "/usr/bin/say" will be executed on your system.
The reason drive-by attacks are failing against Vista is because it has more than just an authentication mechanism (UAC); it has layers of mitigations, including DEP, ASLR, and kernel patch protection. The Mac does not; all it has is the equivalent of a limited user account in XP, which is nothing more than a speedbump (not to be confused with a barrier) to hackers.
The reason we have no ItW drive-by downloads for your platform as of yet is because no one in Russia or China is familiar with the shell. The Mac still has less than 10% of the global market. And more importantly, up until 2006, the Mac had an obscurity advantage that even Linux did not have... PPC. Now, Apple runs on Intel. It's only a matter of time before criminals learn how to write drive-by exploits for the Mac.
Don't get me wrong; I'm not rooting for the criminals to bombard unsuspecting Mac users, harvesting all their contacts' e-mail addresses and spamming their loved ones, or capturing their bank account numbers and cleaning them out. My aim is to help prevent these things from happening. The only solution I have is for Windows users, because I don't know the Mac's file system that well. But if I were you, I'd pray that Snow Leopard introduces a functional implementation of ASLR and DEP because, if Windows 7 proves to be an XP killer as prophesied, then hackers will have to settle for the easiest remaining target. And right now, that would be OS X Leopard.
@LuvThatCO2:
As far as current OSes go, you're right. Mac OS is the most vulnerable OS on the market, unless you count XP on netbooks, ultra-low-cost machines, and OEM downgrades. The Mac is equivalent to a limited user account in XP (without the restrictions on trusted zones). Granted, this is nothing more than a speedbump to hackers, but I'd say it's better than an administrator account in XP with an AV/AS apparatus that relies entirely on signatures and heuristics. Unless your antivirus has browser protection, or unless you use a really good NIPS firewall, or unless you lock the kernel and/or install some kind of sandbox, XP is still more vulnerable. With Vista, of course, it's another story.
Please ignore the 18,000 new malware attacks available for your PC today and instead focus on the 2 new malware attacks available for Mac.
Sincerely,
Microsoft (and CNET)
Remember, the sand will protect you from hearing unpleasant realities.
Also, in the event of a water landing, your MacBookPro can double as a flotation device. :)
The misconception is that a Mac is impregnable. More secure does not necessarily equal impossible to attack - just harder.
Why aren't you working on the thousands of viruses, yes viruses, and trojan horses and worms that are already out there attacking Windows machines, being spread by Windows machines? Don't want to talk about that? You'd rather talk about one trojan horse that isn't even executed well (whoever heard of ActiveX on Mac OS)? How about getting your head out of that orifice you sit on!
And I'd talk about mocking others, 99% of the posts you've made have been mocking or insulting or just plain sarcastic. Go back to work. NEVER, EVER post on a story involving Apple again. You are incapable of speaking intelligently on the subject.
You know better than that. OS X is NOT built on OpenBSD; it's built on FreeBSD and NetBSD. And BTW, "Darwin" is an open-source distribution of the Apple core (no pun intended), not a derivative of OpenBSD. How many times have I told you this now? You're in denial, as illustrated by Vegaman_Dan.
You sound really angry. Did you not know these thousands of viruses, Trojan horses, and worms affect mostly XP (and there are solutions for that)? And even if someone downloaded this one to Vista, it still wouldn't be able to go as far as it could on Mac OS because of kernel patch protection and the other mitigations. Also, you're misinterpreting the article re: ActiveX. The attack is not really an ActiveX control at all; it's just a script trying to trick you. A savvy Mac user would know that no browser other than IE uses ActiveX, and therefore would see a red flag; but most Mac users (and Windows users) are novices. In case you think Ms. Mills has made a mistake, here's what the Mac version looks like: http://www.sophos.com/blogs/sophoslabs/v/post/4811
No sour grapes, please. I'm not trying to start a fight.
One more thing: what is OpenBSD Unix? OpenBSD is a Unix-LIKE operating system; it is not distributed by the Open Group.
And you, good sir, are trying to change the subject to deflect people from discussing the issue.
Just because there may be other OS issues out there doesn't mean we can ignore the ones for OS X. You're demonstrating the classic 'head in the sand' behavior, and that's exactly what the bad guys want. You're playing right into their hands as a willing fool ripe for their plucking.
I've promised to try not to engage flamers like yourself, but I can't ignore direct attacks. I am not doing any of the things you accuse. I was merely stating that Windows proponents are pointing their fingers and saying, "see, it's vulnerable" when the bigger truth is that for every one piece of malware targeting Mac OS, there's thousands upon thousands upon thousands of pieces targeting Windows. So, which is the bigger issue here? (rhetorical question) The handful of Macintosh users that are dumb enough to install something that is questionable (ActiveX isn't even a component of Mac OS), or the hundreds of thousands of pieces of malware on Windows? Windows computers that are "violated" are the bigger issue.
These "thousands" of viruses and such are more of a concern to XP users than Vista users (and even XP users have options). That said, even most Vista users use antivirus products, more and more of which are starting to implement browser protection. Mac users surf the Web with no protection at all, assuming there is no problem.
That said, numbers are not part of this discussion. ONE Mac threat is one too many.
You should only use it to view Cnet, search for unicorns or peruse CuteOverload.com.
I beg to differ. I have used both (not to mention Linux and FreeBSD), and still found Windows more favorable. Windows handles USB better than any other platform, and I use USB constantly. Also, the Mac's sleep feature is totally useless. As much as I do on my machines, I can't really close my browser and everything else, and then log off; I have work to get back to.
If you were to install a LOT of software, you might find that Windows problems are easier to remedy than Mac problems. WinDoctor fixes most issues, and others are a Google search away. Mac bugs, although rare, are more like "phantom bugs" no one seems to figure out in the forums. This may not be your experience, but it's mine. That said, PCs cost less, and are more upgradeable. The fastest PC is faster than the fastest Mac.
I still think the author of the article should have found a Mac to get the screen grab. I am sure CNet has some Macs around the office somewhere.
I wouldn't go so far as to say that a naive Web surfer DESERVES to have their identity and financial information stolen, their bank accounts cleaned out, and their loved ones added to a spammer's blast list. Do you know how many Windows users have outdated patches, and often an expired antivirus subscription? Obviously, it's not common sense.
As for the Mac screen grab, here's one for you: http://www.sophos.com/blogs/sophoslabs/v/post/4811
@kcotham:
It's been said that there's an idiot born every minute; this includes criminals. However, I'd tend to agree with EuripedesCO on this one, not just because the media agrees with him, but because malware is not just jumbled-up code. A virus is not a flaw; it does exactly what it is designed to do. The issue is that most cybercriminals live in Russia and China, and are trying to make money. Apple was too small a target until recently. And now that it is game, they still have a ways to go in learning the shell before they learn how to make a drive-by download work on Mac OS like they do in Windows. That's my opinion.
Maybe the will start editing their ads about virus on windows machine. Anyway i will recomend solaris for all the paris hilton who bought a mac.
No real viruses for OS X. That remains true.
So a viruses are definitely more dangerous !
still no virus on the mac OSX yet... enough said
goodspeed8701 is correct. About 80% of all malware are Trojans. Viruses are usually targeted at politicians and high-profile clergymen, and sent as e-mail attachments. Mac viruses were the first viruses written; also, there were viruses for PPC as well. Intel Mac is only 3 years old; give it time.
@Dalkorian:
You're right, but did you know that drive-by downloads have been demonstrated on Apple at least four times? And did you know that researchers are saying Apple is the easiest target, if only hackers were interested and knew how to do it? See the link to a PoC sample in the next statement below...
@ddesy:
This particular attack is merely a social engineering attack; that much is given. However, you have been misinformed if you believe that the authentication mechanism is airtight. The Mac has been the first one pwned at CanSecWest three years in a row, all attacking Safari with drive-by downloads (once by Dino Dai Zovi, twice by Charlie Miller).
If media coverage doesn't convince you that the Mac is indeed vulnerable to drive-by downloads, perhaps this will: http://landonf.bikemonkey.org/code/macosx/CVE-2008-5353.20090519.html
Here, we have a vulnerability in which a Java program downloaded surreptitiously through Safari executes code on the client machine. Unless Apple has finally released a patch, and unless you have it (or disable Java on your machine), a program called "/usr/bin/say" will be executed on your system.
The reason drive-by attacks are failing against Vista is because it has more than just an authentication mechanism (UAC); it has layers of mitigations, including DEP, ASLR, and kernel patch protection. The Mac does not; all it has is the equivalent of a limited user account in XP, which is nothing more than a speedbump (not to be confused with a barrier) to hackers.
The reason we have no ItW drive-by downloads for your platform as of yet is because no one in Russia or China is familiar with the shell. The Mac still has less than 10% of the global market. And more importantly, up until 2006, the Mac had an obscurity advantage that even Linux did not have... PPC. Now, Apple runs on Intel. It's only a matter of time before criminals learn how to write drive-by exploits for the Mac.
Don't get me wrong; I'm not rooting for the criminals to bombard unsuspecting Mac users, harvesting all their contacts' e-mail addresses and spamming their loved ones, or capturing their bank account numbers and cleaning them out. My aim is to help prevent these things from happening. The only solution I have is for Windows users, because I don't know the Mac's file system that well. But if I were you, I'd pray that Snow Leopard introduces a functional implementation of ASLR and DEP because, if Windows 7 proves to be an XP killer as prophesied, then hackers will have to settle for the easiest remaining target. And right now, that would be OS X Leopard.
BTW, do you know what a virus is? It's not profit-driven; it's not designed not to give a hacker remote control of your system, but to ruin it. Viruses are usually targeted at politicians and high-profile clergymen, and sent as attachments in cutesy e-mail messages. These "chain letters" are frequently forwarded to various contacts, thereby causing the virus to spread. That said, most viruses also require user interaction. If a drive-by download can work on the Mac, do you really think it would be any harder for a virus to wreck your system with your help?
Open Terminal.app
Make sure you are the admin user or if root then great.
enter the commands:
sudo rm -R /<username>
sudo rm -R /Users
Frankly you will blow away all the data you had in your home directory with the first command and with the second command you will surely blow away all data for all users.
If you are not satisfied with that then try this:
mkdir /empty_dir
sudo rsync --delete /empty_dir /System/Library
You are creating an empty dir and then syncying it to the /System/Library which empties your /System.
Dude I do not need to go to a porn site to kill myself. Even a posting in a forum can help manipulate the dumb users who have no idea as to what is happening.
Frankly the article should not have the headline "Two new Mac attacks surface". It seems like the crackers have finally worked around the super strong Mac security. But that is not so. This posting is a bait by a writer who has nothing better to do and does not understand technology.
That you can erase your users if you actively try to? Sudo requires your authentication when running as admin. Running as root is not recommended and disabled by default, so nobody can do this accidentally. No Malware can do it either.
I can go to the Library and erase important files, too, if I have a password. I can erase important Windows files if I know how. That's hardly the point.
The reason Macs are generally more secure is that they require far more social engineering to get to the point that Malware is installed and viable.
Even this "attack" relies on:
The user not caring that the warning message they get is a WINDOWS one (looks weird)
The user then either having "open trusted" enabled, or actively opening the .dmg
The user then actively launching the installer.
The user then entering the password.
Are people this dumb? Absolutely. Can ANY OS be protected from people this dumb? No. Because then you would not be able to install legitimate software.
Well, I take that back. You could have a draconian situation like the iPhone, where all applications must be submitted to the overlords for approval, and you can only install them one way.
Is this what people want? Heck no. Nobody wants that.
This so called "exploit" can be cleared up by this:
"people who run porn sites may not be trustworthy. if they want you to install any programs to view their footage that are non-standard, you should probably move on to another porn site that doesn't require this. last time I checked, there are more than a few porn sites on earth."
"That you can erase your users if you actively try to? Sudo requires your authentication when running as admin. Running as root is not recommended and disabled by default, so nobody can do this accidentally. No Malware can do it either."
I can walk up to *any* Macintosh and reset the admin password in less than 30 seconds. It's easy. No tools required, no special CD's, USB sticks, or anything. You just simply restart the machine into single user mode, edit one entry regarding the 'AppleSetupDone' status, and restart. The machine will then restart and take you through the new account setup for the local account and give you full admin rights. This isn't even particularly very clever or hard to do. It's well documented online. When done, there is no trace that it was done, so you would never know that I had been there, installed whatever apps I wanted, stolen all your data, etc. You'd still be blindly going about your day unaware that you had keyloggers and spyware on your system.
Yes, it requires physical access to the Mac. But that's easy enough to do. Even on a PC you have to use a few utilities to break in. You can't just power up the machine without any tools at all and be able to break in. The single user mode is one that affects most *nix environments, so don't feel that this is targeted at Macs alone. It's just the nature of the system. .
Also, the standard installation of OS X creates the user account as a local one with full admin rights. It takes extra steps to lock it down and to do that you have to first know that you can do it, and second, dig through the help menues to find that information. New users won't know this and will just create those local admin accounts as a result.
Social engineering makes sure that people are used to clicking on things. Yes, they will click on a DMG and when that image mounts, they will follow the instructions on the screen to drag the icon to their apps folder because they really do want that online strip poker game or whatever was promised. It doesn't matter what OS you're dealing with there.
As for the iPhone- that always runs as root for all use. There is no security on the device. That makes it very easy to use, but also a mine filed of data security liability as well.
I know this probably not what you meant, but if someone tries to physically jump onto my computer, getting into it is the least of their concerns. The pissed off owner with the baseball bat is another matter entirely. Point is, it doesn't matter if you can physically do that, as you have to be able to be physically in front of the computer to pull that off. Anyone with the right knowledge can do that to just about any system. I know it can be done on Windows (different method) and probably on a Linux system as well (never tried on Linux though). People just need to use common sense on their machines, whether it is Windows, Mac, Linux, or anything else for that matter.
Last I checked, Windows could still be infected without the user having to actively install a trojan.
Last I checked, javascript still runs on Macs, and clicking on "Cancel" can still screw you over.
See my response to your post up two threads. Yes, drive-by downloads do work on the Mac, and it's an easier target than Windows Vista.
Shouldn't they be - I don't know - writing about something concerning technology?
Viruses are about straight security (self spreading malware), and you can count the number of live viruses on the mac with one hand.
The fact that windows vulnerabilities are mainly just a click away means that so many forms of malware can be created for the OS. Needing a password to run applications makes it a lot safer especially seen as the password only grants temporary, limited root privileges.
"You Windows weenies' behaviour is like looking through the entire Encyclopaedia Britannica and finding one typo and proclaiming "see, it isn't flawless!" Imbeciles. "
I think you may find it more useful to present your case in a carefully constructed and well thought out manner instead of open and poorly written mockery. It is even more critical to be sure you are both grammatically correct and have no typos in your own comments before commencing with said mockery of those .... 'imbeciles', as you call them.
I used an analogy, the tool of choice for you. And besides, that's the tone you always use. I thought you would appreciate the acerbic tone. Besides, I see no misspellings. Poor punctuation and capitalisation choices, perhaps,
I don't know who you were addressing. But I personally ignore an occasional error whether it be a misspelled word or a poorly constructed sentence, as long as it is still intelligible as English. However, there are some posters here that either do not speak English fluently or they haven't gotten past the second grade. Those are the posters that I correct. There are a couple of exceptions that I make. I will correct the common mistakes of confusing "their" with "there" or "they're". I will also correct "your" and "you're" being confused. Lastly, there is the annoying habit of some here to confuse "then" and "than". I don't know what dialect they speak, but in my dialect, they sound nothing alike.
If one wants to avoid misspellings, use a Macintosh. Spell checking is system wide, whether you are using a word processor, a web browser, or whatever. It will not, however, correct poorly chosen words.
Cheers
I've almost got my time machine working. The only problem is that it's a one way trip. I'll have to relive the 70's, 80's, and 90's again. Maybe I can make a killing in the stock market! ;-)
What a immature comment; and kcotham has the nerve to occasionally call Windows users fanatical.
People like him are why the status quo will remain the same. It not about convincing anyone to switch Operating Systems. He's doing it to bloat his own insecure ego. Embarassing even to Mac users...
But hey, maybe Cnet needs page views and Microsoft payola or something. One thing they DO need is real journalists. This site gets worse each week.
ROFLMAO!
- by CepiALER June 11, 2009 3:55 PM PDT
- i have a question: i have a eMac: 1.25GHz PowerPC G4 with a 256 MB DDR SDRAM and using OSX 10.3.9... so, those malware can affect my mac??? the article doesnt say what OSX can be affected...
- Like this Reply to this comment
-
-
- by kcotham June 11, 2009 5:51 PM PDT
- It doesn't say, but it's probably an Universal binary. You're fine as long as you don't download it or install it. It's simply, just be careful where you download things from and make sure they are from legitimate sources. You want QuickTime, go to apple.com. You want a new Flash Player plug-in, go to adobe.com. It's simple.
- Like this
-
- by artistjoh June 12, 2009 1:53 AM PDT
- Yes it affects us all, Windows or Mac, probably Linux too I suspect. It also appears to be browser independent so do not assume you are safe just because you do not use IE.
- Like this
-
Showing 1 of 3 pages (183 Comments)