BF2S Forums Apple to support reps: "Do not attempt to remove malware"

Yeah, my content crashed.  And still crashing.

Fun fun fun.

http://www.zdnet.com/blog/bott/apple-to … lware/3362
...


"AppleCare does not provide support for removal of the malware.  You should not confirm or deny whether the customer's Max is infected or not."

"Explain that Apple does not make recommendations for specific software to assist in removing malware.  The customer can be directed to the Apple Online Store and the Mac App Store for antivirus software options."

-Do not confirm or deny that any such software has been installed.
-Do not attempt to remove or uninstall any malware software.
-Do not send any escalations or contact Tier 2 for support about removing the software, or provide impact data.
-Do not refer customers to the Apple Retail Store. The ARS does not provide any additional support for malware.


While this is a common Windows Malware, quite interesting approach for Applecare.  I know a few people who have fallen for this malware on the PC side, my wife included, but I could imagine this exponentially more on the Apple side who would click to install this malicious app.

hurf durf. how is this in D&ST? and how is it surprising? shock horror a tech company don't want to lose loads of money taking responsibility for malware that infects their system. do microsoft offer refunds or contributions towards repair costs on all of the windows machines that are damaged because of security flaws in their platform? it's hard to exactly stage this as a huge criticism of apple... their laptops and their operating system go hand in hand, so it's a 10x more costly issue than it is for microsoft, who can just issue free patches for their OS and leave the laptop manufacturers and retailers themselves to any serious fault. i don't really see what's to debate, anyhow, except for a lengthy discussion on the obviousness of corporate ethics.

well they are still safer than pc's, are they not? look at the numbers of threats on both platforms. of course it's marketing spiel, but it's not strictly dishonest. you're far less prone to pick up something nasty on a mac than a pc. the fact that apple have bastard tech-support and will be largely unhelpful if you do happen to get infected doesn't change that probability/base statistic.

In the case of this particular malware, I think it's more like the malware developer has determined that there are enough Apple users to dupe to be profitable.

RTHKI wrote:

i dont know how people get malware. i havent had any problem with it in years

On the PC?  In part, I think it's education and prior experience.  Of those I've helped on these types of malware, after the first time, they know to not click anything at all, to not even click no or "x" to cancel.  Apple users will just have to learn the hard way, like the average Windows user.

I think someone said it already, this edict is about controlling their support costs.

well on the same stroke i know several people (normally girls) that have broken their ipod touches or iphones and have gone into the apple store and simply winked a few times at the sales assistants and been given a brand-new one, free... so, you know, i guess it just goes to show. corporations are human: the guys at the top just want to save as much money as possible. it doesn't necessarily carry through to all levels of the organisation, nor is it necessarily a proof that the entire company is 'evil'. i don't really see how this is anything new (for microsoft or apple, tbh)-- it's just publicised more.

I don't like Apple either, partially because of their shady business tactics and partially because their OS is just as clunky and inefficient as Windows, if not more so.

As for this particular issue, yeah, it's a matter of time. Apple user base is becoming huge, and the only protection Apple has is the relative user base.

The best OS in terms of efficiency and security(and even cost) is probably any Linux-based OS, mainly due to the fact that they're freeware and nothing really can be done on the computer without your direct approval and supervision. Of course, it's not a realistic option for your average user who can't spend 4 hours compiling source codes and make files to install a program.

Ilocano wrote:

In the case of this particular malware, I think it's more like the malware developer has determined that there are enough Apple users to dupe to be profitable.

They're much more dupable too.

Regardless, macs still have less problems. Anyone with a modicum of intelligence knows what you've posted

Jay wrote:

Uzique wrote:

well they are still safer than pc's, are they not? look at the numbers of threats on both platforms. of course it's marketing spiel, but it's not strictly dishonest. you're far less prone to pick up something nasty on a mac than a pc. the fact that apple have bastard tech-support and will be largely unhelpful if you do happen to get infected doesn't change that probability/base statistic.

Apple only has less malware because there are less people that use Apple products. Programmers aren't going to waste their time writing software that can infect only 1/4 of computers. If Apple ever attained supremacy in the market, they'd be the ones that the hackers would target. So... that's the basis for the statistic.

Yes, that is a good portion of the reason.. but it sure isn't the only. One of the reasons Apple maintains a tight control over their platforms is to help prevent the spread of malware before it reaches it's users. It's a relatively effective way to fight it .. running around putting out fires after they've been discovered is not.

Uzique wrote:

well they are still safer than pc's, are they not? look at the numbers of threats on both platforms. of course it's marketing spiel, but it's not strictly dishonest. you're far less prone to pick up something nasty on a mac than a pc. the fact that apple have bastard tech-support and will be largely unhelpful if you do happen to get infected doesn't change that probability/base statistic.

If you think safer means simply a smaller number of threats, you'd be right. Unfortunately, Apple's OSX and Safari browser have more holes than a slice of Swiss cheese. I'm doing a computer security class at the moment and it isn't done by a group of professors but rather an actual security firm that just does a few seminars and lectures at our uni (since it's across the street) and the folks that there constantly bring up the lack of security in Apple products. If you talk a look at the Pwn2Own results from the past few years, you'll also see that OSX and Safari are always the first to fall. Windows and IE always took a much longer time to fall, especially since Windows 7 and now IE9 have been on the market. IE9 has some very innovative security features (the same author that wrote the blog in the OP, Ed Bott, is a friend of mine - he's been doing a lot of articles about computer security lately; pretty sure he's working on a new book).

RTHKI wrote:

i dont know how people get malware. i havent had any problem with it in years

It's pretty easy, actually. Think about it like this: there's a popular event going on and people are searching the Internet for it. How do you get people to come to your site? You talk about popular things. Malware authors spread their programs by poisoning search results. This can come in the form of image searches or text searches. Either way, it's not hard to do. You just need the right person to search the right keywords and click on the wrong link. Boom, attacked. This latest Mac Defender malware is spreading like wildfire despite the fact that it requires the user to input the password. It does a very good job of tricking an unexperienced user into playing along and even putting in credit card information to steal. It's not very sophisticated, but it doesn't have to be. KISS - Keep It Simple & Stupid.

Jay wrote:

Apple only has less malware because there are less people that use Apple products. Programmers aren't going to waste their time writing software that can infect only 1/4 of computers. If Apple ever attained supremacy in the market, they'd be the ones that the hackers would target. So... that's the basis for the statistic.

iPhones are different because all software written for the stupid things is routed through micromanaging Steve Jobs personal macbook Air before it can be published

Malware authors often are not programmers. There are a great number of tools out in the wild that for a price (or even sometimes none at all) will build malware for you by just checking a few option boxes. Want a rootkit? No problem. Just download the appropriate tool and buy a license from the author of the tool (if the tool itself isn't free). Think about it like this: if even only 5% of all computer users in the world are users of OSX, that's still a few million people who you could steal information from. Just because the percentage is small does not mean the actual number of potential targets is not. Don't let percentages fool you like that...

Blue Herring wrote:

The best OS in terms of efficiency and security(and even cost) is probably any Linux-based OS, mainly due to the fact that they're freeware and nothing really can be done on the computer without your direct approval and supervision. Of course, it's not a realistic option for your average user who can't spend 4 hours compiling source codes and make files to install a program.

I don't even know where to start with this, but here goes: Have you ever used a modern distribution of Linux? What source code do you need to compile to use it? Just install the image and go to work. There are so many distros available to users it is unbelievable. Only in a very obscure case might one need to compile anything, but often a Debian package installer is available for most any popular program making it a simple double-click affair of installing the software.

OSX is based on UNIX and Linux is also based on UNIX, which means OSX and Linux are very similar. Have you ever compared the GUI in OSX to the GNOME GUI (the default UI in Ubuntu)? They're almost identical in many ways that only the color scheme and lack of a dock is the telling factor. At first glance, I'm sure many of your average non-expert Apple users wouldn't be able to tell the difference until they actually started using it and eyeballing it. This may actually be a bit of an exaggeration, but they are extremely similar.

This Mac Defender malware spreading requires direct approval from the user, too, so just because you need to put in your administrator's password to install software, doesn't mean that malware can't also get in. Mac Defender has proven this that a bit of clever social engineering and you can get anyone to install anything.

Despite this first wall of security, it's not invincible. You can bypass this through security holes in other program and force a machine to run any code that you want and even install anything you want. You don't have to break through the OS, you break through an application that already has received the necessary permissions FROM the OS, thereby making whatever comes through the application also having the same permissions. Why do you think most exploits nowadays are coming through browsers? Because now the browser has become such an important part of the computer that it has access to parts of the system before that it never had in the past. Other exploits are out there, but the browser is the biggest weak point in an OS and you should take browser security the most serious of all, perhaps. Also keeping your OS up to date regularly is a good idea. Microsoft has something called Patch Tuesday, meaning every Tuesday there are new security patches available to Windows users. I'm sure Apple has something similar and I know Canonical does the same for Ubuntu (though not sure if they have a specified day of the week like Microsoft).

Kmar wrote:

Yes, that is a good portion of the reason.. but it sure isn't the only. One of the reasons Apple maintains a tight control over their platforms is to help prevent the spread of malware before it reaches it's users. It's a relatively effective way to fight it .. running around putting out fires after they've been discovered is not.

Maintaining tight control of the OS doesn't stop malware, Kmar. It's clear that isn't preventing malware authors from breaking into OSX and running arbitrary code. Again, look at Pwn2Own and how insecure OSX is compared to Windows.

If you guys subscribe to Ed Bott's RSS feed, you can have a nice index of all his previous blog posts on the spreading of this Mac Defender malware (he's also a Mac user, not just a Windows fiend) and his recent posts on computer security. It's really interesting stuff if you like finding out a bit more about the darker side of the Internetz.

Last edited by CapnNismo (2011-05-21 00:03:58)