Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Virus Protection for New Imac

I

IHelpId10t5

macrumors 6502
Nov 28, 2014
486
348
santaliqueur said:
My malware protection is: Don't type my administrator password for stuff I'm not choosing to install
Click to expand...

santaliqueur is certainly right. Unlike Windows, there are no drive-by infections on the Mac. In all cases the user must be fooled to infect themselves by 1) overriding GateKeeper, 2) then purposely entering their admin password.

The one unfortunate thing that I find very frustrating is that Google and other search engines do a horrible job of allowing untrusted and bogus download sites to rank above the software's source website. Therefore, for uninformed users its like a minefield for them to find the safe place to actually download even very trusted software. Therefore you can't just tell a friend that they should download a particular application by name, you need to actually give them the URL to the source website or it's very likely that they will end up downloading a trojanized copy or one with a crapware wrapper added by on of the "download" sites.
 
simonsi

simonsi

Contributor
Jan 3, 2014
4,851
735
Auckland
Weaselboy said:
Not so... it has been patched now, but the Flashback trojan could infect an unpatched Mac just by visiting an infected web site. No admin password was needed.
Click to expand...


He did say "are" rather than "ever have been", TBH anyone still running Lion unpatched probably has other issues or is running on older HW (for other reasons), with the security risks that entails.

IIRC it could not infect other machines directly as with a true virus but could only be obtained by an infected website? A good reason for the world to ditch Flash and Java tbh...
 
  • Like
Reactions: Erdbeertorte
Weaselboy

Weaselboy

Moderator
Staff member
Jan 23, 2005
34,491
16,218
California
simonsi said:
He did say "are" rather than "ever have been", TBH anyone still running Lion unpatched probably has other issues or is running on older HW (for other reasons), with the security risks that entails.

IIRC it could not infect other machines directly as with a true virus but could only be obtained by an infected website? A good reason for the world to ditch Flash and Java tbh...
Click to expand...

I think that is splitting hairs. It is still a drive by Mac infection... period. Everybody likes to just gloss it over like it never happened.

I agree it is not a virus, but a trojan. I also agree on no Java or Flash being a good idea. :)
 
  • Like
Reactions: beachmusic and Erdbeertorte
I

IHelpId10t5

macrumors 6502
Nov 28, 2014
486
348
Weaselboy said:
but the Flashback trojan could infect an unpatched Mac just by visiting an infected web site. No admin password was needed
Click to expand...

Not completely true. The early versions of Flashback absolutely did require the user to type their admin password. Flashback not only required that the user had Java installed and enabled in the browser (an exceptionally bad idea), but it would present an installer dialog that looked to the user like an Adobe Flash installer (that required an admin password to install). Eventually, an "improved" version of Flashback was released that could bypass admin prompting. However, this was long after both Oracle and Apple had patched Java. Therefore, you are correct that Mac users that never install OS updates could have been exposed at some point. Mac users that do install Mac OS updates as prompted would have never been at risk however.
 
I

IHelpId10t5

macrumors 6502
Nov 28, 2014
486
348
Weaselboy said:
I also agree on no Java or Flash being a good idea
Click to expand...

I certainly agree with you here. I have not had Java installed on any of my computers (Mac, Win, Linux) for many years, and have dropped Flash over a year ago as well, to eliminate the massive risks involved with these plugins. The world would be a much safer place if we could banish plugins from browsers. That, along with click-to-play, and a good ad blocker locks things up tight.
 
  • Like
Reactions: Weaselboy and simonsi
GGJstudios

GGJstudios

macrumors Westmere
May 16, 2008
44,556
950
960design said:
Old School:
OSX/Leap-A back in the day was a true floppy to floppy virus. Probably not a concern today.

Today: (and probably on your Mac right now):
Thunderstrike2 or a version of it.
Click to expand...
Leap-A was a worm/Trojan that required user interaction. It was not a virus and could not propagate to other Intel Macs.

Thunderstrike2 is not a virus, either. Physical access is required to infect a computer.

Again, there have been other forms of malware that can affect OS X, but none have been a true virus.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom