Split from TOPIC: VIRUS WARNING/SCAM? ON MAC

[sunnybob]

I was always told you "cant hack a mac"
Thats rubbish then?

 

[Jacob]

I was always told you "cant hack a mac"
...

Nearly true. You get the occasional little trojan like the above but no major problems. You can manage without anti virus protection for many years.

 

[Tasky]

I was always told you "cant hack a mac"
Thats rubbish then?

Oh good GOD, yes it's rubbish!!!

Macs get fewer attacks, simply because there are fewer Mac users and so fewer Mac hackers... but the idea of them being more impregnable than a barren virgin secured in a fortress is indeed a myth.

One fella widely publicised his hacking of Mac laptops - Apple pays people who find and fix security flaws, as they essentially do their bug fixes for them, except they weren't so forthcoming with paying this guy after he told them about it so he went public. Other Apple security researchers have done similar.
Basically, within a few short minutes, these guys can access your Mac, install malware and viruses, steal all your data, then utterly brick your battery, and potentially use their installed software to force-overheat the battery to the point where it explodes!

 

[Jacob]

Except it never happens does it? First time I've ever heard of it, having been using macs for 20 years or more.
Macs aren't the tiny minority they were - now 12% of all PC sales and rising. That's 5.3 million  macs apparently.

 

[Tasky]

Except it never happens does it? First time I've ever heard of it, having been using macs for 20 years or more.

Many Mac users like to cite how long they've been using their Macs for, usually claiming absolutley no need for even having antivirus, because you 'Can't Hack a Mac'.... In 2012 over 600,000 of them were infected by the Flashback virus, including a friend of mine.

Lets have a quick look at 36 years:
https://nakedsecurity.sophos.com/2011/1 ... e-history/

And the past couple of years:
https://www.macworld.co.uk/feature/mac- ... y-3668354/

Hell, as if crackpot conspiracy theories about aliens weren't stirring up enough drama, the CIA are purposely coming up with hacks, bypasses and exploits themselves:
https://arstechnica.com/information-tec ... rget-macs/
And we all know how good they are at keeping dangerous things out of the wrong hands (unless they can make money from selling it)!!

If it is connected to the internet, it can be subjected to hacks, viruses, malware, trojans, zero-day attacks an so on. Apple are quite reasonable at getting fixes out, but not always... and even then, the patches don't always fix things:
https://arstechnica.com/information-tec ... are-hacks/

Macs aren't the tiny minority they were - now 12% of all PC sales and rising. That's 5.3 million  macs apparently.

And the vulnerabilities, attacks and successes are increasing along with them, as the increased number makes them a more useful target... even brand spanking new Macs:
https://www.cultofmac.com/568993/mac-os ... rise-hack/

Of course, the biggest vulnerability usually exists between the keyboard and chair, and the same social engineering tricks that work on this component of Windows and Android will work on any UNIX, Linux, Ubuntu or Apple OS. :wink:

 

[LancsRick]

All platforms are vulnerable, it's just what you focus on that is the question. Very few businesses run Mac as their primary computing system, so even when you look at the fact that Apple are more popular domestically than they once were, they are still a serious minority.

 

[Vann]

...You get the occasional little trojan...

It's not a virus. It's a woodworking tool...

Cheers, Vann :wink: :ho2 .

 

[Woody2Shoes]

Except it never happens does it? First time I've ever heard of it, having been using macs for 20 years or more.
Macs aren't the tiny minority they were - now 12% of all PC sales and rising. That's 5.3 million  macs apparently.

I worked for Apple for a year or two some years ago. There is no question, Macs DO get infected with malware. I recently watched a hacking competition where someone (who knew a "zero-day" vulnerability) took seconds to break into an up-to-date Apple server machine.
Don't forget that the good malware is the stuff nobody realises they've been infected by - there is more of that about now than there ever was.

 

[Jacob]

Yes we know it happens but it's not so often as with PC by a long chalk, whatever the reason.

 

[Racers]

Macs need anti virus software, all the Macs at work run anti virus just like the PC's.
It only needs one infection to steal your bank details and you are penniless, like the old people who keep all their money in a shoe box in the wardrobe because they don't trust banks and get robbed.
Get one installed NOW!

Pete

Pete

 

[Woody2Shoes]

Yes we know it happens but it's not so often as with PC by a long chalk, whatever the reason.

Jacob - I think you've lulled yourself into a false sense of security - I'll repeat, good malware (and it's getting better all the time) is something the user (and most AV tools) won't be aware of - by definition! - whether you're on an Android/Windows/MacOS/whatever platform - your sample size of one doesn't strengthen your argument. Cheers, W2S

 

[--Tom--]

Almost as heated as a malware on Linux debate, lol

Don’t forget anti malware won’t be a panacea

Modern browsers are pretty good at sandboxing themselves from the underlying operating system, but this can be circumvented- usually by prompting you to click/install/run something. Think before clicking and you’re a long way there

Drive by downloading of malware from websites is pretty rare if you’re staying on reputable sites. If you go looking for it you can find it though

 

[Tasky]

Yes we know it happens but it's not so often as with PC by a long chalk, whatever the reason.

Yes, and a Honda Pilot has occasionally crashed, although it's a long way off from how often a Kia Rio crashes.... but I bet you still wear a seatbelt, no?

 

[Geoff_S]

Oh the irony :roll:

As I was reading this thread, on my iMac, I was redirected to the "Adobe Website" and a message telling me that my Adobe installation
was out of date, and that I should click the button to update it.

Yeh sure, the web address of the sender was something like "livemessengeractive.com" or similar b*ll*cks!

Don't even debate it, just protect it.

 

[RogerS]

....
It only needs one infection to steal your bank details.....
Pete

How, exactly ? Passwords not stored on the Mac. All my bank accounts only ask you for a few letters from your password and so a key logger won't help them.

 

[RogerS]

....., then utterly brick your battery, and potentially use their installed software to force-overheat the battery to the point where it explodes!

You forgot that they'll also make the milk turn sour in your fridge.

It was in 2011 and I think that they will have fixed that by now .

 

[Jacob]

Passwords stored in two places: "Keychain" and also on Google Chrome. Protected only by your admin password - until you boot up, or google password when off line.
You have to key in other stuff once past the password but a saved password is a start I imagine.

 

[Tasky]

You forgot that they'll also make the milk turn sour in your fridge.

It sounds crazy for sure.... but there was a web-documentary video where the original hacker actually demonstrated everything described, right up to the point of heating the battery - He halted the processes before it got to exploding, for obvious reasons, but he did then brick the battery to prove the point.
He seems to have gone on to hacking vehicles lately.

It was in 2011 and I think that they will have fixed that by now .

They may have closed some holes off, but the mechanics of the vulnerability still exist and it only takes one person to find a new hole... or for the one flaw you can't patch - a user to be tricked into opening one.
But even if they have, there are plenty of other threats to be getting on with.