RetouchPRO

Go Back   RetouchPRO > Tools > Hardware
Register Blogs FAQ Site Nav Search Today's Posts Mark Forums Read


Hardware Computers, displays, tablets, scanners, cameras, printers, etc.

Virus

Reply
 
Thread Tools
  #31  
Old 12-25-2007, 02:25 AM
Gary Richardson's Avatar
Gary Richardson Gary Richardson is offline
Senior Member
 
Join Date: Mar 2004
Location: Yorkshire, England
Posts: 2,717
Re: Virus

Hi plugsnpixels,

Macs OS is not in and of itself secure, no OS is, but you are right that you are highly unlikely to come across any infections.

The simple answer is that the bad guys just don't write them for Macs because there is insufficient payback for them.

Modern malware is written by highly skilled and educated professional programmers, it has long ceased to be the activity of kiddies in their bedrooms, but is organised by well funded criminal gangs. The reason being that they can make huge amounts of cash from these activities, in some cases running into billions of dollars.

Were they to be interested in Macs, then there is absolutely no doubt that they could develop infections to penetrate their defences. However they want the biggest return for their effort, and that means targeting Windows, a system that is much more prevalent and with which they are so far more familiar.

The current trend is towards identity theft, and the more and more infections are being written to install backdoors and keyloggers. Most are rooted (cloaked by a rootkit), so generally the user does not know that they are infected, many times they come to us with other problems, and it's only when/if we run a rootkit scan that their "guests" are discovered.

With a backdoor/keylogger, the attacker has as much (and in most cases more) control over your computer as you do. They can install programmes to distribute porn, distribute spam, use your computer for DDoS attacks and a whole lot of other criminal activities. These programmes are rooted, so the victim will be unaware that they are present, as they are not seen by the OS. The only thing the victim notices usually is a reduction in their computer's performance.

Just how long Macs remain untargeted I couldn't say, as I said earlier I hope it stays that way indefinitely, but at some time or other it seems logical to assume that these criminals will want to expand their interests, and when/if they do, you probably won't know, because all you'll notice is decreased performance which you'll probably attribute to something else, just like all the Windows users did.

Last edited by Gary Richardson; 12-25-2007 at 02:37 AM.
Reply With Quote top
  #32  
Old 12-25-2007, 09:48 AM
Swampy's Avatar
Swampy Swampy is offline
Senior Member
 
Join Date: Feb 2005
Location: The Swamps of Florida
Posts: 4,418
Re: Virus

>>>Actually, I need to replace my computer. It is ~ 5 years old and I'm concerned of a complete failure at some point. My concern with the apple is the cost of converting all of my software to the apple environment and how many of my applications will work in this environment. Any thoughts?

For the cost of Parallels or Fusion you can turn your Mac into a full blown PC. Run your old software using XP or Vista OS. Do your surfing, email etc. on the Mac "side" to avoid internet born virus/malware. No need to buy new versions of your software. :-) It's an Intel chip after all.
Reply With Quote top
  #33  
Old 12-25-2007, 01:19 PM
plugsnpixels's Avatar
plugsnpixels plugsnpixels is offline
RetouchPRO LIVE Guest Artist
Patron
 
Join Date: Dec 2005
Location: LA area
Posts: 2,027
Exclamation Re: Virus

This is funny! Just this very moment, for the first time ever (with this thread open), I got the pop-up window Swampy described (see attached), and this web page--CAREFUL, it's one big hyperlink loaded (titled "Online Guard")! I'm also attaching a screenshot of the page so you don't have to visit it to see it.

Nothing else happened until I tried to select/copy the web header to post here, then the .exe (Install2650.exe) began to download. I'm on a Mac, so I just cancelled it. (Here's some info on the .exe file from Prevx, which appears to be legit, but who knows...)

The Online Guard page is obviously bogus; it says I have 14 spywares with 5519 files infected... I bet if anyone else looked at this page it would say the same thing.

So maybe this thread is infected-!
Attached Images
File Type: png onlineguard.png (20.7 KB, 16 views)
File Type: gif onlineguardfull.gif (56.2 KB, 16 views)

Last edited by plugsnpixels; 12-25-2007 at 01:32 PM.
Reply With Quote top
  #34  
Old 12-25-2007, 01:38 PM
Swampy's Avatar
Swampy Swampy is offline
Senior Member
 
Join Date: Feb 2005
Location: The Swamps of Florida
Posts: 4,418
Re: Virus

P&P good catch. If I were on a PC, I'd never click the link. Geeez... it sends you to aome obscure web page and offers to check your computer for malware, Just click the link and get infected and pass it on... No way Jose
Reply With Quote top
  #35  
Old 12-25-2007, 04:33 PM
HroadhogD1 HroadhogD1 is offline
Senior Member
 
Join Date: Jan 2006
Posts: 168
Re: Virus

My question is, after somebody gets this type of pop-up-and you click cancel, is it still downloaded? What if you just click the red X? All of this seems to be getting worse. What can we do? Add software, and watch what we do, but even then..... With the Macs getting more popular, it seems to be just a matter of time.....guess there are people out there staying one step ahead or at least a half step. I just wish there was more we could do!!
Reply With Quote top
  #36  
Old 12-25-2007, 04:57 PM
plugsnpixels's Avatar
plugsnpixels plugsnpixels is offline
RetouchPRO LIVE Guest Artist
Patron
 
Join Date: Dec 2005
Location: LA area
Posts: 2,027
Re: Virus

Depends on how far along the way you cancel. Even if it fully downloads, it would probably just there sit until you double-click it. On the Mac a .dmg or .pkg couldn't install itself without your password, or so I understand. Not sure about XP.
Reply With Quote top
  #37  
Old 12-26-2007, 12:42 AM
plugsnpixels's Avatar
plugsnpixels plugsnpixels is offline
RetouchPRO LIVE Guest Artist
Patron
 
Join Date: Dec 2005
Location: LA area
Posts: 2,027
Post Re: Virus

Here's an example of how Mac OX-X Leopard handles stuff you downloaded.
Attached Images
File Type: png allow.png (18.7 KB, 11 views)
Reply With Quote top
  #38  
Old 12-26-2007, 04:16 AM
Gary Richardson's Avatar
Gary Richardson Gary Richardson is offline
Senior Member
 
Join Date: Mar 2004
Location: Yorkshire, England
Posts: 2,717
Re: Virus

Quote:
Originally Posted by HroadhogD1 View Post
My question is, after somebody gets this type of pop-up-and you click cancel, is it still downloaded? What if you just click the red X? All of this seems to be getting worse. What can we do? Add software, and watch what we do, but even then..... With the Macs getting more popular, it seems to be just a matter of time.....guess there are people out there staying one step ahead or at least a half step. I just wish there was more we could do!!
Can't speak for Macs as I'm not familiar enough with their OSs to say.

For Windows it will depend on what "permissions" are set. If you are browsing using an account with Administrator privileges (Windows XP accounts are Administrator by default), and your browser is set to allow scripts, then you can be fully infected without any human interaction.

If you are using an account that is set to Limited, then the file would not be installed as Limited accounts do not permit file installation. I recommend that everyone creates a Limited account and uses it for browsing. If you know you're going to want to DL and install something then use your Administrator account, otherwise by using a Limited account you are much safer.

Similarly if your browser was set not to allow scripts to run, then it's unlikely the rogue installer will operate. I use Firefox as my browser with the NoScript add on. This allows me to block scripts from all sites except those to which I give permission.

I don't want people to get paranoid about picking up really nasty infections, despite them being more widespread than they were formerly, they are still relatively uncommon for people who browse normally. They are mostly contracted by people looking for freebies and those visiting crack and porn sites. For those of us who are a bit more selective on what we click, the chances of getting an infection are very much reduced.

Just remember to be cautious of anything that's being given away and check things out before you install it, remember there's no such thing as a free lunch.
Reply With Quote top
  #39  
Old 12-26-2007, 07:07 AM
D Thompson's Avatar
D Thompson D Thompson is offline
Senior Member
 
Join Date: Jan 2005
Posts: 176
Re: Virus

Gary - thank you for all this valuable information. I just added the No Script extension to Firefox. Are the default settings ok or are there some options that need to be selected? Thanks again.
Reply With Quote top
  #40  
Old 12-26-2007, 07:09 AM
skydog's Avatar
skydog skydog is offline
Senior Member
 
Join Date: Jan 2006
Location: Carolina
Posts: 1,294
Re: Virus

Gary...how/where for explorer do I indicate "no script"? Within the Tools of explorer do I change or just use the security settings provided?
Reply With Quote top
Reply

  RetouchPRO > Tools > Hardware


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Still wondering about possible virus (What's .HQX?) Ed_L Salon 10 08-24-2004 08:45 PM
Do I have a virus? Ed_L Salon 15 07-22-2004 08:14 PM
I've got a virus! Ed_L Software 10 02-01-2003 12:31 PM
New Anti Virus Sanda Software 7 10-03-2002 04:16 PM
Virus Question jerry Salon 8 07-15-2002 02:36 PM


All times are GMT -6. The time now is 05:46 PM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.
SEO by vBSEO ©2011, Crawlability, Inc.
Copyright © 2016 Doug Nelson. All Rights Reserved