

Apple acknowledges Mac Defender malware, promises update - noctrine
http://arstechnica.com/apple/news/2011/05/apple-acknowledges-mac-defender-malware-promises-software-update.ars

======
tptacek
Malware is so rare on the Mac that Apple set up an entire web page to deal
with the _one_ trojan currently known to be impacting Mac users.

Macs aren't more secure than Windows machines, but they're still undeniably
safer (at least for normal people).

~~~
demetris
“Malware is so rare on the Mac that Apple set up an entire web page to deal
with the one trojan currently known to be impacting Mac users.”

I read that and I thought Apple had set up a top-level page. I then saw it is
an article in Apple’s knowledge base.

As far as I know, this is the same thing Microsoft does for distinguished
malware: articles in the knowlegde base. E.g., here is an old one for Blaster:

<http://support.microsoft.com/kb/826955>

~~~
tptacek
Blaster wasn't a trojan; it was a worm that actively compromised Windows
machines, took out entire huge enterprises (including major military
networks), hit the front page of CNN, and (IIRC) prompted a Congressional
inquiry about regulating software security.

Not exactly apples/apples.

------
shawndumas
<http://support.apple.com/kb/HT4650>

------
Sidnicious
As an IT professional, I’m honestly not sure how to feel about this.

On the one hand, it’s great that all the variants of MacDefender currently out
there will be neutralized.

On the other hand, we’re surely going to see new flavors that go undetected by
the update. Apple is getting into the anti-virus game, and potentially
starting an arms race. But, what else could Apple do in this situation?

~~~
LogicX
I think the key here is that this is a trojan installed by the user. Education
is the greatest weapon against this type of attack -- not trying to keep up
with users reinfecting themselves with each variant.

------
hexley
Wow, check out the removal steps in the kb article. Quit the app using
Activity Monitor then delete from /Applications. Clearly we have a long way to
go...

------
hobolobo
An interesting question is whether this is merely a blip or part of a trend.
Apple's user base must be an enormously tempting target for malware creators.

~~~
innes
To answer this question, we'd need to know whether various things will change
in the future:

 _Will criminals stop wanting to scam people?_

 _Will non-technical users somehow get more savvy?_

 _Will the Apple userbase get smaller and thus less lucrative?_

------
kapitalx
It is inevitable that as mac becomes more popular, we'll see more viruses and
malware.

------
vacri
heh, given that Apple was previously directing staffers not to acknowledge it,
when I read this headline all I could think of was Jobs telling a press
conference "OSX now has malware. This is a new, must-have feature that will
revolutionise the industry!"...

~~~
ddagradi
Apple is pretty damn careful about not making press releases until they have a
clear, concise and informative statement to make. Staffers were likely
instructed not to address it because the official response was forthcoming.
Yes, it's a slow response, but not worth attributing to malice.

~~~
chicagobob
As Gruber says: Measure Twice, Cut Once is the Apple approach

