600,000 Macs compromized, security researchers blame Apple for being lax.
Russian researchers have discovered a botnet of more than 600,000 Macs. Yes, Macs — you know, those things that don’t get malware. Apple (NASDAQ:AAPL) is coming under heavy criticism for its slow response to known vulnerabilities and for perpetuating the myth that OS X is malware-free. In IT Blogwatch, bloggers rush to grab the update. [Update 2: Mac fans defend their favorite platform amid deafening laughter]
By Richi Jennings: Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Almost gliding an Airbus into LAX…
Dan Moren reports in measured tones:
It can now infect your computer from…a visit to a website. … The latest variant…takes advantage of a weakness in Java SE6…CVE-2012-0507, allows the malware to install itself from a malicious website…without needing the user to enter an administrator’s password. …
Apple has long been criticized for lagging…when it comes to updating Java for security patches. … [But] there’s no need for widespread panic.
Er, Dave Neal says it is time to PANIC:
[A] botnet…has hijacked an impressive 600,000 infected Macs. … Infected web sites…range from some related to films through streaming television services to something called Gangstasparadise. … [T]here might be four million compromised web pages…and cases of infection when visiting dlink.com.
The anonymous Russian gnomes at Dr. Web measured the botnet:
Brian Krebs has strongly-worded criticism of Apple:
Apple stopped bundling Java by default in…Lion, [but] it offers instructions for downloading and installing [it] when users access webpages that use it. … I can’t stress this point strongly enough: If you don’t need Java, remove it from your system. … Apple maintains its own version of Java, and [is] unacceptably far behind Oracle in patching critical flaws. … [Its] lackadaisical…response to patching dangerous security holes perpetuates the harmful myth that Mac users don’t need to be concerned about malware.
And Adrian Sanabria backs him up:
Despite what Apple…would have you believe, Macs are not invulnerable…malware targeting OS X does exist. … [The] operating system isn’t a panacea when it comes to security - only less targeted. Until now. … [If] accurate, such a large infection rate on Macs may change common perception of OS X as “virus-proof.”
Update: Philip Elmer-DeWitt eats, if not crow, then some sort of dark-colored avian fauna:
Having written several times…about the relative security of Apple’s…operating systems…I feel obliged to report that Mac OS X is under…the most serious malware attack to date.
Meanwhile, Mike Magee’s minions mostly mock Macs:
Apple users will be suffering a crisis of faith, as…its faith-based security system failed to prevent [this]. … [H]apless Mac users…have mostly been twiddling their thumbs, satisfied with the impenetrable fortress…that Apple’s machines are, for some reason, perceived to be.
Update 2: Dave Schroeder defends against the schadenfreudenistas:
[No] sensible person ever said “Macs don’t get infected.” … It’s just a lot less likely…even accounting for differences in marketshare. … Macs, as a whole, are indeed “more secure”, in that still, to this day, you are far less likely…to become impacted with any malware than with Windows. Maybe someday this will change. … The fact that single instances of Mac malware get so blown out of proportion, still, is ridiculous. … The same advice and best practices for avoiding malware apply to Macs…and Mac users would do well to run current AV software.
You know who’s surprisingly similar? Yasu from Umineko and Serph from Digital Devil Saga.
Both have a true OTP of the series that no one would deny, that’s the other half of them in degrees of varying literalness. Both of them are incestuous with said OTP. Both, nonetheless, are to a lesser degree in love with the rest of their family/tribe. Both deal with intense sexual jealousy from someone in their family/tribe who they also love, but not the same way they love their OTP. Both have a really high bodycount. Both of them deal with their one true love fearing them to be a villain. Both of them have an odd identity, and people find it really easy to project their feelings onto them.
When you consider that Sheffield was involved in a crazy scheme to channel god, I can only conclude that he is actually Yasu’s grandchild, who unfortunately inherited the worst parts of Kraus and Kinzo.
A group of researchers at Northwestern School of Management are studying embodied cognition and found that when undergrads wore a white coat they believed to belong to a doctor, their ability to pay attention significantly increases. But, when they wore the same coat they believed to belong to a painter, there was no effect. They go on to say that people think with more than our brains, but with our bodies too. It’s been long established that people perceive you differently by the way you dress, but they are trying to see how the way you dress affects your basic abilities and your readiness to take on different roles. Since doctors are believed to be good at paying attention and careful, the students acted that way too. Funny quote:
“Clothes invade the body and brain, putting the wearer into a different psychological state, he said. He described his own experience from last Halloween (or maybe it should be called National Enclothed Cognition Day).”
He had decided to dress as a pimp, with a fedora, long coat and cane. “When I entered the room, I glided in,” he said. “I felt a very different presence.”
I think this means that the only reason mass murders don’t happen at cons is that no one can actually handle the weapons of the person they’re dressed as. Good luck to any of the Sephiroths who want to try using their 10 foot long swords.