April 2012
65 posts
600,000 Macs compromized, security researchers blame Apple for being lax.
Russian researchers have discovered a botnet of more than 600,000 Macs. Yes, Macs — you know, those things that don’t get malware. Apple (NASDAQ:AAPL) is coming under heavy criticism for its slow response to known vulnerabilities and for perpetuating the myth that OS X is malware-free. In IT Blogwatch, bloggers rush to grab the update.
[Update 2: Mac fans defend their favorite platform amid deafening laughter]
By Richi Jennings: Your humble blogwatcher curated these bloggy bits for your entertainment. Not to mention: Almost gliding an Airbus into LAX…
Dan Moren reports in measured tones:
It can now infect your computer from…a visit to a website. … The latest variant…takes advantage of a weakness in Java SE6…CVE-2012-0507, allows the malware to install itself from a malicious website…without needing the user to enter an administrator’s password.
…
Apple has long been criticized for lagging…when it comes to updating Java for security patches.
…
[But] there’s no need for widespread panic.
Er, Dave Neal says it is time to PANIC:
[A] botnet…has hijacked an impressive 600,000 infected Macs. … Infected web sites…range from some related to films through streaming television services to something called Gangstasparadise.
…
[T]here might be four million compromised web pages…and cases of infection when visiting dlink.com.
The anonymous Russian gnomes at Dr. Web measured the botnet:
Systems get infected with BackDoor.Flashback.39…JavaScript code is used to load a Java-applet containing an exploit. [We] discovered a large number of web-sites containing the code.
…
Attackers began to exploit [these] vulnerabilities to spread malware in February 2012. … The vulnerability has been closed by Apple only on April 3. … Most infected computers reside in the United States (56.6%)…Canada comes second (19.8%)…the third place is taken by the United Kingdom (12.8%)…and Australia with 6.1%…is the fourth.
…
Mac users [should] download and install a security update released by Apple from support.apple.com/kb/HT5228.
Brian Krebs has strongly-worded criticism of Apple:
Apple stopped bundling Java by default in…Lion, [but] it offers instructions for downloading and installing [it] when users access webpages that use it.
…
I can’t stress this point strongly enough: If you don’t need Java, remove it from your system. … Apple maintains its own version of Java, and [is] unacceptably far behind Oracle in patching critical flaws. … [Its] lackadaisical…response to patching dangerous security holes perpetuates the harmful myth that Mac users don’t need to be concerned about malware.
And Adrian Sanabria backs him up:
Despite what Apple…would have you believe, Macs are not invulnerable…malware targeting OS X does exist. … [The] operating system isn’t a panacea when it comes to security - only less targeted. Until now.
…
[If] accurate, such a large infection rate on Macs may change common perception of OS X as “virus-proof.”
Update: Philip Elmer-DeWitt eats, if not crow, then some sort of dark-colored avian fauna:
Having written several times…about the relative security of Apple’s…operating systems…I feel obliged to report that Mac OS X is under…the most serious malware attack to date.
Meanwhile, Mike Magee’s minions mostly mock Macs:
Apple users will be suffering a crisis of faith, as…its faith-based security system failed to prevent [this].
…
[H]apless Mac users…have mostly been twiddling their thumbs, satisfied with the impenetrable fortress…that Apple’s machines are, for some reason, perceived to be.
Update 2: Dave Schroeder defends against the schadenfreudenistas:
[No] sensible person ever said “Macs don’t get infected.” … It’s just a lot less likely…even accounting for differences in marketshare.
…
Macs, as a whole, are indeed “more secure”, in that still, to this day, you are far less likely…to become impacted with any malware than with Windows. Maybe someday this will change. … The fact that single instances of Mac malware get so blown out of proportion, still, is ridiculous.
…
The same advice and best practices for avoiding malware apply to Macs…and Mac users would do well to run current AV software.
Serph: Yasu's grandchild?
You know who’s surprisingly similar? Yasu from Umineko and Serph from Digital Devil Saga.
Both have a true OTP of the series that no one would deny, that’s the other half of them in degrees of varying literalness. Both of them are incestuous with said OTP. Both, nonetheless, are to a lesser degree in love with the rest of their family/tribe. Both deal with intense sexual jealousy from someone in their family/tribe who they also love, but not the same way they love their OTP. Both have a really high bodycount. Both of them deal with their one true love fearing them to be a villain. Both of them have an odd identity, and people find it really easy to project their feelings onto them.
When you consider that Sheffield was involved in a crazy scheme to channel god, I can only conclude that he is actually Yasu’s grandchild, who unfortunately inherited the worst parts of Kraus and Kinzo.
dress like someone you admire to help you emulate them →
nytimes.com
Why you should dress like Jesus:
A group of researchers at Northwestern School of Management are studying embodied cognition and found that when undergrads wore a white coat they believed to belong to a doctor, their ability to pay attention significantly increases. But, when they wore the same coat they believed to belong to a painter, there was no effect. They go on to say that people think with more than our brains, but with our bodies too. It’s been long established that people perceive you differently by the way you dress, but they are trying to see how the way you dress affects your basic abilities and your readiness to take on different roles. Since doctors are believed to be good at paying attention and careful, the students acted that way too. Funny quote:
“Clothes invade the body and brain, putting the wearer into a different psychological state, he said. He described his own experience from last Halloween (or maybe it should be called National Enclothed Cognition Day).”
He had decided to dress as a pimp, with a fedora, long coat and cane. “When I entered the room, I glided in,” he said. “I felt a very different presence.”
I think this means that the only reason mass murders don’t happen at cons is that no one can actually handle the weapons of the person they’re dressed as. Good luck to any of the Sephiroths who want to try using their 10 foot long swords.
THIS POST IS BEAUTIFUL! →
ok lets see if that thing with glasses chicks suddenly becoming super weird feminine when they whip off their glasses works
woop
well that was anticlimatic wait
wait
WHAT THE HELL IS GOING ON
What that is dumb and does not happen.
Look, check it out.
See, not much diff-
Wait, what-
the fuck.
You guys are being dumbs
That does not happen in real life watch
See I told you
Wait a
who am i
you guys this is straight up bullshit
i’ll prove it to you all right now ok
you see, like i said, it’s total bull—
…oh what the hell…
the FUCK kind of GYPSY MAGIC SHIT is THIS?!?!?!?!?!
…….
hey boys~*~*~*~ wonk~*~*~*~*~
omg jeannine you win
Huh. You women and your woman problems.
Good thing I’m a dude and don’t have to worry about that kinda crapola
Wait wtf
You guys are amateurs
let me show you how this is done
ah shit I had them on the ”genderfuck” setting
…
well, that works too
okay you amateurs
let me show you how it’s done
I’m now River Song
shhh spoilers
What the hell?
I wonder what happens when you put glasses on?
Ok, so far so good…
IT GOT EVEN BETTER
SCREAMS
A perfect, albeit unintentional summary of Higurashi, courtesy the Higurashi tag:
…is apparently destroyed by tumblr erasing my post, wtf.
First post
Okay, I have no clue what I’m doing, but here’s my tumblr! Stuff may or may not be posted, but at least the layout is cheerful.
