Category: Virus

More fun with Gates & Ballmer…

The Zeus Trojan – the God of botnets.

NetWitness found a botnet with control of 74,126 Windows systems spread around 196 countries. These systems are found at medical companies, insurance companies, educational institutions, energy firms, financial companies, Internet providers, and government agencies.

And here:

Prevx came upon a cache with logon credentials for 74,000 FTP accounts. These accounts were for companies such as NASA, Cisco, Kaspersky, McAfee, Symantec, Amazon, Bank of America, Oracle, ABC, BusinessWeek, Bloomberg, Disney, Monster, and the Queensland government.

You know, you start to become jaded concerning the security of the most popular OS on planet Earth.

The OS that 90% of the people viewing this blog use.

The OS that your company runs on.

The OS that your government runs on.

The OS your school, college or university runs on.

The OS that your bank probably uses.

The OS that despite being quite clearly not fit for use, somehow continues to be used, because so many people’s lives dependent on it.

What people? Well you, me, the IT department that won’t even let you change your desktop pattern wallpaper at work, your parents, your friends, the guy you overheard talking in the bus queue this morning about how his computer has become unusable again, or the other guy he was talking to who said that all he had to do was:

a) pay for more security software

b) visit this site that tells you how to solve your latest Windows problem in 38 easy steps

c) buy a new computer

d) don’t do anything on your computer to do with online banking or payments of any kind.

And, yes that last group of people who benefit from the crap that Gates & Ballmer peddle every day – the criminals and ne’r-do-wells that use the money they generate from hacking your computer to buy & supply drugs to your kids, fund terrorism, and various other nasties.

Lots of fun for all concerned.

Thank you Mr Gates and Mr Ballmer for all this, and thank you Apple for allowing me to write this blog on a computer that is not affected by any of this.

Sorry for being so jaded, but I don’t see anyone, anytime soon kicking Windows technology out of the door.

Microsoft’s subtle trick…

The Devil

I remember a Christian once saying to me that the best day’s work that the Devil ever did, was to convince everyone that he didn’t exist.

A similar analogy, is that the socialists have convinced everyone that George Orwell’s book ‘1984’ was about fascism, when actually it’s about the dangers of unrestricted socialism (IngSoc, stands for Engligh Socialism).

These thoughts were piqued when I read a newspaper article in the UK’s DailyMail newspaper, outlining the experience the reporter had when they accidentally clicked on a spammer’s email.

The chaos that ensued, highlighted the dangers of clicking on these sorts of emails, and the article well worth a skim:

Courtesy of the UK’s DailyMail newspaper:

I always like to read articles like this because they show the computer experiences of your average Windows user; and I mean the really average Windows user.

The average Windows user makes up the majority of Microsoft customer base, and this article perfectly illustrates the clever trick that Microsoft has played upon them.

The article in question is basically about someone who received an email that asked for all sorts of personal information. This email was a spam email, but the user dumbly accepted it as legitimate, and duly got conned – malware was installed and all sorts of chaos ensued.

Now you can comment on the ineptness of the user, but this article isn’t about their stupidity, it’s about the person that they ultimately blamed.

It’s a big, long article that goes into great detail about what happened to them, but nowhere and I mean nowhere in the article is the word ‘Windows’ or the word ‘Microsoft’ mentioned. Not once.

Ultimately the person who they blamed was – Yahoo. They blamed the email service for failing to filter out the email.

Not themselves for being so inept, not Microsoft for selling them an OS with security holes, but Yahoo. Poor Yahoo.

From the article:

Finally on Monday, three days later, smooth-sounding Jessica from ‘the Yahoo concierge service’ called to help me get back into my account and reassure me that Yahoo took such violations very seriously.
She would not be drawn on who might be responsible at Yahoo for stopping hackers. I wanted to know why Yahoo’s own filter system hadn’t spotted a bogus email sent in their name and taken it out before I opened it.

And here lies the biggest trick that Microsoft has made – they’ve made themselves invisible.

They’ve subtly altered people’s perception of computing so that they are blameless.
They’ve convinced the average Windows user that security holes are a way of life, and it’s not their fault, but it’s the fault of:
  1. You for not constantly being on your guard to make up for the fact that an email link can allow remote software to be installed.
  2. The ‘bad guys’ who send out these emails and take advantage of the security holes in Microsoft software
  3. The email provider for not filtering out the ‘bad guy’s’ emails.
All this is very depressing, but even more depressing are the 30 or so comments to this article from more ‘average Windows users’.
They all comment on the dangers of email, how they had spam before, and how they ultimately accept it as a way of computing life.
To add insult to injury, a drone from Sophos gives 3 golden rules for online safety – not one of them states to give up Microsoft software and choose Linux or Apple.
I’m fully aware that phishing emails are a malware-vehicle that could be used on these platforms as well, but the security hole that this email exploited was for Windows – as most, if not all of them are.

The many ages of a switcher…

Tell me you problems

When I’m bored (I mean really bored), I spend a few 1/4 hours surfing the Apple discussion boards, and nestled in amongst the questions, bugs, answers and advice I come across postings from recent switchers to the fairer platform.

What’s odd is that these postings have very similar topics and all seem to be categorised around repeating experiences.

1) The brand sparkling new switcher. This person has really only just got their Mac that weekend and they’re still breathless from the experience. They love it (of course), but want to know the following:

a) what applications there are to function the same as Wordperfect and Paint,

b) why the menubar is always at the top and why can’t it be moved,

c) how to turn off mouse-acceleration,

d) where can they get Anti-virus/malware programs.

2) The settling down switcher. This person has had their Mac for a few weeks and has learned to live the Mac-way, rather than trying to customize their Mac into a Windoze clone. The questions however continue.

a) Why can’t they change the size of the fonts in the menus,

b) Can .exe files run on a Mac,

c) Can they delete the Apple applications they don’t want,

d) They really need an Anti-virus/malware program, where can they get it from.

3) The Mac-tinkerer. This person has grown comfortable with their Mac and has successfully transfered all their pirated music/pron photos etc over. Now down to business:

a) I want to be able to delete anything on my Mac, how do I become an Administrator so I can do this?

b) I want to edit my swap file but I don’t see any way to do this, how?

c) I want to edit the registry, where is it located?

d) Are you really sure I don’t need anti-virus/malware?

e) I’ve been using my Mac for a few weeks now and need to defragment my drive, what programs are available?

4) My Mac has slowed down I must have a virus, yes a virus PLEASE HELP! Because every problem they have ever had with Windows was down to a virus/malware/spyware/keystroke logger, they are convinced that as soon as the beachball occurs, they must have a virus. Helpful Mac-users point out:

a) You don’t have a virus

b) Really no you don’t

c) Post exactly what your symptoms are and we can find out what the slowdown is caused by

d) No, really you don’t have a virus

e) Ah, the reason why your computer has slowed down is because you’ve put 180gb of pirated movies/music on your Mac and there’s only 1gb of space left.


5) OMG! My Mac’s not working PLEASE HELP! This person has decided that even though they are happy with their Mac, they want to make it better, and has accidentally deleted:

1) The Finder

2) The Terminal

3) The Library folder

4) All of the above

and of course they don’t have a back-up. They curse the day they ever bought a Mac and complain profusely that this never happened on Windows.

I know that’s there’s a bit of exaggeration here (only a bit mind), but every one of the above true observations, is centered around this concept:

To a Windows user, the fun in using a computer comes from keeping it running, installing and updating Antivirus, editing key files to squeeze out 1.7% extra speed, configuring arcane files, messing around under the hood.

Not actually using the computer to learn or create something. Sure they probably do some of that along the way, but first and foremost a computer needs careful nurturing before you can do any of that silly creative nonsense.

If you could define a Mac, it would be that it arrives, out-of-the-box, ready for you to use, ready to have some fun.

Apple’s tablet plans…

Tablets

I remember a comment I read once concerning a question put to Steve Jobs along the lines of, “If you could release the Mac today, would you do anything differently?”

His answer was along the lines of, “I wouldn’t let anyone write software for it.”

I think his reasoning behind this statement, is the perennial problem that plagues computers: the fact that they are computers.

Anybody with minimal training can come along a write any software they like and release it into the wild. Users can then install it onto their computer and off they go.

This central premise lies at the heart of what a computer is – it runs software, both good and bad.

Coming back to Steve’s comment, even he couldn’t create a time machine and actually do this, but he could (and I think he’s trying and succeeding) to certainly do the next best thing.

Namely, anyone who wants to write software, must have that software approved – by Apple.

This is the current model of the iPhone and iPod Touch. Whether you agree that it’s a good thing or a bad thing, any software that runs on these devices is controlled by Apple. They could even delete it remotely if they wanted to.

Now think of the upcoming tablet.

The current consensus is 7″-10″, that probably runs a variant of the TouchOS, and iWork is installed by default – this means that this is a serious content creation device, not a passive device that you listen to music and watch movies on.

But that means it also runs the AppStore. Which means that the software distribution model is the same – any software is controlled by Apple.

Now speculate – 5 years from now, we will have bigger tablets that run some seriously meaty software (I’m thinking Adobe apps here), and we will still have the same software distribution model.

A device that will, sooner or later replace the mouse-driven desktop, with all application development controlled by Apple.

Software that’s even more reliable than what we have now, with no viruses, spyware or malware, and even if they could be written, there would be no way for those things to even get onto your tablet.

What Steve Jobs is attempting to do with the iPhone, iPod Touch and by extension the range of tablets that they will sooner or later have, is redefine an industry.

Computers and everything that they have ever meant, will be consigned to the history books – and good riddance to them.

Aah, the wonders of ‘open’…

google malware

MacDailyNews – Malware designed to steal bank information pops up in Google’s Android app store

I’ve posted previously about the viewpoint of certain Mac-gurus (Inak-cough!-hto), that Apple’s over zealous closed system for the iPhone is something they should abandon and allow the users to decide whether or not they can run ‘x’ software on ‘their’ phone.

Apple have stated previously that a phone is not like a computer and you shouldn’t be allowed to just run anything on it – I agree.

Along comes Google with their ‘open-and-not-like-the-horrible-closed-iPhone’ GooglePhone, and this is the result, and as if to add insult to injury you have to do this:

If you did download the Droid09 app, please remove it from your phone and take it to your mobile provider to ensure it’s completely removed.

Not only do you have to delete it, you have to take it to your mobile provider to ensure it’s totally gone.

Take note of my emphasis – not only can you not be sure it’s gone by deleting in the UI, but you have to take it into the place you bought it to sort this problem out.

If something went wrong with an iPhone, you’d take it to an Apple Store, who’d be briefed on the problem and be able to sort it out there and then. Can you imagine taking your phone back into a high street phone provider and asking the untrained, minimum-wage spotty teenager to help you?

Ah, but at least you have an open phone… can’t use it reliably because it’s full of malware, but at least you haven’t got one of those ‘closed’ iPhones…

Posted using ShareThis

An exploit of Microsoftian proportions…

onecarevirus

New Malware Allows Hackers to Access Personal Information on Jailbroken iPhones – Mac Rumors

So the iPhone’s security situation worsens. This time it’s a really bad one. You can have your data stolen from your iPhone without even realising it.

You could walk past a coffee shop and someone with the right software could scan your phone and get at all your data. You wouldn’t even know it. Wow.

Of course this doesn’t affect me. Or just about anybody else who owns an iPhone.

Just those morons who took the advice from certain Mac-gurus and jailbroke their iPhones to ‘free them from the tyranny of Apple’s closed system’.

I think it’s time to admit that maybe Apple ‘knows best’.

Posted using ShareThis

‘iPhone’ worm? Not quite…

Computer Worm

Via MacDailyNews (sub-via the BBC, but I’m not linking to their FUD).

Posted using ShareThis

So there’s a ‘worm’ that’s been discovered in the wild (or should that be outback?) in Australia.

Our intrepid license-fee paid for reporters at the Beeb, gleefully point out that it changes the wallpaper to a picture of Rick Astley, and as a side issue also point out that it only affects jailbroken iPhones.

In my opinion, a jailbroken iPhone is not an iPhone – not the iPhone that most people viewing the BBC news item would buy and use, so the headline ‘Worm attack bites at Apple iPhone’ is a little inflammatory.

Leaving aside that issue, where does this leave all the whiners who have constantly asked, nay, demanded that Apple make their iPhone an open platform?

(I’m thinking of such high-profile ‘Apple-supporters’ such as Laporte, Inakhto, to name a few).

Does this not validate and verify Apple stance of a closed system, with only approved apps allowed?

Apple said at the time that a smartphone is a far more vulnerable computer than a traditional laptop or desktop, and therefore needs a different approach in terms of what is allowed to run on it.

Maybe the oft-used and derisory statement that ‘Apple knows best’ is correct after all.

Microsoft’s retail stab in the dark…

microsoft-retail-store

Upon thinking about Microsoft entry into the retail space, a few thoughts occur.

Microsoft have a really deep seated envy of everything that Apple does. Now, they’ve always had this from the very first meeting about Windows 1.0, and in the past they could get away with it.

After all, despite all Apple’s efforts, they were not a mainstream company. Microsoft and their partners dominated and no-one outside Apple’s niche had ever heard of them.

All the great unwashed saw was ever greater ‘innovation’ coming from Redmond. They did not know that this innovation was a photocopied, me-too agenda based upon what Apple did.

This approach works fine, as long as Apple remains a niche.

Can you really say that Apple Inc. is at this current moment ‘a niche player’?

Group together everything that Apple does, the Mac, iPod, iPhone etc, and their approaching 10% market share (and even greater mind-share), I think not.

Why does this make a difference? Well, Microsoft can keep up the pretense of being an ‘innovator’ as long as no-one (or at least the majority) knows that Apple exists.

This is all the more difficult, and one very good reason this is getting harder, is because of those pesky Apple Retail Stores.

People used to listen to their ‘geeky friend’ on what computer to purchase, which was usually, if not always Windows.

That’s not the case now, they see an Apple Store, go in, and more often than not, purchase. I don’t know what their footfall conversion rate is (the % of customer who enter a store and either do or do not purchase something), but according to Apple 50% of those purchases are to Windows users.

So what is Microsoft to do? Well there’s only one thing to do, fight fire with fire.

But Microsoft has a problem, and it’s a problem that cannot be got around. The PC model is proprietary OS on open hardware. Apple’s model is open OS (sort, parts of etc), on proprietary hardware.

Now I don’t care what people say, Apple’s model gives us more reliable computers, Microsoft’s model gives problems – lot of them, with more chances to go wrong.

Apple’s model is naturally fits the retail environment. People enter Apple Stores for an experience. Yes, they take their computers in to be fixed, and Apple manages that quite well, as their model keeps those fixes down to an acceptable level.

Microsoft? Their model invites problems, how the hell are they going to manage all those PC users with viruses, spam, malware and faulty hardware because their ‘geeky friend’ made their computer?

This should be interesting to watch…

Microsoft to open retail stores?…

6-8-08-angry-at-pc

This is going to be fun to watch…

Imagine the scene: Microsoft opens it’s store, hoping that people will walk through the door and fully grasp that Microsoft software can help their digital life and will be wowed by everything they have to offer and they won’t go to that funny fruit store down the street.

However what will happen is that Joe Sixpack will walk through the door walk up to the counter and say, “Ug! Computer not work, you fix!” (Along with the 20 people behind them with similar complaints).

The patient (and butt-ugly) Microsoft genius with say, “I’m very sorry sir, but your issue is a hardware issue and I’m afraid Microsoft only deal with software, I can give you the number of the Dell support-line?”

Mr Sixpack will then say, “Ug! Dellman say your software got virus, you fix!”

The Genius eyes will then light up and say, “Aaaah, yes sir then we can help you, we sell virus killing software starting at $59.95 per month for our basic package.” He then hands him a leaflet.

Mr Sixpack numbly hands over his credit card, “just make computer work – me want pr0n!”

At the end of the month Microsoft will say that their software stores are a great success, having sold millions of software packages that help their customer get more from their computer purchase.

If anything, this will force more consumers into Apple stores because for the first time, Microsoft will meet the great-unwashed PC buying public – and their problems. I really don’t think Microsoft realise that aspect at all – they really are that arrogant and full of themselves.

The will not be able to cope – it will be a PR disaster. All Apple needs to do is air a well-timed Mac vs PC add that targets this sh*t storm, and watch them come through the doors.

Microsoft, please, please, please – carry on.

Reaction to Microsoft’s answer to ‘GetaMac’

I’ve not published for a while as I have been knee-deep in the negotiations to convert my company’s website from a standard informational website in to a fully-fledged ecommerce site.

So I’ve let pass the current effort by Microsoft to counter the resurgence of the Mac with their own set of advertising, costing $300 million no less.

Being very busy, I don’t have the time to look into the metaphorical reasoning behind the Seinfield ads, but I assure you I will sooner or later.

I’m a marketing guy and I deal with peddling bullshit to consumers on a daily basis, and at first glance these ads seem amateurish at best.

In addition, I’m too late – they’ve been pulled already.

Microsoft have continued the assault on Apple with the ‘I’m a PC’ ads. Again however, the ads seem poorly thought out and clumsy in their execution.

But I’m not going to go into detail, but one thing I’ve noticed is the reception that any advertising effort by Redmond seems to generate in the media. It seems that the press is resoundingly negative in their judgement.

Why is this? Surely something can be said of these adverts that would give Microsoft some hope? Even myself at my most impartial, could, if pushed, muster some sort of positive morsel.

It seems to me that the tables have been turned.

Back in the 80’s & 90’s, the main motivating factor, the thing, above all that would sway someone’s opinion on whether to choose an IBM PC or a Macintosh, was their friendly (or not so friendly) neighbourhood geek.

The spotty nerd at work, the weirdo that fixed the computers, the clumsy nobby-no-mates that bored you senseless with talk of RAM, memory, DOS & hard disks.

And his recommendation was (you guessed it), the DOS (and Windows) PC. He scoffed at the Mac, calling it a toy, lacking in software, no powerful and something that nobody used.

And his recommendation stuck. For years. And years. We’ve been at the brunt-end of that decision ever since. The entire IT industry is geared towards pushing us to Windows and the PC.

Fast forward to the last few years. After years of crashes, viruses, trojans, malware and ever cheap computers, that seem to last little more than 18 months, the consumer who relied of their geeky friends recommendation just doesn’t believe them anymore.

So who do they believe? Well who’s left?

Their not going to listen to a Mac user either, because we get lumped together with those geeky weirdoes.

The only thing left is the media. They are listening to the media, the ad-men, all those artists who use Macs in all the creative departments up and down the land, all those PR agencies and marketing people who use predominantly the Mac.

The Mac’s time has come – for years the IT geeks recommended the PC to anybody who would listen, well those days are gone. Now that the consumer’s ear is turning towards the media, we will recommend nothing but the Mac.

Poetic justice for all the years of misery they’ve put us all through.

Carpet bombing flaw in Safari is not a problem because…

 

Link from Slashdot to arcticle at The Register

So let me get this straight, a flaw in Safari, could allow a malicious attacker to download files (1, 2 or thousands) to your Windows desktop without your perrmission.

But the flaw doesn’t allow execution.

Because Apple’s not that stupid.

You know, to allow just ‘any’ file to just execute without permission.

So what’s the problem? Other than it being a ‘design’ flaw? It’s certainly not a security flaw is it? the files cannot be executed and therefore cause untold damage can they?

Ah, right but those files can…

By a flaw in Windows.

Not Safari, then.

So it’s Microsoft’s problem then is it?

That’s right it is.

And when will Microsoft fix this flaw?

No word on that. Yet.

I’m sure they’ll get round to fixing it asap, once they’ve blamed Apple for drawing attention to their SECURITY flaw, by a DESIGN flaw that Apple, quite rightly, didn’t really think would cause too much of a problem, because no company is stupid to allow files to execute by themselves.

Except Microsoft. Again.

 

A thought about Psystar…

Frankenmac

Hold on a minute… what about security updates? 

Supposedly, in order to stop Apple from ‘bricking’ these Frankenmac’s, the Mac’s software update has been disabled by Psystar.

Now Psystar say that any updates from Apple will (presumably after alterations by Psystar) be posted on their support site.

Updates from Apple that correct bugs and add features are one thing, a user can live without these if needs be, but what about security updates?

Security updates usually come from Apple as separate entities, can we be certain that Psystar will a) be actually be able to offer them and b) after altering them to suit the specific hardware that Psystar is offering will they work effectively?

Apple has teams of engineer’s who know the hardware intimately, Psystar has, by all accounts, a unnamed brother.

Do you feel secure? I wouldn’t.

It’s gonna be a headache for Psystar, but I feel that they just won’t bother, all they want is your money.

But what does this mean in the long term?

Let’s say that Apple does nothing (they’ve done nothing so far).

Let’s say that Psystar’s Mac’s are a great success and sell by the boatload.

Let’s say that a really bad security vulnerability appears and Apple, as it’s duty permits, releases a security update.

This security update may also have code in it that brick’s Psystar’s Mac’s. Psystar then takes this update, examines it and somehow strips out the ‘bricking’ part. I don’t even know if this is possible, I’m not a programmer.

Even if they could, it’s going to take them a while to do this. All the time, the FrankenMac’s are vulnerable, and this happens, time, and time again. Apple releases dozens of security updates a year.

It’ll be too painful to update, and it’s not automatic so users just won’t bother.

This means that there will be a sizable proportion of Mac’s that are wide open to attack to malware & virus writers and Apple will be able to do nothing about it – it’s Psystar’s problem.

However, running the Mac OSX, Psystar’s problem IS Apple’s problem.

Psystar’s Mac’s will be the insecure bastard brother of the true Macintosh.

I think it’s very irresponsible of Psystar to potentially make the Mac-platform a target for virus-writers, simply just to chase a cheap buck.

Thinking this through – Apple, you really need to do something NOW, before this gets out of hand.