I would love to see stats on how many infections happen per platform based on this virus, since it's on both Windows and OS X.
I would expect to see a higher penetration on Macs, since I assume people using Macs don't have the higher level of paranoia that has been engendered in Windows.
I don't think any of this has to do with higher level of paranoia. The same reason Windows machines are vulnerable to social engineering attacks are the same reason OS X is vulnerable to it.
---
Hey, I want to watch this video/movie/clip/trailer but I need to download and install this tool first, alright, click click click, hey, my trailer didn't show up. On to the next website I go.
---
There is no good way to stop crap like this either, the user is willingly installing it themselves, people hate the walled garden that iOS has become, and that OS X is becoming with the App Store, yet that is one of the ways that the OS can be secured. You have people up in arms about it being closed off or being inaccessible because of these new restrictions, but at the same time people want to be able to install whatever they want.
Whitelisting is the only real secure way to make sure that the wrong app doesn't run. Blacklisting means you are always chasing the ball and the target.
"people hate the walled garden that iOS has become, and that OS X is becoming with the App Store [...] You have people up in arms about it being closed off or being inaccessible"
'People' say a lot of things. I've personally never heard a non-geek complain about Apple's 'walled garden'. Mac and iOS device sales are higher than ever.
I'd love to see a program that blocks any new installs until approved by a "family geek". When your mother clicks that INSTALL NEW TOOLBAR! link, it emails you with details on the software to be installed, and only after you approve it, your mom is able to proceed with the installation.
It would be nice if OSX's security model was extended to require the root password for any application or plugin installer that isn't handled directly within a process.
That's a really good idea. Maybe hacking it into the OS like that is going a bit far, but automating the "hey, does this look ok to you?" process is definitely a goer IMO.
15 comments
[ 4.3 ms ] story [ 44.3 ms ] threadI would expect to see a higher penetration on Macs, since I assume people using Macs don't have the higher level of paranoia that has been engendered in Windows.
---
Hey, I want to watch this video/movie/clip/trailer but I need to download and install this tool first, alright, click click click, hey, my trailer didn't show up. On to the next website I go.
---
There is no good way to stop crap like this either, the user is willingly installing it themselves, people hate the walled garden that iOS has become, and that OS X is becoming with the App Store, yet that is one of the ways that the OS can be secured. You have people up in arms about it being closed off or being inaccessible because of these new restrictions, but at the same time people want to be able to install whatever they want.
Whitelisting is the only real secure way to make sure that the wrong app doesn't run. Blacklisting means you are always chasing the ball and the target.
'People' say a lot of things. I've personally never heard a non-geek complain about Apple's 'walled garden'. Mac and iOS device sales are higher than ever.
It won't send you any emails, but it will prevent rogue software from being installed.
http://support.apple.com/kb/ht5290
https://news.ycombinator.com/item?id=4558985
It's trivial for publishers to detect Yontoo's technology, and alert people when it's happening. Something as simple as: