Thursday, June 2, 2011

XProtect from Apple,
New MAC Defender variant:
Excellent Summary from Sophos!

Early this AM Sophos published an EXCELLENT article about Apple's XProtect software. XProtect is part of Mac OS X 10.6 Snow Leopard (not 10.5 Leopard, sorry). It was updated as part of Apple Security Update 2011-003 this past week. It now automatically checks every 24 hours for new malware signatures from Apple. It's terrific! Except the malware rats immediately responded with a new work around version of the MAC Defender (the correct spelling) Trojan horse series. And that sucks.

Read all about it!

Apple to malware authors: Tag, you're It!

. . . Apple's XProtect is not a full anti-virus product with on-access scanning. XProtect only scans files that are marked by browsers and other tools as having been downloaded from the internet.
If the bad guys can continually mutate the download, XProtect will not detect it and will not scan the files downloaded by this retrieval program. Additionally, XProtect is a very rudimentary signature-based scanner that cannot handle sophisticated generic update definitions. . .
Keep in mind folks that this is a series of Trojan horses. Our computer's worst security flaw isn't Mac OS X! It's you and me. WE install Trojan horses, not our computer. Trojan horses are the bane of EVERY computer. Every Windows box, every Mac, every Linux box, etc., is vulnerable to Trojan horses.

Therefore, the 'Security Through Obscurity' ignorant FUD trolls can take a nap. Trojan horses do not apply. (And why is that? Read the paragraph above over and over until it sinks into your empty troll heads).

What IS new is that social engineering malware rats have hit the Mac in a persistent wave. If Mac LUSERS weren't falling for their fake anti-malware, they wouldn't bother. It's time for we the Mac users to grow up and pay attention to EVERYTHING we click and EVERYTHING we install.

There are psychopaths (aka malware rats, Neo-Con-Jobs, TardPartiers, The Red Hacker Alliance, etc.) out there in the world. They want EVERYTHING they can lay their self-destructive claws and fangs on. Nothing is sacred. We are the target, as well as themselves. That munching sound is them eating your computer, while their own insecurities eat them.

