looks like the mac is finally main stream
Any opinions expressed by me are mine alone, posted from my home computer, on my own time as a free American and do not reflect the opinions of any person or company that I have had professional relations with in the past 55 years. meep
|
|
Again, its stupidity.
And users just believing anything they don't understand.
|
|
And it's a Java issue, not an OS X issue.
|
|
Not entirely.
Apple maintains their own version of Java, so even when Oracle updates theirs it usually takes significantly longer for Apple to get around it.
This is an Apple issue as well. Regards,
-scott Welcome to Rivendell, Mr. Anderson. |
|
Yup. It's a "distribution" issue
|
|
Yeah, an Apple issue, not an OS X issue. ;-)
Seriously, it's a problem with Java that Apple should have addressed earlier. But one has the option of not running Java (or running a different Java if necessary). It's not like the typical holes in Winders (or IE which is a vestigial twin of Winders).
IOW, I wouldn't take this exploit as being a sign of increased popularity of Macs. Cheers, Scott. |
|
Actually... :-)
Java is exactly like the typical holes in Windows, because it is the most prevalent problem with Windows browser plugins: securityplanet.com/news/article.php/3925356/RSA-Java-is-the-Most-Vulnerable-Browser-Plugin.htm
Now, as a counterpoint to my "it's an Apple problem", the issue with Windows and Java stems from people not updating their Java plugins. Since Apple does this for the user by including it as part of Software Update, in general Apple machines are very likely to be more up to date than Windows machines. Regards,
-scott Welcome to Rivendell, Mr. Anderson. |
|
Ok, you win. :-)
|
|
Yep {{sniff}} -- Beret Pwned by some ^%*&$# Russki
Gotta use FFox for this-all; the Mo-Fo ate my post as this sucker crashed Safari just as I was about to save/send; I want this Wonder... writer's Head on a Pike.
Couple days ago, on an innocuous link from an electronics site (run by known sane people) I saw flash-by a box with an unknown filename, but ending in .ru; didn't wait for me to give any permissions--figured that, indeed--just >then<: . . .Gehabt, Kindern! (No clicky-clicky by moi, of course.) Yep.. maybe next day (?) "Safari quit unexpectedly.." now a random occurrence. After Updates a couple days ago and more tonight (when Apple finally got around to the new Java==OS X 10.6 Update 7) plus a Safari patch, I thought perhaps some sort of auto-removal 'feature' might accompany that-all. Guess not; herewith last User Diagnostic Report (partial): Process: Safari [337] Path: /Applications/Safari.app/Contents/MacOS/Safari Identifier: com.apple.Safari Version: 5.1.5 (6534.55.3) Build Info: WebBrowser-75345503~2 Code Type: X86-64 (Native) Parent Process: launchd [106] PlugIn Path: /Users/gort/Library/Application Support/.WondershareQuizCreatorBuild.tmp PlugIn Identifier: .WondershareQuizCreatorBuild.tmp PlugIn Version: ??? (???) Date/Time: 2012-04-12 02:19:33.622 -0700 OS Version: Mac OS X 10.6.8 (10K549) Report Version: 6 Exception Type: EXC_CRASH (SIGABRT) Exception Codes: 0x0000000000000000, 0x0000000000000000 Crashed Thread: 1 Application Specific Information: abort() called Thread 0: Dispatch queue: com.apple.main-thread 0 libSystem.B.dylib 0x00007fff80004d7a mach_msg_trap + 10 1 libSystem.B.dylib 0x00007fff800053ed mach_msg + 59 2 com.apple.CoreFoundation 0x00007fff87759902 __CFRunLoopRun + 1698 3 com.apple.CoreFoundation 0x00007fff87758d8f CFRunLoopRunSpecific + 575 4 com.apple.HIToolbox 0x00007fff821187ee RunCurrentEventLoopInMode + 333 5 com.apple.HIToolbox 0x00007fff821185f3 ReceiveNextEventCommon + 310 6 com.apple.HIToolbox 0x00007fff821184ac BlockUntilNextEventMatchingListInMode + 59 7 com.apple.AppKit 0x00007fff80d4eeb2 _DPSNextEvent + 708 8 com.apple.AppKit 0x00007fff80d4e801 -[NSApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 155 9 com.apple.Safari.framework 0x00007fff88391b48 -[BrowserApplication nextEventMatchingMask:untilDate:inMode:dequeue:] + 177 10 com.apple.AppKit 0x00007fff80d1468f -[NSApplication run] + 395 11 com.apple.AppKit 0x00007fff80d0d3b0 NSApplicationMain + 364 12 com.apple.Safari.framework 0x00007fff8854ee6a SafariMain + 200 13 com.apple.Safari 0x0000000100000f1c 0x100000000 + 3868 Thread 1 Crashed: 0 libSystem.B.dylib 0x00007fff800779ce __semwait_signal_nocancel + 10 1 libSystem.B.dylib 0x00007fff800778d0 nanosleep$NOCANCEL + 129 2 libSystem.B.dylib 0x00007fff800d43ce usleep$NOCANCEL + 57 3 libSystem.B.dylib 0x00007fff800f3a00 abort + 93 4 libstdc++.6.dylib 0x00007fff882ff5d2 __tcf_0 + 0 5 libobjc.A.dylib 0x00007fff87663b4d _objc_terminate + 120 6 libstdc++.6.dylib 0x00007fff882fdae1 __cxxabiv1::__terminate(void (*)()) + 11 7 libstdc++.6.dylib 0x00007fff882fdb16 __cxxabiv1::__unexpected(void (*)()) + 0 8 libstdc++.6.dylib 0x00007fff882fdbfc __gxx_exception_cleanup(_Unwind_Reason_Code, _Unwind_Exception*) + 0 9 libstdc++.6.dylib 0x00007fff882b9a3e std::__throw_length_error(char const*) + 127 10 libstdc++.6.dylib 0x00007fff882e43fe std::string::append(char const*, unsigned long) + 82 11 ...ershareQuizCreatorBuild.tmp 0x0000000100082cbb dylibmain + 3599 12 com.apple.CFNetwork 0x00007fff84bd4dd7 HTTPReadFilter::readHeaderBytes(StreamReader*, unsigned char, unsigned char*, long, CFStreamError*) + 421 13 com.apple.CFNetwork 0x00007fff84bd5d4c HTTPReadFilter::canReadNoSignal(StreamReader*, CFStreamError*, unsigned char) + 110 14 com.apple.CFNetwork 0x00007fff84b8352c HTTPReadFilter::streamCanRead(__CFReadStream*) + 90 15 com.apple.CFNetwork 0x00007fff84b836a2 HTTPReadFilter::socketReadStreamCallback(unsigned long) + 122 16 com.apple.CFNetwork 0x00007fff84b83613 HTTPReadFilter::_httpRdFilterStreamCallBack(__CFReadStream*, unsigned long, void*) + 49 17 com.apple.CoreFoundation 0x00007fff877bb343 _signalEventSync + 115 18 com.apple.CoreFoundation 0x00007fff877bb2b4 _cfstream_solo_signalEventSync + 116 19 com.apple.CoreFoundation 0x00007fff877bb1f4 _CFStreamSignalEvent + 740 20 com.apple.CFNetwork 0x00007fff84bd88d7 SocketStream::dispatchSignalFromSocketCallbackUnlocked(SocketStreamSignalHolder*) + 45 21 com.apple.CFNetwork 0x00007fff84b6d12c SocketStream::socketCallback(__CFSocket*, unsigned long, __CFData const*, void const*) + 224 22 com.apple.CFNetwork 0x00007fff84b6d016 SocketStream::_SocketCallBack_stream(__CFSocket*, unsigned long, __CFData const*, void const*, void*) + 96 23 com.apple.CoreFoundation 0x00007fff87783bba __CFSocketDoCallback + 634 24 com.apple.CoreFoundation 0x00007fff877835bb __CFSocketPerformV0 + 315 25 com.apple.CoreFoundation 0x00007fff8775b3d1 __CFRunLoopDoSources0 + 1361 26 com.apple.CoreFoundation 0x00007fff877595c9 __CFRunLoopRun + 873 27 com.apple.CoreFoundation 0x00007fff87758d8f CFRunLoopRunSpecific + 575 28 com.apple.CFNetwork 0x00007fff84b861fc HTTPNetStreamInfo::streamRead(__CFReadStream*, unsigned char*, long, CFStreamError*, unsigned char*) + 278 29 com.apple.CoreFoundation 0x00007fff8774905c CFReadStreamRead + 748 30 ...ershareQuizCreatorBuild.tmp 0x0000000100082c66 dylibmain + 3514 31 com.apple.CFNetwork 0x00007fff84bd7fe0 HTTPReadStream::streamRead(__CFReadStream*, unsigned char*, long, CFStreamError*, unsigned char*) + 82 32 com.apple.CoreFoundation 0x00007fff8774905c CFReadStreamRead + 748 33 ...ershareQuizCreatorBuild.tmp 0x0000000100082264 dylibmain + 952 34 ...ershareQuizCreatorBuild.tmp 0x0000000100081198 0x10007a000 + 29080 35 ...ershareQuizCreatorBuild.tmp 0x0000000100081f46 dylibmain + 154 36 ...ershareQuizCreatorBuild.tmp 0x000000010008459d dylibmain + 9969 37 ...ershareQuizCreatorBuild.tmp 0x000000010008951c ksyms + 202 38 libSystem.B.dylib 0x00007fff8003dfd6 _pthread_start + 331 39 libSystem.B.dylib 0x00007fff8003de89 thread_start + 13 Thread 2: 0 libSystem.B.dylib 0x00007fff8003fa6a __semwait_signal + 10 1 libSystem.B.dylib 0x00007fff80043881 _pthread_cond_wait + 1286 2 ...ershareQuizCreatorBuild.tmp 0x000000010008968d ksyms + 571 3 libSystem.B.dylib 0x00007fff8003dfd6 _pthread_start + 331 4 libSystem.B.dylib 0x00007fff8003de89 thread_start + 13 Thread 3: 0 libSystem.B.dylib 0x00007fff8003fa6a __semwait_signal + 10 1 libSystem.B.dylib 0x00007fff80043881 _pthread_cond_wait + 1286 2 ...ershareQuizCreatorBuild.tmp 0x000000010008968d ksyms + 571 3 libSystem.B.dylib 0x00007fff8003dfd6 _pthread_start + 331 4 libSystem.B.dylib --------------------------------------------------------------------- Natch the .tmp [.WondershareQuizCreatorBuild.tmp] does not appear in GUI listing of Plug-Ins (with "enable extents" ON, of course.) Presume that, via Terminal and "ls" plus a suffix it could be found--but doubt that removal can be that simple. Google found little; a Russki site of similar name (the Source?? or perhaps their name just copied) http://translate.goo...en%26prmd%3Dimvns And F-Prot had a fix for: Trojan-Downloader:OSX/Flashback.I http://www.f-secure....flashback_i.shtml Haven't checked out NetBarrier in its latest incarnation--had installed a trial version when iMac first arrived, but let that lapse.. having forgotten doverai ni proverai (the only Russian Pres. Alzheimers ever managed to learn) -- Trust.. but verify. Wish there were something like the Oz "Process Guard" which I auditioned/bought for the XP-on-nb, before I decided that life was too short to waste time ... in the daily pursuit of Beastware patches. That looked like a winner, possibly even able to keep XP from self-immolation. Toto, we're not in Kansas any more.. the Redmond kiddies taught the world how easy it was to overload buffers in toy software; now it's the Greedhead-Pros smelling $$ just like the Las Vegas banker-perps. What a surprise. Any hints? (Sent several Reports back to Apple. Bet they're now AWARE: Where's The |
|
Re: Yep {{sniff}} -- Beret Pwned by some ^%*&$# Russki
http://www.f-secure....flashback_c.shtml
https://discussions....?start=0&tstart=0 http://reviews.cnet....iger-and-leopard/ http://reviews.cnet....-x/?tag=mncol;txt -Mike
"They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." - Benjamin Franklin, 1759 Historical Review of Pennsylvania |
|
Yikes. Glad you found out quickly. Luck with the disinfect.
|
|
Thanks, Mike.. Apple responded with alacrity: just this PM
Was about to go with F-Prot auto-remover.. then real life intruded.
By time I got back to machine, re-Googled: found that Apple had come through (even modifying first patch) --with tail-fins which accrue only to Lion; a little-ap rides-herd on flaky Java versions ... yet-unBuilt! http://reviews.cnet....ack-removal-tool/ Java for Mac OS X 10.6 Update 8 supersedes the Update 7 of last night ==2nd, maybe 3rd small revision to Apple's massaged-Java. The D/L interrupted self to proclaim, "The update was installed" Then Safari vanished [as-if "before-fix!" ..*gasp*] soon replaced by small box, The "OSX.FlashBack.iv" malware was found and removed. Can't get simpler than that--the C/L drill would have demanded 0-Tyops, but Mr. Topher Kessler's recitation of the autopsy results did somewhat amuse, amidst the angst of the rapine of My Computer, Hypatia. Will know/Believe.. the longer Safari stays unEventful. 50 minutes and counting... |