 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Mac Forum / Applications / Mac Applications / May 2005Norton Antivirus hangs during LiveUpdate
Hello Folks! A customer has installed Norton Antivirus 9 on his Mac OS X. Since a few days, it hangs while updating its virus definitions. It's a really strange phenomenon. There are two files to download. The first weights 6 Megs, the 2nd 0.3 Megs. It seems that both are going to be downloaded, but when the 2nd is nearly finished the download-process falls back to the beginning of the 2nd file and the process hangs. You wait, and wait and wait again - nothing happens. Finally, you cancel the update and recieve an error message. Does anybody know what the problem could be? I'm a bit at a loss with this... Thanks rené > A customer has installed Norton Antivirus 9 on his Mac OS X. Why? First of all, there are no Mac viruses--he might just as well have spent his money on magic software to protect against werewolves, or spent it on magic beans or something. Second, Norton Antivirus is a seriously buggy and extremely poory-written program that contains a number of quite serious flaws, the most serious of which I've seen is a tendency under OS X 10.3.5 and later to destroy the ability of a user to authenticate with an administrator password. The effect of this bug is that you can no longer install software, make operating system changes, or install Apple software updates; I've seen this problem firsthand on three different systems, and the only fix I have found is a complete OS reinstall. So: Norton Antivirus protects you from an imaginary threat that does not exist, and Norton Antivirus contains serious bugs that can cripple your system. Why people continue to buy it is a mystery to me. > Since a few > days, it hangs while updating its virus definitions. Is he using Tiger? I've heard some reports that Norton's auto update does not work reliably under Tiger. Of course, since there are no Mac viruses, it's not a big deal...  SignatureArt, photography, shareware, polyamory, literature, kink: all at http://www.xeromag.com/franklin.html >> A customer has installed Norton Antivirus 9 on his Mac OS X. > [quoted text clipped - 3 lines] > his money on magic software to protect against werewolves, or spent it > on magic beans or something. Hey now, I have had exactly _zero_ werewolves in my cube since I installed Orkton Anti-Werewolf. So it works. > Second, Norton Antivirus is a seriously buggy and extremely > poory-written program that contains a number of quite serious flaws, the [quoted text clipped - 4 lines] > software updates; I've seen this problem firsthand on three different > systems, and the only fix I have found is a complete OS reinstall. Exactly. It's an intrusive program that "protects" against a threat that doesn't exist. Since the threat is zero, and the risk of Norton Antivirus on an OSX box is non-zero, the risk isn't worth it. > So: Norton Antivirus protects you from an imaginary threat that does not > exist, and Norton Antivirus contains serious bugs that can cripple your > system. Why people continue to buy it is a mystery to me. I suspect that Norton's biggest market is from Windows to Mac switchers. They are used to needing something, they see a name the recognize, and they buy it. >> Since a few >> days, it hangs while updating its virus definitions. > Is he using Tiger? I've heard some reports that Norton's auto update > does not work reliably under Tiger. Of course, since there are no Mac > viruses, it's not a big deal... Yup. Uninstall it, and write it off as 40 bucks to learn an expensive-ish lesson. Dave Hinz >> A customer has installed Norton Antivirus 9 on his Mac OS X. > [quoted text clipped - 23 lines] > does not work reliably under Tiger. Of course, since there are no Mac > viruses, it's not a big deal... There are no viruses but there are backdoors and spyware on Mac. Like it or not. Companies are being nice not to announce every threat they find. Intego does not list all the spyware they detect at all. Well, they are being nice to AAPL but side effect is being labeled as "snake oil" sellers. I am not sure Norton does protect from them but writing an essay about the viruses on mac to a guy asking for help is a bit overkill. Have a nice day Ilgaz Ocal >> Is he using Tiger? I've heard some reports that Norton's auto update >> does not work reliably under Tiger. Of course, since there are no Mac >> viruses, it's not a big deal... > > There are no viruses but there are backdoors and spyware on Mac. Like > it or not. "backdoors" is a meaningless term. There are security updates for OSX, yes. If you read the details, many if not all of these fix vulnerabilities that you'd have to go out of your way to open yourself up to. The built-in firewall is pre-configured with damn near everything blocked, so many or all of those are "If you open up port 23 for some reason, here's a patch to protect you" rather than "we shipped this wide-open and you need to fix this now" kind of things. > Companies are being nice not to announce every threat they find. Intego > does not list all the spyware they detect at all. Well, they are being > nice to AAPL but side effect is being labeled as "snake oil" sellers. Can you give examples of spyware for OSX? People keep claiming it exists, but nobody has been able to cite an example. > I am not sure Norton does protect from them but writing an essay about > the viruses on mac to a guy asking for help is a bit overkill. It is? He's wasting his money to check for something that doesn't exist. Rather than helping him "fix" a fundamentally flawed piece of software, telling him why it's a waste of money and effort will result in a more stable system for him. Educating an end-user who asks for help is more work than the quick fix, but is a better end result. Dave Hinz >>> Is he using Tiger? I've heard some reports that Norton's auto update >>> does not work reliably under Tiger. Of course, since there are no Mac [quoted text clipped - 11 lines] > than "we shipped this wide-open and you need to fix this now" kind > of things. I think, just like launch services introduced on Tiger, Apple should extend the built in firewall functionality in a universal, opensource manner. I mean, for Application access grants. Universal is like, a universal (no os depend) thing suit to future. >> Companies are being nice not to announce every threat they find. Intego >> does not list all the spyware they detect at all. Well, they are being >> nice to AAPL but side effect is being labeled as "snake oil" sellers. > > Can you give examples of spyware for OSX? People keep claiming it > exists, but nobody has been able to cite an example. I saw myself for instance, a certain build of a certain popular pure java p2p had a "control panel" including "shop" and it connected to web. Its verified by them and they said "it was an experiment". I am tired of their custom coded robot search so not citing the name. May look to download.com nr 1 download ;) although that issue doesn't exist anymore. Funny is, once at windows days I was one of the rare ones to get hit by TopMoxie (by same program, win32) java spyware and kept alerting Wired etc about it. I guess they didn't believe me since story published a month+ later :) Its unethical for me to paste a mail but, a recent Sophos "trojan" announcement is true but, its a spyware which has been detected for 1 year by Intego Virusbarrier and Netbarrier. I know since as I wondered if its detected by my licensed products. >> I am not sure Norton does protect from them but writing an essay about >> the viruses on mac to a guy asking for help is a bit overkill. [quoted text clipped - 6 lines] > > Dave Hinz If he "bought" the software and asking for support. In fact, using "Norton" name even is a very rude thing remembering the days mr. Norton coded the software himself. I mean, I am not fan of Norton anything for instance. As I said, "if" it supports detection of some lame malware, spyware etc. If it was the guy owning the software himself posted, I'd say "get your money back" Also against any confusion, I am not one of freaks running around shouting "Spyware" when my paid program innocently checks for its updates, even giving my CPU model etc. :) Have a nice day Ilgaz Ocal >> The built-in firewall is pre-configured with damn >> near everything blocked, so many or all of those are "If you open >> up port 23 for some reason, here's a patch to protect you" rather >> than "we shipped this wide-open and you need to fix this now" kind >> of things. > I think, just like launch services introduced on Tiger, Apple should > extend the built in firewall functionality in a universal, opensource > manner. It's ipfw. > I mean, for Application access grants. Universal is like, a > universal (no os depend) thing suit to future. I don't understand what you're saying here. >> Can you give examples of spyware for OSX? People keep claiming it >> exists, but nobody has been able to cite an example. > I saw myself for instance, a certain build of a certain popular pure > java p2p had a "control panel" including "shop" and it connected to web. > Its verified by them and they said "it was an experiment". Please provide a cite that I can read about this. > Its unethical for me to paste a mail but, a recent Sophos "trojan" > announcement is true but, its a spyware which has been detected for 1 > year by Intego Virusbarrier and Netbarrier. I know since as I wondered > if its detected by my licensed products. Please provide a name of something I can google for. Otherwise it's just "some guy on the internet said" level of information. >> He's wasting his money to check for something that doesn't >> exist. Rather than helping him "fix" a fundamentally flawed piece >> of software, telling him why it's a waste of money and effort will >> result in a more stable system for him. Educating an end-user who >> asks for help is more work than the quick fix, but is a better end >> result. > If he "bought" the software and asking for support. In fact, using > "Norton" name even is a very rude thing remembering the days mr. Norton > coded the software himself. I'm not sure what point you're trying to make here, sorry. > I mean, I am not fan of Norton anything for instance. As I said, "if" > it supports detection of some lame malware, spyware etc. It's claimed purpose is to protect from OSX viruses. There aren't any; OSX does the protection by design and implementation. Therefore it's a product for a problem that doesn't exist. > If it was the guy owning the software himself posted, I'd say "get your > money back" When is the last time you got a refund for purchased, opened software? > Also against any confusion, I am not one of freaks running around > shouting "Spyware" when my paid program innocently checks for its > updates, even giving my CPU model etc. :) So what are you claiming is OSX spyware, specifically? >>> The built-in firewall is pre-configured with damn >>> near everything blocked, so many or all of those are "If you open [quoted text clipped - 7 lines] > > It's ipfw. Type a simple C code to submit 9999 9999 9999 9999 99/99 to a url. See, your custom ipfw didn't make the job, your cc is gone. :) . I speak about application level firewall. For ipfw, I'd buy a real router and hardware block ports. Little snitch'es functionality, or Netbarrier X'es As a guy used the first Slackware when it shipped, I know what ipfw is. Should I stop posting this kind of stuff to mac newsgroups since for a strange reason, all of us are counted as morons not knowing the built in firewall of OS X? >> I mean, for Application access grants. Universal is like, a universal >> (no os depend) thing suit to future. > > I don't understand what you're saying here. CRC 32 (and extensible in future) based, platform independent, plain standard C ipchains extension which doesn't rely on ANY PART of HFS+. Just like launch services offered to OS community. >>> Can you give examples of spyware for OSX? People keep claiming it >>> exists, but nobody has been able to cite an example. [quoted text clipped - 4 lines] > > Please provide a cite that I can read about this. No, I am not starting another fight with them since they love to seek their name on web/usenet and needless fight begins. >> Its unethical for me to paste a mail but, a recent Sophos "trojan" >> announcement is true but, its a spyware which has been detected for 1 [quoted text clipped - 3 lines] > Please provide a name of something I can google for. Otherwise it's > just "some guy on the internet said" level of information. Consider me as "some guy", I am not your private internet consultant and not going to start a meaningless thread to prove something to "some guy" on internet. >>> He's wasting his money to check for something that doesn't >>> exist. Rather than helping him "fix" a fundamentally flawed piece [quoted text clipped - 8 lines] > > I'm not sure what point you're trying to make here, sorry. Once in a time, Peter Norton coded excellent stuff like first Speed Disk versions on MS-DOS / Mac before he got rich and left coding to some CS lamers. You should learn some IT history before picking up on giants like Symantec in fact doesn't give a fsck to end users. Mac compatability is done so the companies having more than 1000 seats will be impressed by their multiplatform compatibility and the morons forwarding windows viruses to their friends will be stopped. >> I mean, I am not fan of Norton anything for instance. As I said, "if" >> it supports detection of some lame malware, spyware etc. > > It's claimed purpose is to protect from OSX viruses. There aren't > any; OSX does the protection by design and implementation. Therefore > it's a product for a problem that doesn't exist. I'd really love if Unison had a regex filter to remove that BS pattern. Go to download.com, number one download is a p2p application which is the closed source variant needing ADMIN password to install needlessly. Needless since if you use a tool like pacifist, you will see it can run with ordinary permissions. From a company having a very bad spyware reputation in the past why they need such capability you may ask. Well, its perfect time to inject spyware to an application. As "Spyware doesn't exist" lame urban legend of mac fanatics continue. >> If it was the guy owning the software himself posted, I'd say "get your >> money back" > When is the last time you got a refund for purchased, opened software? Even digital river, one of the evil online shops accepts refunds for DOWNLOADED APPLICATIONS (Stuffit) even. You may start practice of buying software so you would know. Refund, unless opposite stated with big letters is always granted. If you raise your head from bittorrent sites, you would know. >> Also against any confusion, I am not one of freaks running around >> shouting "Spyware" when my paid program innocently checks for its >> updates, even giving my CPU model etc. :) > So what are you claiming is OSX spyware, specifically? Grow up and find a better hobby than trolling newsgroups. Ilgaz Ocal >>>> The built-in firewall is pre-configured with damn >>>> near everything blocked, so many or all of those are "If you open [quoted text clipped - 12 lines] > about application level firewall. For ipfw, I'd buy a real router and > hardware block ports. WTF does that have to do with the fact that it's IPFW? > Little snitch'es functionality, or Netbarrier X'es Words together coherent not making thought of > As a guy used the first Slackware when it shipped, I know what ipfw is. Then what's your point? > Should I stop posting this kind of stuff to mac newsgroups since for a > strange reason, all of us are counted as morons not knowing the built > in firewall of OS X? You mumbled something about apple should do something opensource with a firewall. It's right up there, above, and hasn't improved with rereading. I am pointing out that they _are_ using an opensource firewall. You then went on to talk about plugging 9's into a URL or something. ?!?!?! >>> I mean, for Application access grants. Universal is like, a universal >>> (no os depend) thing suit to future. >> I don't understand what you're saying here. > CRC 32 (and extensible in future) based, platform independent, plain > standard C ipchains extension which doesn't rely on ANY PART of HFS+. > Just like launch services offered to OS community. Fine. Write one then. >>>> Can you give examples of spyware for OSX? People keep claiming it >>>> exists, but nobody has been able to cite an example. [quoted text clipped - 7 lines] > No, I am not starting another fight with them since they love to seek > their name on web/usenet and needless fight begins. In other words, you're spouting unsupportable bullshit. >>> Its unethical for me to paste a mail but, a recent Sophos "trojan" >>> announcement is true but, its a spyware which has been detected for 1 [quoted text clipped - 7 lines] > and not going to start a meaningless thread to prove something to "some > guy" on internet. You refuse to name the exploit, and you expect us to take your word for it that there is one. Sorry, but your credibility here is zero. "because I said so" doesn't cut it. >>>> He's wasting his money to check for something that doesn't >>>> exist. Rather than helping him "fix" a fundamentally flawed piece >>>> of software, telling him why it's a waste of money and effort will >>>> result in a more stable system for him. Educating an end-user who >>>> asks for help is more work than the quick fix, but is a better end >>>> result. >>> If he "bought" the software and asking for support. In fact, using >>> "Norton" name even is a very rude thing remembering the days mr. Norton >>> coded the software himself. >> I'm not sure what point you're trying to make here, sorry. > Once in a time, Peter Norton coded excellent stuff like first Speed > Disk versions on MS-DOS / Mac before he got rich and left coding to > some CS lamers. You should learn some IT history before picking up on > giants like Symantec in fact doesn't give a fsck to end users. You have no idea of the length and depth of my IT background. The fact that your sentences were barely intelligible doesn't mean that _I_ am ignorant of Norton's history. I'll ask again - WTF are you talking about? > Mac > compatability is done so the companies having more than 1000 seats will > be impressed by their multiplatform compatibility and the morons > forwarding windows viruses to their friends will be stopped. Yes, windows viruses exist. That's not the same as a Mac virus, as I'd hope you understand. >>> I mean, I am not fan of Norton anything for instance. As I said, "if" >>> it supports detection of some lame malware, spyware etc. >> It's claimed purpose is to protect from OSX viruses. There aren't >> any; OSX does the protection by design and implementation. Therefore >> it's a product for a problem that doesn't exist. > I'd really love if Unison had a regex filter to remove that BS pattern. > Go to download.com, number one download is a p2p application which is > the closed source variant needing ADMIN password to install needlessly. Are you claiming it's a virus, or are you claiming that it _could_ hypothetically be a trojan? Bit of a critical difference there, sparky. > Needless since if you use a tool like pacifist, you will see it can run > with ordinary permissions. From a company having a very bad spyware > reputation in the past why they need such capability you may ask. Well, > its perfect time to inject spyware to an application. Are you claiming that they have? Then prove it. > As "Spyware > doesn't exist" lame urban legend of mac fanatics continue. As opposed to some random guy spitballing on Usenet, while evading direct questions. Sorry, I choose to believe people other than you. >>> If it was the guy owning the software himself posted, I'd say "get your >>> money back" >> When is the last time you got a refund for purchased, opened software? > Even digital river, one of the evil online shops accepts refunds for > DOWNLOADED APPLICATIONS (Stuffit) even. You may start practice of > buying software so you would know. Are you implying that I don't buy software? > Refund, unless opposite stated with > big letters is always granted. If you raise your head from bittorrent > sites, you would know. As someone who makes his living in the software industry, I find your assumption to be amusingly wrong. >>> Also against any confusion, I am not one of freaks running around >>> shouting "Spyware" when my paid program innocently checks for its >>> updates, even giving my CPU model etc. :) >> So what are you claiming is OSX spyware, specifically? > > Grow up and find a better hobby than trolling newsgroups. So what are you claiming is OSX spyware, specifically? >>>>> The built-in firewall is pre-configured with damn >>>>> near everything blocked, so many or all of those are "If you open [quoted text clipped - 14 lines] > > WTF does that have to do with the fact that it's IPFW? > You may have a strange hobby picking up peoples each word on newsgroups > but sorry I don't share it. I am not arguing with anyone who doesn't > get what application level firewall and ip level firewall is. I have better stuff to do, sorry. I am not naming any product. The spyware portion of the product I speak about has been REMOVED thanks no non fanatic, non ignorant users of OS X alerting all over forums. If you can't live with it, go fscking ignore me. You understood whole usenet idea wrong sir, I'd say go download new tiger builds from .bin groups, hope one trojan hits people like you first. Its share of information, not some fscking geek contest we have here. At least, I am not in game. Ilgaz Ocal Odd, you quoted me to make it look like I wrote this, but I didn't: >> You may have a strange hobby picking up peoples each word on newsgroups >> but sorry I don't share it. I am not arguing with anyone who doesn't [quoted text clipped - 5 lines] > about has been REMOVED thanks no non fanatic, non ignorant users of OS > X alerting all over forums. You claim, repeatedly, that there is MacOSX Spyware. You refuse to name it, repeatedly. Therefore you are just making noise. > If you can't live with it, go fscking ignore me. You understood whole > usenet idea wrong sir, I'd say go download new tiger builds from .bin > groups, hope one trojan hits people like you first. When I install Tiger, it'll be from a legitimate purchase. And I won't ignore you, I'll continue to point out that you're full of sh.t, so some newbie doesn't take your false statements as fact. > Its share of information, not some fscking geek contest we have here. "because I said so, but I'm not tellin' what" is "share of information"? > At least, I am not in game. riiiiight.... So, how about you name it then, sparky? Oh, and don't fabricate quotes claiming I said what I didn't. It's poor form, especially when, ahem, the grammer of the writer gives it away. (easy out for you - claim "Oh, I just included it with the wrong number of >> at the beginning of the line, sorry about that") Name the alleged spyware or go away. Either would be fine. > > I mean, I am not fan of Norton anything for instance. As I said, "if" > > it supports detection of some lame malware, spyware etc. > > It's claimed purpose is to protect from OSX viruses. There aren't > any; OSX does the protection by design and implementation. Therefore > it's a product for a problem that doesn't exist. Actually Norton also protects from Office macro viruses and (most) Windows viruses. And so does Virex. While I haven't seen a Word virus in over 5 years, the Windows part may be relevant : a) If you run Virtual PC (running NAV *under* VPC is a major PITA). b) in a mixed network - to keep shared volumes clean. And then of course it protects you from classic Mac viruses :-) (I have seen nVir.B infect the Classic environment under OS X - all kinds of crap can enter through LiweWire) All that said - most people don't need it. The OP probably *sold* it to his customer and is now to ashamed to return to the thread ... SignatureI recommend Macs to my friends, and Windows machines to those whom I don't mind billing by the hour > There are no viruses but there are backdoors and spyware on Mac. Like > it or not. Name one. The only known malware for the mac requires physical access to the computer, and the Administrator password, to install. SignatureArt, photography, shareware, polyamory, literature, kink: all at http://www.xeromag.com/franklin.html >> There are no viruses but there are backdoors and spyware on Mac. Like >> it or not. [quoted text clipped - 3 lines] > The only known malware for the mac requires physical access to the > computer, and the Administrator password, to install. Go to versiontracker top 50, how many applications there requires a admin password? How many users actually reviewed the EULA and privacy policy before granting access IF they use a utility as little snitch, e.g. if they warned even? Do you think, after the amazing lame comments about Intego and Symantec, just for doing their job, they will give a fsck to alerting the Mac community (not their customers) anymore? They will protect their users. I am acting like a good netizen not posting private mails I get from both companies about my concerns about the recent announced (while not new) threat by Sophos. I want to correct one common mistake. The people paying to security products for mac didn't get "tricked" by a lame flashy ad at some site. I feel offended by that. I don't care in fact, spyware developers while they are evil a.sholes aren't stupid and current scene on Mac is a HEAVEN for spyware. The level of ignorance is amazing. Especially being from coders themselves amazes me. Well I didn't put the custom Google header so this message will be archived, don't forget to smile if you see this message at a later point. Do you think every security software company is obliged to announce the vulnerabilities, spyware, trojans to public? Especially after Intego and recent Symantec report incident? They keep eachother informed for the security ethics, thats all. Think again. Ilgaz Ocal > I don't care in fact, spyware developers while they are evil a.sholes > aren't stupid and current scene on Mac is a HEAVEN for spyware. The > level of ignorance is amazing. Especially being from coders themselves > amazes me. Name one. C'mon, it's a simple request. If thee is spyware on the Mac, **NAME ONE**. If what you say is true, it should be easy. SignatureArt, photography, shareware, polyamory, literature, kink: all at http://www.xeromag.com/franklin.html >> I don't care in fact, spyware developers while they are evil a.sholes >> aren't stupid and current scene on Mac is a HEAVEN for spyware. The [quoted text clipped - 5 lines] > C'mon, it's a simple request. If thee is spyware on the Mac, **NAME > ONE**. If what you say is true, it should be easy. You guys really think usenet is form of some sick entertainment? Go ask to people having jobs at security companies unlike you. Its easy you morons, I gave all the clues at my post but you pseudo geeks decided to pick on me instead. As I told to other lifeless one, I am not in game, keep playing each other or yourself. Not getting into trouble to prove something to 2 guys misunderstood what "help" is about. Ilgaz Ocal ps: BTW, if you play some old game of giving sh.t to newcomer, you waste your time. I don't easily "move" from groups I am on. Clue: I am not new. >>> There are no viruses but there are backdoors and spyware on Mac. Like >>> it or not. [quoted text clipped - 6 lines] > Go to versiontracker top 50, how many applications there requires a > admin password? And which one or ones are you claiming are a virus? > Do you think, after the amazing lame comments about Intego and > Symantec, just for doing their job, they will give a fsck to alerting > the Mac community (not their customers) anymore? About what? There's nothing to warn about. I've asked repeatedly for you to specify a MacOSX virus or piece of spyware, and you keep being vague in response. The reason for that is obvious to all concerned. There aren't any. Period. Full stop. > They will protect their users. I am acting like a good netizen not > posting private mails I get from both companies about my concerns about > the recent announced (while not new) threat by Sophos. We subscribe to Sophos at work, I have not seen any OSX virus or spyware reports. Care to give at least the incident ID you're referring to? > I want to correct one common mistake. The people paying to security > products for mac didn't get "tricked" by a lame flashy ad at some site. > I feel offended by that. The mistake is when people pay money to scan for things that don't exist. I counted your viruses, sir, and all zero of them still aren't there. There ya go - virus scan for OSX, and free of charge. > I don't care in fact, spyware developers while they are evil a.sholes > aren't stupid and current scene on Mac is a HEAVEN for spyware. NAME ONE EXAMPLE. > The > level of ignorance is amazing. Especially being from coders themselves > amazes me. Give the name of one or more of this alleged spyware of which you speak. > Well I didn't put the custom Google header so this message will be > archived, don't forget to smile if you see this message at a later > point. You haven't told us anything, so "I told you so" can't apply. Care to tell us what the heck you think you're seeing, that the rest of the world is not? > You haven't told us anything, so "I told you so" can't apply. Care > to tell us what the heck you think you're seeing, that the rest of > the world is not? Why are you engaging with this nimrod? I *plonked* him a while ago. He's not as bad as Don Cool, but you try to teach a pig to sing, you only frustrate yourself and annoy the pig. SignatureDeeDee, don't press that button! DeeDee! NO! Dee... >> You haven't told us anything, so "I told you so" can't apply. Care >> to tell us what the heck you think you're seeing, that the rest of [quoted text clipped - 4 lines] > He's not as bad as Don Cool, but you try to teach a pig to sing, you > only frustrate yourself and annoy the pig. Yeah, you're probably right. Thanks for the reality check. Dave >>> You haven't told us anything, so "I told you so" can't apply. Care >>> to tell us what the heck you think you're seeing, that the rest of [quoted text clipped - 7 lines] > > Dave Be sure to poke eachother in friendly way. Just one of examples, 3rd post if you can read: http://www.gnutellaforums.com/showthread.php?s=&threadid=22934 Its one of the "polite" ones. Attempted and removed. I can't blame them for trying, mac users rely on 4-5 self made geek mafia to learn about security etc. Sorry, I hope I didn't hurt your AAPL shares Worst thing ever happened/happening to Apple is their zealots. Also, I have no doubt in mind why everyone moves to www forums. Tell my greetings to Mr. F if you know him by any chance, I was one of the first ones reported the TopMoxie to Wired too. ;) Have fun plonking yourself Ilgaz Ocal (sorry NG, looks like I must explain myself more to those clever) THEY TRIED BUNDLING SPYWARE AND REMOVED IT AFTER 3 BUILDS (now they will say no, 2 builds!) Its ORDINARY for them. Its kind of "fishing" (NOT PHISHING) for community response to Spyware. We see the community response to Spyware, rotfl. Sorry for caps, you just can't read. Sorry for being a .tr IP owner too.. ;) Have fun plonking yourself > Ilgaz Ocal > Attempted and removed. I can't blame them for trying, mac users rely on > 4-5 self made geek mafia to learn about security etc. Name. A. Piece. Of. Mac. Spyware. No little childish games; no "Well I hinted at the name." Name. A. Piece. Of. Mac. Spyware. You. Can't. Do. It. They. Don't. Exist. SignatureArt, photography, shareware, polyamory, literature, kink: all at http://www.xeromag.com/franklin.html >> Attempted and removed. I can't blame them for trying, mac users rely on >> 4-5 self made geek mafia to learn about security etc. [quoted text clipped - 6 lines] > You. Can't. Do. It. > They. Don't. Exist. Tacit, do you think it's time for a MacOSX Virus and Spyware FAQ? Would you care to collaborate on one? Dave > Tacit, do you think it's time for a MacOSX Virus and Spyware FAQ? Would > you care to collaborate on one? I would say it probably is; yes. Seems like it'd be pretty easy to write at this point. :) SignatureArt, photography, shareware, polyamory, literature, kink: all at http://www.xeromag.com/franklin.html >> Tacit, do you think it's time for a MacOSX Virus and Spyware FAQ? Would >> you care to collaborate on one? > > I would say it probably is; yes. Seems like it'd be pretty easy to write > at this point. :) So, start with the OS9 Mac virus FAQ, keep the same structure, gut the content, and go from there then? I mean, we keep typing the same stuff over and over, which is kind of the whole point of having a FAQ. Should it include some sort of reference to spurious claims and cites showing how those are false, or would that get out of hand? I don't mean every post from some random guy saying "trust me, they're there", but things like "Mac Limewire has spyware" type things? Dave > Should it include some sort of reference to spurious claims and cites > showing how those are false, or would that get out of hand? I don't > mean every post from some random guy saying "trust me, they're there", > but things like "Mac Limewire has spyware" type things? I think that any complete and useful OS X virus FAQ should address any reasonable question that comes up often on the subject, including questions like: - Is it true that Macs don't have viruses only because Macs are less popular? - Can i get viruses over P2P file sharing networks? - Even if there are no viruses right now, am I still better off using AV software to protect me from the possibility of future viruses? That sort of thing. SignatureArt, photography, shareware, polyamory, literature, kink: all at http://www.xeromag.com/franklin.html >> Should it include some sort of reference to spurious claims and cites >> showing how those are false, or would that get out of hand? I don't [quoted text clipped - 14 lines] > > That sort of thing. Sounds good. I'm setting up a wiki, should we do it there, or email, or what? My address is valid if you want to take it there. Dave > >> Should it include some sort of reference to spurious claims and cites > >> showing how those are false, or would that get out of hand? I don't [quoted text clipped - 17 lines] > Sounds good. I'm setting up a wiki, should we do it there, or email, or > what? My address is valid if you want to take it there. If you guys are serious about this I hope you solicit input from Sander Tekelenburg. Greg >> > In article <3ehbnmF34u9mU1@individual.net>, >> Sounds good. I'm setting up a wiki, should we do it there, or email, or >> what? My address is valid if you want to take it there. > If you guys are serious about this I hope you solicit input from Sander > Tekelenburg. Will do, thank you. I see he appears to be guru-level, would that be an accurate description? Dave >>You haven't told us anything, so "I told you so" can't apply. Care >>to tell us what the heck you think you're seeing, that the rest of [quoted text clipped - 4 lines] > He's not as bad as Don Cool, but you try to teach a pig to sing, you > only frustrate yourself and annoy the pig. But the dulcet tones when you finally coax the first aria from the talented porker: heavenly! [...] >>I don't care in fact, spyware developers while they are evil a.sholes >>aren't stupid and current scene on Mac is a HEAVEN for spyware. [quoted text clipped - 7 lines] > Give the name of one or more of this alleged spyware of which you > speak. DISCLAIMER: My participation in this threads does not mean I agree in some unilateral fashion with some or all of the previous opinions. It is offered in the interest of conversation. I'm not trying to defend anyone's position. Please keep that in mind. I'm a coder. I find this stuff interesting. This is hearsay only, but wasn't LimeWire accused of being/installing spyware, even on OS X? Of course, any app could "spy" in all kinds of ways while it is running. I recall, but cannot verify, that LimeWire was accused of some kind of advanced jiggery-pokery. The funny thing is, it would not be too hard to have an installer that placed a little server (that tracks usage or cookies or something) which starts up when you login or start the app (with some caveats, naturally.) How hard is it to programmatically add an entry (with the "Hide" flag enable, no doubt) into your Startup Items, I wonder? A typical worm is designed around the IRC protocol so it can be given commands. OS X is a pretty limiting platform for such a creature, however, given the lack of something like OLE or ActiveX. A simpler attack would be a service that simply tracks stuff in ~/Library. There is also a local attack (or used to be) that allowed one to inspect keystrokes (I can't recall the details, sorry) so I guess an enterprising person might be able to leverage that. Only recently has OS X been protecting shared memory, so there is another potential avenue for attack. Insert more hand-waving about attacks on the native OS X system here. The best thing about malware on OS X is that the field is wide-open! I'd like to see people try to make stuff like this, simply to see how it could be done. Probably the closest thing we have to (potential) malware now are Dashboard Widgets. These are more on par with the risks (and limitations) of Java applets. At any rate, the only people talking about Spyware or viruses on OS X are Symantec and Gartner. I suspect the latter are simple shilling for the former. The real insult is that the Symantec product seems to primarily guard against Mac users unintentionally forwarding email worms they receive from sick Windows boxes. The funniest thing (to me) is that regardless of the OS you use, and how strict or loose you are with anti-malware utils, as long as people insist on running things like the Google Toolbar there will always be vulnerabilities, intentional or not. Does any app from Symantec or Microsoft AntiSpyware warns users against these kinds of "attacks? > DISCLAIMER: My participation in this threads does not mean I agree in > some unilateral fashion with some or all of the previous opinions. It > is offered in the interest of conversation. I'm not trying to defend > anyone's position. Please keep that in mind. I'm a coder. I find this > stuff interesting. Fair enough. > This is hearsay only, but wasn't LimeWire accused of being/installing > spyware, even on OS X? I wasn't aware that limewire was ever accused of being/installing spyware on either platform. Adaware seems to agree, as it doesn't flag Limewire on a PC as a problem. Limewire _does_ do a version check at startup so it can notify users if there's a newer version of itself (for upgrade or security reasons), which an ultra-paranoid person could consider to be a problem. Since it just fetches the current version from Limewire's servers, I find it hard to get worked up about. > Of course, any app could "spy" in all kinds of ways while it is running. > I recall, but cannot verify, that LimeWire was accused of some kind of > advanced jiggery-pokery. I'd have to see specifics, but it'd be simple enough to sniff the traffic and verify that it's just fetching the current version. A quick google shows sites that match "limewire spyware" to include the "pixelfucker blog" and a bunch of shady "spyware remover products". If you have a credible description of spyware in limewire, I'd like to read it. > The funny thing is, it would not be too hard to have an installer that > placed a little server (that tracks usage or cookies or something) which > starts up when you login or start the app (with some caveats, naturally.) Of course. And detection would be trivial. Little Snitch, for instance, would say "Hey, (program) is trying to send (data) to (place), are you OK with that sort of thing? (Y/N) " > At any rate, the only people talking about Spyware or viruses on OS X > are Symantec and Gartner. I suspect the latter are simple shilling for > the former. The real insult is that the Symantec product seems to > primarily guard against Mac users unintentionally forwarding email worms > they receive from sick Windows boxes. Yup. All the rest is hype. Lazy windows users who can't be bothered to stay current, well, sorry, but there are good (free!) options out there. If you're infested, far as I'm concerned, your ISP should yank your connection until you show you've cleaned the system. That's the limit of my compassion on that. > The funniest thing (to me) is that regardless of the OS you use, and how > strict or loose you are with anti-malware utils, as long as people > insist on running things like the Google Toolbar there will always be > vulnerabilities, intentional or not. Are you now saying that the google toolbar is a security hole? Can you provide evidence? [...] > I wasn't aware that limewire was ever accused of being/installing > spyware on either platform. Adaware seems to agree, as it doesn't [quoted text clipped - 4 lines] > current version from Limewire's servers, I find it hard to get worked > up about. I can't find the link anymore. There are plenty of accusations about LimeWire being SpyWare on Windows by installing a cookie tracker. Lots of people complain, but I can't find hard evidence, especially for OS X. There is plenty of bitching on VersionTracker; then again, when is there not bitching on VersionTracker? Since I reasonably trust Adaware, I'll assume this is misinformation. >>The funniest thing (to me) is that regardless of the OS you use, and how >>strict or loose you are with anti-malware utils, as long as people [quoted text clipped - 3 lines] > Are you now saying that the google toolbar is a security hole? Can > you provide evidence? There are some concerns with it. There is at least one security issue (which seemed to get addressed): <http://insidegooge.blogspot.com/2004/09/google-toolbar-security-hole-exposed.html> <http://www.greymagic.com/security/advisories/gm001-mc/> However, I think I was *really* talking about the Google Accelerator, which has all the same problems and issues as any web proxy. My mistake. <http://www.somethingawful.com/articles.php?a=2858> <http://37signals.com/svn/archives2/google_web_accelerator_hey_not_so_fast_an_ale rt_for_web_app_designers.php> Google Accelerator is pretty aggressive about visiting links, including any Javascript buttons (and the associated "are you sure you want to do that" safeties) as well as caching stuff it maybe shouldn't oughta. From a cursory glance, it looks like Google's cache of a public forum site /could/ leak sensitive information. This is different from just spidering the site because your are getting the rendered page as it might be seen by a site admin. > [...] >> I wasn't aware that limewire was ever accused of being/installing >> spyware on either platform. Adaware seems to agree, as it doesn't >> flag Limewire on a PC as a problem. > I can't find the link anymore. There are plenty of accusations about > LimeWire being SpyWare on Windows by installing a cookie tracker. Lots > of people complain, but I can't find hard evidence, especially for OS X. > There is plenty of bitching on VersionTracker; then again, when is there > not bitching on VersionTracker? An awful lot of astroturfing goes on on download sites. People with program (x) badmouthing competitor (y). Friend of mine sells (damn good) Windows shareware stuff, and one of his competitors doesn't even bother to disguise who he is when he says "that program is teh sux0rs, use mine instead". It's like clockwork when Rhinosoft puts out new software, the guy (let's call him "Mr. Cute") pops up. > Since I reasonably trust Adaware, I'll assume this is misinformation. That's where I'm at on this one as well. If I cared, I'd install it on my mac and see what LittleSnitch has to say, but I think I already know what it does(n't) do. (google toolbar...) > There are some concerns with it. There is at least one security issue > (which seemed to get addressed): > ><http://insidegooge.blogspot.com/2004/09/google-toolbar-security-hole-exposed.html> ><http://www.greymagic.com/security/advisories/gm001-mc/> > However, I think I was *really* talking about the Google Accelerator, > which has all the same problems and issues as any web proxy. My mistake. Fair enough. ><http://www.somethingawful.com/articles.php?a=2858> ><http://37signals.com/svn/archives2/google_web_accelerator_hey_not_so_fast_an_ale rt_for_web_app_designers.php> > > Google Accelerator is pretty aggressive about visiting links, including > any Javascript buttons (and the associated "are you sure you want to do > that" safeties) as well as caching stuff it maybe shouldn't oughta. So this is a prefetch thing then. Hard to have prefetch without prefetch, so yeah. > From a cursory glance, it looks like Google's cache of a public forum > site /could/ leak sensitive information. This is different from just > spidering the site because your are getting the rendered page as it > might be seen by a site admin. Not sure I follow, but I need to read that a bit closer. Thanks. > > [...] > >> I wasn't aware that limewire was ever accused of being/installing [quoted text clipped - 51 lines] > > Not sure I follow, but I need to read that a bit closer. Thanks. Google Accelerator isn't just about prefetch at the browser. It's also about proxying and compressing content the last I read. Everything that you browse ends up in Google's cache. Greg Hello! First of all, thank you for your aid. >>A customer has installed Norton Antivirus 9 on his Mac OS X. > [quoted text clipped - 3 lines] > his money on magic software to protect against werewolves, or spent it > on magic beans or something. I've convinced my customer to deinstall Norton. Well, I don't know Norton very well, but it seems that there is no uninstall tool. My customer deleted the program files, but there are still some Norton's zombies on his mac, I suppose some libraries, database values or something like that. But I don't know where to search and what to kill. Can you give me some hints? Thanks rené > I've convinced my customer to deinstall Norton. Well, I don't know > Norton very well, but it seems that there is no uninstall tool. There is an uninstaller on the CD, but it does not work with OS X 10.3 or later. An updated Uninstaller is available on Symantec's Web site, but the upddated uninstaller does not work on OS X 10.3.7 or later. > My > customer deleted the program files, but there are still some Norton's > zombies on his mac, I suppose some libraries, database values or > something like that. But I don't know where to search and what to kill. > > Can you give me some hints? http://service1.symantec.com/SUPPORT/num.nsf/ccae7d9251e962a688256d2d0004 19f6/b547fe933e6678aa88256d25007bee95?OpenDocument&src=bar_sch_nam SignatureArt, photography, shareware, polyamory, literature, kink: all at http://www.xeromag.com/franklin.html |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2009 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.