Apple Doesn’t Care about SecurityAdded: Tuesday, April 17th, 2012
Category: Bit Torrent Freedom > The Industries Of Records, Gaming, Software, Movies
Tags:ET, p2p, Torrent, Piracy, Peer To Peer, Network, Hackers, Internet, BitTorrent, Google, utorrent, bitcomet, extratorrent, 2010, www.extrattorrent.com
While thousands of Apple customers suffer from a serious malware outbreak, the company answers to the problem by trying to close down the security company which warned of the attack.
Over 500,000 Macs are already infected with Flashback malware because Apple failed to update some Java software. Nevertheless, the situation has revealed just how useless the company is when it comes to such problems. Surprisingly enough, the first action of Apple was not to update the Java software, but to take down the server of the Russian security company that revealed the problem to the world.
Boris Sharov, CEO of the Russian-based security company called Dr. Web, confirmed that this week the Russian Web registrar Reggi.ru was demanded by Apple to shut down one of its domains. For some reason, Apple believed that the site in question was being used as a “command and control” server, without bothering to take a look at the site owner. Therefore, Apple still hasn’t realized that the domain was one of those which Dr. Web has been using as a spoofed command and control server working as a “sinkhole”.
It seems that Apple didn’t have much experience in dealing with the real world outside. According to Boris Sharov, Apple simply had no idea how to work in a team when tackling security, but rather believed that it could order servers switched off and its problems would fade away.
Dr. Web explained that Apple claimed to the registrar that its domain was involved in a malicious scheme, though the security company wasn’t controlling the sink-hole or harming users. When the security outfit first contacted Apple to let the company know about the Mac-based botnet, Apple never replied. The security outfit has provided the giant with all the data it had, but was responded with a demand that its monitoring server be taken offline.
Meanwhile, locating and closing down command and control servers is a common practice for the outfits trying to cripple a botnet. Dr. Web confirmed it has worked with Microsoft on those efforts. However, Apple won’t even tell anyone about its antivirus group, if it has one at all. And it still insists that its software can’t be infected! Dr. Web slammed the company for its delay in issuing a patch for security vulnerability in Java which allowed the malware to exist.
April 17th,2012Posted by:
Tuesday, April 17th, 2012
|posted by (2012-04-18 00:13:21)|
|Apple didn't try to shutdown Dr. Web (as a company) - they tried to shut down a domain that Dr. Web had registered so that they could capture the traffic the bot creates and build a list of infected hosts. Even though the article above does go on to [somewhat] accurately describe what really happened, the opening sentences are misleading and inaccurate.|
And, further-more, how does Apple trying to shut down what it thinks is a domain registered for infecting clients in ANY WAY mean that ''Apple doesn't care about security''? Personally, I think Apple requesting that the domain be shut-down shows that they DO care about security - even though they were shutting down a domain that was created by a security firm trying to stop the spread as well - because Apple was simply unaware of that fact.
This article should be taken down or re-typed due to its inaccuracy.
|@Sykotik... Really Did we just read the same article and do you have any network and system architecture knowledge?|
"capture the traffic the bot creates" pointless as its only a node. Best to capture a large amount of packets on a infected machine. Then WITH COOPERATION FIRST, go after the host.
But the first thing they should of done is put out a patch it STOP already infected machines.
'Apple doesn't care about security''?
Because they openly and blatenly tried to say " its software can’t be infected!"
OSX = BSD
Just a friendly word of advice, ANYONE who opens there mouth too wide. Only gains a large foot in there mouth... there is NO such thing as a platform that cannot be modified or infected with a 'virus'.
Point being, its bad for any company. Let alone one riding on the skirt tails of, one of the best marketing masterminds of the last 20 years.
|Steve Jobs right now is saying WTF?|
|I wonder how Steve will feel concerning this development(s). Hence the saying, you cannot blame the baker if the butcher bakes the bread. No sermons today.|
|posted by (2012-04-18 13:52:43)|
|Apple definitely needs to do better.|
@kingtiger01 again you just make up facts so you can have another paranoid rant. SyKoTiK wrote that he thinks the article is inaccurate, but you have a go at him because you think he hasn't read the article. So who isn't reading things?
You wrote "Because they openly and blatenly tried to say "..., well they are either open and blatant or they are trying- they can't be doing both.
BSD being at the code of OSX is a good thing, I would have thought a linux lover would like that. I know I like being able to use unix software and commands.
You are the king of putting your foot in your mouth and I asked for a public apology because your previous post was insulting which is against ET rules. I am still waiting for that apology.
|posted by (2012-04-19 03:44:10)|
First question: Yeah, actually I do have experience in networking, systems architecture, security, software development and MANY other facets of the I.T. industry - oh, and it's backed up by many certifications and roughly 15+ years of actually working in the field designing networks for clients that have hundreds to thousands of clients, servers, and network devices. So, you can go ahead and shove YOUR foot into YOUR mouth now - or any other piece of your anatomy you desire to use for that matter.
Statement about capturing traffic: what you said is basically just a your way of paraphrasing what I already said. Capturing the traffic the bot creates is EXACTLY the same as grabbing a bunch of the packets from an infected host.
Statement about going after the host: how exactly do you propose going after the host, and what would you be going after them for? The hosts didn't do anything wrong other than downloading/installing an infected package. You ALERT the owner(s) of an infected host, but you don't ''go after'' them.
Statement about Apple saying their software can't be infected: Apple has never said that. They have only ever said that their systems are not vulnerable to the same viruses that computers running Windows are. THAT statement is accurate - they're vulnerable to viruses specifically designed for the Mac OS. It's equally as accurate to say that Windows is not vulnerable to the viruses that Mac OS is. But, that might be beyond your level of logic to comprehend that one.
Statement about giving me a ''friendly'' word of advice: NOTHING you said was ''friendly''. If anything, I would classify your post as almost entirely hostile and UN-friendly.
|posted by (2012-04-19 21:51:30)|
|posted by (2012-04-20 00:28:25)|
|@ SyKoTiK could it be at all possible that you work for Apple? Just a hunch!|
|posted by (2012-04-20 03:49:14)|
No, I don't work for Apple. I've only worked on an Apple computer 3 times in my whole life, I don't own an Apple computer, and the ONLY Apple device I own is an iPod [nano] which I didn't even buy - it was given to me.
Someone doesn't have to work for a company to defend it when they see someone else giving false information, such as this article is trying to do since it isn't giving all of the details and is simply very poorly written.
|posted by (2012-04-20 11:03:00)|
|well i think its well written thank you sam as always for keeping us up to date , i have not got a mac so am not bothered|
|my names jeffie and i like apples||
Most Popular Stories