Big targets on linechart
Pretty strait forward. I have a chart with a single series of
data, using a line chart and I want to make the tips more
pronounced. The style I am going for is very much like the
Dashboard example where each point is just bigger then the line so
you can see where its at. I have showDataTips and
showDataTipTargets both set to true. Maybe I need to make the
targets bigger? Thanks to anyone who can help
Hi Mohan,
The target cost calculation in case of mixed costing is always based on the procurement alternative (i.e. production version 1)
used in the according production order. Please check if this is correct.
Regards,Declan
Edited by: Declan Curley on Sep 16, 2011 2:55 PM
Similar Messages
-
Should I buy a Macbook Pro for college? If so which one?
Going to college in a couple of weeks. I was planning on buying a Macbook Pro but I don't really know if I need it or if it's worth the price. I was looking at the 13 inch i5 and i7 versions. If I would buy the i5 one, I would like to upgrade the hard drive to 500G for an extra 50 bucks but was wondering if it was worth just going for the i7 processor version which already includes a 500G hard drive. It would be an extra 250 dollars. Also, if I buy either one of these, will it last me 4-6 years of college? I know that technology goes by fast and would rather spend an extra couple hundred dollars if its going to last me longer. I am majoring in Petroleum Engineering and will not be using much video editing or gaming.
I've been reading many reviews and statements about Macs from all over the internet but I have a few more questions about Macbook Pros. I have always been a PC guy.
Do Macs really stay fast longer? Like doesn't slow down as much.
How limited is the compatibility now days?
Worth the big price tag?
How big of a difference is the i5 and i7 processors?
Can you put a laptop lock on it? It will probably be a big target for thieves and I hear there are many in college.
Should I get Apple Care?
Is there more programs I would need to buy? I am getting a 100 dollar gift card thing to the apple app store but wondering if I need Microsoft Office or something that isn't from the Apple store
The reason I ask these questions is because I would rather have an answer from a community of people with multiple answers and opinions than a biased website or reviewer. Well there will be some biased since this is an apple forum but please answer truthfully and as unbiased as possible please! Thanks!Mac 101
http://www.apple.com/support/switch101/
http://www.apple.com/support/mac101/
http://www.apple.com/support/macbookpro -
Store purchasing: you shouldn't be forced to do it...
Sorry, but the Ovi Store purchasing process for non-phone bill transactions needs to be overhauled.
The current process means that when you are browsing the Ovi Store website and see an app you like, you're forced to;
send a link to your handset
wait for text message
select and activate link
wait for web browser to open, and then the ovi store app to open
click a buy link
re-enter your password for security purposes
select the payment type
and if the system has failed in storing previous credit card details, re-enter these
and finally, press a button to confirm you wish to buy the app.
Now, am I the only one who sees this as highly long winded and counter-intuitive to users actually purchasing apps, let alone being delivered an optimal user expeirence.
So, there needs to be some real change to how Ovi purchasing works from the website. Here's what you need to do:
Add a cart system, allowing users to add in multiple apps at once
Allow users to complete purchases via the website, and once completed deliver apps to handset via queuing method.
Modify the Ovi Store app to check for queued apps, and install these straight away
Allow expert users to download the software directly from the Ovi site (so I can deliver it to my handset without needing to open the app
Allow users to modify and manage credit card information from the Store account pages.
Do this, and you'll have a solid app store expeirence.You can add me to this complaint. Cell phones will be the next big target for hackers as so many are now doing online banking. I wouldn't want my CC# stored anywhere near where someone can get it if the phone is lost or stolen.
I'm surprised that Nokia gets away with some of this - MS was forced to not make IE default browser (at least in Europe), Apple is being sued for tracking advertisements apps now.
The whole Ovi suite needs to be fixed so you can NOT have the components if you don't want them. I don't use the MP3 player, I have Photoshop and do not need Ovi pestering me about what to do with pictures, I can pull the card out and tend to them myself. I don't use any MS product besides the OS, so I don't need an office suite to deal with documents. Just a pdf reader.
And OVI is using dll for all this **bleep**, so you can't block the exe for a module from running!
I like my phone, and I like what it is capable of. I certainly don't like Nokia's software. -
How do I restore my data after my hard drive was replaced?
The hard drive in my iMac failed after I upgraded to Mountain Lion last week. The drive has been replaced and I'd like to restore files from my Time Capsule, if this is possible. However, when I enter Time Machine, there is a long wait while a dialogue box says "Connecting to backup volume" and then, when it becomes available, there are no previous dates before today listed and I can't move backwards, as I've done previously. I know that backups exist because I've used Time Machine before to restore files I've worked on to previous versions - and the capsule is still telling me that it's very nearly full of data. Is there a way to restore to a new hard drive, or is that asking too much of Time Machine? Please forgive my ignorance. I'm worried that I've lost a LOT of irreplaceable files.
Hi again. Okay, so I'm a little embarrassed because I just needed to wait and have faith. I'll leave this here for anyone who is panicking like I was today.
Essentially, I had to allow Time Machine to install a new back-up on the Time Capsule. I resisted this for a while and thought I'd made a mistake in allowing it when it had to discard an old back-up to fit the new one onto the machine. At this point, I was worried that I was losing a valuable older back-up in place of one of an empty-ish drive. But, once this back-up had completed, I was finally able to travel backwards and see the contents of my previous hard drive. I've currently restored my desktop and some personal files and tomorrow I'm going to go for the big targets, like my iTunes library.
Thanks, Apple. -
Can you turn the photos in a slideshow into a video clip?
I have a sequence of 80 or so photos that play very fast and create an animation.
Can I select all the photos and merge them together into a video clip so I can apply video effects and do a fade in for more than 2 frames?Colin, will doing the method you described allow me to apply video effects to the photos as a whole group?
That's correct. The nested sequence essentially functions as one clip, so you can edit it, transform it, add effects or transitions, or do any other operation that you'd do on a single clip unit. For example, if you need to move your series of photos somewhere else in your sequence, you'd have to select all of them; if they're nested, you just have to click one big target to move them.
I think Craig (shooternz) misunderstood your question, and assumed you just wanted to fade up the first photo, but you're talking about fading up over a longer duration, and multiple images. He had the right answer to a different question -
Can a Nook be used with Apple products? I don't want network or virus problems.
Android is the most malware-prone, insecure platform there is - but millions of users seem to survive without dropping like flies!
I can't answer Q.1 but as for Q2:
How safe is your smartphone? (Android is the top malware collector)
A major source of malware, apart from sites like Facebook and Hotmail, is the Android Marketplace:
More than 50 applications available via the official Android Marketplace were initially found to contain a virus.
Analysis suggests that the booby-trapped apps may have been downloaded up to 200,000 times. The apps are also known to be available on unofficial Android stores too. Once a booby-trapped application is installed and run, the virus lurking within, known as DroidDream, sends sensitive data, such as a phone's unique ID number, to a remote server. It also checks to see if a phone has already been infected and, if not, uses known exploits to bypass security controls and give its creator access to the handset. This bestows the ability to install any code on a phone or steal any information from it.
Remote removal of the booby-trapped apps may not solve all the security problems they pose. The remote kill switch will not remove any other code that may have been dropped onto the device as a result of the initial infection.
Moreover, more than 99% of Android phones are potentially leaking data that, if stolen, could be used to get the information they store online.
http://www.bbc.co.uk/news/technology-13422308
The data being leaked is typically used to get at web-based services such as Google Calendar.
The open nature of the Android platform was a boon and a danger, and as Facebook have already discovered it is also a very attractive criminal playground.
http://www.bbc.co.uk/news/technology-12633923
Smartphones and social networking sites are likely to become the next big target for cyber criminals, according to a security industry report.
Symantec's annual threat analysis warns that the technologies are increasingly being used to spread malicious code
Users of Facebook, Twitter and Google's mobile operating system, Android, are said to be particularly vulnerable.
In several cases, the security holes were exploited and used to install harmful software on Android handsets - suggesting that criminals now view smartphone hacking as a potentially lucrative area, and Android is still in the firing line:
http://www.bbc.co.uk/news/uk-15600697
Android: it's getting worse: Juniper found a 400% increase in Android malware from 2009 to the summer of 2010. We have since seen exponential grow in Android malware over the last several months. The Juniper Global Threat Center found that the months of October and November are shaping up to see the fastest growth in Android malware discovery in the history of the platform. The number of malware samples identified in September increased by 28% over the number of the known Android malware samples. October showed a 110% increase in malware sample collection over the previous month and a striking 171% increase from what had been collected up to July 2011.
July 2012: Smartphones running Google's Android software have been hijacked by an illegal botnet, according to a Microsoft researcher.
Botnets are large illegal networks of infected machines - usually desktop or laptop computers - typically used to send out masses of spam email.
Researcher Terry Zink said there was evidence of spam being sent from Yahoo mail servers by Android devices: http://www.bbc.co.uk/news/technology-18720565
One question Juniper always get when discussing our research is if Apple’s iOS is more or less secure than Android? Maybe, but it’s not necessarily because of the security or lack of vulnerabilities in the platforms themselves. The main reason for the malware epidemic on Android is because of different approaches that Apple and Google take to police their application stores. Android’s open applications store model, which the lacks code signing and an application review process that Apple requires, makes it easy for attackers to distribute their malware. There is still no upfront review process in the official Android Market that offers even the hint of a challenge to malware writers that their investment in coding malware will be for naught.
http://globalthreatcenter.com/?p=2492
At least six different varieties of malware were discovered hidden in applications that were distributed through a Chinese download service.
Several pieces of malware were also found on iPhones, however only devices that had been "jailbroken" to bypass Apple's security were affected.
The company's process of pre-vetting all new applications is believed to have spared its devices from a major attack.
(Apple closed out 2011 with a commanding 52.1 percent share of mobile devices tracked browsing the Web, while Google's Android had just 16.2 percent.)
And most recently this:
Millions of people are using Android apps that can be tricked into revealing personal data, research indicates.
Scientists tested 13,500 Android apps and found almost 8% failed to protect bank account and social media logins.
These apps failed to implement standard scrambling systems, allowing "man-in-the-middle" attacks to reveal data that passes back and forth when devices communicate with websites.
http://www.bbc.co.uk/news/technology-20025973
And this:
Freezing an Android phone can help reveal its confidential contents, German security researchers have found.
The team froze phones for an hour as a way to get around the encryption system that protects the data on a phone by scrambling it.
Google introduced the data scrambling system with the latest version of Android called Ice Cream Sandwich.
The attack allowed the researchers to get at contact lists, browsing histories and photos.
http://www.bbc.co.uk/news/technology-21697704
Update from May 2013:
Malware targeting mobile devices is rapidly growing in both the number of variants found in the wild and in their complexity and sophistication, but the only platform being actively targeted is Google's Android, which researchers now say is resembling Windows on the desktop PC.
http://appleinsider.com/articles/13/05/14/mobile-malware-exploding-but-only-for- android
And in early June 2013 a highly toxic trojan began attacking the Android platform:
According to reports:
Obad.a exploits previously unknown Android bugs, uses Bluetooth and Wi-Fi connections to spread to near-by handsets, and allows attackers to issue malicious commands using standard SMS text messages.
By exploiting this vulnerability, malicious applications can enjoy extended Device Administrator privileges without appearing on the list of applications which have such privileges," Unuchek said. "As a result of this, it is impossible to delete the malicious program from the smartphone after it gains extended privileges."
More information here:
http://arstechnica.com/security/2013/06/behold-the-worlds-most-sophisticated-and roid-trojan
A recent study on smartphone malware has found that 92 percent of nefarious mobile software is targeted at Google's Android platform, and the amount of attacks are growing:
The latest data released in June 2013 by Juniper Networks reveals that Android malware has grown at a "staggering rate" over the last three years. In 2010, it accounted for just 24 percent of all mobile malware, while as of this March the platform accounts for nearly all of it.
In the last year alone, the total number of malicious apps has grown 614 percent to 276,259. The annual Mobile Threats support also identified more than 500 third-party Android application stores worldwide that are known to host mobile malware.
http://newsroom.juniper.net/press-releases/juniper-networks-finds-mobile-threats -continue-ram-nyse-jnpr-1029552
The far reaching vulnerability, discovered by San Francisco's Bluebox Security, involves "discrepancies in how Android applications are cryptographically verified & installed, allowing for APK code modification without breaking the cryptographic signature."
Android apps (packaged as an "APK") are signed with an encryption key (just like iOS apps) to prevent a malicious party from changing the code. Signed apps are expressly designed to enable the system to detect any tampering or modification.
However, due to the newly discovered Android flaw, a rogue developer can trick the system into thinking that a compromised app is still legitimate, giving it system wide access to do virtually anything.
"A device affected by this exploit could do anything in the realm of computer malice, including become a part of a botnet, eavesdrop with the microphone, export your data to a third party, encrypt your data and hold it hostage, use your device as a stepping stone to another network, attack your connected PC, send premium SMS messages, perform a DDoS attack against a target, or wipe your device," a representative of the company wrote AppleInsider:
http://appleinsider.com/articles/13/07/03/security-flaw-opens-all-modern-android -devices-to-zombie-botnet-takeover
The problem (with Android) is: that committee design has failed to make Android a good platform for either users or for developers. By not making any hard choices and giving people what they said they wanted, Google simply abandoned the future to cling tenaciously to the past.
Rather than conceptualizing and engineering really new solutions to historical computing problems as Apple did with iOS, Google has only attempted to wrest control away from iOS via volume shipments and has effectively sent mobile computing back in time into the 1990s, resulting in the same malware, spyware, viruses and usability issues of Windows.
http://appleinsider.com/articles/13/07/14/editorial-googles-android-haunted-by-s teve-jobs-warnings-on-app-signing-security
The Department of Homeland Security considers the malware threat from Android so serious that they issued a public warning on July 23, 2013:
http://info.publicintelligence.net/DHS-FBI-AndroidThreats.pdf -
Why remove sync to iTunes for calendar and contacts?
Why in the world would Apple remove the capability to sync your iphone's calendar, contacts and notes to your desktop via iTunes in Mavericks? I can see no benefit whatsoever. Do you really believe everyone wants to use iCloud? I don't care how strong your firewalls are and how well you encrypt data ... a dedicated and motivated hacker can get into your systems and Apple is a huge target.
I was just fine with syncing my calendar and contacts locally on my computer (not a huge target).
Please reinstate this very useful and convenient capability.Do I really have to justify why the feature is useful? Just because you need updates every second and don't mind putting all the personal contact information for your friends and family on a server accessable to the internet and a world of hackers that would love to compromise a big target like iCloud doesn't mean everyone should have to. There are valid reasons to keep your information private and there was a perfectly useful option to make that easy. There is a huge list of top tech companies that have been breached by determined and motivated hackers (read Sony, Microsoft, and even developer.apple.com). It makes no sense to me to remove a useful tool and force everyone to entrust their personal information to a third party (any third party). Options are good. Choice lets everyone satisfy their needs.
-
I am trying to learn how to make a dvd, so I opened iDVD and selected "Tutorial".
1) I hear the audio, but the audio sounds like an echo, it starts then the voice over overlaps.
2) I get all the symbol of a video playing, but no pictures
I am running snow leopards 10.6.8 and iLife 11, by the way earlier i blindly created a dvd,by adding some AVI files into it and burned it.
It worked visually, but the selection of files is very confusing,thats why i went to the tutorial.
Also I wanted to find out what version iDVD i have, but when i look into it "About iDVD" was not highlighted.
Any help or enlightenment on the above?There are no viruses known that have ever succesfully attacked Apple OS X. Other types of malware, like Trojans, are another matter - if you allow them to be installed.
You may find this User Tip on Viruses, Trojan Detection and Removal, as well as general Internet Security and Privacy, useful:
https://discussions.apple.com/docs/DOC-1848
First update the MacScan malware definitions before scanning. You can also contact their support team for any additional support - [email protected]
Security of OS X generally:
http://www.apple.com/macosx/security/
http://www.nsa.gov/ia/_files/os/applemac/I731-007R-2007.pdf
Security Configuration for Version 10.5 Leopard:
http://images.apple.com/server/macosx/docs/Leopard_Security_Config_2nd_Ed.pdf
This Blog entry is also worth a read:
http://blog.damballa.com/?p=1055
UPDATES:
Another source of malware, apart from sites like Facebook and Hotmail, is the Android Marketplace:
More than 50 applications available via the official Android Marketplace have been found to contain a virus.
Analysis suggests that the booby-trapped apps may have been downloaded up to 200,000 times. The apps are also known to be available on unofficial Android stores too. Once a booby-trapped application is installed and run, the virus lurking within, known as DroidDream, sends sensitive data, such as a phone's unique ID number, to a remote server. It also checks to see if a phone has already been infected and, if not, uses known exploits to bypass security controls and give its creator access to the handset. This bestows the ability to install any code on a phone or steal any information from it.
Remote removal of the booby-trapped apps may not solve all the security problems they pose. The remote kill switch will not remove any other code that may have been dropped onto the device as a result of the initial infection.
Moreover, more than 99% of Android phones are potentially leaking data that, if stolen, could be used to get the information they store online.
http://www.bbc.co.uk/news/technology-13422308
The data being leaked is typically used to get at web-based services such as Google Calendar.
The open nature of the Android platform was a boon and a danger, and as Facebook have already discovered it is also a very attractive criminal playground.
http://www.bbc.co.uk/news/technology-12633923
How safe is your smartphone?
Smartphones and social networking sites are likely to become the next big target for cyber criminals, according to a security industry report.
Symantec's annual threat analysis warns that the technologies are increasingly being used to spread malicious code.
Users of Facebook, Twitter and Google's mobile operating system, Android, are said to be particularly vulnerable.
In several cases, the security holes were exploited and used to install harmful software on Android handsets - suggesting that criminals now view smartphone hacking as a potentially lucrative area.
At least six different varieties of malware were discovered hidden in applications that were distributed through a Chinese download service.
Several pieces of malware were also found on iPhones, however only devices that had been "jailbroken" to bypass Apple's security were affected.
The company's process of pre-vetting all new applications is believed to have spared its devices from a major attack.
The company estimates that one in six links posted on Facebook pages are connected to malicious software.
http://www.bbc.co.uk/news/technology-12967254
to which Facebook has responded:
"Facebook and Internet security company Web of Trust (WOT) will provide Facebook users with a feature that protects them against dubious Web links, the companies said this week.
When a Facebook user clicks on a link that leads to a page with a poor reputation rating given by the WOT community, the user will receive a warning message. Typically, the sites with a poor reputation are known for phishing, untrustworthy content, fraudulent services or other scams."
http://www.macworld.co.uk/news/index.cfm?olo=email&NewsID=3279603
Newly discovered malicious software dubbed "MACDefender" takes aim at users of the Mac OS X operating system by automatically downloading a file through JavaScript. But users must also agree to install the software, leaving the potential threat limited.
The new MACDefender malware was first noted on April 30, 2011 by users of the Apple Support Communities, and was highlighted by antivirus company Intego. If the right settings are enabled in Apple's Safari browser, MACDefender can be downloaded to a system after a user clicks a link while searching the Internet.
"When a user clicks a link after performing a search on a search engine such as Google, this takes them to a web site whose page contains JavaScript that automatically downloads a file," Intego said. "In this case, the file downloaded is a compressed ZIP archive, which, if a specific option in a web browser is checked (Open 'safe' files after downloading in Safari, for example), will open."
However, users must still agree to install the malware after it downloads. After the ZIP file is extracted, users are presented with the "MACDefender Setup Installer," at which point they must agree to continue and provide an administrator password.
Because of the fact that users must agree to install the software and provide a password, Intego categorized the threat with MACDefender as "low."
Users on Apple's support forums advise killing active processes from the application using the Mac OS X Activity Monitor. MACDefender can then be deleted from the Applications folder by dragging it into the trash.
The malware is not to be confused with MacDefender, the maker of geocaching software including GCStatistic and DTmatrix. The company noted on its site it is not affiliated with the malware.
Malware spreads through search engines like Google via a method known as "SEO poisoning." The sites are designed to game search engine algorithms and show up when users search for certain topics.
The latest threat to the Mac OS is the Weyland-Yutani BOT, which is described as a DIY crimewave kit that supports web injects and form grabbing in Firefox; however both Chrome and Safari will soon follow. 'Form grabbing' is a way of collecting passwords:
http://www.csis.dk/en/csis/blog/3195/
Additional reading:
"Antivirus Software On Your Mac: Yes or No?"
http://gigaom.com/apple/antivirus-software-on-your-mac-yes-or-no/ -
Is Mac Protector a real antivirus or a virus itself?
Some days ago something completely unexpected happened to me. I got a horrible red message saying I had a virus. My computer was blocked, there was nothing I could do. But I also got a message telling me to buy an antivirus. It is called mac Protector. I gave in. I was charged 59.90 $ by "exploreyourcomputer Baku AZ" some days later. Just in case, I have cancelled the credit card I used to pay for it. Now, apparently I have a antivirus, but I am wondering whether it might be in fact a virus that pretends to be an antivirus. Might me data be in danger without me noticing anything?
You should be safe now. Some banks/credit card companies have refunded the $60, others haven't - according to reports I have read.
Internet security is important. There are no viruses yet found that can attach Apple OS X, but Trojans are an entirely different matter.
You may find this User Tip on Viruses, Trojan Detection and Removal, as well as general Internet Privacy, useful:
https://discussions.apple.com/docs/DOC-1848
Regarding MacScan, First update the MacScan malware definitions before scanning. You can also contact their support team for any additional support - [email protected]
Security of OS X generally:
http://www.apple.com/macosx/security/
http://www.nsa.gov/ia/_files/os/applemac/I731-007R-2007.pdf
Security Configuration for Version 10.5 Leopard:
http://images.apple.com/server/macosx/docs/Leopard_Security_Config_2nd_Ed.pdf
This Blog entry is also worth a read:
http://blog.damballa.com/?p=1055
UPDATES:
Another source of malware, apart from sites like Facebook and Hotmail, is the Android Marketplace:
More than 50 applications available via the official Android Marketplace have been found to contain a virus.
Analysis suggests that the booby-trapped apps may have been downloaded up to 200,000 times. The apps are also known to be available on unofficial Android stores too. Once a booby-trapped application is installed and run, the virus lurking within, known as DroidDream, sends sensitive data, such as a phone's unique ID number, to a remote server. It also checks to see if a phone has already been infected and, if not, uses known exploits to bypass security controls and give its creator access to the handset. This bestows the ability to install any code on a phone or steal any information from it.
Remote removal of the booby-trapped apps may not solve all the security problems they pose. The remote kill switch will not remove any other code that may have been dropped onto the device as a result of the initial infection.
Moreover, more than 99% of Android phones are potentially leaking data that, if stolen, could be used to get the information they store online.
http://www.bbc.co.uk/news/technology-13422308
The data being leaked is typically used to get at web-based services such as Google Calendar.
The open nature of the Android platform was a boon and a danger, and as Facebook have already discovered it is also a very attractive criminal playground.
http://www.bbc.co.uk/news/technology-12633923
How safe is your smartphone?
Smartphones and social networking sites are likely to become the next big target for cyber criminals, according to a security industry report.
Symantec's annual threat analysis warns that the technologies are increasingly being used to spread malicious code.
Users of Facebook, Twitter and Google's mobile operating system, Android, are said to be particularly vulnerable.
In several cases, the security holes were exploited and used to install harmful software on Android handsets - suggesting that criminals now view smartphone hacking as a potentially lucrative area
At least six different varieties of malware were discovered hidden in applications that were distributed through a Chinese download service.
Several pieces of malware were also found on iPhones, however only devices that had been "jailbroken" to bypass Apple's security were affected.
The company's process of pre-vetting all new applications is believed to have spared its devices from a major attack.
The company estimates that one in six links posted on Facebook pages are connected to malicious software.
http://www.bbc.co.uk/news/technology-12967254
to which Facebook has responded:
"Facebook and Internet security company Web of Trust (WOT) will provide Facebook users with a feature that protects them against dubious Web links, the companies said this week.
When a Facebook user clicks on a link that leads to a page with a poor reputation rating given by the WOT community, the user will receive a warning message. Typically, the sites with a poor reputation are known for phishing, untrustworthy content, fraudulent services or other scams."
http://www.macworld.co.uk/news/index.cfm?olo=email&NewsID=3279603
Newly discovered malicious software dubbed "MACDefender" takes aim at users of the Mac OS X operating system by automatically downloading a file through JavaScript. But users must also agree to install the software, leaving the potential threat limited.
The new MACDefender malware was first noted on April 30, 2011 by users of the Apple Support Communities, and was highlighted by antivirus company Intego. If the right settings are enabled in Apple's Safari browser, MACDefender can be downloaded to a system after a user clicks a link while searching the Internet.
"When a user clicks a link after performing a search on a search engine such as Google, this takes them to a web site whose page contains JavaScript that automatically downloads a file," Intego said. "In this case, the file downloaded is a compressed ZIP archive, which, if a specific option in a web browser is checked (Open 'safe' files after downloading in Safari, for example), will open."
However, users must still agree to install the malware after it downloads. After the ZIP file is extracted, users are presented with the "MACDefender Setup Installer," at which point they must agree to continue and provide an administrator password.
Because of the fact that users must agree to install the software and provide a password, Intego categorized the threat with MACDefender as "low."
Users on Apple's support forums advise killing active processes from the application using the Mac OS X Activity Monitor. MACDefender can then be deleted from the Applications folder by dragging it into the trash.
The malware is not to be confused with MacDefender, the maker of geocaching software including GCStatistic and DTmatrix. The company noted on its site it is not affiliated with the malware.
Malware spreads through search engines like Google via a method known as "SEO poisoning." The sites are designed to game search engine algorithms and show up when users search for certain topics.
The latest threat to the Mac OS is the Weyland-Yutani BOT, which is described as a DIY crimewave kit that supports web injects and form grabbing in Firefox; however both Chrome and Safari will soon follow. 'Form grabbing' is a way of collecting passwords:
http://www.csis.dk/en/csis/blog/3195/
Additional reading:
"Antivirus Software On Your Mac: Yes or No?"
http://gigaom.com/apple/antivirus-software-on-your-mac-yes-or-no/ -
Is AntiVirus protection neededon New iMac
Bought new iMac,,,Do I need Antivirus program...Best Buy gave me TrendMicro for 6 months but have not installed...also what do u guys think about need for Apple Care????thanks....
You may find this User Tip on Viruses, Trojan Detection and Removal, as well as general Internet Security and Privacy, useful:
https://discussions.apple.com/docs/DOC-1848
Regarding MacScan, First update the MacScan malware definitions before scanning. You can also contact their support team for any additional support - [email protected]
Security of OS X generally:
http://www.apple.com/macosx/security/
http://www.nsa.gov/ia/_files/os/applemac/I731-007R-2007.pdf
Security Configuration for Version 10.5 Leopard:
http://images.apple.com/server/macosx/docs/Leopard_Security_Config_2nd_Ed.pdf
This Blog entry is also worth a read:
http://blog.damballa.com/?p=1055
UPDATES:
Another source of malware, apart from sites like Facebook and Hotmail, is the Android Marketplace:
More than 50 applications available via the official Android Marketplace have been found to contain a virus.
Analysis suggests that the booby-trapped apps may have been downloaded up to 200,000 times. The apps are also known to be available on unofficial Android stores too. Once a booby-trapped application is installed and run, the virus lurking within, known as DroidDream, sends sensitive data, such as a phone's unique ID number, to a remote server. It also checks to see if a phone has already been infected and, if not, uses known exploits to bypass security controls and give its creator access to the handset. This bestows the ability to install any code on a phone or steal any information from it.
Remote removal of the booby-trapped apps may not solve all the security problems they pose. The remote kill switch will not remove any other code that may have been dropped onto the device as a result of the initial infection.
Moreover, more than 99% of Android phones are potentially leaking data that, if stolen, could be used to get the information they store online.
http://www.bbc.co.uk/news/technology-13422308
The data being leaked is typically used to get at web-based services such as Google Calendar.
The open nature of the Android platform was a boon and a danger, and as Facebook have already discovered it is also a very attractive criminal playground.
http://www.bbc.co.uk/news/technology-12633923
How safe is your smartphone?
Smartphones and social networking sites are likely to become the next big target for cyber criminals, according to a security industry report.
Symantec's annual threat analysis warns that the technologies are increasingly being used to spread malicious code.
Users of Facebook, Twitter and Google's mobile operating system, Android, are said to be particularly vulnerable.
In several cases, the security holes were exploited and used to install harmful software on Android handsets - suggesting that criminals now view smartphone hacking as a potentially lucrative area.
At least six different varieties of malware were discovered hidden in applications that were distributed through a Chinese download service.
Several pieces of malware were also found on iPhones, however only devices that had been "jailbroken" to bypass Apple's security were affected.
The company's process of pre-vetting all new applications is believed to have spared its devices from a major attack.
The company estimates that one in six links posted on Facebook pages are connected to malicious software.
http://www.bbc.co.uk/news/technology-12967254
to which Facebook has responded:
"Facebook and Internet security company Web of Trust (WOT) will provide Facebook users with a feature that protects them against dubious Web links, the companies said this week.
When a Facebook user clicks on a link that leads to a page with a poor reputation rating given by the WOT community, the user will receive a warning message. Typically, the sites with a poor reputation are known for phishing, untrustworthy content, fraudulent services or other scams."
http://www.macworld.co.uk/news/index.cfm?olo=email&NewsID=3279603
Newly discovered malicious software dubbed "MACDefender" takes aim at users of the Mac OS X operating system by automatically downloading a file through JavaScript. But users must also agree to install the software, leaving the potential threat limited.
The new MACDefender malware was first noted on April 30, 2011 by users of the Apple Support Communities, and was highlighted by antivirus company Intego. If the right settings are enabled in Apple's Safari browser, MACDefender can be downloaded to a system after a user clicks a link while searching the Internet.
"When a user clicks a link after performing a search on a search engine such as Google, this takes them to a web site whose page contains JavaScript that automatically downloads a file," Intego said. "In this case, the file downloaded is a compressed ZIP archive, which, if a specific option in a web browser is checked (Open 'safe' files after downloading in Safari, for example), will open."
However, users must still agree to install the malware after it downloads. After the ZIP file is extracted, users are presented with the "MACDefender Setup Installer," at which point they must agree to continue and provide an administrator password.
Because of the fact that users must agree to install the software and provide a password, Intego categorized the threat with MACDefender as "low."
Users on Apple's support forums advise killing active processes from the application using the Mac OS X Activity Monitor. MACDefender can then be deleted from the Applications folder by dragging it into the trash.
The malware is not to be confused with MacDefender, the maker of geocaching software including GCStatistic and DTmatrix. The company noted on its site it is not affiliated with the malware.
Malware spreads through search engines like Google via a method known as "SEO poisoning." The sites are designed to game search engine algorithms and show up when users search for certain topics.
The latest threat to the Mac OS is the Weyland-Yutani BOT, which is described as a DIY crimewave kit that supports web injects and form grabbing in Firefox; however both Chrome and Safari will soon follow. 'Form grabbing' is a way of collecting passwords:
http://www.csis.dk/en/csis/blog/3195/
Additional reading:
"Antivirus Software On Your Mac: Yes or No?"
http://gigaom.com/apple/antivirus-software-on-your-mac-yes-or-no/ -
Sorry if this is the wrong place, I couldn't find another place to ask this.
Can anyone give me as much information as possible about the security of the linux kernel and why it doesn't get viruses. A lot of PC users say that it isn't secure, it just doesn't get viruses and stuff because people don't write them for Macs. Is this true? Also what about how hard it is to hack macs vs. PCs?
This is an issue I want to understand. Be as technical as possible. I will follow it. I really want to know the nitty-gritty details between Windows and Mac when it comes to security and the debate about macs getting less viruses than Windows.
Please provide as much information as possible. Any links to webpages with information regarding this information is appreciated also. Hopefully you all understand about what issue I am trying to gain information about here. It seems to be a common one.> Can anyone give me as much information as possible about the security of the linux kernel and why it doesn't get viruses
I don't know anything about the Linux kernel, but I can answer some of the questions related to Windows vs. everything else.
First, bear in mind that your question is very broad and that not everything is going to apply to all cases - Macs, Linux and UNIX systems can be configured to be insecure, just like Windows can be secured if you're prepared to go out of your way to make it so, and that's the crux of it.
At its simplest level, by default, out of the box the entire Mac OS X system is setup so that users can do what the need to do and have to go the extra mile (usually including some form of authentication) before they do anything that might impact the OS or other users.
For example, on Mac OS X you can't install any code that runs at the system-level (e.g. drivers, keystroke loggers, trojans, etc.) without authenticating. Sure, these pieces of code can exist (writing a key logger isn't hard) but getting them deployed is a major headache.
By comparison, on Windows a trojan can install itself when the user does nothing more than view an email or visit a web page. There's no warning, notice or visual clue that it's happening.
Now, Windows Vista does change that somewhat - at least it now tells you that a trojan app wants to install itself, but it doesn't do it in any way that authenticates the current user and, by all accounts, pops up its warning messages so frequently that users are already tuned to just acknowledging the alert without reading or considering the consequences (you may have seen the Apple ad hinting at this one).
So the first level of security is a big one - you need to authenticate in order to make changes to system-level configurations.
Note also that this can change in a Windows network where the network admins control everything at the server-level. These setups are common in enterprise setups and the accounts are managed centrally, often to the point where users cannot run applications other than those on an 'approved' list. This enforces the concept of authentication before doing anything that might be malicious, but is only available in a network, not standalone environment. Of course, Microsoft would love for everyone to deploy a Windows Server and buy client licenses (tax) for every device they want to connect to the server, but that's just not going to happen in a home environment.
There is some weight behind the argument that the Mac and Linux markets are smaller and therefore smaller targets, but that's only part of the picture.
If the Mac OS was as insecure as Windows, and the malicious code author had the same chance of infecting a Mac as he has infecting a Windows machine then the Mac would be more of a target.
I don't know the exact numbers, but lets say there are 100 million Windows PCs and 10 million Macs. 10 million is still a big target and any hacker would love to infect 10 million boxes. However, the chance of infecting the PC may be 80% (the default is to install the malware) whereas the chance of infecting the Mac may be 5% (remember, the Mac requires authentication before any malicious code could be installed, so it's still possible to do if the user isn't cautious).
That means that the actual 'market' for the hacker is 80 million PCs vs. 500,000 Macs. Now you see why the raw market share value isn't so relevant. Even if Macs had 50% of the market, there would still be a lower chance of infecting the machine (40 million infected PCs vs. 2.5 million infected Macs).
Now, that's not to say that any OS is truly secure. Bad programming can lead to problems on any system. There's a lot of press attention at the moment regarding 'buffer overflow' attacks where malicious users can force an application to do something it wouldn't normally do by passing it invalid data. A well-written program would examine the data before processing it, discarding anything that isn't valid, but often applications try to process the data and crash.
These kind of problems can exist anywhere. Even OpenBSD, considered one of the more secure OSes, was recently identified as having an exploitable buffer overflow problem.
This leads into the whole 'open source' argument of whether open source code is more secure or not.
Windows Vista is reported to be about 50 million lines of code.
Those 50 million lines of code are proprietary to Microsoft and few people outside of Microsoft have seen them or been able to verify them for buffer overflow problems.
By comparison, Mac OS X contains approximately 86 million lines of code, which is significantly more, but a good chunk of that is available as open source, either through the Darwin project, or via the numerous open source products that are bundled in with the system.
All that open source code is viewable by anyone. A number of people would argue that this means anyone can find and target any bug in the code, but it also means that anyone can find and fix any bug. If you prefer to believe that there are more good people in the world than then are bad, this model seems to work in the Mac's favor. Despite Apple's smaller market and smaller engineering/development teams, there are more people able to look at the code and report problems that Apple can fix in future updates.
There are many more facets to the argument, but my fingers are waning. I'll let others post their thoughts, too and come back later. -
I have this code, it works, but I only get one text field for
description when clicking on a thumbnail. I need 3 textfields on
top the name, then the description, and on bottom a text field for
a number. How can I add thos other two? I tried and it kind of
worked but it became a mess, cause the code counts the number of
images, so when I add more childnodes for the name and number it
messes up. HEre's the code:
all design and code copyright (c) www.lukamaras.com
/* -------------------- setting the variables
var menuSpeed:Number = 6;
var menuDown:Button = menuDown_btn;
var menuUp:Button = menuUp_btn;
menuUp._alpha = 0;
menuUp.enabled = false;
var firstLook:Boolean = true;
var menuButtons:MovieClip = galleryMenu_mc.buttonsHolder_mc;
var galleryMask:MovieClip = galleryMenu_mc.galleryMask_mc;
galleryMask._height = 391;
var imagesHolder:MovieClip = imagesHolder_mc;
var descText:TextField = desc_txt;
var imagesInGallery:Array = new Array();
var galleryNames:Array = new Array();
var galleryIntros:Array = new Array();
var descriptions:Array = new Array();
var tracker:Number = new Number();
var whatIsLoading:String = new String();
var galleryBtnLeftMargin:Number = 10;
var galleryBtnUpperMargin:Number = 60;
var galleryBtnVSpace:Number = 23;
var thumbMarginX:Number = 96;
var thumbMarginY:Number = 68;
/* -------------------- Aligning and positioning
imagesHolder_mc, the logo and the description text field
imagesHolder._x = 243;
imagesHolder._y = galleryBtnUpperMargin;
logo_mc._x = logo_mc._y=galleryBtnLeftMargin;
desc_txt._x = 243;
desc_txt._y = 400;
/* -------------------- The welcome text --------------------
descText.text = "Click on a gallery name on the left to load
its thumbnails. Remember, you can click on a thumbnail only when
all the thumbnails in a gallery have been loaded. When you click on
a thumbnail to see the big image, clicking on the big image will
close it and you will return to the gallery. Use the button(s)
above the galleries to scroll through them.";
/* -------------------- Importing and defining the DropShadow
filter -------------------- */
import flash.filters.DropShadowFilter;
var shadowEffect:DropShadowFilter = new DropShadowFilter(3,
45, 0x000000, 100, 3, 3, 1, 3);
var thumbsFilter:Array = [shadowEffect];
/* -------------------- MovieClipLoader & Listener
var loader:MovieClipLoader = new MovieClipLoader();
var myListener:Object = new Object();
loader.addListener(myListener);
myListener.onLoadInit = function(target:MovieClip) {
if (whatIsLoading == "thumb") {
currentThumbnail.percent_txt._visible = false;
currentThumbnail.filters = thumbsFilter;
thumbClickable();
tracker++;
if (tracker<howManyImages) {
loadThumbnail();
} else {
enableThumbs();
} else if (whatIsLoading == "big") {
target._alpha = 0;
displayBigImage.percent_txt._visible = false;
displayBigImage.filters = thumbsFilter;
bigClickable();
fadeIn();
myListener.onLoadProgress = function(target:MovieClip,
loaded:Number, total:Number) {
percent = Math.floor(loaded/total*100);
if (whatIsLoading == "thumb") {
currentThumbnail.percent_txt._visible = true;
currentThumbnail.percent_txt.text = percent+"%";
} else if (whatIsLoading == "big") {
displayBigImage.percent_txt._visible = true;
displayBigImage.percent_txt.text = percent+"%";
/* -------------------- loading XML -------------------- */
var imageGallery:XML = new XML();
imageGallery.ignoreWhite = true;
imageGallery.onLoad = function(success) {
if (success) {
parseGalleries();
} else {
descText.text = "Sorry the image data just didn't load.";
imageGallery.load("gallery/gallery.xml");
/* -------------------- parsing XML -------------------- */
function parseGalleries():Void {
if (imageGallery.firstChild.nodeName == "galleries") {
var rootNode:XMLNode = imageGallery.firstChild;
for (i=0; i<rootNode.childNodes.length; i++) {
if (rootNode.childNodes
.nodeName == "gallery") {
currentGallery = rootNode.childNodes;
imagesInGallery.push(currentGallery.childNodes.length);
galleryNames.push(currentGallery.attributes.title);
galleryIntros.push(currentGallery.attributes.intro);
currentGalleryTitle = rootNode.childNodes
.attributes.title;
currentGalleryButton =
galleryMenu_mc.buttonsHolder_mc.attachMovie("gallery section
button", "galleryButton"+i,
galleryMenu_mc.buttonsHolder_mc.getNextHighestDepth());
currentGalleryButton._x = 0;
currentGalleryButton._y = galleryBtnVSpace*i;
currentGalleryButton.sectionTitle_txt.text = "0"+(i+1)+"
"+currentGalleryTitle.toUpperCase();
for (j=0; j<currentGallery.childNodes.length; j++) {
if (currentGallery.childNodes[j].nodeName == "image") {
currentDescription =
currentGallery.childNodes[j].firstChild.toString();
descriptions.push(currentDescription);
numberOfGalleries = i;
enableButtons(numberOfGalleries);
function enableButtons(numberOfGalleries:Number):Void {
for (i=0; i<numberOfGalleries; i++) {
pressedButton =
galleryMenu_mc.buttonsHolder_mc["galleryButton"+i];
pressedButton.onRollOver = function():Void {
this.gotoAndStop(2);
pressedButton.onRollOut = function():Void {
this.gotoAndStop(1);
pressedButton.onPress = function():Void {
removeMovieClip(thumbsDisplayer);
removeMovieClip(displayBigImage);
tracker = 0;
thumbsDisplayer =
imagesHolder.createEmptyMovieClip("thumbsDisplayer_mc",
imagesHolder.getNextHighestDepth());
clickedGallery = Number(this._name.substr(13));
howManyImages = imagesInGallery[clickedGallery];
whichGallery = galleryNames[clickedGallery];
descText.text = galleryIntros[clickedGallery];
currentRow = 0;
currentColumn = 0;
loadThumbnail();
enableGalleryNavigation();
function loadThumbnail() {
currentThumbnail = thumbsDisplayer.attachMovie("thumbnail
holder", "thumbnail"+(tracker+1),
thumbsDisplayer.getNextHighestDepth());
target = currentThumbnail.thumbImage_mc;
if ((tracker%5) == 0 && tracker != 0) {
currentRow += 1;
if (currentColumn>3) {
currentColumn = 0;
} else if (tracker == 0) {
currentColumn = 0;
} else {
currentColumn += 1;
currentThumbnail._x = currentColumn*thumbMarginX;
currentThumbnail._y = currentRow*thumbMarginY;
currentThumbnail.percent_txt._visible = true;
thumbNumber = currentThumbnail._name.substr(9);
thumbPath =
"gallery/"+whichGallery+"/thumbs/"+thumbNumber+".jpg";
whatIsLoading = "thumb";
loader.loadClip(thumbPath, target);
function thumbClickable():Void {
currentThumbnail.onPress = function() {
bigNumber = this._name.substr(9);
displayBigImage = imagesHolder.attachMovie("big image
holder", "bigImage_mc", imagesHolder.getNextHighestDepth());
target = displayBigImage.imageHolder_mc;
bigImagePath = "gallery/"+whichGallery+"/"+bigNumber+".jpg";
whatIsLoading = "big";
disableThumbs();
loader.loadClip(bigImagePath, target);
if (clickedGallery>0) {
var descPosition:Number = 0;
for (i=0; i<clickedGallery; i++) {
descPosition += imagesInGallery;
descPosition = descPosition+Number(bigNumber)-1;
imageDesc = descriptions[descPosition];
} else {
imageDesc = descriptions[Number(bigNumber)-1];
descText.text = imageDesc;
currentThumbnail.enabled = false;
function disableThumbs():Void {
for (i=0; i<howManyImages; i++) {
thumbsDisplayer["thumbnail"+(i+1)].enabled = false;
function enableThumbs():Void {
for (i=0; i<howManyImages; i++) {
thumbsDisplayer["thumbnail"+(i+1)].enabled = true;
function bigClickable():Void {
displayBigImage.onPress = function() {
removeMovieClip(this);
enableThumbs();
descText.text = galleryIntros[clickedGallery];
function fadeIn():Void {
target.onEnterFrame = function():Void {
this._alpha += 10;
if (this._alpha>=100) {
delete this.onEnterFrame;
this._alpha = 100;
function enableGalleryNavigation():Void {
menuDown.onPress = function() {
if (firstLook) {
menuUp._alpha = 100;
menuUp.enabled = true;
firstLook = false;
var menuTop:Number =
menuButtons._height-Math.abs(menuButtons._y);
if (menuButtons._y<=0 &&
menuTop>=galleryMask._height) {
var targetPos:Number = menuButtons._y-galleryMask._height;
menuDown.enabled = false;
menuUp.enabled = false;
menuButtons.onEnterFrame = function():Void {
menuButtons._y += (targetPos-menuButtons._y)/menuSpeed;
if (menuButtons._y<=(targetPos+0.8)) {
menuButtons._y = Math.round(targetPos);
delete menuButtons.onEnterFrame;
menuDown.enabled = true;
menuUp.enabled = true;
menuUp.onPress = function() {
var menuTop:Number =
menuButtons._height-Math.abs(menuButtons._y);
if (menuButtons._y<0 && menuTop>0) {
var targetPos:Number = menuButtons._y+galleryMask._height;
menuDown.enabled = false;
menuUp.enabled = false;
menuButtons.onEnterFrame = function():Void {
menuButtons._y += (-menuButtons._y+targetPos)/menuSpeed;
if (menuButtons._y>=(targetPos-0.8)) {
menuButtons._y = Math.round(targetPos);
delete menuButtons.onEnterFrame;
menuDown.enabled = true;
menuUp.enabled = true;Hi. Although a very, very late reply, I was also rather
concerned about the documentation. There are some pdf files
relating to version 3, which might me of some use. Apparently,
there is going to be a comprehensive printed manual with the next
version, I am told... -
Hi, I just spent a fourtune on a new mac and peripherals, and will be buying another one next month for my business.
I really want to find a way to help protect my investment from theft. I've seen ads for stuff that is like a lojack for computer laptops.
Is there anything for mac that is a good buy? Or insurance? If it was a cheap PC I wouldnt worry as much, but apple is so expensive.
This is one area where I would really LOVE for apple to track my computer!
Thanks!Protecting from theft is one thing - you can physically chain it to your desk!
Getting it back again is another: MacKeeper (not free) includes anti-theft tracking:
http://mackeeper.zeobit.com/security
As for insurance, search around but make sure that the cover includes business use.
You don't mention internet security etc., so I will:
You may find this User Tip on Viruses, Trojan Detection and Removal, as well as general Internet Privacy, useful:
https://discussions.apple.com/docs/DOC-1848
Regarding MacScan, First update the MacScan malware definitions before scanning. You can also contact their support team for any additional support - [email protected]
[b]Security of OS X generally:[/b]
http://www.apple.com/macosx/security/
http://www.nsa.gov/ia/_files/os/applemac/I731-007R-2007.pdf
Security Configuration for Version 10.5 Leopard:
http://images.apple.com/server/macosx/docs/Leopard_Security_Config_2nd_Ed.pdf
This Blog entry is also worth a read:
http://blog.damballa.com/?p=1055
UPDATES:
Another source of malware, apart from sites like Facebook and Hotmail, is the Android Marketplace:
More than 50 applications available via the official Android Marketplace have been found to contain a virus.
Analysis suggests that the booby-trapped apps may have been downloaded up to 200,000 times. The apps are also known to be available on unofficial Android stores too. Once a booby-trapped application is installed and run, the virus lurking within, known as DroidDream, sends sensitive data, such as a phone's unique ID number, to a remote server. It also checks to see if a phone has already been infected and, if not, uses known exploits to bypass security controls and give its creator access to the handset. This bestows the ability to install any code on a phone or steal any information from it.
Remote removal of the booby-trapped apps may not solve all the security problems they pose. The remote kill switch will not remove any other code that may have been dropped onto the device as a result of the initial infection.
The open nature of the Android platform was a boon and a danger, and as Facebook have already discovered it is also a very attractive criminal playground.
http://www.bbc.co.uk/news/technology-12633923
How safe is your smartphone?
Smartphones and social networking sites are likely to become the next big target for cyber criminals, according to a security industry report.
Symantec's annual threat analysis warns that the technologies are increasingly being used to spread malicious code.
Users of Facebook, Twitter and Google's mobile operating system, Android, are said to be particularly vulnerable.
In several cases, the security holes were exploited and used to install harmful software on Android handsets - suggesting that criminals now view smartphone hacking as a potentially lucrative area.
At least six different varieties of malware were discovered hidden in applications that were distributed through a Chinese download service.
Several pieces of malware were also found on iPhones, however only devices that had been "jailbroken" to bypass Apple's security were affected.
The company's process of pre-vetting all new applications is believed to have spared its devices from a major attack.
The company estimates that one in six links posted on Facebook pages are connected to malicious software.
http://www.bbc.co.uk/news/technology-12967254
Newly discovered malicious software dubbed "MACDefender" takes aim at users of the Mac OS X operating system by automatically downloading a file through JavaScript. But users must also agree to install the software, leaving the potential threat limited.
The new MACDefender malware was first noted on April 30, 2011 by users of the Apple Support Communities, and was highlighted on Monday by antivirus company Intego. If the right settings are enabled in Apple's Safari browser, MACDefender can be downloaded to a system after a user clicks a link while searching the Internet.
"When a user clicks a link after performing a search on a search engine such as Google, this takes them to a web site whose page contains JavaScript that automatically downloads a file," Intego said. "In this case, the file downloaded is a compressed ZIP archive, which, if a specific option in a web browser is checked (Open 'safe' files after downloading in Safari, for example), will open."
However, users must still agree to install the malware after it downloads. After the ZIP file is extracted, users are presented with the "MACDefender Setup Installer," at which point they must agree to continue and provide an administrator password.
Because of the fact that users must agree to install the software and provide a password, Intego categorized the threat with MACDefender as "low."
Users on Apple's support forums advise killing active processes from the application using the Mac OS X Activity Monitor. MACDefender can then be deleted from the Applications folder by dragging it into the trash.
The malware is not to be confused with MacDefender, the maker of geocaching software including GCStatistic and DTmatrix. The company noted on its site it is not affiliated with the malware.
Malware spreads through search engines like Google via a method known as "SEO poisoning." The sites are designed to game search engine algorithms and show up when users search for certain topics.
Additional reading:
"Antivirus Software On Your Mac: Yes or No?"
http://gigaom.com/apple/antivirus-software-on-your-mac-yes-or-no/ -
Is there an Apple Security site that removes trojans?
I received a message on my MAC desktop that said that I had Trojans on my MAC and that Apple Security would remove it. Is this true?
No.
It's scamware/scareware/potentional malware trying to lure you into installing something.
You may find this User Tip on Viruses, Trojan Detection and Removal, as well as general Internet Privacy, useful:
https://discussions.apple.com/docs/DOC-1848
Regarding MacScan, First update the MacScan malware definitions before scanning. You can also contact their support team for any additional support - [email protected]
[b]Security of OS X generally:[/b]
http://www.apple.com/macosx/security/
http://www.nsa.gov/ia/_files/os/applemac/I731-007R-2007.pdf
Security Configuration for Version 10.5 Leopard:
http://images.apple.com/server/macosx/docs/Leopard_Security_Config_2nd_Ed.pdf
This Blog entry is also worth a read:
http://blog.damballa.com/?p=1055
UPDATES:
Another source of malware, apart from sites like Facebook and Hotmail, is the Android Marketplace:
More than 50 applications available via the official Android Marketplace have been found to contain a virus.
Analysis suggests that the booby-trapped apps may have been downloaded up to 200,000 times. The apps are also known to be available on unofficial Android stores too. Once a booby-trapped application is installed and run, the virus lurking within, known as DroidDream, sends sensitive data, such as a phone's unique ID number, to a remote server. It also checks to see if a phone has already been infected and, if not, uses known exploits to bypass security controls and give its creator access to the handset. This bestows the ability to install any code on a phone or steal any information from it.
Remote removal of the booby-trapped apps may not solve all the security problems they pose. The remote kill switch will not remove any other code that may have been dropped onto the device as a result of the initial infection.
The open nature of the Android platform was a boon and a danger, and as Facebook have already discovered it is also a very attractive criminal playground.
http://www.bbc.co.uk/news/technology-12633923
How safe is your smartphone?
Smartphones and social networking sites are likely to become the next big target for cyber criminals, according to a security industry report.
Symantec's annual threat analysis warns that the technologies are increasingly being used to spread malicious code.
Users of Facebook, Twitter and Google's mobile operating system, Android, are said to be particularly vulnerable.
In several cases, the security holes were exploited and used to install harmful software on Android handsets - suggesting that criminals now view smartphone hacking as a potentially lucrative area.
At least six different varieties of malware were discovered hidden in applications that were distributed through a Chinese download service.
Several pieces of malware were also found on iPhones, however only devices that had been "jailbroken" to bypass Apple's security were affected.
The company's process of pre-vetting all new applications is believed to have spared its devices from a major attack.
The company estimates that one in six links posted on Facebook pages are connected to malicious software.
http://www.bbc.co.uk/news/technology-12967254
Newly discovered malicious software dubbed "MACDefender" takes aim at users of the Mac OS X operating system by automatically downloading a file through JavaScript. But users must also agree to install the software, leaving the potential threat limited.
The new MACDefender malware was first noted on April 30, 2011 by users of the Apple Support Communities, and was highlighted on Monday by antivirus company Intego. If the right settings are enabled in Apple's Safari browser, MACDefender can be downloaded to a system after a user clicks a link while searching the Internet.
"When a user clicks a link after performing a search on a search engine such as Google, this takes them to a web site whose page contains JavaScript that automatically downloads a file," Intego said. "In this case, the file downloaded is a compressed ZIP archive, which, if a specific option in a web browser is checked (Open 'safe' files after downloading in Safari, for example), will open."
However, users must still agree to install the malware after it downloads. After the ZIP file is extracted, users are presented with the "MACDefender Setup Installer," at which point they must agree to continue and provide an administrator password.
Because of the fact that users must agree to install the software and provide a password, Intego categorized the threat with MACDefender as "low."
Users on Apple's support forums advise killing active processes from the application using the Mac OS X Activity Monitor. MACDefender can then be deleted from the Applications folder by dragging it into the trash.
The malware is not to be confused with MacDefender, the maker of geocaching software including GCStatistic and DTmatrix. The company noted on its site it is not affiliated with the malware.
Malware spreads through search engines like Google via a method known as "SEO poisoning." The sites are designed to game search engine algorithms and show up when users search for certain topics. -
UPS Trojan affects date/time settings!
A few weeks ago, my mother checked her e-mail and the UPS trojan came up in her inbox. She accidentally clicked it, and the computer now has it. I scanned the computer with ClamXav and it found and removed it. After a week, it was back. If I can get some help pinpointing the issue, and a program that would better remove malware, that would be great! I was thinking of reformatting the mac, but wanted to check all my options beforehand. Thanks to anyone in advance who can help!!
You may find this User Tip on Viruses, Trojan Detection and Removal, as well as general Internet Privacy, useful:
http://discussions.apple.com/thread.jspa?threadID=1764179&tstart=0
Regarding MacScan, First update the MacScan malware definitions before scanning. You can also contact their support team for any additional support - [email protected]
Security of OS X generally:
http://www.apple.com/macosx/security/
http://www.nsa.gov/ia/_files/os/applemac/I731-007R-2007.pdf
Security Configuration for Version 10.5 Leopard:
http://images.apple.com/server/macosx/docs/LeopardSecurity_Config_2ndEd.pdf
This Blog entry is also worth a read:
http://blog.damballa.com/?p=1055
UPDATES:
Another source of malware, apart from sites like Facebook and Hotmail, is the Android Marketplace:
More than 50 applications available via the official Android Marketplace have been found to contain a virus.
Analysis suggests that the booby-trapped apps may have been downloaded up to 200,000 times. The apps are also known to be available on unofficial Android stores too. Once a booby-trapped application is installed and run, the virus lurking within, known as DroidDream, sends sensitive data, such as a phone's unique ID number, to a remote server. It also checks to see if a phone has already been infected and, if not, uses known exploits to bypass security controls and give its creator access to the handset. This bestows the ability to install any code on a phone or steal any information from it.
Remote removal of the booby-trapped apps may not solve all the security problems they pose. The remote kill switch will not remove any other code that may have been dropped onto the device as a result of the initial infection.
The open nature of the Android platform was a boon and a danger, and as Facebook have already discovered it is also a very attractive criminal playground.
http://www.bbc.co.uk/news/technology-12633923
How safe is your smartphone?
Smartphones and social networking sites are likely to become the next big target for cyber criminals, according to a security industry report.
Symantec's annual threat analysis warns that the technologies are increasingly being used to spread malicious code.
Users of Facebook, Twitter and Google's mobile operating system, Android, are said to be particularly vulnerable.
In several cases, the security holes were exploited and used to install harmful software on Android handsets - suggesting that criminals now view smartphone hacking as a potentially lucrative area.
At least six different varieties of malware were discovered hidden in applications that were distributed through a Chinese download service.
Several pieces of malware were also found on iPhones, however only devices that had been "jailbroken" to bypass Apple's security were affected.
The company's process of pre-vetting all new applications is believed to have spared its devices from a major attack.
The company estimates that one in six links posted on Facebook pages are connected to malicious software.
http://www.bbc.co.uk/news/technology-12967254
Maybe you are looking for
-
SAP Business Workplace - No log data exists message
Hi, We have the work items of EDI 810 configured to reach the workflow inbox of certain users. The users have 300+ items in their workflow inbox - but when they click the Workflow Inbox they get a message - "No log data exists". The message is an er
-
How to get a single particle image after particle analysis in vision development toolkit
Hi all, After a long time I am here again to find out some solutions regarding image processing. I have an RGB image with a number of particles in it. For processing I have made it binary image and then particle analysis function is used. It is showi
-
Help opening an image in Elements11
When I tap on an image in my Window's photo folder, a selection of programs pop up, but PS Elements is not one of the. When I press on browse, PS Elements 11 can not be found. Signed: basket case.
-
Cannot play DVDs when connected to TV
Hi guys, I have a first generation Titanium PowerBook G4 (400MHz). Still using System 9.2. Anyway, the DVD player works fine in the notebook by itself. When I connect to my Sony Wega through a S-video cable, I can see the desktop but the DVD player w
-
I am trying to start the text off the page and scroll onto the page; however, I cannot figure it out. I followed the SourceSansPro file and copied the exact layout, but on my website the text does not scroll onto the screen. Any help?