http://mashable.com/2012/04/05/600000-macs-flashback/

Apple closed the hole, and issued 2 Java updates.

This isn't really a problem with OSX, but rather with Java, specifically Java applets and earlier variants may have disguised themselves as Flash player updates. The Steve war on Flash and other third party plugins suddenly makes a lot of sense.

It's kinda easy to require signed updates...

It is, but it's also easy to forge a certificate that says, "Signed by Adobe, Inc" or "Signed by Apple, Inc" and despite the big red warning that says that "This root certificate is not trusted" people will still click anyway.

Can't do much about the problem between the chair and the keyboard.

It is, but it's also easy to forge a certificate that says, "Signed by Adobe, Inc" or "Signed by Apple, Inc" and despite the big red warning that says that "This root certificate is not trusted" people will still click anyway.

Can't do much about the problem between the chair and the keyboard.

And, so, it's not a problem with Java, plugins to the browser, or Flash; but yet idiot Mac and Windows users.

Yep, it's LUSER problem. Flashback is a Trojan Horse—malware disguised as an Adobe Flash update installer—not a virus. You have to click and enter an admin user name and password before it can install itself.

I'm laffin'....

Just spent $499 for a Verisign developer certificate (annual renewal). Mostly, this bypasses a warning in the Windows installation and makes you "feel good" to be an "official developer."

In the back of my mind, I see a greasy old dude in Jersey (apologies, George) who just wants a few dollars or else he might burn your bar down. Protection, youse knows?

Whudda racket.

And, so, it's not a problem with Java, plugins to the browser, or Flash; but yet idiot Mac and Windows users.

Problem is that you just described the majority of home computer owners/users. Particularly over 35. Though, I dont suppose this will be the case a few more years down the road when everyone is assimilated.

PS: You may not see it this way but the majority of members on this forum are not in my experience the average pc user.

Problem is that you just described the majority of home computer owners/users. Particularly over 35. Though, I dont suppose this will be the case a few more years down the road when everyone is assimilated.


With this I agree. I don't even think those under 35 are very skilled either. Sure, they know how to work it, but know nothing of how it works.



PS: You may not see it this way but the majority of members on this forum are not in my experience the average pc user.

And, this I agree with as well.

With this I agree. I don't even think those under 35 are very skilled either. Sure, they know how to work it, but know nothing of how it works.



And, this I agree with as well.

That is a good point. I feel that I have a fair understanding of PC's both as a home user, developer of databases, and for work reasons but some of you guys still make me feel like a nub. xD

And, so, it's not a problem with Java, plugins to the browser, or Flash; but yet idiot Mac and Windows users.

Yep, but the OSX security model is STILL a lot better than Microsoft at preventing these sorts of infections. Had this been a Microsoft virus, it would have self propagated itself pretty much without user intervention.

What's even more impressive is that Apple halved the number of infected by pushing out a simple software update.

I'm laffin'....

Just spent $499 for a Verisign developer certificate (annual renewal). Mostly, this bypasses a warning in the Windows installation and makes you "feel good" to be an "official developer."

In the back of my mind, I see a greasy old dude in Jersey (apologies, George) who just wants a few dollars or else he might burn your bar down. Protection, youse knows?

Whudda racket.

Meh, I install my own CA and use self signed certs... except when deploying public websites in which case our CDN takes care of it nicely by using a subordinate CA.