[X4U] Flashback Followup

Randy B. Singer randy at macattorney.com
Sun Apr 8 02:59:29 PDT 2012 

I sent this message out to my user group today.  I thought that the  
folks on this discussion list might be interested in it.

This is a followup to my previous message about Flashback (which, by  
the way, at this point is not technically a Trojan, since it can  
infect your computer with no warning or user interaction whatsoever,  
simply by you visiting a malicious, or just an infected, Web site.) I  
thought that everyone would appreciate more information.

I've now sent out a mailing to over 9,000 subscribers of The  
MacAttorney Newsletter about Flashback, and I've posted about it on a  
dozen Mac discussion lists. So I've reached somewhere around 20,000  
Mac users. Users have rushed to check to see if they were infected.  
So far, not a single user of the many who have written back has been  
infected with Flashback.

While I have no doubt that Flashback is real, and that it is a good  
idea to do all that you can to protect yourself from it, I'm  
beginning to think that much of this scare was hype invented by anti- 
virus software firms in Russia, from whom the original report eminated.

Some research on the Web turns up reports that the "600,000 infected  
machines" written about may not have necessarily been Macs. That  
number likely includes other OS's, the proportion of which to Macs is  
unknown. (i.e. It may be that mostly Windows computers were infected,  
and very few Macs.)

Daring Fireball (written by widely respected John Gruber), a very  
popular Mac blog, a few days ago posted about Flashback:
<http://daringfireball.net/linked/2012/04/05/flashback>
As of last Thursday, he says he has heard from "about a dozen or so  
Daring Fireball readers whove been hit by this."

The problem is that when there is a panic about a new virus, there  
will always be a few folks who aren’t deep thinkers who will rush to  
tell you that they have been infected based on any change in their  
computer, or even in their lives, real or imagined. Once you manage  
to elicit the details from them, it becomes obvious that their report  
isn't credible.

Also, the media has reported that “security experts” have confirmed  
that Flashback is a huge threat. There is a problem with consulting  
with security experts. I call it the “to a hammer, everything looks  
like a nail” problem. These are folks who have been trained to  
recognize the millions of viruses that exist for Windows. To them,  
everything in the entire world is a huge security threat. I've never  
heard of a security expert who has said: " Just relax; start worrying  
if and when there are verifiable reports of computers being infected."

I wouldn't be surprised if, after all is said and done, that not a  
single one of us will be infected by Flashback, and not a single one  
of us will know anyone first-hand who has been infected by it.

Now, let me be completely clear, all of the above is not to say that  
you shouldn’t take all necessary steps to protect yourself from  
Flashback. You really should. But you should know that there is no  
reason to get paranoid. Your Mac is still the most secure personal  
computing platform out there. There isn’t a flood of Mac malware  
hitting us. The sky is not falling. It is very important to consider  
the source of any information that you hear about the Macinotsh, and  
that includes the media which doesn’t generally have a clue about the  
Mac. There are, unfortunately, lots of Apple-haters and people with  
various questionable motives in the world.

An interesting blog post:
<http://beyondbridges.net/2012/04/apple-and-the-flashback-trojan/>

Various additional bits that might be helpful:

Macworld now has an article about Flashback:
<http://www.macworld.com/article/1166254/ 
what_you_need_to_know_about_the_flashback_trojan.html>

How to check for and disable Java in OS X
“Java used to be deeply embedded in OS X, but in recent versions of  
the OS it's an optional install. Here is how to check to see if it is  
installed, and how to disable or remove it.”
<http://reviews.cnet.com/8301-13727_7-57408841-263/how-to-check-for- 
and-disable-java-in-os-x/>

Some users have asked if there are any applications in common use  
that will be effected if they totally disable Java on their  
Macintosh. Here are the ones that I know of:
Evernote
MoneyDance
OpenOffice-based suites (i.e. LibreOffice, NeoOffice, OpenOffice/Mac)

I hope that you find this message useful.

___________________________________________
Randy B. Singer
Co-author of The Macintosh Bible (4th, 5th, and 6th editions)

Macintosh OS X Routine Maintenance
http://www.macattorney.com/ts.html
___________________________________________

More information about the X4U mailing list