Fwd: [X4U] New Trojan threatens Macs with installer...

[Randy B. Singer]

On Nov 21, 2008, at 11:53 PM, Shawn King wrote:
>
> But why can't the same be said of Intego in the same situation? The  
> found a
> threat, sounded the alarm before investigating the threat only to  
> find no
> threat at all.

Because, once again, they are selling AV software, they aren't  
journalists.  What customers want is for Intego to report about new  
threats and get out new definitions ASAP.  That's what customers are  
paying for.

And even if a new bit of malware has zero distribution, it isn't "no  
threat at all."  Any new bit of malware has to be looked upon as a  
potential template for future threats.  Many malware threats are  
simply slightly modified versions of old threats.

>
>>> Do you really think that, as informed as you seem to be that you
>>> might get
>>> caught out by some new outbreak?
>
>> It has happened in the Windows world, so I presume it can happen to
>> us.
>
> Lots of things happen in the Windows would that make no sense for  
> Mac users
> to worry about

You asked if it was possible to be caught by an outbreak before  
hearing about it in the press and on the Internet.  The answer is  
that theoretically, based on the best evidence, it is.

> but I wasn't talking about "us" - I was talking about *you*
> specifically.

I answered your question.  I'm not worried for myself.  I don't think  
that ordinary Mac users need to have AV software at all.  However,  
there are Mac users (a small minority) who have determined that they  
do need to have AV software for their needs.  Businesses with  
networks would be foolish not to have AV software, for instance.  It  
is just prudent.

>
>> I've heard of malware that could infect hundreds of
>> thousands of PC's in just hours:
>> http://www.yuikee.com.hk/press/release/1999-03_MELISSA.htm.en
>
> Wow! That's......from almost 10 years ago. Is that the best  
> evidence you
> have?

I just did a quick Google search for viruses that quickly spread.   
I'll leave it to you to do the same if you want other examples.   
While the Mac and Windows are different, the general concept of how  
malware works is similar.  I'm not foolish enough to believe that the  
Macintosh is immune to malware.  I just believe that OS X was  
designed to be secure and that it is very very hard to write malware  
for it.  After 8 years I wonder if there will ever be an actual virus  
for OS X (as opposed to a Trojan Horse, which already exist for the  
Mac).  But I don't believe that  it is impossible.

>
>> Intego appears to be offering that to Macintosh users looking for it.
>
> And to others, it appears that Intego is selling snake oil.

Intego isn't going around telling everyone that they all need to have  
AV software.  They offer a product for those folks that feel that  
they need AV software, and their product is a really good one.   
Actually probably the best one for the Macintosh.  There are those  
that feel that just by offering their product and reporting on  
potential threats to the Macintosh as they come up that Intego is  
engaged in some sort of conspiracy.  I think that view is childish.   
They offer a product and they have to promote it, just like anyone  
else.  I don't think that they have ever done so irresponsibly.  The  
consumer has to make an educated choice as to whether or not they  
need such a product.

Most ordinary Mac users feel that there are absolutely no malware  
threats that are relevant to Mac users, and that the Mac is immune to  
malware.  Neither is true.  There are now several Trojan Horses for  
the Mac, and there are a bunch of Word and Excel macro viruses.   
These threats aren't terribly common, and they are fairly easy to  
avoid if you know how.  So an educated ordinary Mac user can be fine  
without any AV software.  But if you are a business person who  
exchanges a lot of documents with macros in them, having AV software  
is a really good idea.  In fact, if you are a business person at all,  
AV software is probably good to have just as a best practice.  If you  
regularly engage in risky computing practices (like peer to peer file  
sharing services, or surfing a lot of questionable Web sites), it  
might be a good idea to have AV software.

I'm not an advocate of using AV software.  Just the opposite, I think  
that people who go around telling all Mac users that they need AV  
software are full of it.  But I don't think that a company like  
Intego (which is a Mac-only company, and they make great products) is  
dishonest or evil, and I do think that there are a very few folks who  
want and/or need AV software.  For those folks Intego makes an  
excellent solution.