At 9:48 AM -0400 4/6/2012, Kristina Rost wrote:
<http://www.techlicious.com/blog/flashback-malware-hits-600000-macs/>http://www.techlicious.com/blog/flashback-malware-hits-600000-macs/
I read this blog this morning and do not know how to launch the
terminal application [Lion] to check for infection according to the
instructions.
Terminal.app is in /Applications/Utilities/. Launch it just like you
would any other app.
Just copy those commands from the original article, and paste them
into Terminal's window. Be sure to include the carriagereturn at the
end of the last command!
What do you all think about this?
It's annoying. But in the grand scheme of things, no big deal.
0. Recall that Java and JavaScript are two very different things.
"JavaScript" is the public name for ECMA Script, and is used to do
all the pretty things on web pages. "Java" is a full programming
language, now owned by Oracle.
1. This should never have happened. Oracle patched Java quite a
while ago, and Apple totally FAILED to distribute the update in a
timely manner. Apple seems to be making a habit of this. Very bad.
2. Apple isn't making the update available for the Java engines on
older versions of Mac OS X - which leaves them vulnerable.
"Vulnerable" is relative - the hole is there, but as I understand it,
the current trojan doesn't run well in earlier releases, for now.
sigh. Apple's total abandonment of their older userbase is
unacceptable, IMO.
3. Because Java is a dying language, Apple is no longer including it
with OS X by default. So most newer Mac owners don't even have it
installed ... unless they're using one of the many apps that require
it. :\
OTGH, there have been so many Java vulnerabilities that, like Flash,
most people have already disabled it in their browsers.
Keep in mind that this trojan is rather tiny. It doesn't do anything
evil, other than installing itself then waiting for commands from its
botnet (potentially telling it to silently download and install
another payload). Because it runs automatically, as a web page
object, traditional anti-virus products that watch for files on your
hard drive, cannot stop it. So it is *important* that you disable
Java in ALL your browsers.
- Dan.
--
- Psychoceramic Emeritus; South Jersey, USA, Earth.
--
You received this message because you are a member of G-Group, a group for
those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs.
The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette
guide is at http://www.lowendmac.com/lists/netiquette.shtml
To post to this group, send email to g3-5-list@googlegroups.com
For more options, visit this group at http://groups.google.com/group/g3-5-list
