At 9:48 AM -0400 4/6/2012, Kristina Rost wrote:
<http://www.techlicious.com/blog/flashback-malware-hits-600000-macs/>http://www.techlicious.com/blog/flashback-malware-hits-600000-macs/

I read this blog this morning and do not know how to launch the terminal application [Lion] to check for infection according to the instructions.

Terminal.app is in /Applications/Utilities/. Launch it just like you would any other app.

Just copy those commands from the original article, and paste them into Terminal's window. Be sure to include the carriagereturn at the end of the last command!

What do you all think about this?

It's annoying.  But in the grand scheme of things, no big deal.

0. Recall that Java and JavaScript are two very different things. "JavaScript" is the public name for ECMA Script, and is used to do all the pretty things on web pages. "Java" is a full programming language, now owned by Oracle.

1. This should never have happened. Oracle patched Java quite a while ago, and Apple totally FAILED to distribute the update in a timely manner. Apple seems to be making a habit of this. Very bad.

2. Apple isn't making the update available for the Java engines on older versions of Mac OS X - which leaves them vulnerable. "Vulnerable" is relative - the hole is there, but as I understand it, the current trojan doesn't run well in earlier releases, for now. sigh. Apple's total abandonment of their older userbase is unacceptable, IMO.

3. Because Java is a dying language, Apple is no longer including it with OS X by default. So most newer Mac owners don't even have it installed ... unless they're using one of the many apps that require it. :\

OTGH, there have been so many Java vulnerabilities that, like Flash, most people have already disabled it in their browsers.

Keep in mind that this trojan is rather tiny. It doesn't do anything evil, other than installing itself then waiting for commands from its botnet (potentially telling it to silently download and install another payload). Because it runs automatically, as a web page object, traditional anti-virus products that watch for files on your hard drive, cannot stop it. So it is *important* that you disable Java in ALL your browsers.

- Dan.
--
- Psychoceramic Emeritus; South Jersey, USA, Earth.

--
You received this message because you are a member of G-Group, a group for 
those using G3, G4, and G5 desktop Macs - with a particular focus on Power Macs.
The list FAQ is at http://lowendmac.com/lists/g-list.shtml and our netiquette 
guide is at http://www.lowendmac.com/lists/netiquette.shtml
To post to this group, send email to g3-5-list@googlegroups.com
For more options, visit this group at http://groups.google.com/group/g3-5-list

Reply via email to