[Micronet] Heads up - Remote root hole in Samba

classic Classic list List threaded Threaded
15 messages Options
Reply | Threaded
Open this post in threaded view
|

[Micronet] Heads up - Remote root hole in Samba

Jonathan Felder-2
https://www.samba.org/samba/security/CVE-2012-1182

--
Jon

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

[Micronet] Update on Apple malware woes....

Baril
To all,

Update on the Apple "malware" java bot-thingy......;-)

http://threatpost.com/en_us/blogs/apple-developing-fix-flashback-malware-041112?utm_source=Threatpost&utm_medium=Tabs&utm_campaign=Today%27s+Most+Popular

Best,

Roy

--
Roy A. Baril
Director of Technology
Graduate School of Journalism
University of California
121 North Gate Hall
Berkeley, CA 94720
510-643-9215 -- Work
510-643-9136 -- Fax
925-352-9543 -- Cell


 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] Update on Apple malware woes....

Robert Hiramoto
Hi everyone,

Lifehacker (via Gizmodo) are reporting that F-Secure has released a tool
that claims to remove this malware.

Has anyone tested this tool?

http://gizmodo.com/5901095/the-easiest-way-to-check-for-and-remove-the-mac-flashback-trojan


~Robert

On Wed, 11 Apr 2012 11:14:14 -0700, "Roy A. Baril" <[hidden email]>
wrote:
> To all,
>
> Update on the Apple "malware" java bot-thingy......;-)
>
>
http://threatpost.com/en_us/blogs/apple-developing-fix-flashback-malware-041112?utm_source=Threatpost&utm_medium=Tabs&utm_campaign=Today%27s+Most+Popular

>
> Best,
>
> Roy
>
> --
> Roy A. Baril
> Director of Technology
> Graduate School of Journalism
> University of California
> 121 North Gate Hall
> Berkeley, CA 94720
> 510-643-9215 -- Work
> 510-643-9136 -- Fax
> 925-352-9543 -- Cell
>
>
>  
>
-------------------------------------------------------------------------
> The following was automatically added to this message by the list
server:
>
> To learn more about Micronet, including how to subscribe to or
unsubscribe
> from its mailing list and how to find out about upcoming meetings,
please
> visit the Micronet Web site:
>
> http://micronet.berkeley.edu
>
> Messages you send to this mailing list are public and world-viewable,
and
> the list's archives can be browsed and searched on the Internet.  This
> means these messages can be viewed by (among others) your bosses,
> prospective employers, and people who have known you in the past.

--
*******************************************************************
Robert Hiramoto
IT Manager
Institute for Research on Labor & Employment
University of California, Berkeley
2521 Channing Way
Berkeley, CA 94720-5555


Phone:  (510) 643-3903
Fax:  (510) 642-6432


Office Hours:
Monday - Friday:  8:00 am to 4:00 pm

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] Update on Apple malware woes....

Baril
I just downloaded and tested the tool. I had no problems downloading it
and installing it. I ran it and it found no Flashback malware.

Best,

Roy

On 4/11/2012 11:45 AM, Robert Hiramoto wrote:

> Hi everyone,
>
> Lifehacker (via Gizmodo) are reporting that F-Secure has released a tool
> that claims to remove this malware.
>
> Has anyone tested this tool?
>
> http://gizmodo.com/5901095/the-easiest-way-to-check-for-and-remove-the-mac-flashback-trojan
>
>
> ~Robert
>
> On Wed, 11 Apr 2012 11:14:14 -0700, "Roy A. Baril"<[hidden email]>
> wrote:
>> To all,
>>
>> Update on the Apple "malware" java bot-thingy......;-)
>>
>>
> http://threatpost.com/en_us/blogs/apple-developing-fix-flashback-malware-041112?utm_source=Threatpost&utm_medium=Tabs&utm_campaign=Today%27s+Most+Popular
>> Best,
>>
>> Roy
>>
>> --
>> Roy A. Baril
>> Director of Technology
>> Graduate School of Journalism
>> University of California
>> 121 North Gate Hall
>> Berkeley, CA 94720
>> 510-643-9215 -- Work
>> 510-643-9136 -- Fax
>> 925-352-9543 -- Cell
>>
>>
>>
>>
> -------------------------------------------------------------------------
>> The following was automatically added to this message by the list
> server:
>> To learn more about Micronet, including how to subscribe to or
> unsubscribe
>> from its mailing list and how to find out about upcoming meetings,
> please
>> visit the Micronet Web site:
>>
>> http://micronet.berkeley.edu
>>
>> Messages you send to this mailing list are public and world-viewable,
> and
>> the list's archives can be browsed and searched on the Internet.  This
>> means these messages can be viewed by (among others) your bosses,
>> prospective employers, and people who have known you in the past.

--
Roy A. Baril
Director of Technology
Graduate School of Journalism
University of California
121 North Gate Hall
Berkeley, CA 94720
510-643-9215 -- Work
510-643-9136 -- Fax
925-352-9543 -- Cell


 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] Update on Apple malware woes....

Tom Holub
Apple's response so far is pretty weak.  "We're working with ISPs to take down
the infected machines"?  Seriously?

I think within the next couple of weeks we'll see a patch released for Leopard
as Apple goes into PR spin mode.  And they may wind up getting forced to
provide better lifecycle support for legacy OSes in general.

On 4/11/12 12:35 PM, Roy A. Baril wrote:

> I just downloaded and tested the tool. I had no problems downloading it
> and installing it. I ran it and it found no Flashback malware.
>
> Best,
>
> Roy
>
> On 4/11/2012 11:45 AM, Robert Hiramoto wrote:
>> Hi everyone,
>>
>> Lifehacker (via Gizmodo) are reporting that F-Secure has released a tool
>> that claims to remove this malware.
>>
>> Has anyone tested this tool?
>>
>> http://gizmodo.com/5901095/the-easiest-way-to-check-for-and-remove-the-mac-flashback-trojan
>>
>>
>> ~Robert
>>
>> On Wed, 11 Apr 2012 11:14:14 -0700, "Roy A. Baril"<[hidden email]>
>> wrote:
>>> To all,
>>>
>>> Update on the Apple "malware" java bot-thingy......;-)
>>>
>>>
>> http://threatpost.com/en_us/blogs/apple-developing-fix-flashback-malware-041112?utm_source=Threatpost&utm_medium=Tabs&utm_campaign=Today%27s+Most+Popular
>>> Best,
>>>
>>> Roy
>>>
>>> --
>>> Roy A. Baril
>>> Director of Technology
>>> Graduate School of Journalism
>>> University of California
>>> 121 North Gate Hall
>>> Berkeley, CA 94720
>>> 510-643-9215 -- Work
>>> 510-643-9136 -- Fax
>>> 925-352-9543 -- Cell
>>>
>>>
>>>
>>>
>> -------------------------------------------------------------------------
>>> The following was automatically added to this message by the list
>> server:
>>> To learn more about Micronet, including how to subscribe to or
>> unsubscribe
>>> from its mailing list and how to find out about upcoming meetings,
>> please
>>> visit the Micronet Web site:
>>>
>>> http://micronet.berkeley.edu
>>>
>>> Messages you send to this mailing list are public and world-viewable,
>> and
>>> the list's archives can be browsed and searched on the Internet.  This
>>> means these messages can be viewed by (among others) your bosses,
>>> prospective employers, and people who have known you in the past.
>


--
Tom Holub ([hidden email], 510-642-9069)
Director of Computing, College of Letters & Science
101.D Durant Hall
<http://LSCR.berkeley.edu/>


 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] Update on Apple malware woes....

Beth Muramoto
In reply to this post by Baril
Thanks for being a "guinea pig", Roy, Ditto. I ran it and it worked fine for me too. It told me there was no Flashback Malware found. I was relieved that it didn't require an admin log in otherwise I would have been facing a very odious process.

Beth


On Apr 11, 2012, at 12:35 PM, Roy A. Baril wrote:

> I just downloaded and tested the tool. I had no problems downloading it
> and installing it. I ran it and it found no Flashback malware.
>
> Best,
>
> Roy
>
> On 4/11/2012 11:45 AM, Robert Hiramoto wrote:
>> Hi everyone,
>>
>> Lifehacker (via Gizmodo) are reporting that F-Secure has released a tool
>> that claims to remove this malware.
>>
>> Has anyone tested this tool?
>>
>> http://gizmodo.com/5901095/the-easiest-way-to-check-for-and-remove-the-mac-flashback-trojan
>>
>>
>> ~Robert
>>
>> On Wed, 11 Apr 2012 11:14:14 -0700, "Roy A. Baril"<[hidden email]>
>> wrote:
>>> To all,
>>>
>>> Update on the Apple "malware" java bot-thingy......;-)
>>>
>>>
>> http://threatpost.com/en_us/blogs/apple-developing-fix-flashback-malware-041112?utm_source=Threatpost&utm_medium=Tabs&utm_campaign=Today%27s+Most+Popular
>>> Best,
>>>
>>> Roy
>>>
>>> --
>>> Roy A. Baril
>>> Director of Technology
>>> Graduate School of Journalism
>>> University of California
>>> 121 North Gate Hall
>>> Berkeley, CA 94720
>>> 510-643-9215 -- Work
>>> 510-643-9136 -- Fax
>>> 925-352-9543 -- Cell
>>>
>>>
>>>
>>>
>> -------------------------------------------------------------------------
>>> The following was automatically added to this message by the list
>> server:
>>> To learn more about Micronet, including how to subscribe to or
>> unsubscribe
>>> from its mailing list and how to find out about upcoming meetings,
>> please
>>> visit the Micronet Web site:
>>>
>>> http://micronet.berkeley.edu
>>>
>>> Messages you send to this mailing list are public and world-viewable,
>> and
>>> the list's archives can be browsed and searched on the Internet.  This
>>> means these messages can be viewed by (among others) your bosses,
>>> prospective employers, and people who have known you in the past.
>
> --
> Roy A. Baril
> Director of Technology
> Graduate School of Journalism
> University of California
> 121 North Gate Hall
> Berkeley, CA 94720
> 510-643-9215 -- Work
> 510-643-9136 -- Fax
> 925-352-9543 -- Cell
>
>
>
> -------------------------------------------------------------------------
> The following was automatically added to this message by the list server:
>
> To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:
>
> http://micronet.berkeley.edu
>
> Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.

***********************************************
Beth Muramoto
Computer Resource Specialist
Graduate School of Education
University of California, Berkeley
1650 Tolman Hall
Berkeley, CA 94720
Email:  mailto:[hidden email]
Phone:  (510) 643-0203
Fax:  (510) 643-6239

The Formula for Success:  Underpromise, overdeliver.
                                - Tom Peters

You have to decide what your highest priorities are and have the courage to say 'no' to other things."

                                -Stephen Covey

I'm a great believer in luck and I find the harder I work, the more I have of it.

                                -Thomas Jefferson

***********************************************




 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] Update on Apple malware woes....

Beth Muramoto
In reply to this post by Tom Holub
Not surprised really. I agree about the better lifecycle support for legacy OSes as well. I shudder when I hear that they've decided to stop supporting older OSes like Tiger. The "adjustment" can sometimes be "frustrating" and that's the nicest thing I can say about it on a public forum. Hee!


On Apr 11, 2012, at 12:47 PM, Tom Holub wrote:

> Apple's response so far is pretty weak.  "We're working with ISPs to take down
> the infected machines"?  Seriously?
>
> I think within the next couple of weeks we'll see a patch released for Leopard
> as Apple goes into PR spin mode.  And they may wind up getting forced to
> provide better lifecycle support for legacy OSes in general.
>
> On 4/11/12 12:35 PM, Roy A. Baril wrote:
>> I just downloaded and tested the tool. I had no problems downloading it
>> and installing it. I ran it and it found no Flashback malware.
>>
>> Best,
>>
>> Roy
>>
>> On 4/11/2012 11:45 AM, Robert Hiramoto wrote:
>>> Hi everyone,
>>>
>>> Lifehacker (via Gizmodo) are reporting that F-Secure has released a tool
>>> that claims to remove this malware.
>>>
>>> Has anyone tested this tool?
>>>
>>> http://gizmodo.com/5901095/the-easiest-way-to-check-for-and-remove-the-mac-flashback-trojan
>>>
>>>
>>> ~Robert
>>>
>>> On Wed, 11 Apr 2012 11:14:14 -0700, "Roy A. Baril"<[hidden email]>
>>> wrote:
>>>> To all,
>>>>
>>>> Update on the Apple "malware" java bot-thingy......;-)
>>>>
>>>>
>>> http://threatpost.com/en_us/blogs/apple-developing-fix-flashback-malware-041112?utm_source=Threatpost&utm_medium=Tabs&utm_campaign=Today%27s+Most+Popular
>>>> Best,
>>>>
>>>> Roy
>>>>
>>>> --
>>>> Roy A. Baril
>>>> Director of Technology
>>>> Graduate School of Journalism
>>>> University of California
>>>> 121 North Gate Hall
>>>> Berkeley, CA 94720
>>>> 510-643-9215 -- Work
>>>> 510-643-9136 -- Fax
>>>> 925-352-9543 -- Cell
>>>>
>>>>
>>>>
>>>>
>>> -------------------------------------------------------------------------
>>>> The following was automatically added to this message by the list
>>> server:
>>>> To learn more about Micronet, including how to subscribe to or
>>> unsubscribe
>>>> from its mailing list and how to find out about upcoming meetings,
>>> please
>>>> visit the Micronet Web site:
>>>>
>>>> http://micronet.berkeley.edu
>>>>
>>>> Messages you send to this mailing list are public and world-viewable,
>>> and
>>>> the list's archives can be browsed and searched on the Internet.  This
>>>> means these messages can be viewed by (among others) your bosses,
>>>> prospective employers, and people who have known you in the past.
>>
>
>
> --
> Tom Holub ([hidden email], 510-642-9069)
> Director of Computing, College of Letters & Science
> 101.D Durant Hall
> <http://LSCR.berkeley.edu/>
>
>
>
> -------------------------------------------------------------------------
> The following was automatically added to this message by the list server:
>
> To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:
>
> http://micronet.berkeley.edu
>
> Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.

***********************************************
Beth Muramoto
Computer Resource Specialist
Graduate School of Education
University of California, Berkeley
1650 Tolman Hall
Berkeley, CA 94720
Email:  mailto:[hidden email]
Phone:  (510) 643-0203
Fax:  (510) 643-6239

The Formula for Success:  Underpromise, overdeliver.
                                - Tom Peters

You have to decide what your highest priorities are and have the courage to say 'no' to other things."

                                -Stephen Covey

I'm a great believer in luck and I find the harder I work, the more I have of it.

                                -Thomas Jefferson

***********************************************




 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] Update on Apple malware woes....

tedcrum
In reply to this post by Tom Holub
At 12:47 PM 4/11/2012, Tom Holub wrote:
>Apple's response so far is pretty weak.  "We're working with ISPs to take down
>the infected machines"?  Seriously?
>
>I think within the next couple of weeks we'll see a patch released for Leopard
>as Apple goes into PR spin mode.  And they may wind up getting forced to
>provide better lifecycle support for legacy OSes in general.

Support for XP: 11 years and counting.

-tc


 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] Update on Apple malware woes....

Greg Merritt *
"Everybody" still uses XP:

http://www.netmarketshare.com/operating-system-market-share.aspx?qprid=10&qptimeframe=Q&qpcustomb=*1

"Nobody" still uses 10.5:

http://www.netmarketshare.com/operating-system-market-share.aspx?qprid=10&qpcustomb=*2&qptimeframe=Q

Well, not literally, but that is the trend from these stats.  Similar trends from other sources I quickly checked via some Google searches:  a significant fraction of Windows users are using XP, whereas the overwhelming fraction of Mac users are running 10.6 or 10.7.

It is similar with iOS vs. Android:  iPhone users tend to flock to newer OS versions, whereas Android users tend to lag.

-Greg




On Apr 11, 2012, at 1:30 PM, Ted Crum wrote:

> At 12:47 PM 4/11/2012, Tom Holub wrote:
>> Apple's response so far is pretty weak.  "We're working with ISPs to take down
>> the infected machines"?  Seriously?
>>
>> I think within the next couple of weeks we'll see a patch released for Leopard
>> as Apple goes into PR spin mode.  And they may wind up getting forced to
>> provide better lifecycle support for legacy OSes in general.
>
> Support for XP: 11 years and counting.
>
> -tc

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] Update on Apple malware woes....

Tom Holub
Obviously that's at least partly result of the respective vendor's policies;
Apple doesn't let you order an old OS with a new PC, and they don't support
their old OSes in various ways, so people are more likely to be running a
current version.

More fundamentally, Microsoft is still supporting XP because they view
themselves as an enterprise company, and Apple aggressively desupports
software because they view themselves as a consumer company.  Consumers don't
have a 5+ year time horizon on electronics purchases, while enterprises do.
If MS had stopped supporting XP while they only had Vista as an alternative,
they would have lost a ton of customers; Apple's desupporting of Leopard
doesn't change their customer base a bit.

Also, Microsoft got hammered repeatedly in the late 90s and early 00s for
security problems, so they now have a more mature posture towards security PR
than Apple does.  Apple's release about this issue sounds a lot like something
Microsoft would have released in 2001; a bit glib and dismissive, lacking a
real sense of responsibility.

Once they show up on CNN two or three more times they'll change their tune.

On 4/11/12 3:37 PM, Greg Merritt * wrote:

> "Everybody" still uses XP:
>
> http://www.netmarketshare.com/operating-system-market-share.aspx?qprid=10&qptimeframe=Q&qpcustomb=*1
>
> "Nobody" still uses 10.5:
>
> http://www.netmarketshare.com/operating-system-market-share.aspx?qprid=10&qpcustomb=*2&qptimeframe=Q
>
> Well, not literally, but that is the trend from these stats.  Similar trends from other sources I quickly checked via some Google searches:  a significant fraction of Windows users are using XP, whereas the overwhelming fraction of Mac users are running 10.6 or 10.7.
>
> It is similar with iOS vs. Android:  iPhone users tend to flock to newer OS versions, whereas Android users tend to lag.
>
> -Greg
>
>
>
>
> On Apr 11, 2012, at 1:30 PM, Ted Crum wrote:
>
>> At 12:47 PM 4/11/2012, Tom Holub wrote:
>>> Apple's response so far is pretty weak.  "We're working with ISPs to take down
>>> the infected machines"?  Seriously?
>>>
>>> I think within the next couple of weeks we'll see a patch released for Leopard
>>> as Apple goes into PR spin mode.  And they may wind up getting forced to
>>> provide better lifecycle support for legacy OSes in general.
>>
>> Support for XP: 11 years and counting.
>>
>> -tc
>
>  
> -------------------------------------------------------------------------
> The following was automatically added to this message by the list server:
>
> To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:
>
> http://micronet.berkeley.edu
>
> Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.


--
Tom Holub ([hidden email], 510-642-9069)
Director of Computing, College of Letters & Science
101.D Durant Hall
<http://LSCR.berkeley.edu/>


 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] Update on Apple malware woes....

Ryan Lovett
In reply to this post by Greg Merritt *
On Wed, Apr 11, 2012 at 03:37:42PM -0700, Greg Merritt * wrote:
> iPhone users tend to flock to newer OS versions, whereas Android users
> tend to lag.
 
Regarding Android: I would if I could but I can't so I won't. :)

I apply all micro updates, and would apply major and minor updates but the
vendor hasn't released any.

I'd install a custom ROM but there aren't any (yet) that would preserve
all the major functions of the current OS.

Ryan

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] Update on Apple malware woes....

Aron Roberts
In reply to this post by Tom Holub
Several other factors that have collectively contributed to the
situation today where the lion's share (pun intended) of Mac OS X
users are running the two latest OS releases, Mac OS X 10.7 ("Lion")
and Mac OS X 10.6 ("Snow Leopard"), in contrast to the large number of
Windows users who may still be using XP and other non-current
releases:

1. Apple's Mac sales have soared over the last three years, and those
Macs have come with these two newer OSes installed.
2. Apple has made recent OS upgrades inexpensive, at least relative to
its earlier pricing model (e.g. $29 for a single copy retail upgrade
from Mac OS X 10.5 ("Leopard") to 10.6, and $30 for an upgrade to
10.7).
3. Apple has made recent OS upgrades easy to obtain, via its built-in
App Store software.

And equally significant:

4. Six years ago, in January 2006, Apple switched from PowerPC CPUs to
Intel CPUs.  These two most recent OSes only run on the newer Intel
models.

In part, the preponderance of Mac users running the two most recent
Mac OS X versions reflects this wholesale hardware architecture
transition, from PowerPC to Intel.  This is due both to to aging of
the Mac models that can't run those newer OSes - all of which are 6
years old or older, some of these much older - as well as perceived
speed, feature, and software availability advantages of the newer,
Intel-based Macs, which have spurred replacements among the installed
base.

Aron

On Wed, Apr 11, 2012 at 4:50 PM, Tom Holub <[hidden email]> wrote:

> Obviously that's at least partly result of the respective vendor's policies;
> Apple doesn't let you order an old OS with a new PC, and they don't support
> their old OSes in various ways, so people are more likely to be running a
> current version.
>
> More fundamentally, Microsoft is still supporting XP because they view
> themselves as an enterprise company, and Apple aggressively desupports
> software because they view themselves as a consumer company.  Consumers don't
> have a 5+ year time horizon on electronics purchases, while enterprises do.
> If MS had stopped supporting XP while they only had Vista as an alternative,
> they would have lost a ton of customers; Apple's desupporting of Leopard
> doesn't change their customer base a bit.
>
> Also, Microsoft got hammered repeatedly in the late 90s and early 00s for
> security problems, so they now have a more mature posture towards security PR
> than Apple does.  Apple's release about this issue sounds a lot like something
> Microsoft would have released in 2001; a bit glib and dismissive, lacking a
> real sense of responsibility.
>
> Once they show up on CNN two or three more times they'll change their tune.
>
> On 4/11/12 3:37 PM, Greg Merritt * wrote:
>> "Everybody" still uses XP:
>>
>> http://www.netmarketshare.com/operating-system-market-share.aspx?qprid=10&qptimeframe=Q&qpcustomb=*1
>>
>> "Nobody" still uses 10.5:
>>
>> http://www.netmarketshare.com/operating-system-market-share.aspx?qprid=10&qpcustomb=*2&qptimeframe=Q
>>
>> Well, not literally, but that is the trend from these stats.  Similar trends from other sources I quickly checked via some Google searches:  a significant fraction of Windows users are using XP, whereas the overwhelming fraction of Mac users are running 10.6 or 10.7.
>>
>> It is similar with iOS vs. Android:  iPhone users tend to flock to newer OS versions, whereas Android users tend to lag.
>>
>> -Greg
>>
>>
>>
>>
>> On Apr 11, 2012, at 1:30 PM, Ted Crum wrote:
>>
>>> At 12:47 PM 4/11/2012, Tom Holub wrote:
>>>> Apple's response so far is pretty weak.  "We're working with ISPs to take down
>>>> the infected machines"?  Seriously?
>>>>
>>>> I think within the next couple of weeks we'll see a patch released for Leopard
>>>> as Apple goes into PR spin mode.  And they may wind up getting forced to
>>>> provide better lifecycle support for legacy OSes in general.
>>>
>>> Support for XP: 11 years and counting.
>>>
>>> -tc
>>
>>
>> -------------------------------------------------------------------------
>> The following was automatically added to this message by the list server:
>>
>> To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:
>>
>> http://micronet.berkeley.edu
>>
>> Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
>
>
> --
> Tom Holub ([hidden email], 510-642-9069)
> Director of Computing, College of Letters & Science
> 101.D Durant Hall
> <http://LSCR.berkeley.edu/>
>
>
>
> -------------------------------------------------------------------------
> The following was automatically added to this message by the list server:
>
> To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:
>
> http://micronet.berkeley.edu
>
> Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.

 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] Update on Apple malware woes....

Greg Merritt
Really playing devil's advocate here on the "Apple should still support 10.5" issue -- I personally tend to have older computers (but am ditching them almost exclusively for my iPad, that's another topic!) and would love for Apple to support old OS's for ever -- the fact is that Apple can ditch 10.5 support and still be supporting the vast majority of their active installed base.  Ditching XP, on the other hand, means abandoning a huge fraction of the installed Windows base.

In this regard, it doesn't matter how the proportions got to be that way.

-Greg



On Apr 11, 2012, at 5:36 PM, Aron Roberts wrote:

> Several other factors that have collectively contributed to the
> situation today where the lion's share (pun intended) of Mac OS X
> users are running the two latest OS releases, Mac OS X 10.7 ("Lion")
> and Mac OS X 10.6 ("Snow Leopard"), in contrast to the large number of
> Windows users who may still be using XP and other non-current
> releases:
>
> 1. Apple's Mac sales have soared over the last three years, and those
> Macs have come with these two newer OSes installed.
> 2. Apple has made recent OS upgrades inexpensive, at least relative to
> its earlier pricing model (e.g. $29 for a single copy retail upgrade
> from Mac OS X 10.5 ("Leopard") to 10.6, and $30 for an upgrade to
> 10.7).
> 3. Apple has made recent OS upgrades easy to obtain, via its built-in
> App Store software.
>
> And equally significant:
>
> 4. Six years ago, in January 2006, Apple switched from PowerPC CPUs to
> Intel CPUs.  These two most recent OSes only run on the newer Intel
> models.
>
> In part, the preponderance of Mac users running the two most recent
> Mac OS X versions reflects this wholesale hardware architecture
> transition, from PowerPC to Intel.  This is due both to to aging of
> the Mac models that can't run those newer OSes - all of which are 6
> years old or older, some of these much older - as well as perceived
> speed, feature, and software availability advantages of the newer,
> Intel-based Macs, which have spurred replacements among the installed
> base.
>
> Aron
>
> On Wed, Apr 11, 2012 at 4:50 PM, Tom Holub <[hidden email]> wrote:
>> Obviously that's at least partly result of the respective vendor's policies;
>> Apple doesn't let you order an old OS with a new PC, and they don't support
>> their old OSes in various ways, so people are more likely to be running a
>> current version.
>>
>> More fundamentally, Microsoft is still supporting XP because they view
>> themselves as an enterprise company, and Apple aggressively desupports
>> software because they view themselves as a consumer company.  Consumers don't
>> have a 5+ year time horizon on electronics purchases, while enterprises do.
>> If MS had stopped supporting XP while they only had Vista as an alternative,
>> they would have lost a ton of customers; Apple's desupporting of Leopard
>> doesn't change their customer base a bit.
>>
>> Also, Microsoft got hammered repeatedly in the late 90s and early 00s for
>> security problems, so they now have a more mature posture towards security PR
>> than Apple does.  Apple's release about this issue sounds a lot like something
>> Microsoft would have released in 2001; a bit glib and dismissive, lacking a
>> real sense of responsibility.
>>
>> Once they show up on CNN two or three more times they'll change their tune.
>>
>> On 4/11/12 3:37 PM, Greg Merritt * wrote:
>>> "Everybody" still uses XP:
>>>
>>> http://www.netmarketshare.com/operating-system-market-share.aspx?qprid=10&qptimeframe=Q&qpcustomb=*1
>>>
>>> "Nobody" still uses 10.5:
>>>
>>> http://www.netmarketshare.com/operating-system-market-share.aspx?qprid=10&qpcustomb=*2&qptimeframe=Q
>>>
>>> Well, not literally, but that is the trend from these stats.  Similar trends from other sources I quickly checked via some Google searches:  a significant fraction of Windows users are using XP, whereas the overwhelming fraction of Mac users are running 10.6 or 10.7.
>>>
>>> It is similar with iOS vs. Android:  iPhone users tend to flock to newer OS versions, whereas Android users tend to lag.
>>>
>>> -Greg
>>>
>>>
>>>
>>>
>>> On Apr 11, 2012, at 1:30 PM, Ted Crum wrote:
>>>
>>>> At 12:47 PM 4/11/2012, Tom Holub wrote:
>>>>> Apple's response so far is pretty weak.  "We're working with ISPs to take down
>>>>> the infected machines"?  Seriously?
>>>>>
>>>>> I think within the next couple of weeks we'll see a patch released for Leopard
>>>>> as Apple goes into PR spin mode.  And they may wind up getting forced to
>>>>> provide better lifecycle support for legacy OSes in general.
>>>>
>>>> Support for XP: 11 years and counting.
>>>>
>>>> -tc
>>>
>>>
>>> -------------------------------------------------------------------------
>>> The following was automatically added to this message by the list server:
>>>
>>> To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:
>>>
>>> http://micronet.berkeley.edu
>>>
>>> Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
>>
>>
>> --
>> Tom Holub ([hidden email], 510-642-9069)
>> Director of Computing, College of Letters & Science
>> 101.D Durant Hall
>> <http://LSCR.berkeley.edu/>
>>
>>
>>
>> -------------------------------------------------------------------------
>> The following was automatically added to this message by the list server:
>>
>> To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:
>>
>> http://micronet.berkeley.edu
>>
>> Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.


 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] Update on Apple malware woes....

Tom Holub
On 4/11/12 5:46 PM, Greg Merritt wrote:
> Really playing devil's advocate here on the "Apple should still support
> 10.5" issue -- I personally tend to have older computers (but am ditching
> them almost exclusively for my iPad, that's another topic!) and would love
> for Apple to support old OS's for ever -- the fact is that Apple can ditch
> 10.5 support and still be supporting the vast majority of their active
> installed base.  Ditching XP, on the other hand, means abandoning a huge
> fraction of the installed Windows base.
>
> In this regard, it doesn't matter how the proportions got to be that way.

The proportions will be a lot different this summer when Apple releases 10.8
and (presumably) desupports 10.6.

--
Tom Holub ([hidden email], 510-642-9069)
Director of Computing, College of Letters & Science
101.D Durant Hall
<http://LSCR.berkeley.edu/>


 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
Reply | Threaded
Open this post in threaded view
|

Re: [Micronet] Update on Apple malware woes....

Aaron Russo
In reply to this post by Beth Muramoto
Apple responded yesterday with Java Update 2012-003.  It is available
via a 'Software Update'.

More info: http://support.apple.com/kb/HT5242

Best,
Aaron

On 4/11/12 12:58 PM, Beth Muramoto wrote:

> Thanks for being a "guinea pig", Roy, Ditto. I ran it and it worked fine for me too. It told me there was no Flashback Malware found. I was relieved that it didn't require an admin log in otherwise I would have been facing a very odious process.
>
> Beth
>
>
> On Apr 11, 2012, at 12:35 PM, Roy A. Baril wrote:
>
>> I just downloaded and tested the tool. I had no problems downloading it
>> and installing it. I ran it and it found no Flashback malware.
>>
>> Best,
>>
>> Roy
>>
>> On 4/11/2012 11:45 AM, Robert Hiramoto wrote:
>>> Hi everyone,
>>>
>>> Lifehacker (via Gizmodo) are reporting that F-Secure has released a tool
>>> that claims to remove this malware.
>>>
>>> Has anyone tested this tool?
>>>
>>> http://gizmodo.com/5901095/the-easiest-way-to-check-for-and-remove-the-mac-flashback-trojan
>>>
>>>
>>> ~Robert
>>>
>>> On Wed, 11 Apr 2012 11:14:14 -0700, "Roy A. Baril"<[hidden email]>
>>> wrote:
>>>> To all,
>>>>
>>>> Update on the Apple "malware" java bot-thingy......;-)
>>>>
>>>>
>>> http://threatpost.com/en_us/blogs/apple-developing-fix-flashback-malware-041112?utm_source=Threatpost&utm_medium=Tabs&utm_campaign=Today%27s+Most+Popular
>>>> Best,
>>>>
>>>> Roy
>>>>
>>>> --
>>>> Roy A. Baril
>>>> Director of Technology
>>>> Graduate School of Journalism
>>>> University of California
>>>> 121 North Gate Hall
>>>> Berkeley, CA 94720
>>>> 510-643-9215 -- Work
>>>> 510-643-9136 -- Fax
>>>> 925-352-9543 -- Cell
>>>>
>>>>
>>>>
>>>>
>>> -------------------------------------------------------------------------
>>>> The following was automatically added to this message by the list
>>> server:
>>>> To learn more about Micronet, including how to subscribe to or
>>> unsubscribe
>>>> from its mailing list and how to find out about upcoming meetings,
>>> please
>>>> visit the Micronet Web site:
>>>>
>>>> http://micronet.berkeley.edu
>>>>
>>>> Messages you send to this mailing list are public and world-viewable,
>>> and
>>>> the list's archives can be browsed and searched on the Internet.  This
>>>> means these messages can be viewed by (among others) your bosses,
>>>> prospective employers, and people who have known you in the past.
>> --
>> Roy A. Baril
>> Director of Technology
>> Graduate School of Journalism
>> University of California
>> 121 North Gate Hall
>> Berkeley, CA 94720
>> 510-643-9215 -- Work
>> 510-643-9136 -- Fax
>> 925-352-9543 -- Cell
>>
>>
>>
>> -------------------------------------------------------------------------
>> The following was automatically added to this message by the list server:
>>
>> To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:
>>
>> http://micronet.berkeley.edu
>>
>> Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.
> ***********************************************
> Beth Muramoto
> Computer Resource Specialist
> Graduate School of Education
> University of California, Berkeley
> 1650 Tolman Hall
> Berkeley, CA 94720
> Email:  mailto:[hidden email]
> Phone:  (510) 643-0203
> Fax:  (510) 643-6239
>
> The Formula for Success:  Underpromise, overdeliver.
> - Tom Peters
>
> You have to decide what your highest priorities are and have the courage to say 'no' to other things."
>
> -Stephen Covey
>
> I'm a great believer in luck and I find the harder I work, the more I have of it.
>
> -Thomas Jefferson
>
> ***********************************************
>
>
>
>
>  
> -------------------------------------------------------------------------
> The following was automatically added to this message by the list server:
>
> To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:
>
> http://micronet.berkeley.edu
>
> Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.

--
Aaron Russo
IST Unix


 
-------------------------------------------------------------------------
The following was automatically added to this message by the list server:

To learn more about Micronet, including how to subscribe to or unsubscribe from its mailing list and how to find out about upcoming meetings, please visit the Micronet Web site:

http://micronet.berkeley.edu

Messages you send to this mailing list are public and world-viewable, and the list's archives can be browsed and searched on the Internet.  This means these messages can be viewed by (among others) your bosses, prospective employers, and people who have known you in the past.