Question anyone else getting a virus warning while visiting the site today?

exoray said:
Steve and his marketing machine say a lot, doesn't make it fact... Just saying...

And a properly maintained and configured Windows machine would have likely breezed through this exploit as well, mine did as did many others... It's a combination of factors and variables that needed to be met, your Mac as well as many Windows, *nix and mobile OS systems didn't meet that criteria, but that doesn't mean next time you will be so lucky if you pretend it can't happen to you just because Apple says so...
Click to expand...

Well, you have to admit, Macs are generally much "safer" out of the box than PCs.

The Mac OS has been hosted on a Unix backend for a few years now and Macs in general have FAR fewer security issues than PCs do. That being said you DO have to keep your Mac up to date (same goes for the PC) with the latest security patches and OS fixes that Apple releases. Otherwise, you're just asking for trouble, eventually as exploits have been released (and will continue to be released) that target the Apple Macintosh.

I've worked with Macs and PCs for over twenty years and spent 7+ years as a network and computer security administrator for a 5000+ node WAN. From my experience (and the rest of my team's experience), PCs are a security nightmare and take MUCH more work to secure than Macs do. Neither is perfect, but the Mac is closer to it than the PC.

Just like the Mac, it is imperative that you keep your PC as up to date as possible. SOOOOO many systems would be protected from things like this if people just kept their Windows Updates up to date. Unfortunately, many people do not and fall prey to exploits that have been fixed for years....
 
exoray said:
If it's the top Window Alt+F4 works..

Back on topic, again going back to what Art said, if this originated from an SQL inject exploit then likely the original exploit was cross platform for any machine running that version of SQL on any server with said script that was exploited... That include Macs, although Macs and web server is kind of an oxymoron... The payload that was delivered once the server was exploited happened to be Windows Malware this time, but that is hardly a given...
Click to expand...

Yeah, a SQL injection isn't really OS specific. You're just running commands against database software and then doing things like inserting your own entries, modifying scripts, etc. You'd be surprised how many big companies are susceptible to sql injections. And in many cases, it's not due to a flaw in the software. It's just due to poor setup and structure.
 
mrsmartypants said:
Well, you have to admit, Macs are generally much "safer" out of the box than PCs.

The Mac OS has been hosted on a Unix backend for a few years now and Macs in general have FAR fewer security issues than PCs do. That being said you DO have to keep your Mac up to date (same goes for the PC) with the latest security patches and OS fixes that Apple releases. Otherwise, you're just asking for trouble, eventually as exploits have been released (and will continue to be released) that target the Apple Macintosh.

I've worked with Macs and PCs for over twenty years and spent 7+ years as a network and computer security administrator for a 5000+ node WAN. From my experience (and the rest of my team's experience), PCs are a security nightmare and take MUCH more work to secure than Macs do. Neither is perfect, but the Mac is closer to it than the PC.

Just like the Mac, it is imperative that you keep your PC as up to date as possible. SOOOOO many systems would be protected from things like this if people just kept their Windows Updates up to date. Unfortunately, many people do not and fall prey to exploits that have been fixed for years....
Click to expand...
My only counterpoint to this is Macs are ALSO only 25% of the marketplace. They are also not a huge factor in the day to day business world. Grant you, I do not have the years of experience in the field you do, but what sense would it make to beat up on Macs, malware wise, when you are not going to have a broad effect? Macs are increasing in the PC market every year and I would be willing to bet that when Macs catch Windows PCs, we will see a sharp rise in security issues.
 
Sym-Cha said:
Wow I installed Adblock Plus yesterday and finally got rid of most of the annoying ads on the sites that I visit regularly. So from this nasty inconvenience came out something even more beautiful ... no more disturbing ads which also slow down the upload speed.

Thanks rkpetersen,

-Chaim
Click to expand...

You're welcome! It is a great Firefox extension.
 
Qui-Gonzalez said:
My only counterpoint to this is Macs are ALSO only 25% of the marketplace. They are also not a huge factor in the day to day business world. Grant you, I do not have the years of experience in the field you do, but what sense would it make to beat up on Macs, malware wise, when you are not going to have a broad effect? Macs are increasing in the PC market every year and I would be willing to bet that when Macs catch Windows PCs, we will see a sharp rise in security issues.
Click to expand...

A fair counterpoint. Things could very well be a lot different if Mac and the PC's marketplace positions were reversed. Time will definitely tell! :thumbsup
 
Qui-Gonzalez said:
My only counterpoint to this is Macs are ALSO only 25% of the marketplace.
Click to expand...

25%? Maybe if you double or triple most data that I have seen... Most data I have seen shows OS X hovering about 10% worldwide...

But the point is still there, if you are going to hack a site and extort money do you aim for 10% of the users or 90% of the users?

Pure economics...

From my experience (and the rest of my team's experience), PCs are a security nightmare and take MUCH more work to secure than Macs do. Neither is perfect, but the Mac is closer to it than the PC.
Click to expand...

And I would suggest that easily 90% of this "security issue" revolves around 2 points irrelevant of the OS itself...

1. Configuration: Very few Windows PCs are configured correctly, I have never run across an average home owner that runs their PC with a limited user account, they all run full privileged Admin accounts, imagine if the same was true for OS X users all running as Root? On the same configuration aspect Big Box PCs are some of the most ill configured machines there are, yet account for most of the market... Apple on the other hand configures their machines locked down and with limited hardware support thus tightly controlling every aspect of the hardware as well as the software, that does make a difference...

2. Marketshare: There is simply little to no incentive for anyone to hack OS X... Why waste your time writing a hack for maybe 10% of the market when you can deploy a Windows hack and even with a 10% success rate you are likely getting more successful than a 100% perfect OS X attack... It's pure economics and when a exploit like the one we just had here is a business driven exploit to generate money it all boils down to economics...

Any system is only as secure as the weakest link or software running on it as has been and continues to be proven every day across ANY platform, Google Charlie Miller for proof that given incentive (the key) Apple's security crumbles in shame as well... In fact the Mac is "safe" attitude is likely to create a huge vulnerable target when the 'incentive' finally comes around...
 
n0x23 said:
I have a Dell and use XP, but I didn't run into what you're describing.

When it tells you to hit the Y or N key, are you in MS-DOS, or are you running off the Bart disk?
Click to expand...

No when it tells me to hit the Y or N key I'm running off the Bart disk I burnt.
Ive set the keyboard to french standard, but still nothing... my mouse and my keyboard dont work but they are both USB.

Mercury said:
For those who have lost their drives, I had the same thing happen but your data probably isn't really gone. The partition table has probably become corrupted or even missing causing the system to see the drive as having unallocated space. At least this was the case for me. On the 23rd, I scanned everything, took care of the issues, restarted multiple times. No issues. Turned off for the night, the next day both my drives were showing unknown format when I tried to boot up. I scanned the drive with Gparted, which is a bootable partition editor. it showed my secondary as still having data but my boot as being unallocated. Ran Testdisk, which is included, and it scanned the drive and rewrites the partition. Five minutes and it was booting up as normal and all my data was still intact.

I have no idea if this was related to the attacks. Possibly my drive is starting to fail even though it is the newest drive. Now that I've been able to backup everything, I'm going to reformat it and see how it runs. It currently is showing no bad sectors and no impending failures.

Thanks to all the staff who fixed the issue here. Amazing how much I missed dropping by over just one day.
Click to expand...


I'm glad you were able to rescue your data !

On my side, I think everything is lost because my 2 hard drives were mounted in RAID 0.

Fortunatly I've saved more than I thought on my backup drive !
 
MonsieurTox said:
On my side, I think everything is lost because my 2 hard drives were mounted in RAID 0.
Click to expand...

Although harder to recover not impossible in many instances...

Download the free trial of this software, see what it says 'can' be recovered... I'm not suggesting buying this software as it's expensive and I have no experience but it should provide you with some insight on what you might be able to recover and if it's worth pursuing...

If that software can recover your data, it's likely other software can as well, maybe even some freeware or cheapie software...

RAID Data Recovery Software - Rebuild & Repair Crashed RAID Server
 
exoray said:
Although harder to recover not impossible in many instances...

Download the free trial of this software, see what it says 'can' be recovered... I'm not suggesting buying this software as it's expensive and I have no experience but it should provide you with some insight on what you might be able to recover and if it's worth pursuing...

If that software can recover your data, it's likely other software can as well, maybe even some freeware or cheapie software...

RAID Data Recovery Software - Rebuild & Repair Crashed RAID Server
Click to expand...

Thanks Exoray ! Gonna try the trial and see if something could rescued !
 
You must log in or register to reply here.

Similar threads

Art Andrews
Site Updates
Replies
5
Views
1,361
NostromoCrew
NostromoCrew
RPF Staff
  • Locked
  • Sticky
Announcement Profile Posts function has been permanently disabled
Replies
0
Views
625
RPF Staff
RPF Staff
Mouse Vader
Question Getting logged out
Replies
2
Views
613
Mouse Vader
Mouse Vader
BorgHive
Wow rpf turned into massive ad site
2
Replies
38
Views
4,080
justinrowan
J
ArcSpectator
Question In order to sell an item(prop, etc), what exactly is required in this site do so?
Replies
5
Views
1,424
Jintosh
Jintosh
Back
Top