Comments on: Macs snow leopard OS less secure than windows http://lancastria.net/blog/macs-snow-leopard-os-less-secure-than-windows.html Neuschwanstein, a castle that belongs in Blackburn Lancashire less the 4000 holes Fri, 18 May 2012 05:09:50 +0000 hourly 1 http://wordpress.org/?v=3.3.2 By: Jim http://lancastria.net/blog/macs-snow-leopard-os-less-secure-than-windows.html#comment-327 Jim Tue, 01 Jun 2010 13:04:01 +0000 http://lancastria.net/blog/?p=1964#comment-327 A spyware application that surreptitiously scans chat logs and hard drives of unsuspecting Mac users has found its way onto three of the more popular download sites, security researchers said Tuesday. Dubbed OSX/OpinionSpy, the spyware is distributed through software available on sites including Softpedia, MacUpdate, and VersionTracker, according to Intego, a provider of anti-virus software for Macs. The app isn't contained in the downloads themselves, but rather gets downloaded during the installation process, Intego said. A Windows version of the program has existed since at least 2008. Once installed, OpinionSpy scans files and folders on all attached hard drives and regularly sends data in encrypted form to several servers, according to Intego. It also injects code into the Safari, Firefox, and iChat applications and mines them for email addresses, message headers, and other data. The program remains active even if the screensaver or other application that was originally downloaded is uninstalled. "The fact that this application collects data in this manner, and that it opens a backdoor, makes it a very serious security threat," Intego researchers wrote. "In addition, the risk of it collecting sensitive data such as user names, passwords and credit card numbers, makes this a very high-risk spyware." A spyware application that surreptitiously scans chat logs and hard drives of unsuspecting Mac users has found its way onto three of the more popular download sites, security researchers said Tuesday.

Dubbed OSX/OpinionSpy, the spyware is distributed through software available on sites including Softpedia, MacUpdate, and VersionTracker, according to Intego, a provider of anti-virus software for Macs. The app isn’t contained in the downloads themselves, but rather gets downloaded during the installation process, Intego said. A Windows version of the program has existed since at least 2008.

Once installed, OpinionSpy scans files and folders on all attached hard drives and regularly sends data in encrypted form to several servers, according to Intego. It also injects code into the Safari, Firefox, and iChat applications and mines them for email addresses, message headers, and other data. The program remains active even if the screensaver or other application that was originally downloaded is uninstalled.

“The fact that this application collects data in this manner, and that it opens a backdoor, makes it a very serious security threat,” Intego researchers wrote. “In addition, the risk of it collecting sensitive data such as user names, passwords and credit card numbers, makes this a very high-risk spyware.”

]]> By: Jim http://lancastria.net/blog/macs-snow-leopard-os-less-secure-than-windows.html#comment-236 Jim Thu, 29 Apr 2010 11:36:59 +0000 http://lancastria.net/blog/?p=1964#comment-236 Apple on Wednesday issued a broad beta distribution of Mac OS X 10.6.4, the fourth planned maintenance and security update for its Snow Leopard operating system that has been under development internally for several weeks. The pre-release software, labeled Mac OS X 10.6.4 build 10F37, made its way to Apple Developer Connection (ADC) members just one day after a more elite set of testers belonging to Apple's Apple Seed program got first licks at the beta. According to people familiar with Wednesday distribution, Apple has asked developers to test four key areas of the system, including graphics drivers, Windows file sharing, USB devices and Voice Over. Although the build released to ADC members on Wednesday is identical to the one issued to Apple Seed members on Tuesday, an emphasis on evaluating Time Machine backups noted in the Apple Seed distribution was not extended to the ADC version. It's unclear what specific issues Mac OS X 10.6.4 will target upon its release, as Apple reportedly stopped short of including a list of enhancements with either of the aforementioned distributions. That said, the updated could arrive sooner than later given that the Mac maker went through 36 builds internally before tapping its developer community to put its weight on the software. Apple listed only one known issue in documentation accompanying Wednesday's build: that iChat will require a password each time it's launched. Apple on Wednesday issued a broad beta distribution of Mac OS X 10.6.4, the fourth planned maintenance and security update for its Snow Leopard operating system that has been under development internally for several weeks.

The pre-release software, labeled Mac OS X 10.6.4 build 10F37, made its way to Apple Developer Connection (ADC) members just one day after a more elite set of testers belonging to Apple’s Apple Seed program got first licks at the beta.

According to people familiar with Wednesday distribution, Apple has asked developers to test four key areas of the system, including graphics drivers, Windows file sharing, USB devices and Voice Over.

Although the build released to ADC members on Wednesday is identical to the one issued to Apple Seed members on Tuesday, an emphasis on evaluating Time Machine backups noted in the Apple Seed distribution was not extended to the ADC version.

It’s unclear what specific issues Mac OS X 10.6.4 will target upon its release, as Apple reportedly stopped short of including a list of enhancements with either of the aforementioned distributions.

That said, the updated could arrive sooner than later given that the Mac maker went through 36 builds internally before tapping its developer community to put its weight on the software.

Apple listed only one known issue in documentation accompanying Wednesday’s build: that iChat will require a password each time it’s launched.

]]>