# Symantec trying to scare Mac users...



## Wet Chicken (Sep 11, 2000)

There has been a lot of talk about viruses and Macs lately... mostly by peecee users. They seem to find Macs too good to be true. Now to add to the fire, Symantec and Trend are trying to scare Mac users into buying their products. But are they really needed? This article can help shed some light on the topic 



> Symantec's Self-Serving Ravings Spread Fear, Uncertainty, Doubt about OS X Security
> 
> Be afraid, Mac users. Be very afraid. Mac malware is just around the corner
> 
> ...


Link


----------



## Wet Chicken (Sep 11, 2000)

Here is another article which seems to back up the first one above. Boy, Symantec really shot themselves in the foot this time  

Clickity-Click


----------



## Ciberblade (Sep 22, 2003)

I noticed that these are both opinion/editorial comments -- and not actual research or news


----------



## Wet Chicken (Sep 11, 2000)

Ciberblade said:


> I noticed that these are both opinion/editorial comments -- and not actual research or news


Everything in those articles is based on actual fact. For you that _would_ be news 

However if you feel that you can disprove anything that was said by them, by all means try. We certainly hope that you'll post hard 'research' (_as you put it_) and unbiased facts, and not just "your' opinion. That would be hypocritical now wouldn't it?  

Have a great Easter Ciber :up:


----------



## Stoner (Oct 26, 2002)

Is this like your theory that earth magnets, not gravity, keeps everything from flying off the face of the earth? 

Remember in another discussion we had, I recieved a firewall alert on a link you posted, and you recieved none. I assumed you had no firewall. Well, if you keep inviting 'strangers' into your computer, one day, mr apple, that visitor might just be a hacker that the most recent of many OS X updated versions didn't block........and you're.. violated ...........

I strongly suggest security is just as important on any non wintel PC as a win box. If you never know you've been hacked, you're sure to expose something of importance.....credit card #, SS #........

Better safe than.........sorry 
Get that firewall and something to make sure you're not carrying an unwanted 'passenger'.


----------



## MSY-Houston (Dec 5, 2004)

Note: Mac OSX comes standard with a Firewall and encryption software for everything on your computer.


----------



## Wet Chicken (Sep 11, 2000)

Stoner said:


> Remember in another discussion we had, I recieved a firewall alert on a link you posted, and you recieved none. I assumed you had no firewall.


You seem to assume a lot stoner  To MSY-Houston's point, OS-X comes *STANDARD* with an incredible firewall and built-in encryption. Firefox has been over rated by 13 year old propeller-heads for years (_nothing against 13 year old propeller-heads_) and it looks like you bought the sales pitch for Firefox hook-line- and sinker   You probably just got what they call a 'false-positive'. Black Ice does this too to make the person 'think' they're being protected, especially when other firewalls don't give the 'warning' on that site  You've been doped stoner, sorry  God only knows who's been lurking around on your computer, but I'd look into these false-positives if I were you. Wouldn't want to see anything bad happen to your computer if those Earth's magnets you were talking about stop working


----------



## Stoner (Oct 26, 2002)

Firefox is a browser, WC....not a firewall 

And that suposed 'false positive' was posted. It existed and you never knew it 

I suggest you review your 'firewall' 

But to the issue of all the spyware you had on that win system......why?
I know how most people pick it up, but how did you?


----------



## Stoner (Oct 26, 2002)

Wet Chicken said:


> ...................Wouldn't want to see anything bad happen to your computer if those Earth's magnets you were talking about stop working


LOL!...........
Still believe in them........don't you?........*LOL! *


----------



## Wet Chicken (Sep 11, 2000)

Stoner said:


> Firefox is a browser, WC....not a firewall


Yes I know that, but it doesn't matter regarding this because whatever gave you the false-positive is the issue 



> And that suposed 'false positive' was posted. It existed and you never knew it


Apparently you don't know what a false positive is  I'll send you some links later and you can read up on them


----------



## Stoner (Oct 26, 2002)

Wet Chicken said:


> Yes I know that, but it doesn't matter regarding this because whatever gave you the false-positive is the issue
> 
> Apparently you don't know what a false positive is  I'll send you some links later and you can read up on them


Perhaps you are confused? 
Firefox is not a firewall and is not associated with my firewall other than I have configured the firewall to stop certain activities.
One of those activities is not allowing any program that is internet aware, to connect to another computer without my permission.

That link you posted was to a forum.
I had an immediate response from my firewall that the link you posted was requesting my computer to link to another site I didn't authorize.

Your computer allowed that activity, allowed unrestricted outbound connections, my firewall prevented it.
Again, I suggest you review what you can do to tighten up your security, it could be better, IMHO.


----------



## Wet Chicken (Sep 11, 2000)

Stoner said:


> LOL!...........
> Still believe in them........don't you?........


Actually two other posters posted links to NASA research that substantiated this. Can't help it if you're not on the cutting edge of science


----------



## Wet Chicken (Sep 11, 2000)

Stoner said:


> That link you posted was to a forum.
> I had an immediate response from my firewall that the link you posted was requesting my computer to link to another site I didn't authorize.
> 
> Your computer allowed that activity, allowed unrestricted outbound connections, my firewall prevented it.


The fact that your system denied access to the site and mine didn't is *no* indication of a security issue. There is no reason you shouldn't have been able to access the forum even with a firewall turned on. In fact it sounds like stoner you don't really understand how the firewall should be set up or even used. Requiring specific "authorization" to access a web site *isn't* security, its _obsessive compulsiveness_  

...ROFL!!!


----------



## Stoner (Oct 26, 2002)

Wet Chicken said:


> The fact that your system denied access to the site and mine didn't is *no* indication of a security issue. There is no reason you shouldn't have been able to access the forum even with a firewall turned on. In fact it sounds like stoner you don't really understand how the firewall should be set up or even used. Requiring specific "authorization" to access a web site *isn't* security, its _obsessive compulsiveness_
> 
> ...ROFL!!!


You're still missing the point.
I did access that forum with out any interference.
The forum connection was not blocked.

It was a redirected outbound connection that was stopped. 
Your settings seem to allow any connection to occur on the outbound, to connections you aren't aware of.
Which is also a major flaw in win XP firewall, IMO.
But not my firewall.

I would consider your condition pretty risky, not knowing who you're connecting to and depending wholly on the 'invincibility' of your software.

Surely there are settings you can adjust?


----------



## Stoner (Oct 26, 2002)

Wet Chicken said:


> Actually two other posters posted links to NASA research that substantiated this. Can't help it if you're not on the cutting edge of science


You forgot to mention the effects are inconsequential


----------



## Wet Chicken (Sep 11, 2000)

Stoner said:


> Surely there are settings you can adjust?


We don't just visit the forum through our Mac. We also go there with our *_cough, cough_* PC which has Zone Alarm *PRO* on it and *nothing* pops up then either  Without seeing the actual alert that you received I can't say if it's a big deal or not, but from what I've seen so far it's just a false positive on your firewalls part


----------



## Stoner (Oct 26, 2002)

No, a virus alert would have been a false positive.
My firewall stopped an unwanted outbound connection to a computer I was not wishing to connect to. 
Perhaps your firewall settings on the win box weren't restrictive enough. I'm not familiar with Zone Alarm. I'm using Norton 2000, which is AtGuard , plus a firewall router.

Went back to that link, my firewall still stops that outside connection.
A matter of fact, most links at that site bring up a firewall alert and they're all the same address.
I know it's not malicious, it's an apple address, but there's absolutely no reason for the connection.
Perhaps you have been linking to addresses that were less than honorable , in the past and not knowing it. Something to think about.

If Gates did this at a site, even I would wonder about his attempt at 'world domination' ( j/k  )


----------



## Wet Chicken (Sep 11, 2000)

Could you post the alert? I really think it's nothing but I'd still like to see what it's saying  Thanks.


----------



## Stoner (Oct 26, 2002)

Wet Chicken said:


> Could you post the alert? I really think it's nothing but I'd still like to see what it's saying  Thanks.


Here ya go.
Remember, in this case it's not who that's the issue, it's that it's not being blocked on your end, IMO.
That's an outward bound connection without permission.


----------



## kunta (Jun 17, 2004)

I am a mac newbie(virgin) . I have a mac os10 that keeps refusing to download email content. It will download the header for the email... ie.. the the name, subject etc... but not the content of the email. weird....
There is another mac osx that is setup the same way using the same pop account that is not having this problem. I rebooted the machine and then everything worked...for a while and then content disappeared again.

When I open an email i get the message that the email needs to be downloaded from the server.

I was gonna ask about antivirus, firewalls and spyware protection when I came across this post.

Any suggestions?
Thanks


----------



## MSY-Houston (Dec 5, 2004)

Hi,

You might want to start a new thread as an Apple OSX Email Problem. Make sure you include as many details as possible, such as:

What OS version are you running?
What email software are you using? (Or are you connecting through a browzer?)
How much RAM do you have?
Do you have more than one user setup on the affected computer?


----------



## Wet Chicken (Sep 11, 2000)

Stoner said:


> Here ya go.


I don't see anything wrong with that. All it says is that firefox wants to go to the internet and that there is ads on the internet. Big deal, there are ads on this site too. Why do you think that's so bad?


----------



## Stoner (Oct 26, 2002)

Because I'm not talking ads 
I'm discussing your firewall.

It is interesting that of all the ads that come into my computer, especially at sites like NewEgg---a computer parts seller that has thousands of various ads , only ads.applelinks.com sets off an alert, but not yours.

It really is no problem for me, WC......just trying to help a good buddy out


----------



## MSM Hobbes (Apr 23, 2004)

Jack, I don't know for sure, but just guessing could the issue be that your firewall, like my ZoneAlarm Pro on my Win98SE PC will ask for permission unless I tell it (a) not to at all, or (b) not to for specific sites, those that I give positive permission for?

BTW, this site [the one that you were being redirected to, or being asked to view, right] ads.applelinks.com is NOT directly affiliated w/ Apple, the computer/OS firm that you love not to use...   Seriously, this site is:


> About Applelinks Established in 1997, Applelinks.com started out as a small directory of Macintosh-related links that has grown into something far greater. Today, Applelinks.com is A valuable resource for macintosh enthusiast around the world. It boast a top-notch editorial staff that covers up-to-the-minute news, product reviews, software updates, how-to-articles and popular weekly columns. Visitors to the site also enjoy a wide range of 'portal tools' such as free email, web space, discussion forums, shopping, weather, web searches and much much more.
> 
> Applelinks.com is now a recognized leader in the Macintosh user community. In 1999 we were rated "The Ultimate Macintosh Resource" by MacHome Journal and recently, we were selected by Apple Computer for the third straight year as one of only eight internet sites designated to promote Apple's World Wide Developer Conference.
> 
> Applelinks.com continues to strive for excellence by constantly evolving based on industry trends and user feedback. With our diversified collection of websites, targeting different aspects of the Macintosh community, we continue to be the premier online source to the hundreds of thousands of Macintosh users who visit us each month.


----------



## Wet Chicken (Sep 11, 2000)

Stoner said:


> only ads.applelinks.com sets off an alert, but not yours.


My firewall was off at the time  It is on now 

They come off as a default from Apple. Who would of guessed


----------



## Wet Chicken (Sep 11, 2000)

MSM Hobbes said:


> Jack, I don't know for sure, but just guessing could the issue be that your firewall, like my ZoneAlarm Pro on my Win98SE PC will ask for permission unless I tell it (a) not to at all, or (b) not to for specific sites, those that I give positive permission for?


Yeah that's my guess. He just has it set up wrong. It's a preference thing. Nothing at that site was malicious or bad. My Zone Alarm Pro goes off when I try to FTP my server  but that doesn't mean that I'm trying to harm myself 

Regarding the questions asked before about the Mac OS-X firewall, you guys might want to check out the link I provided on this thread :up:


----------



## Stoner (Oct 26, 2002)

Mornin Hobbes 

Looking deeper into the situation, port 8081 is non standard for Http communication.
My firewall is optioned to close all unused ports and give an alert when accessed.
That link in question does make my computer try to initiate an unauthorized outbound communication on a blocked non standard Http port.......just like a trojan would do when calling 'home'.

My 'preference' is to disallow that type of communication. 

WC, as I keep repeating, it's not the site in question, it's how your firewall handles the situation. You allow trojans/spyware to phone home on your win boxes, I don't 


Now it turns out, WC, you forgot to turn your Mac firewall on....tsk..tsk ....


----------



## Wet Chicken (Sep 11, 2000)

Stoner said:


> it's not the site in question, it's how your firewall handles the situation.


There is no 'situation' to handle. That's what you're not getting. How ironic that we would be talking about this in this particular thread about Norton trying to scare people into buying their products  Norton flashes these types of so-called warnings to make the person who bought their software 'feel' safer. Otherwise after a while you'd ask yourself "_why did I spend 50 bucks for software that doesn't do anything_" 

The 'alert' that you posted is a Norton firewall warning that looks like an embedded tag in a web page. Norton is typically rather excitable when reporting this sort of stuff - it's *designed to make a fuss* because, again, otherwise users who have paid for it will end up wondering why they need it.

But the fact that a PC running Norton got this error and a Mac with no software firewall didn't is not the least bit meaningful. As an example, a PC running Firefox with the popup blocker enabled and Norton Internet Security installed can still be configured to produce 'illegal connection' dialogs like this one when a popup tries to activate, when a Mac running Safari with the popup blocker enabled will simply ignore the popup script.

The problem with some commercial firewall applications is that they need to actually *increase the sense of insecurity* in order to justify expenditure on them. Which is typical of how many, if not most, of the software companies producing virus and other malware prevention (_and now AOL_) market themselves. Its important to keep a balance of protecting your investment (_computer and contents_) and responding sanely. Take basic precautions such as turning on the firewall and if you own a peecee then install virus protection and keep it up to date, but the constant paranoid behavior really will not do much for you. In fact a lot of virus threats that make it into the news media are vastly overstated. In short I can only recommend that you take a look at Rob Rosenburg's website at http://www.vmyths.com/


----------



## Stoner (Oct 26, 2002)

Hi WC 

I didn't see anything at that site: http://www.vmyths.com/
about spyware or trojans. You do understand what a virus is? Well, maybe there is some crossover, but that site seems to only address the topic of viruses.
Well I'm still talking about unauthorized outbound connections and a virus is unlikely to be the culprit. My concern is spyware or a trojan that's making an unauthorized connection. It's good that the link you posted was non malicious :up:.... sometimes an outbound connection on a non standard Http port isn't.
When you told me you had 45 or so instances of spyware/malware at any one time, I was rather surprised.
Perhaps this is what you've been seeing all along on your windows boxes. The win boxes you have kept, you might want to tighten up your security.
It really has helped me. I just don't see the problems that many windows uses have that are lax with security.
What you don't let into your machine can't hurt you 



> The 'alert' that you posted is a Norton firewall warning that looks like an embedded tag in a web page.


Yes, an embeded script 'can' be associated with a trojan/spyware trying to link to another computer. Certainly not always, but that one time...whew!... and you have 45 at any one time...sad.

Naturally, this only applies to Windows: Link
and is why Firefox is popular with Win users.

Say, you did notice the address that embeded script was dialing?
My firewall, not my anti virus  , stopped that connection.


----------



## Wet Chicken (Sep 11, 2000)

Whenever I set up a PeeCee I always install kerio personal firewall which is an application aware firewall and will prevent any unauthorized applications going out from your connection.

For Macintosh OSX there is a similar product called *little snitch*. This is a firewall that only deals with outgoing packets, it is application aware so will prevent trojans, spyware and phone home apps from phoning home.


----------



## Stoner (Oct 26, 2002)

Wet Chicken said:


> Whenever I set up a PeeCee I always install kerio personal firewall which is an application aware firewall and will prevent any unauthorized applications going out from your connection.
> 
> ...................


Well, I'm sure you're doing the best you can with what you have :up: and know .

Our discussion really has centered now more on the security problems of Windows that most in this thread, being Mac owners , probably aren't interested in and would rather see a different topic in their forum.

If you like, give me a PM and we can discuss some issues that might help. I'm not an expert , but I have picked up on some things that have definetly helped me. 5 years ago, I had similiar problems, but observing the expert's advice on security, I now seldom see any spyware/malware/adware or trojans.
I did a full install about 3 months ago, and the only 'spyware' found to date was Alexa....and MS put it there ...

Jack


----------



## Wet Chicken (Sep 11, 2000)

The guy who wrote this article is a very wise chicken! A must read for everyone wanting to learn about Mac security :up: 

Clickity-Click :up:


----------



## Stoner (Oct 26, 2002)

You might find this interesting reading also:
http://www.macintouch.com/opener.html


----------



## Skivvywaver (Mar 18, 2001)

Wet Chicken said:


> The guy who wrote this article is a very wise chicken! A must read for everyone wanting to learn about Mac security :up:
> 
> Clickity-Click :up:


----------



## Skivvywaver (Mar 18, 2001)

You had better appreciate my artwork Chicken. :up:


----------



## Wet Chicken (Sep 11, 2000)

Skivvywaver said:


> You had better appreciate my artwork Chicken. :up:


Actually I think it's really cool :up: It's just a shame the Apple isn't one of those cool chrome ones...


----------



## Skivvywaver (Mar 18, 2001)

Chicken, link me to the cool chrome one and I'll make it.


----------



## Wet Chicken (Sep 11, 2000)

Ok I'll see if I can post one tonight. Thanks


----------



## Wet Chicken (Sep 11, 2000)

Stoner said:


> You might find this interesting reading also:


We covered this ad nausium last month  Opener is NOT a virus, spyware or anything else to worry about, but nice try


----------



## Skivvywaver (Mar 18, 2001)

I couldn't find a bigger apple so I had to size the chicken


----------



## Stoner (Oct 26, 2002)

Wet Chicken said:


> We covered this ad nausium last month  Opener is NOT a virus, spyware or anything else to worry about, but nice try


I suggest you read the entire article. It's by Mac enthusiasts and chronicles what they went through.
It did show why you need to consider security and it did reference how 'opener' can be installed without you being aware if you don't pay attention to the threats against Macs. Your OS is really a derivative of Unix...and most malware writers seem to be very familiar with Unix from what I've read in the past, WC.
Did you see this comment in that article:


> In the end, the only sure way to remove *any* malware is to reformat and reinstall OS X on all affected machines on a network


Again, what doesn't enter your computer won't hurt you.

I'm not trying to change your mind on the brand you own, I am trying to convince you that it is risky to take the cavalier attitude toward internet security that you do and especially the attitude you seem to be promoting to others.

Why set your self up for grief, learn the issues. Let's face it, you didn't even have your firewall on till I inadvertently prodded you.
You may already be hacked.
From what another member posted and withdrew because of TSG rules, An outsider can sieze root across the internet under certain conditions and the owner won't necessarily know it immediately.

The deal still goes on your remaining Windows computers. PM me if you're interested.


----------



## Wet Chicken (Sep 11, 2000)

Stoner said:


> Again, what doesn't enter your computer won't hurt you.


I know how 'concerned' you are stoner about my security but I'm telling you that my Mac is more secure then your Windows computer. Really  Now I could try to explain to you in great detail why this is so, but I'd rather just post a screen-shot of the test results of my firewall for you. Read them very closely stoner  Notice where is says how unusually secure it is and how it's *COMPLETELY* stealth 

This is the Mac firewall, straight out of the box, no configuring, just turn it on :up:


----------



## Stoner (Oct 26, 2002)

Ummm....no, ....you posted your results over in random. Didn't look bad, didn't look great either.
I left instructions over there on how to completely stealth your computer.
I am glad to see I am having an influence on your attempts for good security :up:

And yes, I've gotten those results you just posted here for quite some time 

I've been using Steve Gibson's site for some 4 years to test my firewall. He's one of the good guys on the internet......:up:


----------



## Wet Chicken (Sep 11, 2000)

Stoner said:


> I am glad to see I am having an influence on your attempts for good security


Well I don't want to burst your bubble, so I'll just let you keep thinking that 



> I've been using Steve Gibson's site for some 4 years to test my firewall. He's one of the good guys on the internet......:up:


Yeah he was one of the first ones to talk about this stuff. I've always liked his work :up:


----------



## Stoner (Oct 26, 2002)

I did get you to turn on your firewall


----------



## Wet Chicken (Sep 11, 2000)

Inadvertently  I thought it was on by default, but it wasn't. It was an Apple tech who told me I had to turn it on  I still don't understand why it wouldn't be on by default


----------



## MSY-Houston (Dec 5, 2004)

Wet Chicken said:


> Inadvertently  I thought it was on by default, but it wasn't. It was an Apple tech who told me I had to turn it on  I still don't understand why it wouldn't be on by default


Hi WC,

I might have an answer for you on that. In our office, we run both Macs and PCs. What has happened here is that the Microsoft Firewall was interferring substantially with our server software/firewall system. We actually turn the MS Firewall off to use our specialized system.

I'd imagine that on the Mac side, it comes turned off as a default so that problems don't erupt the minute a new computer is connected to a network.

Each company had to choose a default. Pros and cons on both...whether to set defaults for business or personal users, and determine what users should come first. I actually do like that Apple's Firewall is not turned on by default. However, it certainly would have been better to have had a big ol' Read.me file to alert users.

Same lack of notification regarding their default setting is on the PC side, too.

Martha


----------

