MacDailyNews - Where Mac news comes first

I sent the following letter to the author...

Ben,

I'm sure I'm not the first person to mention this to you, but the title of your article "In Rare Attack, Virus Targets Macs" is grossly inaccurate. The malware in question is not a virus or worm of any sort. It is simply a trojan horse (software that claims to do one thing, but instead does another), as your article later properly refers to it.

Wikipedia defines a computer virus this way: "A computer virus is a computer program that can copy itself and infect a computer without permission or knowledge of the user."
http://en.wikipedia.org/wiki/Computer_virus

They define a worm this way: "A computer worm is a self-replicating computer program."
http://en.wikipedia.org/wiki/Computer_worm

This malware is neither, and additionally, your article does not describe the lengths a user has to go to in order to actually install this piece of software. They have to first download it, then mount the disk image, then run it's installer, then authorize the installation with an admin password. Additionally, you make no mention of the fact that this is only a social engineering security problem. No security method can prevent a user from doing such things if they are intent on doing so, and have access to an admin password.

Additional references:
http://en.wikipedia.org/wiki/Trojan_horse_(computing)
http://en.wikipedia.org/wiki/Social_engineering_(security)

Thanks,
Brad

When it comes to the average user, there is no difference between a trojan and a virus. Both are malicious and both gain access to your computer. To educated users, there is a difference. They know that you don't install strange programs from untrusted sites on your computer.
Its like AIDS. The disease can be completely avoided by abstinence before marriage and fidelity within marriage. In one generation the disease would disappear, including the innocent victims. But some people are stupid.

Good letter Brad.

Good Letter Brad! Couldn't have said it better.

"When it comes to the average user, there is no difference between a trojan and a virus."

-----------------

Yeah, especially when well respected national publications perpetuate the notion that they are the same.

Shame on WSJ... Where is Uncle Walt when we need him?

Well said Brad.

Brad, where did you find the author's email address?

Explain how people profit from viruses. Someone. Please.

In other news....

Norton AV for the Mac actually makes your Mac more susceptible to attacks.

http://blog.carrel.org/2007/11/security-advisory-norton-antivirus-for.html

Check out the big brain on Brad!

Tre, if you view the full article (either by having a subscription, clicking from Google News, or some other partner) you can see the author's email address at the bottom. Also, MDN has posted it above.

I got to the article from Google News, and so the link looked like this:
http://online.wsj.com/article/SB119401479695380513.html?mod=googlenews_wsj

Going there later from my browser's history log, though, it didn't show the full article. Told me I needed to have a subscription, so I didn't see the whole article.

Hope this helps,
Brad

When I wrote for newspapers, it was the editor who wrote the headline. This seems to be the case here, as the writer is correct in the article itself.

I vote for OS X to be locked down entirely. No apps should be able to run at all, it's the only way to protect us.

To comment on AnakniPedro's comparison to AIDS; I'm not quite clear what he meant by comparing viruses and trojans (for computers) to AIDS; no amount of 'computer abstinence' (or caution, or vigilance) could prevent virus infection without the proper protection (antivirus software; we'ere talking about Windows, of course). As far as AIDS is concerned, to suggest that global abstinence and monogamy is a solution would be as naïve as suggesting that all wars could be easily stopped if we all stopped producing weapons.

Just like antivirus software effectively prevents Windows malware (albeit with a toll on resources), proper prophylactics will effectively prevent AIDS.

As for trojans, Mac or Windows, at least the only Mac trojan is now spreading only through porn sites; which means most people are safe anyway, and those that are not, well, I have a feeling not many will shed tears, considering how they got it (let's just say it's much like catching some VD from a 'working girl'...)

Once again, just like Chicken Little, the "security experts" are running in circles and loudly proclaiming "the sky is falling, the sky is falling" its happened before and it will happen again. And journalist wonder why the public thinks their stupid, when they publish stupid stories without doing a little research first.

Well, I, like Ben sent an e-mail.

To whom it may concern,

People look to respected news outlets such as yours as places they can trust to get the facts on a variety of topics. As such, it is not only your responsibility, but your DUTY to make certain these facts are verified before they go to print. Doing less can, and often will result in dissemination of fallacies leaving your readers poorly-informed and confused.

In an article appearing in WSJ today, http://online.wsj.com/article/SB119401479695380513.html?mod=MKTW&ru=MKTW, one of your writers, Ben Charny, spoke of a virus that is affecting Mac OSX. This is false. What it is making the rounds at present is a Trojan Horse. A Trojan Horse is not the same thing as a Virus.

According to Webster's a Computer Virus is: (also computer virus) a piece of code that is capable of copying itself and typically has a detrimental effect, such as corrupting thesystem or destroying data.

The key to understanding the difference is in the very first few words. A Trojan Horse cannot, I repeat, CANNOT copy itself. It is not able to propagate its way through a network and bring a system to its knees. A Trojan Horse masks itself as something useful, like a video codec required to play media from a specific website, that the user knowingly installs on their system. From there, any number of things can happen, but they are only going to happen on machines in which access has been granted by the system's administrator.

Now, a Virus, once on a system, replicates itself and spreads to any computers connected over a network, doing harm without the user's even knowing until it is too late. As such, a Virus is a much, much bigger deal than a Trojan Horse.

It does not serve your readership to go on inciting panic unnecessarily. Reporting on the Trojan is fine, but needs to be done accurately, and in a well-researched manner. All that needs to be known is that it does exist, what it does, and how to avoid it. This last bit, coming down to a matter of simple common sense: Don't install software from unknown/untrusted sources. Especially not such places as porn sites.

I encourage you to publish a correction, in the same location as the original story, in the interest of your readership and your journalistic integrity.

To Macromancer:

Two ways to profit from viruses. One, somewhat obvious, although perhaps a bit on the side of conspiracy, would be the anti-virus software companies trying to sell their Mac stuff collecting dust in their warehouses.

Second, realistic one; let's use our new Mac trojan for example. Once it tricks user into installing it onto their Mac, it changes local DNS settings so that when user goes to sites such as eBay, PayPal, some banks, etc., they are taken to phishing sites (fake sites that look exactly like the real ones), where user enters their user ID and password, thereby sending them to the writer of this trojan. The trojan also changes DNS for some other popular sites (such as Google, Yahoo, AOL, etc) and takes user to certain porn sites, which get paid by advertisers for ad views and clicks.

There are more sinister viruses for Windows that install invisible e-mailing software, which is then used to transmit spam without user's knowledge.

Virus business is big business these days. Creators and distributors are mostly in countries that are newly-created democracies (former communist dictatorships), where law enforcement hasn't had a chance to catch up with cyber crime.

For now, Mac users are spared. We'll see where we go from here.

Well, I guess if you're going to blow it, it's best to have a Trojan on the headline....

This rumour in the WSJ is what Harry Cramer means in his interview in youtube...talk down and sell $5 or $10 million of the stock and buy when it's low, take a 2% gain....
The article is really about talking down the stock, nothing at all do do with the facts, which is the users need to have administrative passwords to authorize downloads of programs...but they are equally open to phishing attacks in their e-mails, a problem that affects PayPal for example, which has an anti-phishing war on.
I can see it now: Apple's OS X Not Immune to Phishing Attacks...that should be good for a $4 drop.

"let's just say it's much like catching some VD from a 'working girl'..."

Yeah, I've always been pretty suspicious of Melanie Griffith too.

Some wallstreeters adore that sort of distorted and misused fake infos... that make the market stocks fluctuate and... makes monney with quicly buying Apple shares when overnaive people go selling their's.

Seems enough people raised Hell at the Wall Street Journal as the title has been corrected to "In Rare Attack, Malware Targets Macs"...

Seems to me to be a ploy to bring down the stock prices. Any bad press inflated or not can make investerors nervous. The Anti -Mac folks have always been jealous of Mac users being able to say we have no viruses, worms etc.

Don't feel shafted.
They knew it was a Trojan. They're just ribbing you.
Now it's time to wrap it up.

Whether the anomaly is a Trojan Horse, Virus, or Worm, the user still need some form of software/patch to remove it. Yeah ... I know, you should not have installed it in the first place. But what's done is done. I suppose Apple can create snapshots of the entire system whenever new software is installed and then just use a rescue disc to remove the anomaly. I know Apple is not going to create a patch for every variant of the Trojan horse.

Good job, Brad and Willie G!

It'll be interesting to see what the WSJ's response will be to the truth, intelligently presented. Remember they're owned by Rupert Murdoch now, and we know how much the truth or the facts matter to him.

Neither "journalistic" nor "integrity" apply to him and his enterprises (primarily Fox Opinion). How do you get so rich disseminating such BS on a consistent basis?

Peace.
Olmecmystic

If you wear a Trojan, you may avoid a virus.

The headline was changed to "In Rare Attack, Malware Targets Macs". I'm not sure if the body was rewritten, though.

@Bill

Actually, the body of the article was correct.. The misleading part was the headline which has been properly changed to "malware" rather than "virus."

It may seem petty to some, but there is a BIG difference.

Great Son of Peleus, it's not like one Trojan is Apple's Achilles' heel.

I suspect that to many computer users the term "Trojan Horse" sounds like a technical term of art that begs explanation. It might help to avoid the term "Trojan Horse" altogether and refer simply to a "disguised application". Or perhaps the concept could be conveyed more expeditiously with a catchy acronym like, uh, MALU -- Malicious Application Launched by the Unsuspecting.

Mauritius
Thanks. You are virtual reservoir of tips....

It also doesn't "take over your Mac" as the article incorrectly states!

Potatoe

We are pleased to report that our Mac was not taken over by a virus, rather it was taken over by a Trojan horse.

Apple still rocks, No Viruses for Mac OS X.

And anyway when did MDN suddenly start believing Trojan Horses have always existed for Mac OS X?

TT: For the Johnny-come-lately, I guess sensitivity is a measure of thin skin too. But let's not to generalize either like some blanket condemnation.

P.S. Condemnation is not a U.S. outreach program for convicted left wing politicians.

@ anaknipedro

If I were you I would stick to topics you understand.
You AIDS diatribe completely misses the boat.
There's many ways to contact HIV. Fidelity in marriage works if both are virgins, before and both are faithful. AND there's no need for blood transfusions, or any kind of needles, if you and all around avoid accidents that cause airborne blood (Stay out of cars to be safe)... nevermind. I'm just going to say that sex is but one cause of transmission of HIV

Well put, Mauritius. I think you hit the nail on the head.

And on the whole, I think we should get a mandate to bypass these silly little insertions of Trojans by "reporters" who don't know how to cover the beat. They are a pain in the ass, and then try to suck up by removing the offending headline.

Excuse me, I need to smoke.....

At the bottom of the article, it now states:

"Corrections & Amplifications: A headline on an earlier version of this article incorrectly identified the security threat as a computer virus."

That's class. Kudos WSJ.

Brad

Title changed, but it still is inaccurate. It does not take over your Mac. It messes up your DNS. Different guys, different.

@ anaknipedro

Wow. So if we just let those stupid people die, problem solved, right? I had no idea it was that simple.

MW: 'thinking' (helps)

", they are taken to phishing sites (fake sites that look exactly like the real ones), where user enters their user ID and password, thereby sending them to the writer of this trojan."

The virus software mafia thing isn't what I really had in mind for the answer to my question, but yeah, i wouldnt put it past them.

", they are taken to phishing sites (fake sites that look exactly like the real ones), where user enters their user ID and password, thereby sending them to the writer of this trojan."

That is really outright theft, not so much profit. The redirects to sites for ad clicks makes more sense practically. I've just never bought into the concept that the reason Macs have fewer viruses etc is because the 'market' isn't as big. It always seemed to me to be more a matter of it being easier to write malware for Windows than for Mac (i.e. scripts)

>> global abstinence and monogamy is a solution would be as naïve as suggesting that all wars could be easily stopped if we all stopped producing weapons.

So being a responsible adult isn't realistic, but putting your faith in a thin piece of rubber so you can get your rocks off as you please is?? Ahhh liberalism.... if it feels good it's OK.

I'm demanding an edition of the NYT the size of a multi-volume encyclopedia to give news articles about each of Windows' malware as they come out.

@ChrissyOne

@ anaknipedro

Wow. So if we just let those stupid people die, problem solved, right? I had no idea it was that simple.

He never said anything about letting anyone die. He said:

Its like AIDS. The disease can be completely avoided by abstinence before marriage and fidelity within marriage. In one generation the disease would disappear, including the innocent victims. But some people are stupid.

Nothing he said here is incorrect. If people practiced abstinence, AIDS (and other STDs) would, at the very least, decline, if not completely disappear. He is right when he says people are stupid. It is stupid to put your life on the line for a few minutes of pleasure. The whole "you can't expect people to abstain" argument is bunk. If they want to avoid STDs and pregnancy there is but one completely effective solution; abstinence.

Do diseases get spread by blood transfusions and other medical procedures? Yes, they do. It is a very different thing to get AIDS from a transfusion than from promiscuous behavior. In one case, you contract the disease because you unknowingly received tainted blood. In the other case, you contract the disease because you knowingly engaged in sexual contact with someone you either didn't know well or who didn't know they had AIDS themselves.

We wouldn't have AIDS tainted blood if it were not for promiscuous behavior. I know I sound like a prude, but it is the truth. If people want to put themselves in these situations, that is their business, but they are hurting everyone, including themselves.

I saw this article earlier today and sent an email message too. Reporting should have been better and more thorough...

Ben,

In your article, "In Rare Attack, Virus Targets Macs", you miss a very important point that in fairness should be included. You need to follow the money and value trail when considering questions to ask and how to write such articles.

As Apple's Macs make stronger inroads into the marketplace, the purveyors of anti-virus software such as Symantec have much to lose. There is a whole ecology that developed around Microsoft Window's significant ongoing deficiencies. Those company's dependent upon viruses for revenue have much to gain by convincing people that Macs are just as dangerous... and they have much to fear from it not being true. From a business perspective, what are the financial risks to such companies for each additional 1% of Mac market share? Are such companies well diversified enough to withstand the loss of revenue as more users switch to Apple and fail to purchase their products?

If I as a user go to a website (real or spoofed) and choose to download content, I am taking a chance. The Mac tells users that an application is being downloaded prior to completing the download. In order to install the software, a user must then supply a password. I'm using Macs for my business and family now. At home, I'm the only person with the password access to install software. Apple's security from a process and software standpoint is significantly better than the situation with Windows PCs. There will certainly be more attacks against Mac users going forward. And users failing to show discernment are still in danger of downloading something, ignoring warnings and using their password to install it. I'm confident in Apple to help protect people from their poor choices though.

Personally, I'll never purchase Microsoft Windows PCs again. I'll probably never purchase Symantec or Norton anti-virus products again either. That annual tax is not necessary on Apple's computers.

Regards,

Jay

PS - I've made the switch to all Apple PCs over the past year. I've become a bit of an evangelist for Apple products because they are superior in so many ways. I don't want to go through the hell of rebuilding my PC over and over again the way I was forced to when using Windows PCs.

Sometimes MacDailyNews itself over-sensationalizes... But in this case, they are right-on in taking the Wall Street Journal to task.

I do agree that, after being in the business and watching anti-malware vendors for years, that this is another case of
(A) the anti-malware software vendors shouting to get more sales, (and now getting free advertising), and
(B) the 'false authority' syndrome being practiced by the ignorant attention seeking WSJ author.

What I am surprised by is that the WSJ allows this kind of mis-informed opinion and hear-say piece to be publised as an article of alleged fact. They used to be reputable news source (even if I don't agree with their politics).

Let's not forget that Bill Gates said there's a new exploit every day that allows a Mac system to be taken over totally!

"Sometimes MacDailyNews itself over-sensationalizes... "

And they always correct themselves, like WSJ did.

Well no actually they just delete posts, modify comments and articles until "History" is as they'd like it to be.

Why do I get the feeling the original title on the WSJ was done by the editor and not the author.

In other words, if you'll excuse the pun, is to play around with the words to, as seems is the case, sell more newspapers.

One role of the newspaper editor is to ensure that headlines are catchy ensuring maximising sales per copy. Doesn't mean to say it has to be accurate.

And yes folks the editors job does depend on it!

The headline is nothing more than a marketing ploy to get Joe/Jane public to part with their cents - or should that read sense?

MW 'art' as in the art of marketing, to try to get more sales out of a product by slightly bending the facts.

Great job MDN folks for getting the WSJ to correct that headline. Unlike C/NET who did that Balldmer interview and he blurts out that no iPod has WiFi... HUH? The C/NET interviewer just sits there and doesn't even dare to correct Ballderstein.