-
- Virus
Protection:
- Pre-OSX
viruses were quite rare, especially when compared to the
tens of thousands of viruses, worms, Trojan horses,
spyware, adware, and macro viruses still targeting the
frail DOS/Windows/XP operating systems. But, just because
you use a Mac, that doesn't mean you can ignore the risk
entirely. We've serviced many System 7 thru OS9 machines
that fell victim to the Autostart 9805 worm, Sevendust,
even the ancient nVir virus, one of the first-ever Mac
viruses (so old, in fact, the only file it could still
infect was Internet Explorer).
-
- There are
many ways to minimize your exposure, but nothing beats a
quality anti-virus program for providing peace of mind.
Norton Anti-Virus (NAV) from Symantec is the best choice.
Every anti-virus utility requires monthly updates, but
NAV makes it simple and Symantec is _the_ authority on
viruses and security. If a real OSX virus ever appears,
you can be sure Symantec will be right behind Apple with
a response. (Links to Symantec are posted below and on
our Links page.)
-
- OSX
viruses are virtually nonexistent today. Early OSX
vulnerabilities included a pair of "proof of concept"
demonstrations quickly addressed by Apple, including a
self-starting Dashboard "widget" under Tiger that now
requires permission to activate. Other potential
vulnerabilities have been identified and eliminated by
Apple with security updates before any problem could
occur. UNIX was designed with security at its core - to
the great benefit of the Mac platform - but Mac users may
still be capable of spreading Windows viruses without
being affected. Macro viruses affecting MS applications
(Word, Excel, Office apps, IE, OE, etc.) are the single
largest virus category (more below), and specific MS
applications run on a Mac might still be
vulnerable.
-
- NOTE:
Running Windows on a Mac (using BootCamp, Parallel, or
similar formatting utility) does _not_ mean the Microsoft
partition is protected in any way. DOS/Windows/XP is just
as vulnerable on a Mac as it is on a PC.
-
- In addition
to the very real threat posed by real viruses, there are
also a lot of hoaxes going around via email, and it helps
to know what is - and what is not - a
virus.....
-
- What is a
virus?
- The primary
characteristic of any virus is its ability to copy itself
to every writable volume it comes in contact with. This
includes hard disks, floppies, Zip disks, tape, you name
it. Even read-only CDs and DVDs can have viruses
prerecorded on them. (A popular magazine once distributed
thousands of CDs before discovering they were infected
with the Autostart 9805 worm; fortunately, it turned out
to be a harmless variant incapable of doing any real
damage - except to the magazine's reputation.) All it
takes is to mount a volume, insert a disk, or open an
email attachment. Viruses are malicious by design. They
might masquerade as a legitimate file or be invisible,
and you probably won't know you have one until it's too
late and damage has been done. Here are a few virus
subcategories you may have heard of:
- The
Worm. Almost always destructive, a worm tunnels
through targeted or random data, destroying code as it
goes. Invented in 1978 by researchers at Xerox PARC, the
worm was originally defined as, " ...a computer program
that searches out other computer hosts, then copies
itself and self-destructs after a programmed interval."
Needless to say, there aren't as many harmless variants
(so defined) as there are destructive ones.
- The Trojan
Horse (like the legend) secretly tags along with
another file. This type might wait quietly to be
triggered by some action, event or date before doing
whatever it was designed to do. Some merely put up a
message or image onscreen when triggered, and might
self-delete when finished. Others may only interfere with
specific functions, or they may cause total destruction
depending on designer's intent.
- The Macro
Virus. "Macros" are a function of certain commercial
programs, mostly (if not all) Microsoft products. A macro
is - or at least, was - a great convenience in
these programs, allowing you to record a series of
actions that may then be played back to perform those
same actions automatically. Naturally, one can also
create a macro that does damage, and that's what a macro
virus is. It relies on the presence of a particular
application program to function, like Word or Excel, and
uses the program to do its damage. There are tens of
thousands of these, they are application-specific and
cross-platform.
- Key
Loggers, Spyware, Adware. These small programs are
surreptitiously deposited on your computer by email
attachment, by clicking an internet link, or they may be
attached to other programs. These are designed to track
and report keystrokes, take screen shots, and/or monitor
communications and activity. The objective may be to
steal passwords and account access, target advertising at
you, or they may be programs manually installed by
someone close-by with the intent of spying on computer
usage.
- Zombies.
This term refers to computers commandeered for use in
orchestrated attacks, usually against a targeted web site
(known as a denial of service attack), or they may be
used to propagate spam. While not technically a virus,
unattended zombie machines have become a considerable
factor in the spread of all sorts of malicious
nonsense.
- General
signs and symptoms of virus infection:
- Processing
speed slows down over a relatively short period of time;
frequent freezes and errors; background activity tying up
the CPU; disappearing storage space for no apparent
reason; odd messages or weird screens; generic icons;
files that suddenly refuse to open or are unrecognized.
There are almost as many symptoms as there are
viruses.....
-
- What a
virus isn't:
- For those
dimwits out there who aren't bright enough to write a
real virus - or even a macro virus - there's always the
hoax. Typically delivered by email, here's an example
that was widespread in 2001 and resurfaced again (almost
word-for-word) in 2004. Aimed at PCs, it was titled
"Virus
Alert!":
-
- My
address book was infected with a virus. Yours might be
too. The virus is called jdbgmgr.exe
- To
check if yours is, follow these directions and it will
take care of it. It cannot be detected by anti-virus
programs. It sits quietly for 14 days before damaging
the system. It is sent automatically by messenger and
address book, whether or not you send e-mails. This is
something I had no control over because I received it
by being in someone else's address book. The good news
is that it is easy to get rid of. Here's
how:
-
- It goes on
with step-by-step instructions for searching your "C
drive" to hunt down this ".exe file" and delete it -
which, of course, is how the damage is done - you do it
yourself. These hoaxes usually encourage you to forward
them to everyone you know, or they may use contacts from
your address book to spread themselves as real viruses
often do. This particular hoax is still making the rounds
in a variety of email messages, targeting the same
"jdbgmgr.exe" PC file.
-
- Some hoaxes
can be quite convincing. Usually, parsing message headers
and investigating the named virus will expose a hoax, but
for pre-OSX machines (and all Windows PCs) an up-to-date
virus scan is the only solution. To investigate a virus
or hoax, enter its name into Symantec's
virus database
or CIAC
HoaxBusters, U.S. Dept. of Energy.
|
.gif)
OSX
Login Accounts and FileVault Security:
