| View previous topic :: View next topic |
| Author |
Message |
The Pontificator
Veteran Member
Joined: 15 Jun 2008
Posts: 784
Location: Somewhere in South Carolina
|
|
| Back to top |
|
 |
Smithcraft
Veteran Member
Joined: 09 Nov 2008
Posts: 3011
Location: Seattle
|
 Posted: Wed May 25, 2011 4:16 pm Post subject: |
 |
|
Considering that Safari's default is to go ahead and open 'safe' downloads, I really have to put the onus on Apple for this.
Especially considering all the grief that was sent Redmond's way for doing the same thing back in the Windows 95 days.
Autorun. Great in the 80s. Doesn't belong in the modern era.
SC
_________________
Grumpy old man of computing.
[Desktop] G4 mini - 1.5Ghz 1GB 80GB HDD - Newer miniStack v2 500GB - 10.5.8
[Media System] Intel i5 mini - 2.33Ghz 8GB 500GB HDD - 4 x Hitachi 2TB HDD in a qBOX-SF - 10.7.5 (Thanks Phil!)
Make sure it has pins! |
|
| Back to top |
|
|
Bandit Bill
Veteran Member
Joined: 07 Jun 2005
Posts: 5793
Location: Edmonton, AB, Canada
|
| Posted: Wed May 25, 2011 7:50 pm Post subject: |
|
|
This sucks. I'm anxious to see Apple's remedy.
I've mentioned in many other threads not to use an Admin account for day to day use. Here's a perfect example of "why not".
Last edited by Bandit Bill on Wed May 25, 2011 8:00 pm; edited 1 time in total |
|
| Back to top |
|
|
The Pontificator
Veteran Member
Joined: 15 Jun 2008
Posts: 784
Location: Somewhere in South Carolina
|
| Posted: Wed May 25, 2011 7:58 pm Post subject: |
|
|
| If your Safari browser's General Preferences tab has the open safe files after downloading box disabled then the malware cannot install. |
|
| Back to top |
|
|
Bandit Bill
Veteran Member
Joined: 07 Jun 2005
Posts: 5793
Location: Edmonton, AB, Canada
|
| Posted: Wed May 25, 2011 8:12 pm Post subject: |
|
|
From page 34 of Apple's Configuration Security Guide
Creating Initial System Accounts
After completing the initial steps in Setup Assistant, you’re presented with the Create
Your Account step. In this step, you create a system administrator account. Make this
account as secure as possible.
Important: The system administrator account should be used only when absolutely necessary to perform administrative tasks. Create additional accounts for
nonadministrative use. For more information, see “Types of User Accounts” on page 118.
Here is the complete guide if you wish to read it
http://images.apple.com/support/security/guides/docs/SnowLeopard_Security_Config_v10.6.pdf |
|
| Back to top |
|
|
Rightondamark
Senior Member
Joined: 07 Jan 2007
Posts: 287
|
| Posted: Wed May 25, 2011 8:45 pm Post subject: |
|
|
I was worried about Apple's first response to the issue (i.e. telling people calling into AppleCare that they don't deal with malware or recommend fixes), but I have my hope's up now. I think they see this as a serious issue and hit to the brand. Personally, I just hope this isn't the start of more issues with security. We've had it so good for so long.
| Smithcraft wrote: | | Considering that Safari's default is to go ahead and open 'safe' downloads, I really have to put the onus on Apple for this. |
An easy fix, but just another in a long list of reasons to use Chrome in my book. |
|
| Back to top |
|
|
devo
Veteran Member
Joined: 23 Jan 2005
Posts: 5274
Location: Dunwoody, GA
|
| Posted: Wed May 25, 2011 10:04 pm Post subject: |
|
|
| Bandit Bill wrote: | | I've mentioned in many other threads not to use an Admin account for day to day use. Here's a perfect example of "why not". |
Guilty as charged. 
Any like numbers on the infected? I'm just wondering how many people have been affected. |
|
| Back to top |
|
|
Bandit Bill
Veteran Member
Joined: 07 Jun 2005
Posts: 5793
Location: Edmonton, AB, Canada
|
| Posted: Wed May 25, 2011 11:12 pm Post subject: |
|
|
| devo wrote: | | Bandit Bill wrote: | | I've mentioned in many other threads not to use an Admin account for day to day use. Here's a perfect example of "why not". |
Guilty as charged.
Any like numbers on the infected? I'm just wondering how many people have been affected. |
Quite a few people have been affected. I've had a number of people coming into the store with issues, or they know others who have had issues. I haven't read/heard any numbers.
BTW if you start using a Standard user account, you will hardly notice any difference in day to day activities. The odd time you will have to put in your admin password, no big deal. In fact you can set up an admin account and if you do not enter a password for that account, you don't even need to type a password, just the user name of the admin account and then press enter. Another thing you can do is set up fast user switching and keep an admin account running in the background, if you need to routinely administer the computer. |
|
| Back to top |
|
|
Smithcraft
Veteran Member
Joined: 09 Nov 2008
Posts: 3011
Location: Seattle
|
| Posted: Thu May 26, 2011 12:38 am Post subject: |
|
|
I've been promoting the separate user and Admin accounts for forevers!
Especially in Windows! 
SC
_________________
Grumpy old man of computing.
[Desktop] G4 mini - 1.5Ghz 1GB 80GB HDD - Newer miniStack v2 500GB - 10.5.8
[Media System] Intel i5 mini - 2.33Ghz 8GB 500GB HDD - 4 x Hitachi 2TB HDD in a qBOX-SF - 10.7.5 (Thanks Phil!)
Make sure it has pins! |
|
| Back to top |
|
|
ghostdawg
Veteran Member
Joined: 25 Aug 2007
Posts: 1413
Location: STLMO (usa)
|
| Posted: Thu May 26, 2011 8:18 pm Post subject: |
|
|
I always create a separate user account on all OSes...as Bill mention, it's not good now days to surf as Admin anymore.
_________________
G4 Mac Mini | 1.25ghz | 1gb | 40gb | OS X 10.4.11 | 37" Westinghouse HDTV
AAOne | 1.6ghz | 1gb | 160gb | Mageia 2 & Win XP |
|
| Back to top |
|
|
|
FAQ 
Search 
Memberlist 
Photo Gallery
Register
Profile 
Log in to check your private messages 
Log in 
