We are a commune of inquiring, skeptical, politically centrist, capitalist, anglophile, traditionalist New England Yankee humans, humanoids, and animals with many interests beyond and above politics. Each of us has had a high-school education (or GED), but all had ADD so didn't pay attention very well, especially the dogs. Each one of us does "try my best to be just like I am," and none of us enjoys working for others, including for Maggie, from whom we receive neither a nickel nor a dime. Freedom from nags, cranks, government, do-gooders, control-freaks and idiots is all that we ask for.
This week's Mac virus is brought to you by the makers of BackDoor.Wirenet.1, a delightful little keylogger that has drawn rave reviews wherever it goes.
Keyloggers, to remind you, record all of your keystrokes and then periodically send them home to mama. A program then looks for 16 entered numbers in a row (your credit card) followed by 3 more numbers (your security code), then it's off to cadillac.com and some early Christmas shopping.
It also steals passwords:
The malware "also operates as a keylogger (it sends gathered keyboard input data to intruders); in addition, it steals passwords entered by the user in Opera, Firefox, Chrome, and Chromium, and passwords stored by such applications as Thunderbird, SeaMonkey, and Pidgin."
(Odd he'd mention the other browsers but not Safari?)
The fix is fairly simple. You delete some files on your computer and then block access to a certain IP address. Details are in the above link and one method to block the IP address is here, more info here. Even if you don't have the bad files on your system, you should still block the IP address.
Your link to LetMeBy doesn't tell you how to block an IP address, in this case the address to which the virus sends all the information it has stolen from you. Instead, the link tells you how to hide your own address in/from your browser. Those are two different things.
Ah, thanks much. I figured blocking an IP was blocking an IP. Turns out it's not quite as easy as it sounds. I ended up glancing over a number of Google hits and finally found a free program that'll do it.
Good point, and this isn't a Mac-specific issue by any means. The problem lies in convenience. Cookies are the best example. Without cookies, we'd have to log back in to practically every site we visit, or at least those we might want to comment on. So, we sacrifice security for convenience.
In all fairness, though, anti-malware technology is always a step behind; always reacting to the latest threat, simply because there's no way to anticipate the next badness to come along. Heuristics only goes so far.
And you also have to cede how clever some malware is, like the one that imitated a Flash update. You've just clicked on seven Flash updates over the past two months -- why not click on another? I'm not sure if anything can be done about that except altering human nature.
Logic fail. A handful of issues do not suddenly make OS X's security model suddenly worse than Windows'. I can't say I find such reasoning unusual though, especially for anti-virus companies, who have no significant handhold in the OS X market. If it looks like doomsday, Kasperspy or Norton or whomever to the rescue.