Commander Smackaho

Q: did we just get a new trojan that apple missed or ?

I think we've all been duped and apple didnt even see it, that "flashplayer.xpt " is the winner it's an executable script from the browser it's been in there waiting for awhile now and its attaching to all your framework files or better yet replacing them this is a rough one boys and the worst part is, I think its been sitting to long to matter now

MacBook Pro (15-inch Mid 2010), OS X Mavericks (10.9.3), EMERGENCY

Posted on May 17, 2014 6:50 AM

Close

Q: did we just get a new trojan that apple missed or ?

  • All replies
  • Helpful answers

Previous Page 2
  • by Commander Smackaho,

    Commander Smackaho Commander Smackaho May 17, 2014 4:08 PM in response to Commander Smackaho
    Level 1 (0 points)
    May 17, 2014 4:08 PM in response to Commander Smackaho

    I really do appreciate all the help, and I mean no offense by this at all but my dad used to tell me "if you were the only man in the room that didn't know the con, its because you were the mark"  and its because I feel as if we're avoiding the reason all these files, and sending out security for bookmarks, looking for other devices in the room that support java, and the one that bothers me probably the most is that a small developers code has more power to the system than I do as administrator and for extreme security reason  would it ever need to make a false apple certificate to get into my keychain of my passwords so It no longer need to have permission to see my personal keys, and XPC code is done by the developers right ? And who are they ? I mean do we know everything or atleast what they know of us about them ?

    And why are they on the trust with my life list anyways, after reading your first link about the xpc coding it seems like there would be no better place to inject it right along with the launch agent, how much more of the receipe do we need for disaster, **** my xpc even contains a credits file with some guy saying " uh maybe my mother" and Im supposed to believe this ? And to top that off we can put security on bookmarks meanwhile Im watching someone upload my cache without hesitation, It feels as if its so obvious, youd almost have to be in on it and if thats so.... Just tells us theres nothing you guys can do to stop it so people would stop investing their lives and family in apple's security. We could go back to the good ol days when you had to stand in line to pay bills and never put anything personal into a computer again

  • by thomas_r.,

    thomas_r. thomas_r. May 17, 2014 4:21 PM in response to Commander Smackaho
    Level 7 (30,929 points)
    Mac OS X
    May 17, 2014 4:21 PM in response to Commander Smackaho

    I still have absolutely no idea what you're talking about. This is all very flow-of-consciousness and still does not contain a clear description of the problems you're seeing.

     

    The files you seem to be concerned about are normal. The entries in your keychain that you seem to be concerned about are normal. As far as I can tell, you are looking at completely normal behavior and interpreting it entirely wrong.

     

    Without some information that is understandable, I cannot say more than this, and will have to consider my part in this discussion at an end.

  • by Barney-15E,Helpful

    Barney-15E Barney-15E May 17, 2014 4:27 PM in response to Commander Smackaho
    Level 9 (50,483 points)
    Mac OS X
    May 17, 2014 4:27 PM in response to Commander Smackaho

    An XPC Service doesn't run on its own. It is run by the owning software.

    Yes, you can download and install a program that could access your passwords and send them to anyone they want, theoretically. But, you'd still have to give that application permission to see your passwords, contacts, etc.

     

    The current malware industry makes it's living tricking users into giving up their personal information. You have to make sure you don't get tricked into installing that stuff. Nothing in the OS will stop you from giving a program access to all of that data. If it did, you'd never be able to use the data for legitimate reasons.

     

    What software did you recently install just before you started seeing this questionable behavior?

    Where did you get the software? A legitimate developer site, app store, or from some nefarious website.

  • by Zak Adelman,

    Zak Adelman Zak Adelman May 17, 2014 4:45 PM in response to Commander Smackaho
    Level 1 (60 points)
    May 17, 2014 4:45 PM in response to Commander Smackaho

    You are assuming too much again in your paranoia.  Everything you said so far are part of legitimate programs and then you go off on an erratic tangent that I seem to not be alone in not understanding.  Applications in tha app store don't work outside the sandbox so if you want to aboid all of the xpt files then delete flash and silverlight, firefox, chrome, any adobe programs like photoshop, illustrator, lightroom etc.. and all other 3rd party apps including monolingual and only install apps from the app store in the future. Your keychain is protected for a reason, it is not to be messed with by amateurs.

     

    If this is not acceptable, you have to accept that apps need to work outside ot the sandbox and require access like the xpt files provide.  If your next post is still irrational I am done with you

  • by Commander Smackaho,

    Commander Smackaho Commander Smackaho May 17, 2014 7:04 PM in response to Barney-15E
    Level 1 (0 points)
    May 17, 2014 7:04 PM in response to Barney-15E

    Barney, firstly thank you sir for just listening. I understand xpc is a private helper but Im not sure that it makes xpc any less vulnerable permitting the app and after reading more on xpc and launch, I seen that sandbox's job is supposed to prevent occurances as such but if xpc is permited that kind of trust within the app then possibly I couldve been exposed the moment the first app installed. Those apps in the store are supposed to be safer but only as safe as the integrity of the developer. Ive read how some developers have submitted apps with hidden backdoor capabilities and they 've passed apple's testing... granted they were for testing purposes. Considering this (version, cloud, xpc, launch) are all passing notes it does bring a little bit of paranoia in knowing that those few things could be a recipe for major disaster. Im pretty sure my last few apps were from the store but I'm not a 100% positive Ill have to look at them before I do the clean re-install. Barney also couldnt xpc send back small info unnoticed if it were being told to do such ? I mean it wouldnt show anything out of the norm anyways correct ?  Zak Im pretty sure we can do without yours and Thomas intellect, The fact that you guys chose to speak bias to me instead of exercising patients, Shows the lack of maturity and class you guys posess

  • by thomas_r.,

    thomas_r. thomas_r. May 17, 2014 7:30 PM in response to Commander Smackaho
    Level 7 (30,929 points)
    Mac OS X
    May 17, 2014 7:30 PM in response to Commander Smackaho

    Zak Im pretty sure we can do without yours and Thomas intellect, The fact that you guys chose to speak bias to me instead of exercising patients

     

    I'm not speaking negatively to you in any way. I'm simply informing you that I don't understand most of what you're saying and that what I do understand seems to be concerns based on misunderstandings of some kind. I've asked repeatedly for clarification, but have not gotten it.

     

    There's nothing I (or anyone else) can do for you without your cooperation, and since my advice seems not to be welcome, I'll be bowing out here.

  • by gumsie,

    gumsie gumsie May 17, 2014 8:19 PM in response to Commander Smackaho
    Level 4 (2,174 points)
    May 17, 2014 8:19 PM in response to Commander Smackaho

    Hi, Commander Smackaho.

    I'm not so sure that Zak and Thomas are being deliberately obtuse.

     

    I've looked at your posts and found them very hard to follow. It's because of the way you've used, (or not used), grammar. No disrespect but it seems as though you're just writing a solid block of text in your replies. What I'm sure the other two meant was that you need to document your issues clearly and with differentiation. For example;

     

    1. I have this problem.

    2. I also have this problem.

    3. It happens at this time.

    4. But never at this time.

     

    Yours seem to be;

    1. I have this problem2. I also have this problem. 3. It happens at this time, 4. But never at this time.

     

    Again no disrespect intended.

  • by Zak Adelman,

    Zak Adelman Zak Adelman May 17, 2014 8:25 PM in response to Commander Smackaho
    Level 1 (60 points)
    May 17, 2014 8:25 PM in response to Commander Smackaho

    No, I told you exactly what you needed to do to avoid xtc wanting access, you didn't like the list and thought it was sarcasm.  Only get apps from the app store and get rid of browsers and all 3rd party apps.  Again, no, it was not a joke.

    Those apps in the store are supposed to be safer but only as safe as the integrity of the developer.

    No, the app store gets vetted unlike Adobe apps and plugins (flash player), Chrome, Firefox, and everything else not in the store.  If the integrity of an app does not meet the standards the app is not released.  Your trust is in Apple and the sandbox, not the developer.  Some apps need deeper access than the sandbox allows so it needs the access you are afraid of.

     

    "I mean no offense by this at all but "...

    Commander Smackaho wrote:

     

    "if you were the only man in the room that didn't know the con, its because you were the mark"

    Paranoia over nothing there.

     

    We just told you what you didn't want to hear, the files were not dangerous, and we were still waiting on specifics, which you never gave us.  I am done here.

  • by OzziesMAC,

    OzziesMAC OzziesMAC May 17, 2014 10:19 PM in response to Commander Smackaho
    Level 2 (164 points)
    Desktops
    May 17, 2014 10:19 PM in response to Commander Smackaho

    This is what happens when you grow up in the world of texting.

Previous Page 2