Malware in Tiger?

There is no such thing as a G5 Intel iMac. There are G5s made by IBM, and then there are Intel iMacs. The white ones were a transition machine, where some had a g5 inside, the others had an Intel. To tell the difference go to Apple menu -> About This Mac. If it says G5, it isn't Intel. To deal with the Malware, Apple recommends disable Java for anyone with 10.6.7 or less who can't upgrade. If you clicked on related links on the HT5246 right sidebar it says "About Flashback Malware" in a link. This goes to the link on how to disable Java. Unfortunately, if you use websites that depend on Java, you'll have to contact them and ask them to use another less insecure standard. Show them http://www.anybrowser.org/ for tips on developing a more platform friendly web.

elistu wrote:

Thanx for the equipment nomenclature update. I will correct my hurry up user info soon.

If I choose not to deal with any Java sites ;etc. I can only pull the plug until my rich uncle

provides me with new and improved Apple stuff , or wait on a Java substitute. I appreciate

your reply - like I expected. I'm stuck. Thanks, you good "a brody", reality hurts don't it?

Not sure how it works in Tiger, but I also have had Java turned off in Safari > Preferences > Security for a fair while in Lion and Snow Leopard without any difference to my internet browsing. Give it a try. I'm sure you will get a popup if it does need turning back on.

Good Luck

Pete

elistu wrote:

But what can you

expect from stone-age (2-3 years old) junk? Mucho obligato for your reply, petermac87.

My father still runs Tiger on a G4 eMac. Still perhaps the most stable system Apple ever produced. Would never call it junk. I think you can get a version of ClamXav for Tiger which will give you some protection if required, just do a search. But I seriously wouldn't be overly concerned about security threats at present, I would think they will be aimed at the latest OSXs.

Happy Computing.

Pete

elistu wrote:

I tried that ,briefly, and Yahoo was mostly unusable.

I think you must have disabled JavaScript, which is not related to Java, despite the name. Almost no web sites use Java any more, except for malware vendors. JavaScript is widely used and of low or no threat to OS X.

My machine does not appear to be

effected by "Flashback"- yet. I haven't seen a test for "Tiger" either.

All Flashback malware to date has been Intel only, so your PPC Mac is immune. The only Flashback tool that I've found which runs on a PPC Mac is one from Norton. I ran and glanced over the script and it should do the job, but have not done extensive testing with it.

>Almost no web sites use Java any more, except for malware vendors.

You are sorely mistaken, and I wish you weren't. Target, and other coupon websites use them for printing Coupons. In other thread, apparently FHTSA uses it for their recall website, though I haven't had a chance to test it. Many a chatroom uses Java for chat purposes. This has caused much consternation amongst people using 10.6.7 and earlier, who are told to disable Java.

a brody wrote:

>Almost no web sites use Java any more, except for malware vendors.

You are sorely mistaken, and I wish you weren't.

Sorry, but I'm going to stick to it for awhile longer. Not my strongest area of expertise, but I have had Java turned off in all my browsers for over three weeks with zero issues. Obviously my browsing habits are different from many others.

Target, and other coupon websites use them for printing Coupons.

I'll give it a try when I get a chance, but it doesn't surprise me. I have had coupon issues with other sites long before Java became an issue.

In other thread, apparently FHTSA uses it for their recall website, though I haven't had a chance to test it.

I did and had no problems with obtaining information for my car, but since I don't know what the OP of that thread was looking for, it could have been a different proceedure. If it's the thread I'm thinking of, he disabled Java universally via Java Preferences and he may be on to something in his claim that he lost all plugins. I wanted to wait before posting to do more thorough testing, but some time after I checked the FHTSA issue I discovered that in my Safari Preferences, "Enable plug-ins" was unchecked and it's possible that that happened during that test and was not rechecked when I enabled universal Java. That would have disabled his pdf reader and could have caused the issue he was seeing. As I said, I need to do some more testing of that to make sure I can repeat it before drawing any conclusions.

Many a chatroom uses Java for chat purposes. This has caused much consternation amongst people using 10.6.7 and earlier, who are told to disable Java.

You've probably got me there as I'm not big on chat rooms, but if you can point me to a few I'll give that a try.

Again, I'm only advocating disabling Java in browsers at this time. There could well be future reasons to disable it universally, but since I'm unaware of any current threat, that's not where I'm coming from.

elistu wrote:

If anyone on this topic gets news of a test and fix for Flashback in OSX 10.4 please notify me or post for all.

???I believe I already did that above???

10.6 only comes on disc and has been the most important and successful OS for Apple today's. If you find it to be trial and error in use like Windows then perhaps that is best where you stay and post in the Tiger forums as these may be 'out of your class'

Pete

a brody wrote:

>Almost no web sites use Java any more, except for malware vendors.

Target, and other coupon websites use them for printing Coupons.

Well, I wasted way too much time today looking into this one. Target does use a service called Catalina Marketing to make their coupons available for printing and does use Java to manage the plugin process. By simply re-enabling Java in the Safari and without restarting it I was able to proceed with the process until I was stopped cold by the following dialog

which to me is less acceptable than having to use unpatched Java. It's apparently common with all their sites as they warn you ahead of time that you will need to approve this untrusted certificate in order to run the plug-in.

I don't know whether they are just lazy, incompetent programmers or too cheap to purchase a certificate. Why go to all the trouble to sign the code (I checked and they did) but not purchase the CA? Hopefully GateKeeper will put a stop to it.

In any case I was reminded why I don't like most coupon sites.

That certificate doesn't expire until June this year. So I don't know what all the hubbub is about. But I would alert them it is insecure. Too many people shop at Target for this not to be a serious threat to identity theft etc...

I perceive that these kinds of issues are also being raised by long-time Mac users and/or users of Macs and non-Apple OS machines networked; Long-time computer users - this includes uses in businesses, and in educational facilities (public or private pre-schools, grade schools, middle schools, high schools, colleges, and universities), just as much as home use, often are in networks of computers of many generations, and of several Platforms - which can include:

1) Intel Macs multi-booting OS X 10.6 and/or OS X 10.7 and Windows XP or Windows 2000;

2) non-Apple Intel or AMD CPU machines booting Windows 98, or Windows XP or Windows 2000 and/or Linux kernel-based OSes;

3) G5 PowerPC Macs multi-booting OS X 10.4.11, OS X 10.5.8, and/or Linux kernel-based OSes;

4) G4 PowerPC Macs multi-booting OS X 10.4.11 and Mac OS 9.2.2 and/or Linux kernel-based OSes;

5) G3 PowerPC Macs multi-booting OS X 10.3.9 and and Mac OS 9.2.2 and/or Linux kernel-based OSes;

6) G2 PowerPC Macs multi-booting Mac OS 8.6, Mac OS 9.2.2, and/or Linux kernel-based OSes;

Plus, there are the issues of portable laptop machines, flash thumb drives, etc., being plugged into computers or computer networks at an "Internet Cafe" or at other food or drink establishment that offers internet connections, or at a public library, or into a computer or computer network at someone's place of work and then later at their own home or at a friend's home, and the data and files thus shared.

A piece of malware, or a virus, worm, or trojan horse:

a) that is inert under PowerPC CPU machines running older versions of OS X or Classic Mac OS builds, that can activate under newer versions of OS X running under Intel CPUs;

b) that is inert under Windows, but can activate under newer versions of OS X running under Intel CPUs;

c) that is inert under Linux kernel-based OSes, but can activate under newer versions of OS X running under Intel CPUs;

d) that is inert under any OS X builds or any Classic Mac OS builds, but can activate under versions of Windows;

c) that is inert under Linux kernel-based OSes, but can activate under versions of Windows;

are all reasonable concerns, in any of the aforementioned settings - Just like an unintentional forwarding of an Email containing a attachment with a piece of malware, or a virus, worm, or trojan horse, that is inert under the OS in the computer it is forwarded from, but is not inert under an type of OS in another computer where it is received, is also a reasonable concern.

Apple Corporate getting put on the hot seat by the industry's computer security experts, for sitting on their hands for 6 weeks after the existence of the OS X Java Flashback malwares was confirmed (I'm sure the next time the existence of something security-wise like that gets confirmed, they will certainly move a lot faster on it), or getting scolded by Windows users with Microsoft's 11 - 12 year support programs for MS products, getting scolded by Linux kernel-based OS users, plus Oracle's (and Sun's previously) history of backwards compatible Java support for both many Windows builds (including that the 11 year old Windows XP is supported by the newest Java, quite unlike for the 11-year-old Mac OS 9.2.2 and the 11-year-old original retail CD-ROM release of OS X 10.0 "Cheetah" PPC) and versions of Linux kernel-based OSes vs Apple's glacially slow issues of OS X Java updates and security patches (that didn't keep pace with Sun's or now Oracle's Java releases), is not that surprising, in these particular security contexts.

Sorry, your point being?

Pete