QUOTE said:In response to these attacks Apple has reportedly implemented a policy which is equal measures bizarre and baffling -- it's telling technicians to adopt a "don't ask don't tell" policy with regards to customers complaints about malware, feigning ignorance on the topic.
[...]
Code:Symptoms Customers may call AppleCare to report and issue with malware (trojan) software known as Mac Defender or Mac Security, or because they are concerned that their Mac could become infected.ÂÂThe name may vary as new variants are released onto the internet.ÂÂThis malware is installed from malicious websites. ÂÂÂÂImportant ÂÂÂÂÂÂÂÂDo not confirm or deny that any such software has been installed. ÂÂÂÂÂÂÂÂDo not attempt to remove or uninstall any malware software. ÂÂÂÂÂÂÂÂDo not send escalations or contact Tier 2 for support about removing the software or provide impact data. ÂÂÂÂÂÂÂÂDo not refer customers to the Apple Retail Store.ÂÂThe ARS does not provide any additional support for malware.
Famed Mac security expert Charlie Miller, who won multiple years for the fast Mac hack at Pwn2Own, comments, "Mac OS X is no more secure than any other operating system. It has vulnerabilities, and it will let you download and run malware. The difference is that there simply isn't that much malware written for it."
I think this is a pretty big issue. Apple prides itself on the image that it's infection-free, but what happens when it starts getting some? There have been a couple infections in the wild, but if people are actively targeting it with stuff automatically fed via malvertising like fake security software, people are going to get infected. If Apple starts giving removal instructions and tools people are going to know these exist, and that's going to hurt the false image Apple's built up about it.
I mean I run into enough Windows users who think they don't need an antivirus and they're safe if they don't download stupid shit. I can't imagine how bad this issue is going to get with people going around on the internet totally unprotected on OSX... not to mention the large number of people who are on old versions of OS X and don't see a need to update (though this is sometimes due to them being on a PPC machine).
This isn't just Apple. Hackers know that the easiest targets are the ones who think they're safe. There have been some smart phone viruses going around for a while that most people are unaware of, though most of these have been proof-of-concept and no big threat (like many of the first widespread OSX infections). My question is how long until this spreads to game systems? There's an awful lot of game systems out there, an awful lot of them are connected to the internet, and as we know an awful lot of them deal with credit card or payment info. Not to mention the sheer pageviews you can get from widespread adware.