Can a mac be affected by spyware?

Discussion in 'Apple' started by Kathy, Jul 2, 2004.

  1. Kathy

    Kathy Guest

    If it can be, are there any programs to detect it? I find many for the
    pc, but none for the mac. If I visit a site that is supposed to detect
    spyware for free, it tries to send me an .exe file. VersionTracker
    lists an Aladdin program that has a demo, but none of the spy detecting
    part works in the demo. I'd buy it if I knew for sure it works.
     
    Kathy, Jul 2, 2004
    #1
    1. Advertisements

  2. Kathy

    Don Bruder Guest

    ANY computer can be affected by spyware. The question is whether anyone
    has gone to the effort to write the spyware for it. As far as anyone
    currently knows right now, there is no spyware for the Mac. Please pay
    careful attention to that first part - As far as anyone knows right now
    - That doesn't mean there won't be tomorrow, only that as of right now,
    nobody has identified anything for Macs that could reasonably be called
    spyware.
     
    Don Bruder, Jul 2, 2004
    #2
    1. Advertisements

  3. Kathy

    Bob Harris Guest

    Yes, but not as frequently as PCs, and often it is a case of an
    application "Phoning Home".

    Little Snitch has been recommended frequently.
    http://www.obdev.at/products/

    Bob Harris
     
    Bob Harris, Jul 2, 2004
    #3
  4. Kathy

    clw Guest

    Little Snitch will tell you if your modem is trying to connect without
    your express authentication. You can then refuse to allow the
    connection. I have it and I have had it work several times.

    Internet Cleaner 2.x from Aladdin has a module to detect spyware. I
    have used is many times and none has been detected. It is also good for
    preventing popup ads and cleaning out cookies.
     
    clw, Jul 2, 2004
    #4
  5. Kathy

    John Stewart Guest

    John Stewart, Jul 2, 2004
    #5
  6. Kathy

    Greg Shenaut Guest

    I'm curious--if there is no known spyware for OS/X, then how does anyone
    know whether it actually works, or care?

    Greg Shenaut
     
    Greg Shenaut, Jul 2, 2004
    #6
  7. What about RealPlayer?
     
    Keeper of the Purple Twilight, Jul 2, 2004
    #7
  8. Kathy

    Kathy Guest

    Thank you very much, Don and Bob. Now I can go a step further. I keep
    getting e-mail bounced back that I know I didn't send, sometimes as much
    as 30 e-mails sent with my whole email address, but with a different
    real name. Someone told me this was due to spyware. Since it probably
    is not, what can I do to stop it?
     
    Kathy, Jul 3, 2004
    #8
  9. Not spyware; it's the result of being on the mailing list of
    Windows users infected by various virus/trojans, as well as
    the result of posting one's e-mail address in usenet or on
    a website in a machine-readable format. There is little
    one can do to stop it, other than abandoning the compromised
    e-mail address for a new one, then taking Draconian security
    precautions.
     
    George Williams, Jul 3, 2004
    #9
  10. Kathy

    Alice Faber Guest

    It's due to a virus, not spyware. You can't do anything to stop it,
    because it's not your computer that's infected with the virus. Somebody
    who has your email address on their computer (perhaps in an address
    book, perhaps because they've followed up to a usenet post of yours,
    perhaps just because they've *read* a usenet post of yours and have it
    cached) has the virus. There's a whole class of viruses that sends
    themselves to a bunch of email addresses found on the victim's computer,
    picking one of them at random to put in the From: line. This problem is
    compounded by braindead ISPs that send notices of virus detection to the
    email address in the From: line. Nothing you can do about that, either.
     
    Alice Faber, Jul 3, 2004
    #10
  11. Windows, maybe, but they really need hourly virus updates/
    scans to even function with their insecure OS.
    Waste of time and money for OS X IMVHO.
     
    George Williams, Jul 3, 2004
    #11
  12. Kathy

    Davoud Guest

    Kathy:
    Don Bruder:
    That's my understanding.

    Purple Twilight:
    What does RealPlayer do that makes it spyware, i.e., what does it
    report, and to whom?

    Bob Harris:
    If one defines an application checking for updates over the Internet as
    spyware, then one would have to define the Mac OS itself as spyware.
    The idea, I think, is to buy software from folks you trust. I am quite
    satisfied to have Adobe Creative Suite bring in little updated files
    from time to time. And anyone who knows anything about astronomy knows
    that if StarryNight Pro did not check the astro data files that are
    installed on my hard drive and download updated data files
    periodically, the program's output would soon be inaccurate for solar
    system objects.

    It's the spyware that I'm constantly fighting on my PeeCee, that
    reports to a slimy marketing outfit what web sites I visit, that irks
    me. I think that it ought to be a federal crime to install and run a
    computer program on someone's computer without their knowledge and
    permission, no matter what the purpose of that program.

    For better or worse, though, it comes down to what Scott McNealy, CEO,
    Sun Microsystems, said: "You have no privacy anyway. Get over it."

    Davoud
     
    Davoud, Jul 3, 2004
    #12
  13. Kathy

    clw Guest

    Little Snitch and Internet cleanup do NOT do the same thing. If you
    want the virtues of each, you need both.
     
    clw, Jul 3, 2004
    #13
  14. Kathy

    clw Guest

    The problem is that when you "actually know" you already have it. Its
    like life insurance, you do not buy it when you are dead.
     
    clw, Jul 3, 2004
    #14
  15. This is what's called a "joe-job". Someone sent out an email (most
    likely spam or UCE [unsolicited commercial email] ) with your email
    address in the "From:" and/or the "Reply-To:" fields. This can be
    easily forged and there's nothing you can do about it. As bounce
    messages come back to you, delete them and forget about it.
     
    Michael Vilain, Jul 3, 2004
    #15
  16. A corresponent's computer may have become infected.
    What these virii do (often on Outlook or Outlook Express)
    is scan the address list and then send out mail
    from the infected computer as if it was coming
    from you. Thus, if you have a friend with a PC
    and Outlook Express, for example, and you are
    in the address list, the virus critter is sending
    out the mail with a return address of "kathy@wherever"
    (and joe@whereverelse, and , etc.)

    When the mail bounces, it bounces back to *you* rather
    than your friend's infected computer. This is an attempt
    to prolong the time until the owner of the infected
    computer realizes that they are infected.

    There is nothing *you* can do to stop it short
    of notifying folks who you correspond with and
    asking them to run a "malware" detector on their
    PC's.

    Hope this explains some stuff.

    NPL
     
    Nick Landsberg, Jul 3, 2004
    #16
  17. Kathy

    Bob Harris Guest

    Generally it is "Forged" email. There are 2 aspects to this trick. Use
    your forged email address to send SPAM to other email addresses. The
    email bounces at their end, and because it has your forged return
    address, it comes back to you. The other trick is to intentionally
    bounce the email to you and hope that you will read the message to see
    what you sent and why it bounced, thus getting you to actually read
    their message (or if you were a PC person, activate their virus/worm).

    If you use your real email address when posting to news groups, it gets
    harvested from here. I have always used my real identity in news groups
    and other public postings. As a result I sometimes get flooded with
    SPAM. I receive my email on a UNIX system and I read it with a text
    based mail reader, so there is zero chance of getting infected, but
    there is still a lot of it (in fact the Swen worm hit me so bad that I
    was getting Gigibytes of email a day). To reduce the volume I actually
    have to deal with, I setup procmail filters and over time I've sent the
    worst of it into /dev/null (the bit bucket). What is left is much
    easier to handle.

    I do have the luxury of a huge network pipe into my email system and
    gigabytes of storage to store the mail. This is not always an option
    for everyone else (well that is until Google Gmail offered a Gigibyte of
    email storage and now other mail services are starting to up the limits
    they allow too). But back to my point. If you quickly overflow your
    ISP provided mail storage area, or if you have a slow internet
    connection and downloading a huge volume of email wastes your time, then
    I would see about getting a new email address, and being very careful
    about posting it anywhere that spammers can harvest it for spam.

    Good luck.

    Bob Harris
     
    Bob Harris, Jul 3, 2004
    #17
  18. To be just a bit less obscure for the benefit of the person you're
    replying to, it's named after one of the first well-known victims. :)
     
    Steven Fisher, Jul 3, 2004
    #18
  19. Kathy

    Wes Groleau Guest

    Depends on how you define "stop."

    All the e-mail addresses I reveal to anyone else
    are not the ones my computer uses to retrieve mail.
    Most of them are caught by procmail on another host.

    procmail recipes catch the viruses, the stupid "we saved
    you from a virus" messages, the stupid "why are you
    sending viruses" messages, the viagra ads, the porno ads,
    the "you must send us your identity" messages, yadda yadda.

    It has been months since I got more than one undesirable
    message per week. Someone who's really ambitious could
    analyze headers and figure out my outgoing server, but
    they wouldn't know the incoming nor the user ID it uses.
     
    Wes Groleau, Jul 3, 2004
    #19
  20. Kathy

    John Stewart Guest

    Someone forgot to tell the Network SpyAlert module of Internet Cleanup
    2.0 that it couldn't do the same thing as Little Snitch. The stated
    purpose of both is to prevent installed apps from sending data without
    the users knowledge and permission. I have both and yes, Little Snitch
    is redundant if Network SpyAlert is used.

    IC 2.0 has other modules that Little Snitch doesn't have which makes
    your statement about not doing the same thing correct, just not correct
    in the sense you meant.
     
    John Stewart, Jul 3, 2004
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.