Question: What's the best way to keep my Mac safe from the Flashback Trojan that has been in the news?
Answer:
Flashback is technically not a trojan-horse application at all, but a
"drive-by download" that infects computers by exploiting a vulnerability
in Web software.
Most advice on preventing this sort of attack has hit the same points: promptly install security updates, don't visit suspicious sites, install anti-virus software. But for home users, I recommend a simpler and more effective remedy: Get rid of Java.
To disable Java in Apple's Safari, go to the Safari menu, select "Preferences…" and click that window's Security heading, then click to clear the checkbox next to "Enable Java." To do the same in Mozilla Firefox, go to its Tools menu, select "Add-ons," click "Plugins" and click the "Disable" button to the right of the Java plug-in entry. In Google Chrome, click the wrench-icon menu, select "Under the Hood," and click the "Disable individual plug-ins" link.
Reference: http://www.cnbc.com/id/46983310
 |
Getty Images
|
That
makes it much worse than a trojan: You just need to visit a malicious
site, without downloading the wrong app or entering an admin password,
to have this program silently take command of your Mac and begin
altering the content of Web pages.
That
also sets Flashback apart from all of the other Mac viruses you might
have heard about over the last few years. But it wasn't hard to see
something like this happening.
Flashback attacks a known weakness in the Java software Apple [AAPL
633.68
9.37
(+1.5%)
]
has bundled on Macs but often updated slower than other vendors. Apple
released a fix last week — "Java for OS X Lion 2012-001" or "Java for
Mac OS X 10.6 Update 7" depending on your version of OS X — but it came
too late for the estimated 600,000 Macs infected so far.
You
can check your Mac for symptoms of Flashback by copying a couple of
commands into the Terminal command-line app; anti-malware vendor
F-Secure has instructions on its site. Dr. Web, the Russian security
firm that has helped to identify this malware, has posted its own
Flashback checker.
Most advice on preventing this sort of attack has hit the same points: promptly install security updates, don't visit suspicious sites, install anti-virus software. But for home users, I recommend a simpler and more effective remedy: Get rid of Java.
This software, originally developed by Sun Microsystems and now an Oracle [ORCL
29.56
0.40
(+1.37%)
]
product, once held promise as a way to let computer users run complex
apps over the Web on any computer. But the Web itself now does that job
better than Java — you don't need Java to create a spreadsheet in Google [GOOG
632.32
-2.83
(-0.45%)
] Docs, edit a photo on Flickr, or write a blog post on WordPress.
These
days, I only see Java used in some newspapers' online crosswords
(fortunately, not this one) and on my bank's remote-check-deposit site
(but I can upload my own scanned images of checks instead). I can't
think of any remotely essential uses for it on a home computer.
Java has, however, become an attractive target for malware authors. So why put up with that risk for so little reward?
To disable Java in Apple's Safari, go to the Safari menu, select "Preferences…" and click that window's Security heading, then click to clear the checkbox next to "Enable Java." To do the same in Mozilla Firefox, go to its Tools menu, select "Add-ons," click "Plugins" and click the "Disable" button to the right of the Java plug-in entry. In Google Chrome, click the wrench-icon menu, select "Under the Hood," and click the "Disable individual plug-ins" link.
This
advice applies to Windows users too. But while you can't easily
uninstall Java from OS X, you can and should in Windows through the
Control Panel's usual "Add or Remove Programs" or "Uninstall a Program"
options.
Tip: Search through time with Google.
Looking
for documentation on how to disable Java in various browsers brought up
a lot of out-of-date links. But then I remembered to click the "More
Search Tools" to the left of a Google search page.
This
brings up a menu of date ranges — from "Past hour" to "Past year" to
any other span of dates you choose — that you can use to refine your
search. It's an enormous help when looking for recent news stories on a
subject, but I've also found it useful when digging up older pieces that
I know went up years ago.
Unfortunately, neither Bing nor Yahoo's [YHOO
15.065
-0.205
(-1.34%)
] implementation of Microsoft's [MSFT
31.52
0.31
(+0.99%)
]
search offers this same simple flexibility, although each still allows
you to limit searches to pages published in the past 24 hours, past week
or past month.
As
an added bonus, if you happened to use Google's option on April 1, you
would have seen such extra, entertaining date ranges as "Tomorrow,"
"Cretaceous Era," and "Past 5.391e-44 seconds."Reference: http://www.cnbc.com/id/46983310
0 comments:
Post a Comment