Good job on Dr. Web on finding this and trying to do the right thing but these quotes give a different context than you'd get from the article title and lede:<p>"Sharov believes that Apple’s attempt to shut down its monitoring server was an honest mistake."<p>"In Apple’s defense, it may not have recognized Dr. Web as a credible security firm when the company contacted Apple earlier this month–I hadn’t heard of the firm either until its discovery and analysis of the Flashback botnet."<p>It looks like Apple wasn't the only one surprised by this:<p>"But the better-known security firm Kaspersky confirmed Dr. Web’s findings on Friday. A Kaspersky representative said it hadn’t contacted Apple with its findings and hadn’t had any direct communication with the company, and Kaspersky researcher Kurt Baumgartner wrote in a statement that 'from what we’ve seen, Apple is taking appropriate action by working with the larger internet security community to shut down the Flashfake [also known as Flashback] C2 domains. Apple works vigorously to protect its brand and wants to rectify this.'"
How long will it take to change the mindset at Apple to think about security before shipping? Microsoft did their job years ago, now Apple has to follow.<p>How long will it take for Mac users to learn that viruses are indeed a threat on all kinds of computers, not just PCs? I can only hope Apple will take a more active role in educating them.
This 'discovery' did certainly boost Dr. Web's market share though! 'Dr. Web Light' is now the number 2 most downloaded free app on the Mac App Store: <a href="http://cl.ly/1z0Z1F0P29221K1y3X01" rel="nofollow">http://cl.ly/1z0Z1F0P29221K1y3X01</a>
There is obviously no point in reiterating how Apple is removing Java, how they are adding VMs, code signing - etc.<p>The only way for them to improve security is to take it seriously, because the amount of code shipped with each release will only go up, never down. The attitude needs to change.<p>There is of course lots of data support this argument. Just do a quick Ctrl+F through <a href="http://support.apple.com/kb/HT5130" rel="nofollow">http://support.apple.com/kb/HT5130</a> for 'arbitrary code execution'. 21 hits, and many of them in core apple components. These are almost extinct on Windows by now.
One interesting sidenote in this story is the fact that Mac OSX now has enough market share that it no longer enjoys security-by-obscurity from targeted malware, let alone herd immunity.
Annoyingly, the Java 2012 update REMOVED the -uninstall option from Java, so you have to rm it and clean up the installhistory plist manually if you want to uninstall Java from Lion
so Apple first ignores Oracle's warning and fails to issue the patch. Later it react by removing Java and tries to shut down the security firm's domain.<p>How responsible :)
>“For Microsoft, we have all the security response team’s addresses,” he says. “We don’t know the antivirus group inside Apple.”<p>Does Apple even have an antivirus group?