Mac Forums

Mac Forums (http://www.mac-forums.com/forums/)
-   OS X - Operating System (http://www.mac-forums.com/forums/os-x-operating-system/)
-   -   Question (http://www.mac-forums.com/forums/os-x-operating-system/5307-question.html)

Andreades 03-14-2004 07:58 PM

Question about spyware
 
PowerMAC G-5 OS-X 10.3.2, Safari default browser. All critical updates.

Question: Suspecting that my OS is infected with a spyware component I ran scans using Aladdin System's InternetCleanup 1.1.1. The Spyware scanner went kaput and could not find anything.

Then I employed a freeware search tool downloaded from the Apple/Software site called EasyFind, and turned up a component or file named "Monitorer."

A Trojan of that name is scanned for (and not found) by the Aladdin Systems software; that's how I acquired the name. Does this mean I'm infected... or could there be a native component called Monitorer?

The Monitorer file has more than 20 threads to iMovie and ColorSinc Utility. Is there anybody here who can help?

A

rman 03-15-2004 10:07 AM

Is that spelled correctly "Monitorer ". I am not near my powerbook at this moment. I just upgraded to 10.3.2.

rman 03-15-2004 10:32 AM

I don't know what this spyware you guys are talking about.

But as for the item "Monitorer ". I used the find command to see if there are any reference to it on my freshly updated system. I find no occurs on my system.

Graphite 03-15-2004 10:47 AM

Personally, I tried out a few of those freeware newbie applications that scan for junk on your computer.. then I realized those programs are junk. I would trust aladin, he has a good genie.

Where are you guys gettin this idea about spyware?

Try out little snitch. that will tell you whats going on with your mac.

Andreades 03-15-2004 06:18 PM

Reply to rman
 
Quote:

Originally Posted by rman
Is that spelled correctly "Monitorer ". I am not near my powerbook at this moment. I just upgraded to 10.3.2.

rman,

Yes, it's spelled correctly: "MONITORER," a known spyware component. It appears that Monitorer is classified as a Trojan, although it could be a key logger or fall under some other classification. The fact that it was found in my G-5 living in iMovie, though, is poignant.

To Graphite:

You should look before you leap. EasyFind is NOT junk! It beats Finder in every respect and is much faster. In my jaded opinion EasyFind should be OS-X's native search application. I have no connection to its owner, nor do I stand to profit by speaking in favor of it. I do so because having used it I've found it to be top-notch.

EasyFind is available at the Apple Software site. To locate it fast, just go to Apple, type its name into a search window and you're at the download site. Another great little freebie you'll find there is called Onyx. Onyx does EVERYTHING in the way of disk maintenance and runs as a native application on OS-X. It repairs permissions, optimizes, and performs many other useful functions.

Remember, FREEWARE is the stage at which many worthwhile software applications begin. A writer just starting out in the software field has no threads of connection to the monied corporations that could, if they would, help get his/her product off the ground and into commercial production.

So the best way for a talented aspirant to make a mark in his chosen field... say, disk utilities... is to bring the software of his/her design to a big company like Apple that will permit him/her to offer it as freeware at their corporate web site.

If the product is worth its salt it will enjoy a steady increase in public demand. In that case eventually one of the monied interests is likely to pick the product up, probably renaming it and modifying it to suit their needs. And the creator of the software is on the road less traveled to bigger and better things.

This is the way of progress in our world; all of us must crawl before we can walk. Please don't discount the worth of a product just because it isn't made by Aladdin Systems or another commercial firm.

At the same time it is worth pointing out that some freeware incorporates spyware components. In these cases my respect for the creator of the product goes down to zero. And without a single viable spywre removal tool GLOBALLY for MAC we afficionados of the Unix system have no way of knowing what we're installing. Apple's attitude towards spyware seems to be like the Japanese government's attitude towards prostitution: It's illegal, therefore it doesn't exist. Anyone care to beg to differ?

Never think for a minute, either, that commercially available software for MAC is spyware-free. We all need to remove our rose-colored glasses and smell the stinch of deception. It's out there, alive and well. Ask any Windows user.

One last point: This fanatical rivalry for MAC over Windows, etc., is a childish and destructive mode of thinking. As long as the various groups are kept at each others' throats the big corporate cheeses have us under their full control. Let's stop this foolishness about Windows vs Macintosh vs Linux and start realizing we're all in the same boat. Then we'll have the power to make decisions that benefit US... without the aid of coercive manipulations from those who are only interested in profit.

A

rman 03-15-2004 07:32 PM

I have been using Apple products for about twent years and I have not heard of anything about spy ware until now on this web site.

For me, I can say this. Don't download everything, because you may not know what you are really getting. As for cookies, limit the number of cookies you let access your system. I also don't give my e-mail address to everyone. I also try to be aware of the web site that I goto, because some of the site out there can be trusted also.

Since I have been working with unix more than 25 years, I know how important it is to install security patches and patches.

I am not saying that spy ware does not exist, just that I have not seen or heard of it.

witeshark 03-15-2004 10:44 PM

I really don't know more then the other posts. But turn on your firewall, that should help in the future I would think. SYS preferences > security. Hope I helped!

Andreades 03-16-2004 02:29 AM

Reply to rman and witeshark
 
Quote:

Originally Posted by witeshark
I really don't know more then the other posts. But turn on your firewall, that should help in the future I would think. SYS preferences > security. Hope I helped!

Thanks, both of you for good advice. Let me comment on witeshark's post first, in saying that my firewall is always active and I keep up with packets inbound and outbound.

How do I accomplish this, you may ask? Simple. Apple wants us all to use only the firewall that comes with OS-X. Although I truly believe it's a good one... I prefer an aftermarket firewall made by the same people, Intego.

It's the NetBarrier X-3. With it I'm able to monitor packets in and out and know who's attacking me and when. I'm also able to set permissions preferences for all applications, and establish filter rules to handle TCP packets inbound if I choose.

So it's not a question of having and using a good firewall, witeshark. Besides, I happen to know from experience that although firewalls protect the user from hackers gaining unauthorized port access and block bad packets through stateful inspection, they can't block the downloading of spyware components in web site drive-bys unless those CLSIDs/MD-5's are entered in as block-rules.

Another point I feel compelled in making to rman regarding spyware and its detection is... that unless you have access to a detection program, how do you know for sure your MAC's clean? I'm thinking... OF COURSE you've never seen or heard of spyware in MAC. How could you, without something to tell you it's there? N'est pas?

In the past MACScan was available for OS-9 and Jaguar but now seems defunct. That leaves only the Aladdin Systems InternetCleanup with its weak and ineffective spyware scanner, Spy Alert. I don't mean to be a shrew about this, witeshark and rman... but really- how DO you know for sure your MAC's clean? I guarantee that Finder can be impugned so easily by some of the more recent Trojans that for all practical purposes (for all practical porpoises, said the whale) it's useless. What does that leave us to search with?

Spyware didn't get the name because it raises a 100' neon sign saying "look here." You'll never even know you have a Trojan unless you've got the means to run a competently enabled check. It seems inimical to our security situation that globally... GLOBALLY!! ... there is only one spyware scanner/remover to fall back on, as listed above... and it doesn't work!

A

Murlyn 03-16-2004 03:21 AM

Like Graphite said.. Little Snitch works pretty good. And like rman I've never had spyware and like Im sure rman has done.. we do have programs setup to sniff our traffic and to notify us when something strange is going on. I've never had spyware on my mac.. on pc.. oh man.. a lot! The closest thing to spyware so far is Adobe Photoshop calling home for some reason.. still not sure exactly what it's doing. That's about it that I've seen.. on and iClock calls a website to update my IP address in it's contextual menu, which I can turn off if I want. Had to sniff it first to see exactly what was going on and it's all good.

We're not all the morons that you make us out to be :)

Cheers!

Andreades 03-16-2004 11:51 AM

Reply to Murlyn et al
 
Quote:

Originally Posted by Murlyn
Like Graphite said.. Little Snitch works pretty good. And like rman I've never had spyware and like Im sure rman has done.. we do have programs setup to sniff our traffic and to notify us when something strange is going on. I've never had spyware on my mac.. on pc.. oh man.. a lot! The closest thing to spyware so far is Adobe Photoshop calling home for some reason.. still not sure exactly what it's doing. That's about it that I've seen.. on and iClock calls a website to update my IP address in it's contextual menu, which I can turn off if I want. Had to sniff it first to see exactly what was going on and it's all good.

We're not all the morons that you make us out to be :)

Cheers!

Murlyn,

Sorry if I gave the impression that I think all of "YOU" are morons. Whoever all of "YOU" are. What's this... a groupie thing? My comments were and are directed to any and all who will listen, and not exclusively to any particular group. I hope 100 million eyes view my comments.

I did put Graphite's feet in the coals a bit for poo-pooing perfectly good software, just because it isn't made by Apple. With the concensus that only Apple software measures up we will, all, be right where Apple wants us: In its hip pocket as total contributors to the Apple corporate revenue machine. I don't buy that.

I was born in the USA and raised to believe in the Constitution. As FREE thinkers in a free land we all have the right to choose whom our loyalties will be directed towards! In my estimation Apple has been less than honest with its clientele over the spyware issue, and continues to stonewall us in that regard. Why? What's it hiding? Certainly not arrogance. I get a bumper crop of that commodity every time I call AppleCare for support and utter the "Ess" word.

The obvious answer is that the people seated around Apple's big table have some secret "irons in the fire" related to spyware, which I strongly suspect of being collusive with corrupt government. In this age of crass and heartless facist-corporate rule all Americans owe it to future generations to make life as free as possible- now- while there's still a shred of hope left. If we allow the wool to be pulled down over our heads, how much easier for that to be done to our children?

If MAC is spyware-free as Apple constantly asserts, why the long delay in debuting the next beta version of MACScan? Why the staunch, adament denials from Apple coupled with refusals to even discuss KNOWN spyware issues? I can't speak for anyone but myself... but to me this has the ring of anachronism and chicanery. Wherever anachronism (something out of context with apparent reality) exists, a sneaky or treacherous act has usually been committed.

Like you, Murlyn, I've seen a lot of problems with Windows. That was the principal reason why A MAC G-5 rode home with me on my birthday last August. But I have to say in re yours truly that as a "known" target for the ad-spyware mob and certain quasi-government hate groups my MAC has been hacked to pieces; it certainly has not enjoyed the imperviousness that Apple proclaims. First and worst was OS-X Jaguar; in that system Safari was susceptible to tracking cookies and boy was I loaded down with them! Those led to Trojans and non-stop format/reinstall jobs.

Later when 10.3 was installed the situation got a little better... and then 10.3.2 made another big difference. But still, my MAC continues to pick up spyware from the mob and others under the oldest caveat "where there's a will there's a way." Last night just before downloading the latest 58.8 MB update from Apple I shredded Safari's cache and cleaned away much if not all the hitchhikers. I strongly recommend all of us do the same. The "cache" I refer to doesn't seem to be the Internet cache that 127.0.0.1 UDP loopback accesses for quick page-loading, but another file Apple provides for whomever.

But in re the above cache please correct me if I'm wrong, (rman): The path was HD>Users>My Name>Library>Caches>Safari. The folder named Safari's a goner now, along with all the threads to "Monitorer" I could find and destroy. Monitorer's presence in iMovie tells me that the movie industry placed it there with Apple's tacit consent to control the illegal copyright infringement of motion pictures. It either rode in with the OS-X 10.3 upgrade set or was implanted there later. We can all expect a similar monitoring device to be lurking in other applications, such as those related to music downloads. Anybody object to that?

A

RonaldCS 08-19-2004 02:28 PM

I have just been reading this thread with some trepidation. I am a PC user who has become increasingly fedup with all the protection I need. At present I have nine programmes (including AV and firewall) to stop viruses, trojans, adware, popups and so on all of which need regular updates and which have to be run equally regularly.
The final straw has been the latest from Microsoft - Windows XP SP2 - which has an attached list of scores of normal programmes which may never be the same again if it is installed.

I have been reading up about Macs on the web including "Why switch" and like what I see very much. However, if I do switch am I going to find myself in the same position with a clutter of protectiion programmes and the constant fear that some horror may penetrate an unguarded hole and ruin my computer?

witeshark 08-19-2004 02:34 PM

Absolutely not. Mac OS X is based on FreeBSD Unix and is inherently extremely stable and invulnerable to these concerns. Being free of the windows Achilles heel: the registry. It makes all the difference

RonaldCS 08-19-2004 02:40 PM

Quote:

Originally Posted by witeshark
Absolutely not. Mac OS X is based on FreeBSD Unix and is inherently extremely stable and invulnerable to these concerns. Being free of the windows Achilles heel: the registry. It makes all the difference

Many thanks - now to consult my plastic! The registry has always been something which scared me stiff.

Cheers

Ronald


All times are GMT -4. The time now is 12:26 AM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.