As the UK feverishly awaits the opening of Europe's first Apple Store and the inevitable Ohio voter-style queues, chilling news arrives from the virtual world. Apple's online store, like the bricks and mortar version, offers a wide variety of appropriate goodies from other manufacturers alongside the company's own. The American version also has a ratings system, where buyers can award stars for the stuff on offer – a perfect example of the user-empowering schtick that has helped Apple make its fanbase one of the most virulent on the planet.
Except when it comes to the products Apple makes. There, it doesn't matter what you think – the company awards them top rank ratings. Five stars, by default. "Why, you wouldn't expect us to make anything that's less than great, would you?" the company purred.
Actually, yes. We do. Pricing, supply, reliability, OS upgrade policy – we can pick bones with all of these. Even Apple's wunderkind iPod doesn't look too hot against the opposition if you look at things like battery life and feature set. Apple does make lovely kit – but it has never and will never achieve perfection. Sometimes, it falls far short. Pretending otherwise is a dangerous and damaging flirtation with illusion, and ignoring what your customers say is damaging to all.
That reality distortion field starts at the top. Steve Jobs is famous for his aura of invincibility and omniscience – it's only after you've left the great man's presence that you start to have doubts, and by then it's usually too late. Such charisma is a like a nuclear power station: fantastically useful but when things go wrong the fallout can lay waste entire countries. Dangerously, the whole company has bought into the idea that it is by definition perfect – evidence to the contrary is not welcome. Those aren't cracks in the coolant pipes, those are design features to allow for future expansion.
We know this all too well. Last week saw one of the first malware exploits for OS X. As good journalism demands, we called Apple for a statement. Apple really couldn't be bothered – a week after the story broke, it roused itself from contemplation of its own gorgeousness (or whatever it is that Apple's PR does all day) to say 'not a problem'. Not what the rest of the world thinks, but does that matter to Apple? Apparently not.
When anyone refuses to engage with reality, refuses to admit mistakes and asks you to sign up to faith over facts: beware. It is a heady club to join, and self-righteousness combined with glib certainties engenders fierce support. None of this will help you when the cracks get big enough for the edifice to crumble. We take note of what our readers think – you can find this out for yourself by using the Talkback below. It's time for Apple to learn to listen.
Talkback
Apple's recent products and software are the very best and are great!. Of course they all deserve the 5 Apple awards them.
OS Upgrades - each 10 10.1 10.2 10.3 have each been worth every penny even though 10 was a dog.
Apple pro software is especially great.
Seriously, most Apple customers know considerably more about Mac products and software than they do about iPod Accesories, DV Cameras, Third Party Software etc. It is good to have access to Mac users experiences.
Jungle (GUS) offered a rating system for customers who had bought the products (no one else need apply) and I found that very useful. Unfortunately Jungle is now long gone.
I think it is interesting that you use the term "a worm" to leave the impression that Apple's OS is terrible. Upon further reading, in other well-informed sources, that the "worm" has to be physically put on one's computer and that whoever puts it on the computer must have "root" administration rights.
As Apple says, it doesn't seem to be that bothersome to the folks that own Apple computers.
Howeve, if I had a PC with Window (any flavor), I would be constantly worried and busy...busy getting rid of thousands of virus' and spam and spyware.
Just my thoughts...
Research - you might want to look into it.
This is nothing more than a "root kit" and not a worm, not a virus.
Sheesh.
" Last week saw one of the first malware exploits for OS X. "
"EXPLOIT - A means of gaining access to a computer system, typically through a known bug in a program or operating system. Many webservers on the Internet that are not up to date with security patches are vulnerable to exploits, and the effects of these exploits are seen when malicious worms run rampant and spread to unpatched systems."
http://www.monster-isp.com/glossary/Exploit.html
A shell script is not an exploit but rather it requires an exploit to be installed in the first place (or it would require physical access or an admin account username and password to be known.)
The opener script is just a script. See for yourself.
http://freaky.staticusers.net/ugboard/viewtopic.php?t=10712
There are no known unpatched exploits for OS X that would allow installation of a shell script as a startup item.
Quote:
"We know this all too well. Last week saw one of the first malware exploits for OS X. As good journalism demands, we called Apple for a statement. Apple really couldn't be bothered – a week after the story broke, it roused itself from contemplation of its own gorgeousness (or whatever it is that Apple's PR does all day) to say 'not a problem'. Not what the rest of the world thinks..."
"As good journalism demands" is particularly laughable in the context of this article and the one you link to wrt to "Opener". You state in that prior article that "Opener is blighting OS X" yet this is pure, unadulterated hyperbole, or put another way - complete bullshit. There hasn't been any instance of this blighting anything other than the misinformed, misguided, poorly written articles about this malware since its discovery and we poor unfortunates that have been exposed to said rubbish. ZDNet's are proving to be no exception. Apple is partially right to infer that this is not a problem (but that isn't actually what they "said" at all... that is something you are putting in the mouths of Apple - yet another example of your bad journalism in practice). It isn't as of yet. It may well be in the future, but as it stands this Opener is more a proof of concept that is effectively harmless. When you state "Not what the rest of the world thinks" what you actually mean is "not what the journalists with either an axe to grind or an obvious high degree of ignorance of their subject think". Why? Because the rest of the world see Opener for what it is - disturbing, but NOT A PROBLEM; a wake up call, but NOT A PROBLEM; a reminder that no OS is perfect and vigilance is important, but NOT IN AND OF ITSELF A PROBLEM.
FWIW, the first "malware" of similar ilk to Opener to be released on OS X was the iTunes installer mistakenly issued by Apple themselves - the one which wiped people's hard drives if they had a space in the name. This was many years ago now, so this form of exploit (a unix shell script that can do a great deal of harm to the OS if executed) has been known about for a long, long time. Especially so as it is a *NIX issue at root.
You claim that you listen to your readers in Talk Back? Utter nonsense - last weeks article still says "blighting" even though it was pointed out that this is completely, totally, utterly untrue. Well, try listening to this instead... stop writing such shoddy articles and get your bloody facts straight before you do... This reader gives you zero out of five apple's until you do.
Unix scripts are not worms. Please get your facts in order.
What they said about Opener is that it is not a threat and it is not. It is a program that can delete files and mess with settings if you install it with Admin rights. It can do nothing automatically. It has no method for spreading to computers beyond those that a user has chosen to install it on.
The proper response from Apple should be. Do not load software from sources you don't trust and this is a non-event.
The only protection from this type of software would be to not allow users to administer their own systems and only allow Apple authorized software to run on them. Maybe windows users are almost ready for that to happen but with exactly ZERO known attacks at this time and no mass delivery system. Ignoring it sounds like a perfectly fine response.
As for ratings? Apple already gets all the feedback it can handle about the products it sells from it's customers. What it needs is feedback on products they don't have control over. This again sounds ok to me but I also don't see the harm in Apple letting it's users sound off on their products. Maybe this is a first step and you should just sit back and wait a couple months.
You gotta love "Staff" articles. What's wrong? Humm... no one dares write stuff like this and attach their name to it?
First manually installed worm! WOW! That's the bigger story I think...
You guys just won't give up on this virus/worm thing when it is actually a manually installed root kit.
M$ is sending out the payola again, eh ?
Does anyone think that there is not an editorial policy, perhaps not written but no less real than if it were, that subtly targets any OS other than the dominant one? After all, the Windows ecosystem is the teat at which ZDNet feeds.
A worm? Are you kidding me.... I thought you wrote about technology.
"When anyone refuses to engage with reality, refuses to admit mistakes and asks you to sign up to faith over facts: beware. It is a heady club to join, and self-righteousness combined with glib certainties engenders fierce support. None of this will help you when the cracks get big enough for the edifice to crumble. We take note of what our readers think – you can find this out for yourself by using the Talkback below. It's time for Bush to learn to listen."
<humor> I'm not sure how this analysis of the U.S. presidential situation is relevant to this article on Apple... </humor>
As for the comments regarding Apple's attitude of unaccountability, point taken. The reference to 'opener/renepo' doesn't serve that position, however. In point of fact, Renepo's existance only reinforces the wisdom of OS X's default permissions structure which denies the code a vulnerable access point - its a virus without a vector. It really doens't matter how gawdawfully violent the script may be, without a reliably reproducable means of infection and transmittal, it is effectively defanged - a lion in the zoo.
Poetically, the most plausible scenario for mass distribution of Renepo is to take advantage of the myriad weaknesses in Windows systems with ANOTHER virus that then propogates Renepo in addition. Course, if someone actually attempted to install it, they'd be asked for their Administrative password.... Hmmm....that lion is looking rather kittenish after all.
You criticism of Apple's marketing culture is dead on. Your impuing of their technical capacit doestn' follow from that, however.
I can't believe you'd say things like this! What gives Steve Jobs his arrogant charismatic appearance is that he has headed/been a part of a company which has consistently created outstanding and extraordinary products and services which far surpass those of its competitors for over 20 years now. I wish you'd think about things a little more before you go and write obviously mistaken things such as this article. And the fact that you'd dub "renepo" (or "opener" for you laymen) a WORM, seems to ridiculous to me! If I provide both an Administrator's username AND password to install this so called 'worm,' then I can assure you that it is not the 'worm' that is the problem. It's probably much more likely to be some uninfomed technological know-nothing such as yourself. You are a disgrace to the technology community.
While I agree that Apple has displayed quite a bit of hubris in their self-aggrandizing rating system, I think you're entirely wrong about the "worm" issue. Any system "exploit" that requires administrator access is no exploit at all. Let me sit down at any system with sufficient privilege and I can do vastly more harm in just seconds (rm -rf /* comes to mind). To assert that this script full of bad things is actually a significant risk is to utterly disregard the nature of the real security holes in other...um...more prevalent systems out there. When someone has access to my systems at that level, I'll be calling the police or our work security department to have them physically removed first.
The author of this article obviously didn't do his research. The "worm" in question is more a proof of concept. There is nothing in the code that enables it to spread throughout the Internet which by the definition of a worm it would need to have.
Whoever wrote this garbage (the Microsoft dirty tricks dept?) clearly didn't look at the product ratings at the Apple Store. The Apple products are not rated with stars as the third party products are, but with greyed- out apples. Surely there must be one person, somewhere, the 2 digit IQ Windows world can hire to get their facts accurate enough to avoid embarrassment.
Your story is outrageous slander, almost without a single true fact. It is hard to believe that a major IT news website would print it. Then again, the check from M$ must have been enormous.
A schoolmate told me this joke one day:
"what's worse than biting into an apple and finding a worm?"
"Biting into and apple and finding half a worm!"
ho ho ho
jeez. i can't believe how many media outlets are FREAKING out about this.
seriously- WHO CARES?!?!?!?!?!?!??!?!?!?!?!??!?!!!?!?!!?!!?!?!?!?!?!?!?!
we're talking about customer reviews, here. not exactly important by any stretch of the imagination. it's not like apple is trying to enforce the ratings given their products by actual professional reviewers. let's try to keep some perspective, people. of course, what ziff and all the other outlets running this story know is that ANY anti-mac info online tends to bring with it lots o' page hits. so i guess i'm part of the problem, since I not only followed the link here, but now i'm actually posting a comment. dang. i suck.
anyway, i couldn't care less about customer reviews. as shown in the recent US elections, an apparent majority of us here in the USA are complete idiots, so why would you listen to what people have to say anyway?
When will ZDNet ever stop planting FUD stories about Apple?
"Opener" is *NOT* a worm, or a virus, or a trojan horse o anything else that can infect a machine via any form of network connection including the internet.
It is a "rootkit", meaning that to get it into an OS X machine the bad guy has to have:
1. Physical access to the machine's keyboard.
2. Root account priveleges.
3. Administrator access.
Running in circles shouting and screaming that something that has to be physically planted into an OS X machine is somehow comparable to the 70,000+ active virii that infect Windows machines (we wonlt even mego into the innumerable spyware and adware stuff that plague Windows users but not OS X users...) only makes you look the fool.
Really, you should be ashamed of yourself for posting such a grossly inaccurate article.
NO COMMENT NECESSARY
A UFO could crash into the power pole outside your house, causing a surge and thus destroying your Mac.
So far after 11 months of this year, the same number of mac users destroyed by UFO is equal to the number of mac users with a real infection (any of any kind - not just malware).
That number would be ZERO.
The odds so far are EXACTLY the same. There are things identifed as UFO's (whether you believe it's weather or aliens) and things identifed as malware. That exists - however - so far, these two things do not exist on a Mac together.
Yes, if someone breaks into your house and loads software on your computer, that's potentially dangerous that's hardly Apple's fault. If someone breaks into your house and steals your cash, you blaming the international monetary system?
As for the ratings - it would be redundant. Every mac is perfect for somebody on this earth - only blockheaded Pc users bored of trying to break into Macs would find the perfect opening to write uneducated malarky. Who needs it when we have the GUARDIAN and now ZDNET UK :-)
Do you need to rate a kiss by a beautiful woman?
Do you need to rate a winning goal?
No.
Redundant. Sure, there are some people who don;t want to be kissed by a beatuful woman - hey, that's fine - we just don't to know you or your opinion - it's that simple.
But we would like to know what you think of the itrip or the MS optical mouse.
Ok, PC guys. You're the experts on these things. By definition, doesn't a worm have to be able to self-reproduce?
The Opener malware DOESN'T SELF-REPRODUCE! It's not a worm. Sorry.
Your take on the rating system on Apple's online store is fair. The way they handled it is a bit bizarre.
Finally, reliability. I don't know what Apple reliability is in the UK, but in the U.S. Consumer Reports (about the most trusted source) ranks Apple's reliability second to none.
This article seems like a neener neener neener article. Condescending and factually inaccurate. You wonder why Mac users get so upset?
Doug
Michigan
U.S.A.
Sounds quite biased to me. No system or OS is perfect, but the first malware exploit? I'd say that's pretty remarkable for an OS that's been out this long. Show me a modern OS that's completely secure. This whole piece is just a slam; the worm of the headline isn't even mentioned until the next to last paragraph. And here I was looking for news...
well, its pretty hard to stop a program that was designed to take over your computer if you install it and give it root privileges, dont you think? :)
Your refrence to Apple denying that "Opener" is a virus lacks its own foundation in the "truth". I read Apple's press release regarding "Opener" and I agree. IT IS NOT A VIRUS. Check your tech dictionary for the word "virus" and you will discover that computer viruses replicate themselves and often have the ability to install themsleves unbeknowns to the owner of the computer. Opener needs to be allowed in be the owner and once in can not replicate itself. And according to this definition, it is not a virus, just a program someone made to trick another person into letting them steal their data.
Quit CRYING WOLF - Quit CRYING WOLF - Quit CRYING WOLF - Quit CRYING WOLF - Quit CRYING WOLF - Quit CRYING WOLF - Quit CRYING WOLF - Quit CRYING WOLF - Quit CRYING WOLF - Quit CRYING WOLF!
Someday a Virus "might" appear on OSX... so please save the energy for a REAL WOLF, not all these endless, "It could be a Virus" if, if, if, if, if...
It's practically impossible to create a Virus for OSX... The OS won't allow for it... but if over the next few years someone figures it out... We want to know real news on a REAL WOLF... not some fictional story of a WOLF that cannot bite.
Thanks, LRRH
"As good journalism demands"? You don't know the meaning of your own words, do you? Do you even know how this so called "worm" works? No, right? Media's today are so irresponsible. You guys just want to stir up the topic the best you know who without getting the facts... sigh....
"Not what the rest of the world thinks, but does that matter to Apple? Apparently not."
The ENTIRE rest of the world? Everyone?
Even Tibetan monks?
You people must be God to know what eveyone in the world is thinking.
ZD Net is a habitual Mac basher. If Apple computers changed water into wine, ZD Net would complain that they don't like the vintage.
Silly combination of nit-picking and whining, informed by a complete lack of comprehension of market dynamics and consumer perspectives.
Want to complain about individual aspects of Apple's products? Go ahead. Then go buy a Dell for half the cost and spend twice the money and time in your vain attempt to prevent the machine from spyware, malware, trojans and viruses to the point where individual consumers litterally stop using their equipment.
Fact: plug a brand new Windows-based computer into a high-speed Internet connection and within 20 minutes you'll have your first virus.
You need to get out of the newsroom (where your equipment is coddled by your IT experts, and possibly by your own expertise) and get out in the field. The reason Apple is successful, is because it alone of all manufacturers is concerned with the consumer-end experience. Its arrogance lies in thinking it knows better, but in the case of the iPod, it is absolutely right. Whine all you like about the details, the end result is indeed "perfect" for the consumer.
So, go off and build your own top-spec'ed machine and suffer with the consequences, leaving the rest of us average consumers free to decide for ourselves how we want our computers and peripherals to work.
[I would suggest you reconsider your journalistic arrogance, but I live with a journalist and know that it is too deeply ingrained in the field ("Leader"? Puhleez) to even hope you would understand.]
uhhh, Apple's products are rated all the time by people actually buying them, they don't need to rate the price, as you say; because the price is right next to the item....
saying apple would build something that is sub par then rate it sub par is more than a little stupid don't you think?
only a journalist with an axe to grind would be stupid enough to think Apple would do that... let alone build sub par products...
what ever apple builds, they believe is the best product at the time they are building it.... or they wouldn't build it....
then the MARKET RATES IT , by actually buying the product....
and obviously the Market has rated Apple products the best.... by actually paying prices in quantity for these products like they do BMWs or Mercedes..... and Apple actually makes a very good profit..... more profit per share than Dell has or Microsoft.....
what business plan is better? just take a look at a stock chart sense the time when Steve Jobs changed the business plan and you can see which one was better for the shareholders of the respective companies.... and the only way shareholders are happy, is if the customers like the products and actually buy them....
and your comment about the worm also shows you have little understanding of what is going on.... the rest of the world told apple that there was no worm.... their PR department is only repeating what the rest of the world already knows... that the malware was not a worm... only stupid reporters who don't know the difference report it as a worm...
jon.
errrr, technically it is a worm despite all of your protestations.....http://www.zdnet.co.uk/talkback/?PROCESS=post&AT=39172743-39020505t-21000005c
but of course I'm sure none of you Apple lovers could take the time to click on the link supporting his comments, I guess it is a little difficult to remove your head from your a** long enough to take a breath of reality...
For someone suggesting others 'take a breath of reality', you seem to be in a dream world yourself - perhaps the same one as ZDnet.
Apple have not classed this as a worm; a couple of security firms have differed (out of how many?). Whether this is classed as a worm would depend on the defenition you use, which would depend on which dictionary your using. You could go on splitting hairs over this indefinately, but you'd be missing the point:
This is not a threat, this is not a vulnerability, this is not a 'flaw in OSX'. If an OS allows a file that you have manually inserted to run, once you have specifically, expressly, manually authorised it by entering user name and password, then this is not a fault, flaw, vulnerability, or anything else that would warrant any kind of comment were it found on Windows platforms.
The fact that you would have to manually authorise this to run negates any possibility of the kind of threat that will inevitably hit a Windows PC. Regrettably, therefore, you are talking crap (again, like ZDnet). Whether the others posting here would use the term 'worm' is immaterial. This article is indeed misleading and biased.
OSX is proven once again to be safe. In the time this article took to write, be published, and have replies posted, however, a few hundred more virii for Windows have no doubt entered the world. Care to comment on that, ZDnet? Care to ring MS for comment? No, didn't think so. I think the point here makes itself, nes pas?
My head is a respectable distance from my a**, and reality is smelling pretty sweet (for mac users, anyway)
A Mac AND (regrettably) PC user.
This story speak so many lies its unbelievable.
What is the point in writing a root kit for Mac OS X,
in order to install a root kit, you need to access to the Mac, and by having that you'll proberly have root access to the Mac anyway, so whats the point.
Besides even if you do install the 'Opener' root kit, you wouldnt be able to control the Mac OS X from a PC anyway! The network protocols are different.
And to the other issue. A rootkit is not a Virus! It doesnt replicate or do damage to the system.
Anyway point made.