Spyware and Virus Programs?

Now, this is interesting. I was going through my Hard Drive again to
see if there was ANYTHING else I could throw out to make more space and
found this:

"Cache Out X is a utility for Mac OS X that specializes in deleting the
caches files of the System and of Internet navigators. Additionally it
can delete virtual memory file(s), erase system history files, as well
as cookies and Internet-related navigation/download history files. Its
Auto-Cleaner function cleans caches at log in or as scheduled by the
user thanks to iCal support; its secure deletion of Internet archives
makes its use especially suitable to public access computers."

Of course, I'm not enough of a computer whiz to know if it was there
because I "had" installed it on my Hard Drive or because I was "going
to" install it on my Hard Drive, so I went ahead and installed it and
it said it was installed successfully. I noticed there was a little
less space on my Hard Drive after doing this than before.

Anyone else use this? Now that it's installed, will it get rid of all
those nasty cookies on a periodic basis for me? What does it mean "at
log in or as scheduled by the user"? Is there some setting I'm
supposed to make on it and haven't 'cause I can't find it? Even if
not, I'll probably end up trying many of the other suggestions given
and with all of them, at least some should work.

Cori
 >> Stay informed about: Spyware and Virus Programs? 

wrote:

> those nasty cookies
normally are there to help the site keeping some data about you as a
visitor, f.e. preference you were setting in google to open found links
in a new window, the language you use, maybe your password in a visited
forum. Some sites use it for counting your visits. Most cookies are
quite useless, no one will be harmed anyway. They don't take much place
on your harddisk, they don't tell more about you than could be read
anytime you come back to a site or gave in yourself willingly, except
you have been there before:-)
 >> Stay informed about: Spyware and Virus Programs? 

Hi, Cori

> Frank, did you see the things Warren (in the thread above)
I was just not timetravelling when I wrote my comment
 >> Stay informed about: Spyware and Virus Programs? 

On Mon, 16 Jan 2006 15:06:40 -0600, Jeffrey Goldberg wrote:
> wrote:
>> Thanks, you guys make me feel so much better. This is one reason I
>> bought a Mac, but I was afraid in the several years since purchasing
>> it, some new viruses and spyware may have been invented for it.
>
> Not yet. But they will be. I'd recommend the article "Mac users 'too
> smug' over security" at

Unix has been around for a _very_ long time, and lots of money "lives"
there. If the OS was susceptible to viruses, they'd exist. Hint: a
virus with an install procedure which includes "and then, change the
file to executable, become root, and run the file" won't have legs.
BBC reporters notwithstanding, the fundamental design differences are
the difference.
 >> Stay informed about: Spyware and Virus Programs? 

On 17 Jan 2006 00:52:34 -0800, wrote:
> Jeffrey Goldberg wrote:

>> Not yet. But they will be. I'd recommend the article "Mac users 'too
>> smug' over security" at

> Thank you, Jeffrey, for justifying my paranoia. Can't be too careful.

Actually, you can. If you install Norton's abomination of a virus
scanner on OSX, you can do damage to your system. That's worse than the
damage from the zero OSX viruses, so by doing something rather than
nothing, you're out money _and_ reliability.

Did you read the rest of the responses, I wonder, or just the one which
told you what you wanted to see?

Dave Hinz
 >> Stay informed about: Spyware and Virus Programs? 

On Tue, 17 Jan 2006 16:49:57 -0600, Jeffrey Goldberg wrote:
> Dave Hinz wrote:
>
>> Unix has been around for a _very_ long time, and lots of money "lives"
>> there. If the OS was susceptible to viruses, they'd exist.

> I agree. Viruses and worms are extremely unlikely on Unix. When they
> do happen they are events we all remember (like the Morris Worm two
> decades ago).

That's the thing - the most talked-about Unix vulnerability, is from
several decades ago.

> My concern is that by (correctly) telling users that they don't need to
> worry about viruses will make them more likely to download and install
> malware through trojans. In this latter respect, I think increased
> vigilance is in order.

Well, those are entirely different things of course. And that's what
software updates are for. Turn 'em on, do 'em on time. Period.

> Most users don't distinguish the different kinds of threats (and the
> different ways of coping with them), so when they hear "no viruses for
> Macs" they can get careless in other regards.

Well, the good news is, that the ports that don't need to be open, are
blocked by default, so even if they don't update, there's nothing
getting in unless they know enough to enable services and ports. If
they can do that, chances are they know how to update software. Of
course you can open it wide up and turn on everything, but that takes
manual intervention. A much better security model than shipping systems
in "take me, big boy" configuration as default...
 >> Stay informed about: Spyware and Virus Programs? 

John Chambers wrote:

I forgot to add one of the major benefits of MS encouraging browser writers to
include an option to fake an Internet Explorer UserId string: If you do this, then
a site trying to send a virus or other malware will think you're running IE. It
will send a Windows program to your browser - which won't work, because you
don't have the right kind of computer system.

The MS fanboys like to claim that it's Microsoft's popularity that causes the
malware writers to ignore other systems. In reality, a large part of it is that
it's difficult for a nasty site to identify your machine as OSX or linux, because
very often, your software is telling the other end that it's Windows. This
puts a huge roadblock in the path of malware writers.

So we can partly thank Bill Gates & Co for encouraging people to write web
sites that only work with IE, which encourages browser writers to write code
that pretends to be IE, which is one of many barriers that keep malware out
of Macs and linux systems (and Solaris systems and HP-UX systems and ...).

Of course, having decent security built into the system helps, too. But it's
more fun to talk about the "unintended consequences" phenomenon.
 >> Stay informed about: Spyware and Virus Programs? 

Davoud wrote:

> What I'm really asking is why does this guy say that there is Mac
> malware out there when he can't identify any? Where's the beef? Read
> any article on Windows malware and it is named and described in
> considerable detail.


All very true. But still, it's not wise to be too smug. One reason that
the unix part of the industry has such a good security record is that
both developers and users have historically taken security seriously.
Lots of people are on constant watch for problems, and when we see
one, we let the vendor(s) know, and if vendors haven't responded
with fixes within a few weeks, we holler loudly. We publish details
of the problem, complete with exploit code, and include the messages
we sent the vendors weeks earlier. This exposure wonders over the
long term.

I recall back in the early 80's, when a new version of vi came out that
allowed "inline setup" by including vi commands in the first few lines
of a file. So you could start a C program, for example, with
/*
:set ts=4 sw=4 ai
*/
and your tab stops and auto-indent would be set to 4 columns. Within
a week or so, mailing lists and newsgroups were full of the example:
Send someone email that starts with the line:
:!rm -rf /
At the time, many users used their editors to read email. Horrified users
let their vendors know that this would be fixed *right now*, or they'd
never get another order. Within weeks, it was fixed. The feature is still
there, but you need to type a command-line arg to turn it on. About the
same time (I don't recall who was first), emacs came out with a similar
misfeature, and it got the same reaction. Every few years, some vendor
gets the idea that this would be a good thing to turn on by default. But
watchful users spot it, and start hollering again until it's fixed.

It's "interesting" that Microsoft has gotten away with similar security
holes, in the form of automatic execution of code downloaded from
outside systems (email, web pages, whatever). Windows users haven't
responded with outrage like unix users, and demanded a fix or they'd
never buy from Microsoft again. So Microsoft sees no reason to fix
such problems until a disaster forces them to fix it.

IMHO, this is the real reason that MS software is so insecure. Its users
don't understand security, and don't jump all over the vendor when an
exploit appears. They accept that "That's how computers are". They
aren't on the watch for security problems.

Macs are more secure partly because they do tend to have somewhat
more knowledgeable users who have opinions and are willing to speak
their mind. If an OS X exploit does appear, we'll probably all let Apple
know exactly what we're thinking. But mostly, Apple has been able
to leverage several decades of unix experience with security. Most of
the mistakes are well documented, and by using a BSD unix base, Apple
incorporated all of that learning in one swell foop.
 >> Stay informed about: Spyware and Virus Programs? 

On 18 Jan 2006 16:17:03 +0000 (GMT), Tim Cutts wrote:
> In article ,
> Garner Miller wrote:

>>There are no viruses for Mac OS X.

> Yet.

Unix has been around for a very, very long time, Tim. Only windows is
designed to be virus-friendly.

>>There is no spyware for Mac OS X.

> Wrong. World of Warcraft contains a spyware component, for example.
> Whether you care, and whether you trust Blizzard if you play that game,
> is another matter.

OK, so how do you define "spyware" in this context, please?

>>Any program you run will do absolutely nothing!

> Not true. There have been plenty of security holes in Mac OS X
> exploitable through malicious websites and so on.

Any antivirus program you buy, will test for all none of the viruses.
Yes, security updates still need to be used. Nobody said otherwise.

> This complacent attitude of much of the Mac community will be our
> undoing. Yes, OS X does not currently have the same virus/trojan
> problem that Windows does. But that doesn't mean it can't. It just
> means we're not currently the target.

You need motive, _and_ opportunity. The design of Unix is such that the
opportunity just isn't there.
 >> Stay informed about: Spyware and Virus Programs? 

In article ,
Tim Cutts wrote:

> Wrong. World of Warcraft contains a spyware component, for example.
> Whether you care, and whether you trust Blizzard if you play that game,
> is another matter.

This is going to be partially determined by how you define "spyware."

Wikipedia (not that I consider them a trusted source) defines it as
follows:

Spyware is a broad category of malicious software designed to intercept
or take partial control of a computer's operation without the informed
consent of that machine's owner or legitimate user. While the term taken
literally suggests software that surreptitiously monitors the user, it
has come to refer more broadly to software that subverts the computer's
operation for the benefit of a third party.

So what does Blizzard do that's malicious?

--
Steven Fisher; sdfisher.RemoveThis@spamcop.net
 >> Stay informed about: Spyware and Virus Programs?