Decent AV for Mac OS X

[*Hemidactylus*]

[crossposted to comp.sys.mac.system and comp.sys.mac.apps)

After reading about the Flashback thingy I wondered if I should look
into some sort of AV for my MacMini (using Lion). I read something on
Forbes online recently that suggested Sophos for Mac, but since my
experience level with Mac is low, I would prefer to hear some feedback
from the old-timers.

http://www.forbes.com/sites/adriankingsleyhughes/2012/04/05/why-you-should-install-antivirus-on-your-mac/

--
*Hemidactylus*

[Jolly Roger]

In article <h7KdnRHJ_uhMvePS...@giganews.com>,

Not needed.

Waste of time and money.

--
Send responses to the relevant news group rather than email to me.
E-mail sent to this address may be devoured by my very hungry SPAM
filter. Due to Google's refusal to prevent spammers from posting
messages through their servers, I often ignore posts from Google
Groups. Use a real news client if you want me to see your posts.

JR

[Brian Gordon]

In article <jollyroger-B30D2...@news.individual.net>,

Jolly Roger <jolly...@pobox.com> wrote:
>In article <h7KdnRHJ_uhMvePS...@giganews.com>,
> *Hemidactylus* <ecph...@hotmail.com> wrote:
>
>> [crossposted to comp.sys.mac.system and comp.sys.mac.apps)
>>
>> After reading about the Flashback thingy I wondered if I should look
>> into some sort of AV for my MacMini (using Lion). I read something on
>> Forbes online recently that suggested Sophos for Mac, but since my
>> experience level with Mac is low, I would prefer to hear some feedback
>> from the old-timers.
>>
>> http://www.forbes.com/sites/adriankingsleyhughes/2012/04/05/why-you-should-ins
>> tall-antivirus-on-your-mac/
>
>Not needed.
>
>Waste of time and money.
>

For no cost and very little time, look at ClamXav. Free and well maintained.


--
| Brian Gordon -->bri...@panix.com<-- brian dot gordon at cox dot net |
+ briang...@hotmail.com Bass: Lexington "Main Street Harmonizers" chorus +
| Singing Valentines 803.339.9054 |

[Helpful Harry]

In article <jll88v$8kk$1...@reader1.panix.com>, bri...@panix.com (Brian

Gordon) wrote:
> In article <jollyroger-B30D2...@news.individual.net>,
> Jolly Roger <jolly...@pobox.com> wrote:
> >In article <h7KdnRHJ_uhMvePS...@giganews.com>,
> > *Hemidactylus* <ecph...@hotmail.com> wrote:
> >
> >> [crossposted to comp.sys.mac.system and comp.sys.mac.apps)
> >>
> >> After reading about the Flashback thingy I wondered if I should look
> >> into some sort of AV for my MacMini (using Lion). I read something on
> >> Forbes online recently that suggested Sophos for Mac, but since my
> >> experience level with Mac is low, I would prefer to hear some feedback
> >> from the old-timers.
> >>
> >>
http://www.forbes.com/sites/adriankingsleyhughes/2012/04/05/why-you-should-ins
> >> tall-antivirus-on-your-mac/
> >
> >Not needed.
> >
> >Waste of time and money.
>
> For no cost and very little time, look at ClamXav. Free and well maintained.

But still unnecessary and still uses up hard drive space and processor
time. As well as chewing through Internet datacap limits continually
downloading malware definition updates that are 99.9% for Windows only.

So far the "reports" I've seen of this Flashback "malware" have consisted
of reported claims from a bunch of hackers and "tech" support from people
selling anti-malware software. There's no real evidence that it even
exists, and little real chance of most people actually getting it if it
does - unless you're a regular visitor to porn and pirate software
websites.

Helpful Harry :o)

[Alan Browne]

Haven't you asked this before?

The answer is always the same: no.


--
"I was gratified to be able to answer promptly, and I did.
I said I didn't know."
-Samuel Clemens.

[Jamie Kahn Genet]

Brian Gordon <bri...@panix.com> wrote:

> In article <jollyroger-B30D2...@news.individual.net>,
> Jolly Roger <jolly...@pobox.com> wrote:
> >In article <h7KdnRHJ_uhMvePS...@giganews.com>,
> > *Hemidactylus* <ecph...@hotmail.com> wrote:
> >
> >> [crossposted to comp.sys.mac.system and comp.sys.mac.apps)
> >>
> >> After reading about the Flashback thingy I wondered if I should look
> >> into some sort of AV for my MacMini (using Lion). I read something on
> >> Forbes online recently that suggested Sophos for Mac, but since my
> >> experience level with Mac is low, I would prefer to hear some feedback
> >> from the old-timers.
> >>
> >> http://www.forbes.com/sites/adriankingsleyhughes/2012/04/05/why-you-sho
> >> uld-ins tall-antivirus-on-your-mac/
> >
> >Not needed.
> >
> >Waste of time and money.
> >
>
> For no cost and very little time, look at ClamXav. Free and well maintained.

It's a free and easy way to slow your Mac down, sure :-)
--
If you're not part of the solution, you're part of the precipitate.

[*Hemidactylus*]

Ok already I get the picture! The performance hit isn't worth it.
Message received.

I did load some Linux versions of AV long ago and even ran scans, before
I came to my senses.

I have AVG on my Droid phone. Not exactly sure if is really doing
anything or if Lookout is better. But I don't really think wiping my
phone and reinstalling from an ISO is an option :-)

But I still baby my Mac, which is why I wasn't overly concerned about
Flashback. On Linux if I f'd up and landed on a bad site all I have to
do is wipe in Gparted and reinstall. I've heard Linux old-timers say
they laugh at Windows geared "your system is infected" scareware popups,
which is probably the case if it happens in Mac OS X too. They always
make the popup look like Windows Explorer and stuff that you'd see on a
Windows filesystem. It sure don't look look a GNOME or KDE environment
with a Linux filesystem.

I really don't feel like going to the Genius Bar with my Mini even if I
have the 3 year coverage plan. Yet in the past 4 years all I've seen is
one flagged Trojan and that was on Windows Vista (flagged by McAfee).

And if I see a domain I'm unsure of I run it by
http://aceinsight.websense.com/ and see what results.

--
*Hemidactylus*

[*Hemidactylus*]

On 04/05/2012 11:46 PM, *Hemidactylus* wrote:

[snip]

> I've heard Linux old-timers say
> they laugh at Windows geared "your system is infected" scareware popups,
> which is probably the case if it happens in Mac OS X too. They always
> make the popup look like Windows Explorer and stuff that you'd see on a
> Windows filesystem. It sure don't look look a GNOME or KDE environment
> with a Linux filesystem.
>
> I really don't feel like going to the Genius Bar with my Mini even if I
> have the 3 year coverage plan. Yet in the past 4 years all I've seen is
> one flagged Trojan and that was on Windows Vista (flagged by McAfee).

In case that's confusing I should clarify that I've seen none of the
scareware on my Windows machines so far, but I've seen plenty on Windows
machines of other people and have tried to help rid them of that
nonsense to the best of my ability. That crap is ubiquitous.

And if I can damn Redmond with faint praise for anything it is their
militant attitude in taking down botnets.

http://securitywatch.pcmag.com/microsoft/295850-microsoft-s-botnet-takedowns-disrupt-zeus-operations


--
*Hemidactylus*

[Warren Oates]

In article
<HelpfulHarry-0...@203-118-187-186.dsl.dyn.ihug.co.nz>,

Helpfu...@BusyWorking.com (Helpful Harry) wrote:

> So far the "reports" I've seen of this Flashback "malware" have consisted
> of reported claims from a bunch of hackers and "tech" support from people
> selling anti-malware software. There's no real evidence that it even
> exists, and little real chance of most people actually getting it if it
> does - unless you're a regular visitor to porn and pirate software
> websites.

<http://www.techweekeurope.co.uk/news/mac-flashback-600000-infected-apple
-71604>
--

... do not cover a warm kettle or your stock may sour. -- Julia Child

[Mr. Strat]

In article <h7KdnRHJ_uhMvePS...@giganews.com>,
*Hemidactylus* <ecph...@hotmail.com> wrote:

> [crossposted to comp.sys.mac.system and comp.sys.mac.apps)
>
> After reading about the Flashback thingy I wondered if I should look
> into some sort of AV for my MacMini (using Lion). I read something on
> Forbes online recently that suggested Sophos for Mac, but since my
> experience level with Mac is low, I would prefer to hear some feedback
> from the old-timers.

Don't waste the disc space and clock cycles. Keep your system updated
and use common sense online. You can't protect against PEBCAK.

[Helpful Harry]

In article <4f7ee461$0$2240$c3e8da3$3a1a...@news.astraweb.com>, Warren

Oates <warren...@gmail.com> wrote:
> In article
> <HelpfulHarry-0...@203-118-187-186.dsl.dyn.ihug.co.nz>,
> Helpfu...@BusyWorking.com (Helpful Harry) wrote:
> >
> > So far the "reports" I've seen of this Flashback "malware" have consisted
> > of reported claims from a bunch of hackers and "tech" support from people
> > selling anti-malware software. There's no real evidence that it even
> > exists, and little real chance of most people actually getting it if it
> > does - unless you're a regular visitor to porn and pirate software
> > websites.
>
> <http://www.techweekeurope.co.uk/news/mac-flashback-600000-infected-apple
> -71604>

As far as I can see that's just a re-hash of the same old story (the usual
lazy "journalism" technique: copy-paste) and the so-called "reports" come
from Dr Web and F-Secure - both of whom sell Mac anti-malware software.

As usual, there's still no reports from any real users and no mention of
how this suposed mal-ware can infect your system.

Helpful Harry :o)

[Patty Winter]

In article <HelpfulHarry-0...@203-118-187-203.dsl.dyn.ihug.co.nz>,

Helpful Harry <Helpfu...@BusyWorking.com> wrote:
>
>As far as I can see that's just a re-hash of the same old story (the usual
>lazy "journalism" technique: copy-paste) and the so-called "reports" come
>from Dr Web and F-Secure - both of whom sell Mac anti-malware software.

Well, so does Kapersky, so I guess you won't like their report, either:

http://www.pcmag.com/article2/0,2817,2402715,00.asp
https://www.securelist.com/en/blog/208193441/Flashfake_Mac_OS_X_botnet_confirmed


Patty

[David Empson]

John Gruber of Daring Fireball (who is a pretty reliable source, in my
opinion) said that several of his readers have reported they were
affected by this. The problem really is out there, but the number of
infected machines may be up for debate.

http://daringfireball.net/

Find the heading for Thursday 5 April 2010, then below that "Flashback
Trojan Reportedly Controls Half a Million Macs and Counting"

"UPDATE 2: Via email and public Twitter replies, I've seen reports from
about a dozen or so DF readers who've been hit by this. And they all
seem like typical DF readers — sophisticated, experienced, if not
downright expert Mac users. It's not an epidemic, but it's definitely
real, and insidious."

The details of what it does are out there if you read the reports from
the anti-virus vendors. For the moment it appears to be limited to
"phone home" and injecting code into certain web sites, but once the
trojan is installed it can download new code at will from the home base,
so could do anything in future.

--
David Empson
dem...@actrix.gen.nz

[Helpful Harry]

In article <4f7f80d2$0$16176$742e...@news.sonic.net>, Patty Winter

Flashfake_Mac_OS_X_botnet_confirmed

Yep, the same bandwagon-jumping by yet another seller of anti-malware software.

The SUPPOSED malware may well exist, but if nodoby is actually being
infected (which os far seems to be the case) then it's a complete
non-issue, as has been the case with every other so-called report before.

Helpful Harry :o)

[Paul Sture]

On Sat, 07 Apr 2012 12:28:56 +1200, David Empson wrote:

> John Gruber of Daring Fireball (who is a pretty reliable source, in my
> opinion) said that several of his readers have reported they were
> affected by this. The problem really is out there, but the number of
> infected machines may be up for debate.
>
> http://daringfireball.net/
>
> Find the heading for Thursday 5 April 2010, then below that "Flashback
> Trojan Reportedly Controls Half a Million Macs and Counting"
>
> "UPDATE 2: Via email and public Twitter replies, I've seen reports from
> about a dozen or so DF readers who've been hit by this. And they all
> seem like typical DF readers — sophisticated, experienced, if not
> downright expert Mac users. It's not an epidemic, but it's definitely
> real, and insidious."
>
> The details of what it does are out there if you read the reports from
> the anti-virus vendors. For the moment it appears to be limited to
> "phone home" and injecting code into certain web sites, but once the
> trojan is installed it can download new code at will from the home base,
> so could do anything in future.

Another Ars Technica report from yesterday evening (I assume US time)

<http://arstechnica.com/apple/news/2012/04/new-analysis-backs-half-
million-mac-infection-estimate.ars>

And Ars Technica has expanded on F-Secure's original text (though I note
that like the rest they have still blindly copied the first bit of the
instructions - points 2 and 3 are the wrong way round).

<http://arstechnica.com/apple/news/2012/04/how-to-check-forand-get-rid-
ofa-mac-flashback-infection.ars>

Disabling Java on your Mac with screen shots:

<http://www.f-secure.com/weblog/archives/00002330.html>
--
Paul Sture

[Jolly Roger]

In article <4hf559-...@news.sture.ch>, Paul Sture <pa...@sture.ch>
wrote:

Typically, Apple fixes this sort of thing and we all forget about it in
a month or two.

Of course, I don't expect these so-called "security firms" (a.k.a.
security software peddlers) to actually tell anyone if the number of
machines on these bot nets decreases over time due to Apple's software
updates.

[Patty Winter]

In article <1ki6jyx.1sm4dk513j2ksfN%dem...@actrix.gen.nz>,

David Empson <dem...@actrix.gen.nz> wrote:
>
>John Gruber of Daring Fireball (who is a pretty reliable source, in my
>opinion) said that several of his readers have reported they were
>affected by this. The problem really is out there, but the number of
>infected machines may be up for debate.

Was the honey pot set up by the Kaspersky folks a valid way to
estimate the number of active bots from this trojan? If so, then
wouldn't their 600,000 figure be pretty accurate?


Patty

[Alan Browne]

It would be safer to say that the 600K is a lower bound - but because
it's a very specific test, the upper bound would not be very much
higher. They can't tell how many Macs were exposed to the honeypot (not
on, not connected, etc.).

IAC, it seems easy enough for Mac users with even low skill levels to
detect and eradicate - and of course do a software update from Apple to
put up the wall on it.

[Alan Browne]

AV s/w doesn't slow down machines much at all. They check for viruses
on file load and then the program runs as always. Load time impact is
in the single digits (percent).

The only instance where they do slow a machine down is when doing "all
file" sweeps. On my PC's I do that every 3 months or so overnight.

I don't use AV on the Mac (except under WinXP/Fusion when it's running).

[Jamie Kahn Genet]

I've used many AV programs in Windows and while you're right - most of
the slowdown is when opening files and apps, as well as system startup,
I find those slowdowns to be particularly noticeable. Running a
background scan actually has less overall impact on performance for my
work. YMMV :-)

Anyway - all a Mac user need do in this situation is either run software
update or disable Java in his web browser and other apps like email and
RSS reader (in the unlikely event they're daft enough to enable Java in
them in the first place - the good ones never have by default, and even
some web browsers such as Camino don't by default). Running an AV app is
overkill IMO.

[*Hemidactylus*]

But Mac users miss out on the fun that Windows users have running an AV
scan that mostly finds tracking cookies, then a anti-malware scan so
powerful that it sometimes turns up false positives on registry keys
that could do funny things to your system if deleted. Between both scans
time taken 1-1.5 hours. It's kinda like a video game really.

And it's cool to use the free-versions that nag you to upgrade to the
paid version.

[flamebait] One thing Mac OS X really needs is a registry [/flamebait]

--
*Hemidactylus*

[David Empson]

That will only prevent future infection. If the computer had already
acquired the Flashback trojan, something would be needed to detect and
remove it.

Apple's Xprotect mechanism might be able to catch it, but having a look
through the current definitions, it is only looking for Flashback A, B
and C variants, not the one that exploits the Java vulnerability
(Flashback K). I suspect that at least part of this trojan cannot be
intercepted by Xprotect because it loads alongside other applications as
a dynamic library, rather than being a malicious application you run
directly. I've also seen mention that some Flashback variants disable
Xprotect.

This appears to be a case where running a full scan with an anti-virus
is a good idea.

The most important point is to get the Java updated installed, to block
future infection. Lion users only need to worry about this if they have
installed Java, since it is not installed by default.

Those on Leopard and earlier systems should seriously consider disabling
Java completely (using Java Preferences), and certainly disable it in
their web browser.

--
David Empson
dem...@actrix.gen.nz

[*Hemidactylus*]

I have Lion, thus no Java, yet my Safari security preference has Enable
Java checked. I unchecked it for good measure, but wonder if that was
necessary.


--
*Hemidactylus*

[PhillipJones]

Actually when you run installer and choose custom install you can
install Java and the system will maintain it. But java is not
installed. and the first time it required it will be installed.

[Paul Sture]

On Sun, 08 Apr 2012 09:46:20 +1200, Jamie Kahn Genet wrote:

> I've used many AV programs in Windows and while you're right - most of
> the slowdown is when opening files and apps, as well as system startup,
> I find those slowdowns to be particularly noticeable. Running a
> background scan actually has less overall impact on performance for my
> work. YMMV

I've seen reports that some AV programs are bloatware in their own right.

Startup is a particular pain. Since I installed F-Secure on my XP system
(free from my ISP so why not?), it takes so long to get to the point
where the system is usable that I'll do something which involves walking
away from my desk like grabbing a cup of coffee.

Boot the same system into Linux, and it's worth sitting in front of the
system to start work.

--
Paul Sture

[Paul Sture]

On Sat, 07 Apr 2012 18:33:36 -0400, *Hemidactylus* wrote:

> [flamebait] One thing Mac OS X really needs is a registry [/flamebait]

LOL! The idea of having things like program settings in a central
location could have been a good idea when compared to the gazillions
of .INI files which used to be scattered around a Windows system.

Pity about the implementation. From someone who reverse engineered the
registry to write their own utilities:

"Why the Windows Registry sucks … technically"

<http://rwmj.wordpress.com/2010/02/18/why-the-windows-registry-sucks-
technically/>

1. It’s a half-arsed implementation of a filesystem
2. Hello Microsoft programmers, a memory dump is not a file format
3. The implementation of reading/writing the Registry in Windows NT
is poor
4. Types are not well specified
5. Interchange formats are not well specified
6. The Registry arrangement is a mess
7. The Registry is a filesystem
8. Security, ha ha, let’s pretend
9. The Registry is obsolete, sorta



--
Paul Sture

[Geoffrey S. Mendelson]

Paul Sture wrote:

> Startup is a particular pain. Since I installed F-Secure on my XP system
> (free from my ISP so why not?), it takes so long to get to the point
> where the system is usable that I'll do something which involves walking
> away from my desk like grabbing a cup of coffee.

That's a configuration option. The default is to a scan of the registry,
boot blocks, windows and program files directories and probably a few more
at startup.

You can just turn it off, and boot will go back to normal.

As for F-Secure, I don't know much about it, but every time someone brings
me a computer to look at, I run the standalone bootable AVG and it finds
infected files the others have missed.

On friends computers, I ask first and then uninstall their old antivirus
and install the free AVG, on random computers brought to me by friend's
of friends I don't.

Geoff.

--
Geoffrey S. Mendelson, N3OWJ/4X1GM
My high blood pressure medicine reduces my midichlorian count. :-(

[Ant]

On 4/8/2012 3:51 AM PT, Paul Sture typed:

>> [flamebait] One thing Mac OS X really needs is a registry [/flamebait]
>
> LOL! The idea of having things like program settings in a central
> location could have been a good idea when compared to the gazillions
> of .INI files which used to be scattered around a Windows system.

I hate registry. I'd rather have a bunch of pure INI/configuration text
files.
--
"He who cannot pick up an ant, and wants to pick up an elephant will
some day see his folly." --African
/\___/\ Ant(Dude) @ http://antfarm.ma.cx (Personal Web Site)
/ /\ /\ \ Ant's Quality Foraged Links: http://aqfl.net
| |o o| |
\ _ / If crediting, then use Ant nickname and AQFL URL/link.
( ) If e-mailing, then axe ANT from its address if needed.
Ant is currently not listening to any songs on this computer.

[Alan Browne]

They are usually single digit percent. If you run windows, you are
silly not to use them. For really large apps (Photoshop), the impact on
load is about 3 seconds on 50 (my old 2.4 GHz dual core AMD system).

> background scan actually has less overall impact on performance for my
> work. YMMV :-)

Significantly. Along with everyone else and lab tests.

>
> Anyway - all a Mac user need do in this situation is either run software
> update or disable Java in his web browser and other apps like email and
> RSS reader (in the unlikely event they're daft enough to enable Java in
> them in the first place - the good ones never have by default, and even
> some web browsers such as Camino don't by default). Running an AV app is
> overkill IMO.

For Mac yes. But at some point, if these attacks mount in number AV
apps will be the best way to manage. But they should be ground-up Mac
apps and not adaptations of Windows AV apps.

I'd guess the day is at least 3 years off - OTOH, these things can
snowball. As hackers try more and more ways to attack Macs, they may
stumble on more effective, difficult to guard against and difficult to
remove strategies. At that point AV apps will be the better management
approach to them.

Wish it weren't so.

[Wes Groleau]

On 04-08-2012 06:51, Paul Sture wrote:
> LOL! The idea of having things like program settings in a central
> location could have been a good idea when compared to the gazillions
> of .INI files which used to be scattered around a Windows system.

Which have now been reduced to zillions.
And which are understandable with notepad

--
Wes Groleau

Pat's Polemics
http://Ideas.Lang-Learn.us/barrett

[Wes Groleau]

On 04-08-2012 13:53, Alan Browne wrote:
> For Mac yes. But at some point, if these attacks mount in number AV
> apps will be the best way to manage. But they should be ground-up Mac
> apps and not adaptations of Windows AV apps.

and not _ground_up_ Windows apps?

[Alan Browne]

Pretty poor bait. MS really screwed up with that. It appeared after
Win 3.1 (IIRC) which was really a simple system (that worked, mostly) on
top of DOS. Windows got hopelessly (and needlessly) complex once the
registry was added.

For some reason it wasn't clear to the idiots at MS that the file
structure under System was more than adequate management for program
setting storage. It would have been okay for Windows to provide methods
(editors and system calls) to view/modify settings - but they should
have been located with the applications. May have needed a parallel
structure for user accounts on a given machine.

I recall removing Norton (or McAfee) AV from a machine and that required
several hours of hunting down settings in the registry.

[Alan Browne]

On 2012-04-08 14:02 , Wes Groleau wrote:
> On 04-08-2012 13:53, Alan Browne wrote:
>> For Mac yes. But at some point, if these attacks mount in number AV
>> apps will be the best way to manage. But they should be ground-up Mac
>> apps and not adaptations of Windows AV apps.
>
> and not _ground_up_ Windows apps?

In case that wasn't humour: I meant developed "from the ground up" for
Mac and not taking Windows AV apps and adapting them.

[Wes Groleau]

On 04-08-2012 14:19, Alan Browne wrote:
> On 2012-04-08 14:02 , Wes Groleau wrote:
>> On 04-08-2012 13:53, Alan Browne wrote:
>>> For Mac yes. But at some point, if these attacks mount in number AV
>>> apps will be the best way to manage. But they should be ground-up Mac
>>> apps and not adaptations of Windows AV apps.
>>
>> and not _ground_up_ Windows apps?
>
> In case that wasn't humour: I meant developed "from the ground up" for
> Mac and not taking Windows AV apps and adapting them.

Knew what you meant, and apparently you knew what I meant.

[Steve Thompson]

Wow, now I know I'm getting old: I read "Decent AV" as "Decnet IV" :)

-steve

[Alan Browne]

On 2012-04-08 14:59 , Steve Thompson wrote:
>
> Wow, now I know I'm getting old: I read "Decent AV" as "Decnet IV" :)

Sight reading is fast. Who cares if you understand what you're reading!

[Jamie Kahn Genet]

Same here - booting into OSX, Linux or a BSD Unix takes less than a
minute. But booting into WinXP with AV takes SEVERAL minutes before it
becomes responsive. I should time it one day, but I've restarted into
WinXP, got up, walked to kitchen, made a milo (hot chocolate), heated it
in microwave for two minutes, and come back to my desk to find the
notification area of the taskbar still being populated, and the start
menu still not being immediately responsive.

That said the AV with the least system impact I ever used was Nod32 (it
was also the most unobtrusive and well designed IMO), but I longer pay
for AV given it's nothing more than an early warning system for
infection in Windows nowadays, and one can rarely ever be sure it's
cleaned an infection, if it's able to try in the first place. With
rootkits and the like it's easier and safer to just wipe the Windows
partition and restore from backup.

[Paul Sture]

On Sun, 08 Apr 2012 14:00:02 -0400, Wes Groleau wrote:

> On 04-08-2012 06:51, Paul Sture wrote:
>> LOL! The idea of having things like program settings in a central
>> location could have been a good idea when compared to the gazillions of
>> .INI files which used to be scattered around a Windows system.
>
> Which have now been reduced to zillions. And which are understandable
> with notepad

Which means you can search them by both filename and content.

I recall someone doing an analysis of the Registry editor code back in
1997 and concluding that it was a bloated mess, with large chunks of code
copied from some other program which were never used.

The position today is that for some combination of installation and
software update, possibly one of the Service Packs, I saw something
like 100,000 registry updates tick past during a reboot. That
has _got_ to be a serious maintentance problem whichever way you
look at it.

--
Paul Sture

[Paul Sture]

On Sun, 08 Apr 2012 14:59:56 -0400, Steve Thompson wrote:

> Wow, now I know I'm getting old: I read "Decent AV" as "Decnet IV" :)
>

LOL! IIRC there was a Pathworks for Mac product (though maybe by a
different name). The story I recall was that when it got dropped (or
maybe when OS X came along?) the CHARON VAX folks looked at continuing
support for it but quoted too high a price.

--
Paul Sture

[Paul Sture]

I'll go further and say that for Lion where Java is optional:

o - If you don't need Java, then don't install it.
o . If you have already installed Java, consider removing it.

From February 2011:

"Oracle gives 21 (new) reasons to uninstall Java

Oracle this week pushed an updated version of its Java runtime
environment that fixes 21 security vulnerabilities, 19 of which allow
attackers to remotely install malicious software on end-user machines.

...

Bootnote

No, OpenOffice does not require Java. Per the official OpenOffice Wiki,
Java is required merely to complete OpenOffice. Most OpenOffice functions
work just fine on machines that don't have Java installed."

<http://www.theregister.co.uk/2011/02/17/java_security_threat/>

From the OpenOffice site:

<http://wiki.services.openoffice.org/wiki/Java_and_OpenOffice.org>

"Java is required for complete OpenOffice.org functionality. Java is
mainly required to use the new embedded Java technology based HSQLDB
database engine, or to make use of accessibility and assistive
technologies. If you do not require database tables or accessibility
integration or some wizards, then you do not need to download and install
Java. Base (the database component) for example completely relies on Java
technologies to run, but other programs (like Writer, Calc, and Impress)
only need Java for special functionality (see below). "

And from the LibreOffice Wiki:

<https://en.wikipedia.org/wiki/Libreoffice#Initial_release>

"Also underway is the reduction of Java dependency."

--
Paul Sture

[Paul Sture]

On Mon, 09 Apr 2012 08:23:13 -0700, Michelle Steiner wrote:

> In article <orda59-...@news.sture.ch>, Paul Sture <pa...@sture.ch>

> wrote:
>
>> From February 2011:
>>
>> "Oracle gives 21 (new) reasons to uninstall Java
>>
>> Oracle this week pushed an updated version of its Java runtime
>> environment that fixes 21 security vulnerabilities, 19 of which allow
>> attackers to remotely install malicious software on end-user machines.
>

> That sounds like 21 reasons were removed.

Yes, but this was at a time when Java and Adobe Flash were consistently
the top of the charts of products with security flaws.

--
Paul Sture

[Helpful Harry]

For those who don't like tinkering in the Terminal, according to
MacRumors.com there's now an application you can run to check for the
supposed Flashback malware. https://github.com/jils/FlashbackChecker/wiki

It does NOT remove it, just tells you if the files are on your computer
... and I'd almost be willing to bet that nobody here finds anything.

Helpful Harry :o)

[Jamie Kahn Genet]

Just for fun I checked manually and my Mac is not compromised. But it
wouldn't be as I already used browser, email and RSS clients that allow
disabling of Java/never allow it in the first place.

[dorayme]

In article
<HelpfulHarry-1...@203-118-187-188.dsl.dyn.ihug.co.nz>,

How very cautious of you! I would promise to eat a hat.

--
dorayme

[Helpful Harry]

In article <dorayme-EBFFF0...@news.albasani.net>, dorayme

It *IS* the Internet, so there's bound to be a few fools around who visit
pirate and porn websites and may well have infected their computer with
some malware or other, but then they get what they deserve really.

Helpful Harry :o)

[dorayme]

In article
<HelpfulHarry-1...@203-118-187-198.dsl.dyn.ihug.co.nz>,

Helpfu...@BusyWorking.com (Helpful Harry) wrote:

> In article <dorayme-EBFFF0...@news.albasani.net>, dorayme
> <dor...@optusnet.com.au> wrote:
> > In article
> > <HelpfulHarry-1...@203-118-187-188.dsl.dyn.ihug.co.nz>,
> > Helpfu...@BusyWorking.com (Helpful Harry) wrote:
> > >
> > > For those who don't like tinkering in the Terminal, according to
> > > MacRumors.com there's now an application you can run to check for the
> > > supposed Flashback malware. https://github.com/jils/FlashbackChecker/wiki
> > >
> > > It does NOT remove it, just tells you if the files are on your computer
> > > ... and I'd almost be willing to bet that nobody here finds anything.
> >
> > How very cautious of you! I would promise to eat a hat.
>
> It *IS* the Internet, so there's bound to be a few fools around who visit
> pirate and porn websites and may well have infected their computer with
> some malware or other, but then they get what they deserve really.

Who "here" would remotely likely be reading about alternatives to
Terminal yet who might "well have infected their computer". Even our
resident sheep rooter who posts here (he reads "Lovely Sheep", a
popular porn mag for sheepophiles ) is unlikely to.

I say to your face, Mister - yes, I am looking at you and I am staring
direct into your eyes - you should join me in offering to eat hats
instead of taking your pussyfooting hesitant "almost" line.

--
dorayme