***UPDATE*** Serious Mac "malware" threat evolves...

I have just been alerted to the existence of a new variant of the malware I told everyone about in my previous email... It's called "Mac Guard", and the bad news is that it doesn't even need an administrator password to install! The good news is, of course, that if you followed my advice about unchecking the 'Open "safe" flies..." box in Safari's preferences, you should still be protected. To read more about this latest threat, follow this link:

In the unfortunate event you get bitten by this new variant, follow the instructions below to rid yourself of the threat.

Good luck,


Serious Mac "malware" threat...

I want to let everyone know about a threat to Mac users that has recently cropped up, and is starting to hit the news sites as well. So far, there are at least three variants: "MAC Defender", "Mac Protector" and "Mac Security". The threat is being reported as a virus, but technically, it's not. The more accurate term for it is "scareware", as it's simply designed to scare users into thinking they've been infected with a virus. It's devious and nasty in its techniques, but the (sort of) good news (sort of) is that it poses no threat to the data on your computer. If someone falls for it completely, however, they could end up compromising a credit card, so don't take this lightly. For details, read on...

The threat starts when you stumble onto a 'poisoned' website, and a pop-up window of some sort will appear that says your computer has been found to be virus-infected. The secret of the threat is that a bit of javascript code on the website has already initiated a download, and in a very short time (if your computer is configured as most are by default [see below[*]), you'll be presented with an installer window, which asks for your administrator password in order to proceed. If you're really paying attention, you'll decline that request, and the threat will be averted. But, if you go ahead and enter your password (as most of us probably would, thinking the threat is real and worrying about the consequences), the threat really takes off...

The next step in the nastiness is that you'll be presented with a fake anti-virus program interface, and it will proclaim to have found one or more viruses on your system. [This is a good time to interject that there still are no known true viruses out there that can attack Mac OS X.] For the few folks that I've spoken to that have experience the issue, the next step is what finally triggers a "wait a minute" moment... The 'program' then asks for you to enter your credit card info to be charged something like $60 to fully install the 'program' and thus rid yourself of the virus(es). Fortunately, all the folks I've spoken to have been sufficiently wary of blindly giving out any sort of private info, especially credit card/bank account numbers. DON'T DO IT!

Of course, at this point, the nastiness escalates. The fake program has been installed in such a way that it has no apparent way to be quit it, as well as having added itself to your login items (remember, you gave it your admin password?), so will start up automatically every time you restart your computer. To top it all off, if you don't pay up, it will automatically open your browser to some awful porn sites on a random basis, in an attempt to further scare you into paying up... Ugh.

Hopefully this email, and other news stories you may have already seen or been alerted to, will serve to keep you from falling prey to the hoax. If, on the other hand, you've been bitten, and need to know how to eliminate the nastiness, here's how to do it:

1) First off, as I said above, please don't be scared into actually giving them a credit card number! If you already did, call your CC company right away and alert them to the charge and cancel the card immediately;

2) The only way to delete the program (whichever version is installed: MAC Defender, Mac Protector or Mac Security), is to do the following:
• Go into your Applications folder, locate the Utilities folder, find the Activity Monitor program and open it (you can also try clicking this link);
• Once in Activity Monitor, find the pop-up-menu at the top of the window that says "My Processes" and change that to "All Processes";
• Find the name of your nemesis in the list of processes, select it, and click "Quit Process", then click "Force Quit";
• Quit Activity Monitor, go back to your Applications folder and find the offending program; move it to the Trash (being careful not to double-click it!), and then empty the Trash.
• Restart your computer, just to be sure you've cleaned it out...

3) Whew, it's gone! *One last step. For protection in the future, assuming you're using Safari as your default browser, go into Safari's preferences, and under the General tab, uncheck the box at the bottom there that's labeled "Open "safe" files after downloading". If there's anything we've learned from this whole ordeal, it's that it just isn't possible to let a program make assumptions about what a "safe" file is anymore!!

As always, if you have any trouble understanding any of this, or figuring out how to rid yourself of the threat, please feel free to give me a call. I'll do my best to help!

Of course, a big question that arises out of all of this is this: "Is it time to buy & install some sort of Anti-virus software on my Mac??" Here's my take (and it's also that of several online "experts"): I really don't think so. Of the many programs available for the Mac right now, only one would've detected the problem at the outset if you'd had it installed. That's mostly because it's not a true virus, as I explained earlier. I've always said that this type of threat was what all computer users would have to be most vigilant about in the future, because it's the easiest way to gain access to someone's computer. In short, the Trojans were very clever all those hundreds of years ago, and hackers are still benefitting from that knowledge! Instead of the relying on AV software, I still believe that the best investment to protect yourself from ALL types of computer problems (software/hardware malfunction as well as 'malware') is to have a robust backup system. If you're running a business from your computer, it should be a strongly redundant system as well!

Still, for those of you who would still like the peace of mind that comes from running some sort of anti-virus software, here are a few good products to explore:

Just make sure you've got a good backup as well!

Also, if you'd like to read up in more detail about this threat, here are a few links:


Mac Classes - May '11

May Day is upon us, and it's still cloudy and cold!?! My patience for the arrival of warm weather wears thin... I know, before long we'll all be complaining about the heat!

Mac class news for the month:

 For starters,
Saturday, May 14th, from 10 a.m. to noon, (due to ongoing demand)
I will be covering iPhoto again. Come learn all the ins & outs of Apple's amazing digital photo organization/editing program.
This class carries a fee of $20.

 Then, on S
aturday, May 28th, from 10 a.m. to noon,
I will be covering Apple's Keynote program. We've all seen the ubiquitous PowerPoint presentation done to death (almost literally)... Apple has taken their usual graphic-oriented approach to the concept and done it justice. Keynote makes it possible to make exciting, engaging presentations that stand out from the crowd. This class also carries a fee of $20.

***The above classes are always held in the small meeting room at Ridgway Town Hall, and are open to drop-ins, with no sign-up necessary***

Then, don't forget, there's...

 The regular
FREE "Overview of Mac OS X" class will take place on the last Wednesday of the month, May 25th from 5-7 p.m. These overview classes are held in the computer lab at the Ridgway Library. There are only eight seats available, and the Library has asked that I handle the sign ups, so give me a call at 970-417-8434 (or drop me an email) if you'd like to attend. (Be aware that first-timers take priority over anyone who has taken the class before, but there are often openings for repeaters).

There are six Macs in the computer lab, so only two of the eight attendees need their own laptops. This class is beginner-oriented, but we cover some different things every month; repeat attendees are encouraged (when there's room)!

As always, let me know if there's something else you'd like me to consider covering in the Saturday sessions.