About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Home » Learning Curve

Here Comes the Opinion Spy!

Nice try, guys.

Get It

Try It

PARIS (Rixstep) — Intego are declaring the existence of a Mac OS X trojan that they 'detect' as OSX/OpinionSpy. They claim it has been found in a number of software titles available online. The application code itself is not corrupted per se - the malware is downloaded during the installation.

The announcement comes timely as Google's switch away from Windows hits the net with gale force.

The applications in question come with a prompt to install further software in conjunction with a market research programme, according to Intego's announcement which then tries to move in for the kill.

'This shows the need for an up-to-date anti-malware program with a real-time scanner that can detect this malware when it is downloaded by the original application's installer.'

Not so fast, guys.

  1. No trojan or other malware on Mac OS X will ever show any such need.
  2. Why won't the good people at Intego tell everyone which titles to avoid?
  3. How can a serious antivirus company run Microsoft web server software?

Stealth downloads can and should be detected by any number of methods at the Mac OS X user's disposal. Mac OS X users certainly don't need to purchase AV software to detect yesterday's threats - they need good security practices to detect today's. Nothing Intego or any of the others are peddling will do that.

Mac OS X users here need a good portion of common sense.

  1. Never run untrusted and unknown software without full supervision.
  2. Monitor your net connections at all times - especially with new software.
  3. Monitor the activities of your install programs and the actual software both.

Use netstat to monitor your connections, tcpdump to see the actual traffic flowing, and find to see what your jolly installer and software have done to your system. Alternatively run Rixstep applications such as GD, Xframe, and Tracker respectively. Or the equivalent.

They protect you now - not when Intego or another company ready another press release.

See Also
Intego: OSX/OpinionSpy Spyware Installed by Freely Distributed Mac Applications

About | ACP | Buy | Industry Watch | Learning Curve | News | Products | Search | Substack
Copyright © Rixstep. All rights reserved.