We’re not in … anymore.

We are no longer safe!

Last week I received a phone call from a somewhat anxious neighbour (let’s call him Joe). It went something like this.

<phone vibrates & rings on desk>

Me: “Hello?”
Joe: “Hello, neighbour, can I bother you with a ‘puter problem?”
Me: “Sure, what can I do you for?”
Joe: “It’s a bit, embarrassing to be honest.”

<explanation of unsollicited pictures of a graphic and adult nature appearing at random>

Joe: “neighbour, you still there?”
Me: “yes, I am here…”

Me: “… and this is on your MAC, not a windows pc? I am comnig over”.
Joe: “When?”.
Me: “Like, NOW!”

<click>

RIIIIIIIIIIIIIIING RIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIIING

PerformOpeningDoor(Manner==hesitantly, silent==$True)

Me: “Where is the patient?” (Thought I’d better mind my manners and appear a bit pro here.)

Joe: “Follow me”

There in the living room I found the victim iMac that a first sight does not show anything out of the ordinary. (I wish my desktop was this uncluttered) The usual software is present, open office, iphoto, garageband,…
Time machine kicks in and is spinning happily in the top right finder corner next to an shield icon of some sort… A shield icon? huh?

Me: “What’s that?” /point to shield icon
Joe: “That’s my antivirus…”

After asking what precisely happened, my neighbour explained he got a message a couple of days ago that his mac was infected by viri and needed a solution right now. He installed the suggested software without further ado, not knowing that this is when the proverbial faeces would hit the fan.

Me: “Did you have antimalware software installed prior to the incident.”
Joe: “Ehmm, no?”
Me: “Then explain to me how a program not existing on your system can alert you? Would it not be wise to assume that such an alert originated elsewhere, and therefor is NOT to be trusted?”
Joe: “If you put it like that…”
Me: “No worries it happens to all people. Just keep some basic rules in mind and you’ll be a lot safer and more confident online.”
….
After removing the culprit program I restarted the mac and no issues remained.

I also give my neighbour some hints and tips on safe online computer use.
The above conversation basically proofs a point I made earlier: when it comes to being victim of the bad guys online, in the end, it does not matter which os you are running on your box. It also illustrates very well how the non techie, non IT proficient user looks at things when going online and encountering mixed messages.
I allready pointed out in a previous post that we need to review the way our programs and UIs communicate error conditions or exceptions to the user.

There are some tips by Brian Krebs that you should find interesting and adhere to:
Here is the support note from apple addressing the malware issue:

It is high time apple users start to aknowledge that they too, are targets of online fraud and naughtyness. Arming ourselfs and shoring up our defenses are also tasks long overdue…

Update: before any of you non-mac users start to grin, here is blogpost of late 2009 in which I already hinted at macs being targets too.

Stay Secure!

B.