WEBVTT - How Mac Viruses Work

0:00:00.320 --> 0:00:02.960
<v Speaker 1>Brought to you by the reinvented two thousand twelve Camray.

0:00:03.240 --> 0:00:08.800
<v Speaker 1>It's ready. Are you get in touch with technology with

0:00:08.920 --> 0:00:14.400
<v Speaker 1>tex Stuff from how stuff works dot com. Hello, everybody,

0:00:14.440 --> 0:00:17.080
<v Speaker 1>welcome to tech stuff. My name is Chris Polette. I'm

0:00:17.120 --> 0:00:19.840
<v Speaker 1>an editor here at how stuff works dot com, and today,

0:00:19.840 --> 0:00:23.279
<v Speaker 1>sitting next to me, as usual, is senior writer Jonathan Strickland.

0:00:23.280 --> 0:00:28.159
<v Speaker 1>Hey there, um, Today we're gonna talk about again the

0:00:28.360 --> 0:00:32.120
<v Speaker 1>shady side of computing. Yes, it seems we talked about

0:00:32.159 --> 0:00:33.879
<v Speaker 1>this a lot. It turns out that, well, it's more

0:00:33.920 --> 0:00:37.200
<v Speaker 1>in a pretty big shady side. Well, you know, Okay,

0:00:37.280 --> 0:00:38.839
<v Speaker 1>Well let's look at it this way. We can talk

0:00:38.840 --> 0:00:41.519
<v Speaker 1>about the all the easy stuff and then we go, hey,

0:00:41.560 --> 0:00:44.440
<v Speaker 1>everything's working normally. Well, that's got it for today. Yeah,

0:00:44.440 --> 0:00:48.400
<v Speaker 1>that's true. That's a pretty short So we're going to

0:00:48.440 --> 0:00:51.920
<v Speaker 1>talk We talked once before about computer viruses. Actually a

0:00:51.920 --> 0:00:54.520
<v Speaker 1>couple of times before we've talked about computer viruses, and

0:00:54.840 --> 0:00:58.440
<v Speaker 1>today we wanted to talk about a specific pair of

0:00:58.480 --> 0:01:03.840
<v Speaker 1>trojans that recently attacked a computing system that, for a

0:01:03.920 --> 0:01:08.119
<v Speaker 1>very long time was seen as practically unassailable. That's true.

0:01:08.120 --> 0:01:12.760
<v Speaker 1>We're talking about the Macintosh and Honestly, you might be

0:01:12.800 --> 0:01:15.880
<v Speaker 1>surprised to know this, but the very very first virus

0:01:16.400 --> 0:01:19.600
<v Speaker 1>was written by somebody named Rich Scranta, and he actually

0:01:19.880 --> 0:01:22.360
<v Speaker 1>created this as a practical joke when he was in

0:01:22.400 --> 0:01:25.920
<v Speaker 1>the ninth grade for his apple to computer lab at school.

0:01:26.280 --> 0:01:28.000
<v Speaker 1>And it was just a very simple thing that every

0:01:28.000 --> 0:01:29.600
<v Speaker 1>once in a while and put up a message on

0:01:29.640 --> 0:01:32.720
<v Speaker 1>the when the computer would boot up saying essentially, this

0:01:32.880 --> 0:01:35.000
<v Speaker 1>is a virus. I mean I could read the whole thing,

0:01:35.040 --> 0:01:38.080
<v Speaker 1>but um, just kind of a novelty thing. He did

0:01:38.080 --> 0:01:39.880
<v Speaker 1>it to test the theory that it could be done.

0:01:39.920 --> 0:01:42.520
<v Speaker 1>And now viruses are more than twenty five years old,

0:01:42.880 --> 0:01:47.280
<v Speaker 1>but they have gotten significantly more malicious. Right, Yeah, there,

0:01:47.319 --> 0:01:50.920
<v Speaker 1>there there are still viruses that are just jokes, you know.

0:01:50.960 --> 0:01:53.240
<v Speaker 1>There's still viruses that go around where all it is

0:01:53.240 --> 0:01:55.320
<v Speaker 1>is just something that messes with you and makes you

0:01:55.320 --> 0:01:58.760
<v Speaker 1>think you're going crazy because your computer is not acting right. Um,

0:01:58.840 --> 0:02:02.520
<v Speaker 1>but those are you know, those are annoying, But those

0:02:02.520 --> 0:02:04.160
<v Speaker 1>aren't the ones that make the news. The ones that

0:02:04.200 --> 0:02:05.720
<v Speaker 1>make the news are the ones, of course, that cause

0:02:05.840 --> 0:02:09.400
<v Speaker 1>billions and billions of dollars worth of damages when people

0:02:09.680 --> 0:02:12.680
<v Speaker 1>and corporations, when their systems just completely crash and no

0:02:12.680 --> 0:02:16.000
<v Speaker 1>one communicates with anyone else. That's true. And there are

0:02:16.040 --> 0:02:17.560
<v Speaker 1>a couple of things we need to point out before

0:02:17.560 --> 0:02:20.079
<v Speaker 1>you get in in deep. We need to point out

0:02:20.120 --> 0:02:22.360
<v Speaker 1>that you were mentioning that we were going to discuss

0:02:22.360 --> 0:02:24.920
<v Speaker 1>two trojans, and we should point out the difference in

0:02:24.919 --> 0:02:27.680
<v Speaker 1>a trojan and a virus. I think um the virus

0:02:27.960 --> 0:02:33.680
<v Speaker 1>is a self replicating program. Um it um basically will copy.

0:02:33.800 --> 0:02:36.119
<v Speaker 1>For example, it will copy information from your address book.

0:02:36.120 --> 0:02:38.720
<v Speaker 1>It will send itself to other people in your email

0:02:38.800 --> 0:02:41.240
<v Speaker 1>message saying hey, you need to open this file. It's urgent.

0:02:41.560 --> 0:02:43.840
<v Speaker 1>And when you do, you load it into your computer,

0:02:43.919 --> 0:02:47.080
<v Speaker 1>which then you know, propagates and continues to do. A

0:02:47.080 --> 0:02:51.480
<v Speaker 1>trojan doesn't replicate by itself. UM. It's something that maybe

0:02:51.480 --> 0:02:54.760
<v Speaker 1>somebody would say, do you have any viruses on your computer?

0:02:54.840 --> 0:02:57.160
<v Speaker 1>Download this and find out now, And you download it

0:02:57.160 --> 0:02:59.400
<v Speaker 1>and you install it, and lo and behold. It's not

0:02:59.520 --> 0:03:02.600
<v Speaker 1>a virus protection program. It is, in need, a trojan horse,

0:03:02.760 --> 0:03:05.960
<v Speaker 1>and it gets in and messages with your computer. Both

0:03:05.960 --> 0:03:08.640
<v Speaker 1>are kinds of malware which you know mouth being bad,

0:03:08.960 --> 0:03:11.720
<v Speaker 1>dangerous software. And of course it's called a trojan after

0:03:11.760 --> 0:03:14.680
<v Speaker 1>the trojan horse, which you know, we all have heard

0:03:14.720 --> 0:03:18.000
<v Speaker 1>of it. You know, lots of soldiers hidd inside the

0:03:18.000 --> 0:03:20.079
<v Speaker 1>trojan horse. It was pulled into Troy. They all popped

0:03:20.080 --> 0:03:22.520
<v Speaker 1>out and then they started causing a ruckus as soldiers

0:03:22.520 --> 0:03:25.480
<v Speaker 1>are want to do. Now, the trojans on your computer,

0:03:25.760 --> 0:03:28.040
<v Speaker 1>same sort of thing. Hopefully they're not on your computer,

0:03:28.120 --> 0:03:29.919
<v Speaker 1>but the trojans that could be on your computer, same

0:03:29.919 --> 0:03:33.440
<v Speaker 1>sort of thing. It's a packet that has inside it

0:03:33.680 --> 0:03:37.080
<v Speaker 1>something nasty, and it can be a virus. So a

0:03:37.120 --> 0:03:40.080
<v Speaker 1>trojan can deliver a virus which could then self replicate,

0:03:40.440 --> 0:03:42.320
<v Speaker 1>or it could be something else. And one of the

0:03:42.440 --> 0:03:45.840
<v Speaker 1>more prevalent trojan attacks, or at least one of the

0:03:45.880 --> 0:03:49.000
<v Speaker 1>ones that gets the most news, are the kind that's

0:03:49.000 --> 0:03:53.640
<v Speaker 1>set up butt nets, and these are programs the trojans.

0:03:53.760 --> 0:03:57.640
<v Speaker 1>These trojans carry programs that give a remote user access

0:03:58.040 --> 0:04:01.880
<v Speaker 1>to the core of your work computer. So suddenly someone

0:04:02.120 --> 0:04:04.920
<v Speaker 1>somewhere else, possibly on the other side of the world,

0:04:05.520 --> 0:04:10.520
<v Speaker 1>can make your computer do things. And if they're clever enough,

0:04:10.560 --> 0:04:12.560
<v Speaker 1>they can make them do things. Make your computer do things,

0:04:12.560 --> 0:04:14.480
<v Speaker 1>and you don't. You're not even aware that your computer

0:04:14.560 --> 0:04:17.760
<v Speaker 1>is acting abnormally. Well, if you were, then they could

0:04:17.880 --> 0:04:20.080
<v Speaker 1>do something about it, or at least stop it. Yeah,

0:04:20.080 --> 0:04:23.320
<v Speaker 1>at least turn your computer off if nothing else. But

0:04:23.320 --> 0:04:25.720
<v Speaker 1>but yeah, if IF they're clever. And the reason why

0:04:25.720 --> 0:04:27.800
<v Speaker 1>I say if is a lot of these programs tend

0:04:27.839 --> 0:04:32.320
<v Speaker 1>to be propagated by people who themselves are not great programmers.

0:04:32.880 --> 0:04:36.760
<v Speaker 1>They tend to grab script from other websites and use them,

0:04:36.800 --> 0:04:40.400
<v Speaker 1>and they're called script kiddies. Um, but let's get to

0:04:40.480 --> 0:04:43.480
<v Speaker 1>the specifics of the Mac trojans that we wanted to

0:04:43.520 --> 0:04:46.279
<v Speaker 1>talk about now. For a very long time, MAX have

0:04:46.440 --> 0:04:50.880
<v Speaker 1>been seen as sort of, uh, much more safe than PCs, right,

0:04:50.920 --> 0:04:54.279
<v Speaker 1>They're they're seen as you know, people are very proud.

0:04:54.279 --> 0:04:56.080
<v Speaker 1>They'll say, I don't have to worry about viruses. I

0:04:56.240 --> 0:04:59.760
<v Speaker 1>use a Mac. That's true. Um, this is a principle,

0:05:00.000 --> 0:05:04.000
<v Speaker 1>which is it has a at least a rhyming name.

0:05:04.080 --> 0:05:09.000
<v Speaker 1>Security through obscurity. Basically, why bother writing viruses for the

0:05:09.040 --> 0:05:11.760
<v Speaker 1>Mac crowd, because they're only ten or so of them

0:05:11.760 --> 0:05:14.480
<v Speaker 1>out there, right, so they don't even bother. And and

0:05:14.600 --> 0:05:17.720
<v Speaker 1>on top of that, the Mac operating system and on

0:05:17.880 --> 0:05:21.719
<v Speaker 1>hardware is a closed system. It's not like PCs where

0:05:21.760 --> 0:05:23.400
<v Speaker 1>you can you know, you can get a circuit board

0:05:23.440 --> 0:05:26.120
<v Speaker 1>from one place and you can get memory from another place.

0:05:26.680 --> 0:05:29.640
<v Speaker 1>Max are an all in one package that you get

0:05:29.680 --> 0:05:32.800
<v Speaker 1>from Apple, and you can upgrade and everything. But for

0:05:32.880 --> 0:05:35.960
<v Speaker 1>the most part, it's a closed system. So again, security

0:05:36.000 --> 0:05:38.919
<v Speaker 1>through obscurity. It's not something that is widely understood. Not

0:05:39.000 --> 0:05:41.479
<v Speaker 1>people don't don't sit there and do a lot of

0:05:41.520 --> 0:05:43.839
<v Speaker 1>Mac hacks. I mean there are people who do them,

0:05:43.960 --> 0:05:47.359
<v Speaker 1>but there are fewer than the PC hacks. That's true.

0:05:47.520 --> 0:05:51.200
<v Speaker 1>That's true. Um. And for a long time that that

0:05:51.560 --> 0:05:54.800
<v Speaker 1>people in the Mac crowd of sort of speaking as

0:05:54.839 --> 0:05:58.039
<v Speaker 1>someone who is a Mac user more often than not. Um,

0:05:58.480 --> 0:06:02.239
<v Speaker 1>you know, we're sort of under that mindset. We're saying, hey,

0:06:02.360 --> 0:06:05.240
<v Speaker 1>I don't really need to spend seventy five dollars on

0:06:05.320 --> 0:06:09.640
<v Speaker 1>a piece of antivirus software because my computer is safe. Um.

0:06:09.640 --> 0:06:12.680
<v Speaker 1>And Apple explains that, you know, they think that their

0:06:12.760 --> 0:06:15.680
<v Speaker 1>system is safe. They're not really particularly concerned about it,

0:06:15.920 --> 0:06:18.880
<v Speaker 1>except not too long ago. A few months ago, they

0:06:18.920 --> 0:06:21.400
<v Speaker 1>actually had a page up on their website and everybody

0:06:21.720 --> 0:06:24.440
<v Speaker 1>took notice of the fact that they were saying, well,

0:06:24.560 --> 0:06:27.720
<v Speaker 1>maybe you should install some antivirus software. Probably wouldn't be

0:06:27.760 --> 0:06:31.159
<v Speaker 1>a bad idea, and that which kind of deviates from there. Well,

0:06:31.240 --> 0:06:34.200
<v Speaker 1>the OS ten operating system is a very secure system.

0:06:34.240 --> 0:06:36.000
<v Speaker 1>You don't really need to worry about viruses. It's a

0:06:36.000 --> 0:06:38.640
<v Speaker 1>selling point, it's a marketing point for them to UH

0:06:38.720 --> 0:06:40.800
<v Speaker 1>to say how secure it is, right, And I think

0:06:40.800 --> 0:06:44.560
<v Speaker 1>this is sort of the price of popularity UM. Mac

0:06:44.680 --> 0:06:49.160
<v Speaker 1>sales UH increased significantly over two thousand and eight before

0:06:49.240 --> 0:06:53.880
<v Speaker 1>the economic downturn, which affected all computer sales. But they're

0:06:53.920 --> 0:06:56.400
<v Speaker 1>up to a of market share now, right, so, and

0:06:56.440 --> 0:06:59.680
<v Speaker 1>that's significant. So now that there are more Mac users

0:06:59.720 --> 0:07:03.080
<v Speaker 1>out there, there's more of an incentive for someone who

0:07:03.160 --> 0:07:05.719
<v Speaker 1>wants to create malware to create it for the Mac

0:07:05.800 --> 0:07:09.440
<v Speaker 1>because now they have a significant population they can affect. Now,

0:07:09.480 --> 0:07:12.920
<v Speaker 1>before if you were like, well, if people have PCs

0:07:12.960 --> 0:07:15.080
<v Speaker 1>and one person has a Mac, it makes more sense

0:07:15.080 --> 0:07:17.320
<v Speaker 1>for me to program something for the ninety people because

0:07:17.320 --> 0:07:19.600
<v Speaker 1>I'm gonna get more hits that way. But if the

0:07:19.680 --> 0:07:22.480
<v Speaker 1>population of computer users gets high enough, then it totally

0:07:22.520 --> 0:07:25.200
<v Speaker 1>makes sense. Okay, well I'm gonna switch gears because these

0:07:25.240 --> 0:07:28.440
<v Speaker 1>people not only are there more of them, but they

0:07:28.480 --> 0:07:30.920
<v Speaker 1>have been lulled into a false sense of security and

0:07:30.920 --> 0:07:34.560
<v Speaker 1>I can take advantage of that. That's true now. The

0:07:34.560 --> 0:07:38.000
<v Speaker 1>the Trojans that hit in January of two thousand nine

0:07:38.120 --> 0:07:43.160
<v Speaker 1>that affect max effect a very specific subset of Mac users,

0:07:43.600 --> 0:07:47.920
<v Speaker 1>and I like to call them the naughty ones. So,

0:07:48.120 --> 0:07:51.360
<v Speaker 1>in other words, right now, if using a Mac is

0:07:51.400 --> 0:07:53.760
<v Speaker 1>still very safe, I should I'm gonna go out and

0:07:53.800 --> 0:07:56.120
<v Speaker 1>say it right now, using a Mac. If you're using

0:07:56.120 --> 0:07:59.760
<v Speaker 1>a Mac and you're being a law abiding, um, you know,

0:08:00.320 --> 0:08:03.440
<v Speaker 1>upstanding citizen on the web, then you're going to be

0:08:03.480 --> 0:08:08.440
<v Speaker 1>pretty safe using a Mac. But if you're a filthy, dirty,

0:08:08.480 --> 0:08:12.840
<v Speaker 1>pirate yar and you're trying to steal software from the Mac,

0:08:13.200 --> 0:08:16.640
<v Speaker 1>you might be in for a nasty surprise. That's true.

0:08:16.760 --> 0:08:19.720
<v Speaker 1>Um and all started with a suite of software that

0:08:20.080 --> 0:08:22.440
<v Speaker 1>those of you who are not Mac users may not

0:08:22.520 --> 0:08:25.840
<v Speaker 1>be familiar with. It's called I Work. Um, it's a collection,

0:08:26.000 --> 0:08:29.480
<v Speaker 1>it's it's not really a A and Microsoft Office killer.

0:08:29.880 --> 0:08:32.040
<v Speaker 1>But there are three applications that are part of the suite.

0:08:32.640 --> 0:08:36.720
<v Speaker 1>Pages which is a you know, word processing program, Keynote,

0:08:36.720 --> 0:08:40.680
<v Speaker 1>which is a presentation program, and Numbers, which is a

0:08:40.800 --> 0:08:44.840
<v Speaker 1>spreadsheet program. And uh, oddly enough, these are very much

0:08:44.920 --> 0:08:48.360
<v Speaker 1>like three of the major applications in Office. But um,

0:08:49.120 --> 0:08:52.120
<v Speaker 1>there was a pirate ID version going around, a broken

0:08:52.240 --> 0:08:55.040
<v Speaker 1>version that people were starting to download, and uh, it

0:08:55.120 --> 0:08:58.280
<v Speaker 1>contained more than just a copy of I work, it

0:08:58.360 --> 0:09:02.480
<v Speaker 1>also contained a trojan horse and so this was propagated

0:09:02.480 --> 0:09:06.839
<v Speaker 1>along or spread along bit torrent. So people using bit

0:09:06.880 --> 0:09:11.760
<v Speaker 1>torrent to download a pirated copy of I work um

0:09:11.760 --> 0:09:14.840
<v Speaker 1>received a trojan that installed as part of the eye

0:09:14.880 --> 0:09:21.760
<v Speaker 1>work Services installation process. And um it gave someone no

0:09:21.840 --> 0:09:24.079
<v Speaker 1>one's really sure who at this point, as when we're

0:09:24.120 --> 0:09:31.600
<v Speaker 1>recording this root access to the victimized computer. And that's

0:09:31.640 --> 0:09:34.160
<v Speaker 1>that's a bad thing. That's what you can build a

0:09:34.200 --> 0:09:37.199
<v Speaker 1>bot net or a zombie computer army out of are

0:09:37.280 --> 0:09:41.520
<v Speaker 1>these computers that have a compromised root access system. It

0:09:41.559 --> 0:09:44.640
<v Speaker 1>means that someone else can then sort of fiddle with

0:09:44.679 --> 0:09:48.080
<v Speaker 1>your computer and make it do things like UM distributed

0:09:48.120 --> 0:09:51.600
<v Speaker 1>denial of service attacks or spreading spam, that kind of thing.

0:09:51.640 --> 0:09:56.000
<v Speaker 1>That's sort of what most zombie computer armies are are

0:09:56.600 --> 0:09:59.720
<v Speaker 1>used for. Yeah, the name of this one actually is

0:10:00.120 --> 0:10:06.000
<v Speaker 1>OS ten dot Trojan dot ice services dot A catchy Yeah. Yeah,

0:10:06.040 --> 0:10:08.360
<v Speaker 1>well they all are. They have these fancy names. And

0:10:08.400 --> 0:10:13.040
<v Speaker 1>it also depends on which, uh, which anti virus authority

0:10:13.080 --> 0:10:15.600
<v Speaker 1>you're talking to, because at least on the PC side,

0:10:15.840 --> 0:10:18.440
<v Speaker 1>usually each one has its own name for the each

0:10:18.520 --> 0:10:21.200
<v Speaker 1>virus that is even more confusing. But in this case, yes,

0:10:21.840 --> 0:10:24.240
<v Speaker 1>yep and uh, it's known to bury parts of itself

0:10:24.320 --> 0:10:26.559
<v Speaker 1>very deep in the system. UM. As a matter of fact,

0:10:26.600 --> 0:10:29.040
<v Speaker 1>the experts say that if you've got this on there

0:10:29.080 --> 0:10:31.679
<v Speaker 1>on your machine, it's probably best to do a clean

0:10:31.800 --> 0:10:36.040
<v Speaker 1>installation of your operating system and just format your hard

0:10:36.080 --> 0:10:41.000
<v Speaker 1>drive again again. Back up your computer, right. It's always important.

0:10:41.040 --> 0:10:43.400
<v Speaker 1>We say it over and over, and you think we're joking.

0:10:43.440 --> 0:10:46.240
<v Speaker 1>We're not joking. Not that I do it myself. I'm

0:10:46.240 --> 0:10:48.640
<v Speaker 1>guilty of not doing I have been known to go

0:10:48.760 --> 0:10:53.839
<v Speaker 1>a long time between backups, and it has in the past.

0:10:54.640 --> 0:10:57.920
<v Speaker 1>I've I've become legendary in the office for having some

0:10:58.040 --> 0:11:02.000
<v Speaker 1>hissy fits when I've had problems with my computer. Yep, yep,

0:11:02.200 --> 0:11:07.080
<v Speaker 1>manly hissy fits. I should add, if you say so, okay, um,

0:11:07.160 --> 0:11:09.679
<v Speaker 1>And then you know that this happened, uh, I guess

0:11:09.720 --> 0:11:11.839
<v Speaker 1>technically it was late two thousand eight when it started

0:11:11.840 --> 0:11:13.240
<v Speaker 1>to show up, but you know, it was the holiday,

0:11:13.280 --> 0:11:14.800
<v Speaker 1>so we waited to be worried about it until the

0:11:14.800 --> 0:11:17.439
<v Speaker 1>new year, and the whole the whole eye work O

0:11:17.559 --> 0:11:21.760
<v Speaker 1>nine didn't even really come out until UM Macworld that's true,

0:11:21.880 --> 0:11:25.600
<v Speaker 1>but which was immediately after writing year, so yeah, exactly. Um,

0:11:25.679 --> 0:11:29.040
<v Speaker 1>but there was a variant that showed up not too

0:11:29.080 --> 0:11:32.439
<v Speaker 1>long afterward. I just call it B. Just call it B. Yeah.

0:11:32.520 --> 0:11:34.520
<v Speaker 1>Well it's the blah blah blah blah blah blah blah

0:11:34.840 --> 0:11:37.080
<v Speaker 1>B instead of A. Okay, I mean, I don't have

0:11:37.080 --> 0:11:38.600
<v Speaker 1>it written down in front. Un Lets you get away

0:11:38.600 --> 0:11:41.800
<v Speaker 1>with that as you're you're right. So this is a

0:11:41.880 --> 0:11:44.320
<v Speaker 1>second trojan, very similar to the first one. Um, but

0:11:44.400 --> 0:11:48.319
<v Speaker 1>this one was attached to pirated versions of Adobe Photoshop

0:11:48.440 --> 0:11:55.120
<v Speaker 1>c S four for Apple, So again an illegal uh

0:11:55.280 --> 0:11:59.440
<v Speaker 1>application and pirated application. It's is the one that's carrying

0:11:59.480 --> 0:12:01.640
<v Speaker 1>this trojan. And if you went out and you bought

0:12:01.679 --> 0:12:04.360
<v Speaker 1>a copy of Adobe Photoshop c S four, you're fine.

0:12:04.400 --> 0:12:07.120
<v Speaker 1>I mean, that's that's a legitimate copy. It's not carrying

0:12:07.160 --> 0:12:09.800
<v Speaker 1>anything dangerous. It's only for the people who are saying, hey,

0:12:09.880 --> 0:12:11.640
<v Speaker 1>I want this, but I don't want to shell out

0:12:11.720 --> 0:12:14.040
<v Speaker 1>the you know, several hundred dollars it's gonna cost me

0:12:14.440 --> 0:12:17.720
<v Speaker 1>to buy this program, so I'm just gonna steal it. Well,

0:12:17.920 --> 0:12:19.440
<v Speaker 1>they're the ones who are paying the price right now,

0:12:19.480 --> 0:12:23.600
<v Speaker 1>because they're the ones who had their computers infected. So, uh,

0:12:23.640 --> 0:12:25.720
<v Speaker 1>if you were a a Mac user, the first and

0:12:25.760 --> 0:12:27.760
<v Speaker 1>most important thing you should know about all this is

0:12:28.040 --> 0:12:30.760
<v Speaker 1>you're not completely immune from viruses. There's there, you know,

0:12:30.880 --> 0:12:33.800
<v Speaker 1>no operating system. Even an Apple spokesperson said this, no

0:12:33.920 --> 0:12:37.840
<v Speaker 1>operating system is a hundred percent safe. There there's always

0:12:37.880 --> 0:12:41.120
<v Speaker 1>some vulnerability. And you know, of course, the manufacturers, the

0:12:41.160 --> 0:12:45.800
<v Speaker 1>software manufacturers. Microsoft is famous for patching on regular intervals

0:12:46.360 --> 0:12:51.560
<v Speaker 1>UM and Apple does sends out intervals patches to UM.

0:12:51.600 --> 0:12:53.640
<v Speaker 1>The thing is, you know, you need to be aware

0:12:53.679 --> 0:12:56.760
<v Speaker 1>that it can happen. And investing in any virus software

0:12:57.040 --> 0:13:00.240
<v Speaker 1>isn't really a bad idea. Yeah, it's expensive and there's

0:13:00.280 --> 0:13:04.480
<v Speaker 1>not a lot of free anty virus software. UM I

0:13:04.520 --> 0:13:08.160
<v Speaker 1>would be wary, especially of downloading anything that has a

0:13:08.200 --> 0:13:11.760
<v Speaker 1>pop up window. Yeah that's a bad sign. Yeah, but

0:13:12.040 --> 0:13:14.480
<v Speaker 1>you know, of course, Norton samantechmates makes a Norton anty

0:13:14.520 --> 0:13:18.160
<v Speaker 1>virus for Macintosh, and uh Antigo, which also does is

0:13:18.200 --> 0:13:20.920
<v Speaker 1>the the organization that finds a lot of the Mac

0:13:21.040 --> 0:13:24.040
<v Speaker 1>viruses and issues alerts. UM offers its virus barrier, and

0:13:24.120 --> 0:13:29.040
<v Speaker 1>both of them offer a dual platform version of the software.

0:13:29.080 --> 0:13:31.559
<v Speaker 1>Because some people who are using Intel based Macintosh is

0:13:31.600 --> 0:13:35.600
<v Speaker 1>are running both Windows and Macintosh operating systems on their machines. Yeah,

0:13:35.640 --> 0:13:38.720
<v Speaker 1>it's called using creating a virtual machine yep, yep, or

0:13:39.120 --> 0:13:44.400
<v Speaker 1>in dual boot boots. Um, but yeah we should. Antigo

0:13:44.440 --> 0:13:48.200
<v Speaker 1>actually said that in January that at least twenty thousand

0:13:48.240 --> 0:13:53.200
<v Speaker 1>people had downloaded that I Work O nine installer. So

0:13:54.080 --> 0:13:58.679
<v Speaker 1>that's twenty people who had their computers infected by a trojan.

0:13:58.760 --> 0:14:01.200
<v Speaker 1>And that's just the I Work and that's not including

0:14:01.280 --> 0:14:04.200
<v Speaker 1>the Photoshop one. I don't have any any figures on that.

0:14:04.360 --> 0:14:06.000
<v Speaker 1>I didn't I didn't see any fresh numbers on that.

0:14:06.000 --> 0:14:08.240
<v Speaker 1>That was actually fairly close to when we uh, when

0:14:08.240 --> 0:14:12.000
<v Speaker 1>we are recording the podcast now, so new hard numbers there,

0:14:12.559 --> 0:14:15.360
<v Speaker 1>um it is. There's also a possibility to that you

0:14:15.400 --> 0:14:19.680
<v Speaker 1>can run a foul of some malicious websites and some

0:14:19.800 --> 0:14:22.360
<v Speaker 1>of the runtime operating systems. You know, there are a

0:14:22.400 --> 0:14:24.880
<v Speaker 1>cross platform you know, if there is a virus that

0:14:24.960 --> 0:14:28.640
<v Speaker 1>operates on them, you can you could possibly have some

0:14:28.920 --> 0:14:32.000
<v Speaker 1>problems with that too. So always good to be very

0:14:32.000 --> 0:14:34.640
<v Speaker 1>conscious of what you do, no matter what operating system

0:14:34.680 --> 0:14:38.120
<v Speaker 1>you're on. Now, sad to say, if your computer has

0:14:38.200 --> 0:14:41.840
<v Speaker 1>been compromised, Let's say that you are a fine upstanding person,

0:14:41.880 --> 0:14:45.640
<v Speaker 1>but your little brother decided he wanted a copy of

0:14:45.800 --> 0:14:48.760
<v Speaker 1>I work for some reason. Perhaps he's starting a new

0:14:48.800 --> 0:14:51.360
<v Speaker 1>lemonade stand and he needs to have a spreadsheet tracking

0:14:51.360 --> 0:14:54.960
<v Speaker 1>all his sales, or a nice presentation. But of course

0:14:55.000 --> 0:14:57.440
<v Speaker 1>you know you didn't download it. Of course we would

0:14:57.440 --> 0:14:59.320
<v Speaker 1>never suggest such a thing. But let's say that your

0:14:59.320 --> 0:15:02.160
<v Speaker 1>computer gets a acted by it. You can find a

0:15:02.240 --> 0:15:06.320
<v Speaker 1>trojan removal tool supplied by Secure Mac if you if

0:15:06.360 --> 0:15:08.920
<v Speaker 1>you need that service, if if you know that your

0:15:08.960 --> 0:15:12.200
<v Speaker 1>computer has been compromised, UM, I recommend that you get

0:15:12.240 --> 0:15:16.520
<v Speaker 1>this trojan removal tool so that you can take take

0:15:16.560 --> 0:15:18.760
<v Speaker 1>care of that problem, because the longer you leave it,

0:15:18.800 --> 0:15:20.800
<v Speaker 1>the more likely your computer will be used in some

0:15:20.880 --> 0:15:24.680
<v Speaker 1>really nasty denial of service tech or spam at tech

0:15:24.840 --> 0:15:27.920
<v Speaker 1>or whatever. I mean. For all we know, the person

0:15:27.920 --> 0:15:30.520
<v Speaker 1>who is who designed this trojan did so just to

0:15:30.600 --> 0:15:32.760
<v Speaker 1>prove a point. We don't know that there was any

0:15:32.760 --> 0:15:36.640
<v Speaker 1>malicious intent, but we don't know that there's not either.

0:15:37.160 --> 0:15:39.680
<v Speaker 1>That's that's true. It's almost like that the virus I

0:15:39.920 --> 0:15:42.280
<v Speaker 1>mentioned earlier, the elk cloner, which was the very very

0:15:42.280 --> 0:15:44.760
<v Speaker 1>first thing. It was sort of a proof of concept

0:15:44.840 --> 0:15:47.440
<v Speaker 1>thing and and in in this case a practical joke

0:15:47.520 --> 0:15:51.080
<v Speaker 1>than an actual problem. But you know, you'll notice if

0:15:51.120 --> 0:15:54.120
<v Speaker 1>your computer is starting to run more slowly. UM, if

0:15:54.160 --> 0:15:57.840
<v Speaker 1>you're having trouble you know, with the general operations of

0:15:57.920 --> 0:16:00.480
<v Speaker 1>stuff just doesn't work the way it did. UM, you

0:16:00.560 --> 0:16:02.680
<v Speaker 1>might have reason to, uh, to believe that there is

0:16:02.720 --> 0:16:07.360
<v Speaker 1>a evil entity lurking within your hard drive. Right if

0:16:07.360 --> 0:16:08.960
<v Speaker 1>you look and see that there's a there are a

0:16:09.000 --> 0:16:11.560
<v Speaker 1>lot of packets going across your home network and yet

0:16:11.640 --> 0:16:14.800
<v Speaker 1>nothing is downloading at the moment, that's a good indication

0:16:14.880 --> 0:16:17.960
<v Speaker 1>something's going on. You know. My favorite, uh, my favorite

0:16:18.040 --> 0:16:21.000
<v Speaker 1>macvirus of all time has to be the the Honor

0:16:21.040 --> 0:16:24.560
<v Speaker 1>System virus UM, the one that basically went around saying, well,

0:16:24.840 --> 0:16:26.480
<v Speaker 1>you know, we're not going to write a virus for

0:16:26.480 --> 0:16:29.080
<v Speaker 1>your Macintosh. Please delete your entire hard driving. Forward this

0:16:29.120 --> 0:16:33.240
<v Speaker 1>to all your friends. Yeah, so this is a good

0:16:33.760 --> 0:16:35.720
<v Speaker 1>We we've pretty much kind of drawn the line between

0:16:35.720 --> 0:16:39.080
<v Speaker 1>hackers who might show you that it's possible to create

0:16:39.200 --> 0:16:43.400
<v Speaker 1>a virus in in order to boost security. UM. Hackers

0:16:43.440 --> 0:16:46.640
<v Speaker 1>often will do that. They'll they'll find security flaws and

0:16:46.680 --> 0:16:50.240
<v Speaker 1>they'll publicize them in the hopes that someone will address

0:16:50.280 --> 0:16:53.800
<v Speaker 1>those flaws. And fix it, whereas crackers are the kind

0:16:53.880 --> 0:16:57.480
<v Speaker 1>of hackers who will exploit it for their own you know,

0:16:57.840 --> 0:17:00.880
<v Speaker 1>means that's true. And they're all so tasty with soup

0:17:01.120 --> 0:17:04.960
<v Speaker 1>they are. That's a good that's a good stopping point.

0:17:05.880 --> 0:17:08.560
<v Speaker 1>So we're gonna wrap things up before we go. I

0:17:08.600 --> 0:17:10.480
<v Speaker 1>thought it would be nice if we gave a shout

0:17:10.520 --> 0:17:13.520
<v Speaker 1>out to a sister podcast of ours. It's brand new.

0:17:13.600 --> 0:17:18.400
<v Speaker 1>It just started publishing um February really and it's called

0:17:18.560 --> 0:17:22.159
<v Speaker 1>stuff Mom Never told you. And it's a sort of

0:17:22.160 --> 0:17:25.280
<v Speaker 1>a you know, a feminine perspective on various articles that

0:17:25.320 --> 0:17:29.000
<v Speaker 1>appear on our site. And I highly recommend it um

0:17:29.040 --> 0:17:34.200
<v Speaker 1>in a masculine way. Excellent. Yea, all right, And if

0:17:34.200 --> 0:17:36.679
<v Speaker 1>you want to learn more about computer viruses and computer

0:17:36.800 --> 0:17:39.479
<v Speaker 1>topics in general, you can check out dozens of articles

0:17:39.480 --> 0:17:42.200
<v Speaker 1>that we have live right now at how stuff works

0:17:42.240 --> 0:17:44.640
<v Speaker 1>dot com. And we'll talk to you again really soon

0:17:46.000 --> 0:17:48.399
<v Speaker 1>for more on this and thousands of other topics. Is

0:17:48.440 --> 0:17:55.080
<v Speaker 1>it how stuff works dot com, brought to you by

0:17:55.119 --> 0:17:58.600
<v Speaker 1>the reinvented two thousand twelve camera. It's ready, are you