Thoughts on the Flashback Trojan

There's been a lot of talk recently about the Flashback trojan infecting over half a million Macs. Personally, I'm finding it hard to separate the hype from reality and I take with a strong dose of skepticism any hysteria-inducing information reported by a company that makes their living selling antivirus software. All that being said, Malware is something that Mac users and Apple alike do need to start taking seriously and if this is the incident that spurs greater awareness,  thankful for that. We can no longer afford to be complacent and rely on security by obscurity.

David and I have received a few emails from Mac Power Users listeners inquiring if we will be doing a show on the topic. After some thought and discussion, at this time our answer is no. I'm not sure there's all that much we can add that we haven't said before. We recently covered the topic of security in depth on Mac Power Users Episode 067 Web Security and your Apple Devices with George Starcher. We also discussed devoted an entire episode to the topic in Mac Power Users Episode 010: Mac Security. I would encourage listeners who are concerned to go back and listen to these two episodes

For a general overview of the Flashback Trojan, I think this excellent article by Rich Mogull for Macworld is required reading. It covers the basics of what Flashback is, how you can become infected and what you can do about it. TidBITS also has an excellent article with additional testing information for alternative browsers including screenshots with instructions for disabling Java.

For now, check software update, disable unneeded services in your browsers, stay patched and use safe browsing habits. Stay safe!

Edit: Here's the link to the Nosillacast Mac Podcast for April 8, 2012 where Allison Sheridan and Bart Busschots discuss the Flashback Trojan. (Thanks Lynda!)