Firefox: Reported Attack Site (how to ignore)

[Logical_Phallacy]

So one of my favorite websites (RlsLog has recently been flagged as a ‘Reported Attack Site’ according to whatever db Firefox uses. My understanding is that the website hasn’t been careful in screening the advertisements it serves and supposedly some of these may have contained malware. Now all my computers are Macs, so I really don’t care about any of this purported malware, because it cannot possibly effect me.

Thus I would love to know how to permanently make these ‘reported attack site’ warnings disapear, either just for this website, or alternatively, for all websites.

cheers.

[engineer_comp_geek]

I believe newer versions of firefox have a link down in the lower right corner to add an exception for a site.

Logical_Phallacy:

Now all my computers are Macs, so I really don’t care about any of this purported malware, because it cannot possibly effect me.

That is not entirely true.

[Logical_Phallacy]

engineer_comp_geek: Can you cite a single instance of web-based malware in the wild that is capable of infecting a mac?

[KneadToKnow]

I’m not engineer_comp_geek, but here’s one I found.

[beowulff]

KneadToKnow:

I’m not engineer_comp_geek, but here’s one I found.

This is a Trojan.
It requires the user to click on a link, download the software, and give permission to install it.
Currently, OS X is completely immune to any “drive-by” attacks.

[KneadToKnow]

beowulff:

This is a Trojan.
It requires the user to click on a link, download the software, and give permission to install it.
Currently, OS X is completely immune to any “drive-by” attacks.

While this may reveal my ignorance of the fine shades of meaning, does it not meet the description of “web-based malware in the wild that is capable of infecting a mac”?

[Logical_Phallacy]

I was indeed referring to the ‘no user-intervention required’ breed of malware. The reason being that if some website prompted me to download and then install a program I am confident that I would just say ‘cancel/delete’.

[KneadToKnow]

Fair enough.

[aldiboronti]

Logical_Phallacy:

So one of my favorite websites (RlsLog has recently been flagged as a ‘Reported Attack Site’ according to whatever db Firefox uses. My understanding is that the website hasn’t been careful in screening the advertisements it serves and supposedly some of these may have contained malware. Now all my computers are Macs, so I really don’t care about any of this purported malware, because it cannot possibly effect me.

Thus I would love to know how to permanently make these ‘reported attack site’ warnings disapear, either just for this website, or alternatively, for all websites.

cheers.

Go to Tools>Options>Security. You can then untick the Block Reported Attack Sites box (though I wouldn’t recommend it personally).

[engineer_comp_geek]

beowulff:

Currently, OS X is completely immune to any “drive-by” attacks.

Actually, it has been proven that OS X is not at all immune to these sorts of attacks. It has been demonstrated that it is possible to completely take over a mac just from pointing it at a web site. Security flaws have also been found in safari and firefox that could potentially allow malware to be executed on a mac.

I don’t know any statistics about how many of these things are actually out “in the wild” but OS X is most definitely not “immune” to them.

Malware for macs has been on the rise for the past couple of years. Most of the articles I’ve read about it say this is due to two reasons. The first is that macs have been becoming a bit more popular. Macs and linux boxes have both benefited from security through obscurity to some degree, and both are becoming a bit less obscure. The second reason that is commonly quoted is the fact that a large number of mac users believe their systems to be completely immune to malware, and are therefore ill prepared to deal with it.

Macs are extremely unlikely to be infected with malware, but “extremely unlikely” and “not possible” are not equivalent statements.