What is Digg?Sponsored by Travelzoo
Take Advantage of Ridiculously Low Holiday Airfares view!
travelzoo.com - Flights $52 and up for Thanksgiving, Christmas & New Year. But move on it now.
481 Comments
- streak, on 11/02/2007, -15/+217PLEASE buy our antivirus software!! Then you'll be able to visit p0rn sites safely!
- FunkyWitDaSysTm, on 11/02/2007, -5/+151this isn't a virus, it's just a trojan horse that tricks you into providing your administrator password. at that point it's not your mac that has a vulnerability, it's your poor judgement.
if you make it a habit of going to porn sites, you should know that installing any type of software from them is a very stupid thing to do. if they can't stream their video through the browser without installing a codec, then something's fishy.
play it safe, and just don't install suspicious software. or else this could happen to you. - zeejay, on 11/02/2007, -13/+150Q. How big of an idiot to you have to be to install software from a porn site?
A. The same kind of idiot that would buy anti-malware software for a Mac. (Unless you're running a Windows partition, of course...) - cglisson, on 11/02/2007, -20/+133Scare tactic by Intego... they have done this before. Nothing in the wild, nothing to see here folks, nothing to see here...
- wgerik, on 11/02/2007, -6/+101The installer application doesn't automatically launch with root privileges, so it's not really a security risk. That's why it asks for the admin password shortly afterward.. that's where the trouble starts. Any semi-competent computer user should know better than to install a questionable piece of software anyway... even with their judgement slightly impaired by a raging hard-on. :P
- ramsinks.com, on 11/01/2007, -8/+94Any AV company will tell you that it is needed to have an AV for OSX/Linux. They are in sales.
However, technically and the reality of the situation it is pointless with one given exclusion.
#1
There are no malware for OSX/Linux in the wild. There has been a worm made for OSX within this year, however
this was done on purpose in a lab to see if it could be done. It was done. However to get infected it takes 6 full steps
to force an infection on OSX.
-First, you have to download the worm manually.
-Second, you have to double-click the DMG installer
-Third, you have to agree to install
-forth, you have to give it your root password
-fifth, you have to agree again (via OSX)
-sixth, OSX warns you and you have to say "yes" to replace important OSX files
That is a lot of work to become infected. Thus is why there is no "spread".
#2
The other point people like to make is "Mac has too small of market".
Well, this has been said for 10 years now. Now, OSX is 10% WORLDWIDE.
Thats millions of computers to "attack". It still has not been done (see point #1)
#3
Last year a group offered $10,000 to anybody to make a trojan for OSX that could be spread - this was sanctioned by large AV companies
for a true test. Nobody has stepped up to date to claim the $10K.
The main reason this has not been done, is because it cannot be done. Unless (see #1).
This can be explained due to darwin BSD code and the way it authenticates user activity and protects itself.
The ONLY reason to have an AV product on LINUX is if you had a linux file server that monitors windows shared files.
Not to protect Linux itself, but to protect other windows machines on the network. At this point, there is wonderful opensource
AV clients for this that are better than any "Paid" AV products out there.
I hope this clears up some things. - WiseWeasel, on 11/01/2007, -14/+901) You have to enter your admin password when prompted to install the trojan
2) You have to manually check the "Open 'Safe' Files After Downloading" option in Safari's preferences to be vulnerable to an automated installation. Otherwise, a user would have to manually mount the DMG disk image, and then manually install the trojan.
The threat level from this trojan is pretty small for a majority of users. People who download and install software with admin privileges from a porn site get what they deserve. User intervention + admin password needed = pretty weak trojan... - InfiniteNothing, on 11/02/2007, -4/+75If you're stupid enough to install a program from a porn site, you deserve this virus
- darkalias, on 11/01/2007, -7/+76To properly configure Parental Control, I need to know those, ehm, URLs, anybody know?
- ramsinks.com, on 11/01/2007, -10/+67It's sad how many are so un-tech savvy to believe what they see on digg.
FUD. - Ag3ntOrang3, on 11/01/2007, -4/+55Has no one realized that you have to input your password for the so called "Trojan" to be effective. You can't stop stupid users from doing stupid things. If you are dumb enough to download a "video codec" to watch pr0n then you deserve to get hit. As a Mac user I can go home tonight and safely use either Safari or Firefox to surf any website I wish without the fear of a buffer overflow exploit on ActiveX and a silent install of nasty malware.
- caliky, on 11/01/2007, -2/+45As a Mac user I'm scared sh*tless that there is a Trojan horse out there that can ruin my day AFTER I VOLUNTARILY turn over my password.
- drjones78, on 11/01/2007, -0/+37Every operating system out there is susceptible to trojans because they rely on user stupidity or lapse of judgement. There's plenty of trojans out there for linux and unix as well. If you install an application from an untrusted source, using administrator/root privileges you put your self at risk. The most secure OS in the world cant even protect you from yourself.
Hell, there are quite a number of trojans out there for linux, and since OSX is unix, I bet many of them might work there as well.
The biggest problem with Trojans and Windows has traditionally been that there's so many ways to install them *without* user input, through activex controls or outlook macros. The situation may be much better in Vista though, I don't know. - awhiteflame, on 11/01/2007, -3/+39Except this is a total non-issue and requires root password to install. Why not just make malicious scripts that require root password as well?
- ThatsUnpossible, on 11/02/2007, -11/+43Something tells me you don't actually understand what this is...
- hokkos, on 11/01/2007, -16/+48A virus which demand the administrator password ...
but I think that the "Safari users who have checked the "Open 'Safe' Files After Downloading" option in General Preferences will find that the disk image which is downloaded to their Mac automatically mounts, and the installer application will automatically launch." IS VERY BAD (different in Leopard I think).
And that scutil can change DNS server is also very bad.
Please apple fix it. - topiKal, on 11/01/2007, -9/+41I'd be prepared for more of this kind of stuff coming along.
With the huge increase in the popularity of Apple products, I wouldn't be surprised to see many more viruses and trojans focused specifically on harming Mac systems. While it's not a good thing, it is interesting to note the trend considering Windows has a reputation for being the only OS with a high risk of virus and spyware infection. Be careful, Mac users. - Angostura, on 11/01/2007, -0/+31I don't think the installer automatically launches - just mounts.
The problem with this is the risk is inherently of a OS-agnostic type. 1. Guy downloads software that says it will do X, 2. guy is asked for admin password 3. software installs 4. Software does Y instead.
I'm not really sure what there is for Apple to fix here, unless Leopard's sandboxing could help in some way (which I doubt) - AmazingSyco, on 11/03/2007, -5/+34Hey, guys, I have an idea.
RTFA. Seriously. You first have to download something. Then mount the disk image. Then open the installer. Then, and here's the fun part, you have to ENTER YOUR ADMIN PASSWORD. Once you do that, and only IF you do that, it installs the malware.
Come on. By this rationale, and regardless of platform, the NIC in your computer is a security vulnerability. That and PEBKAC. I could write the code necessary to do everything in this trojan and more in, oh, an hour for OS X.
Buried, and burying troll comments. - jeffgtr, on 11/02/2007, -8/+34To get infected enough you first have to stupid enough to download something from a porn site, then put in your admin password to authorize.
But then maybe I should scurry on over to Walmart and pickup a pc with Vista, I'm sure that would be safer (sarcasm) - teamtom, on 11/01/2007, -0/+26You'd have to be a moron to fall for that "Trojan Horse", now I'm off to email my bank account numbers to that nice man from Liberia...
- zweben, on 11/01/2007, -0/+25Basically, it relies on social engineering more than any specific software vulnerability. Keeping people from voluntarily installing malicious software that they think is legit is a pretty difficult problem to solve through software.
Unfortunately, other than warning people about installing applications from sites they don't (or shouldn't) trust, releasing security updates and patches quiclky, and making sure that software cannot be installed without user approval, there's really not all that much any OS designer can do. - bethlagarrison, on 11/01/2007, -2/+24THIS ISN'T A VIRUS.
You have to DOWNLOAD it, then sit idly by and WATCH as it runs the installer, then give it your PASSWORD.
Anyone stupid enough to go through that entire process deserves to have their computer messed up. - platypibri, on 11/02/2007, -0/+21Hey, I just realized if someone stole my Mac, I could lose everything!!!!! That's like a total analog vulnerability!!!!!! I better get a windoze machine so no one will steal it.
- natenovs, on 11/01/2007, -13/+34sorry man, thats how almost all trojans work. its called social engineering, and its wildly successful, especially in email and porn.
- ACrazyGerman, on 11/01/2007, -2/+22must suck blowing your load so early...
- Raider007, on 11/01/2007, -0/+20Oh I get it...
I have to download something first
then install it
then go to a website to activate it...
yeah...guess i can just "catch" that one huh... - Pheter, on 11/04/2007, -66/+85Well we all knew this was going to happen. Even if you just didn't want to admit it..
- richardiscool, on 11/01/2007, -3/+21"Huge INCREASE"
- inactive, on 11/01/2007, -0/+18Trojans are NOT 'viruses'. Just sayin'. Trojans sort of rely on the user being an idiot.
- badjoke, on 11/01/2007, -7/+24Except for the whole better user experience thing.
- cakerun, on 11/01/2007, -7/+22Um, ok. So basically you will get a trojan horse if you are
a] watching porn
and b] being a general ***** retard.
"Hmm, this here porno site wants me to download an additional codec so it can let me watch more pr0nz. The porn popups are so distracting, I'm just gonna click yes and manually click through to install the ***** thing."
I should just light my computer on fire now. Goodbye Tiger, Hello VISTA!!! - natenovs, on 11/01/2007, -1/+16ok. were going to stop talking about computers for a second. do you remember the original "trojan horse" ?? those idiots had to open the locked gate and wheel the horse in for that so called "trojan" to be effective.
thats what the ***** metaphor means! it means you lower your level of security because you think the program will do A, and then it does B and your screwed. and its awfully effective. jesus h christ! - natenovs, on 11/01/2007, -0/+15the same kind of idiot who runs this stuff in windows too.
- Rudiger81, on 11/01/2007, -0/+15So OS X comes out with parental controls in Leopard and no one buys anti-virus and mail has a good junk email box. Now the company who now has no worth while products for mac has found a "Critical" trojan that needs the system to choose to install it and type in their password. Coincidence?
- kweeky, on 11/01/2007, -5/+19Most viruses and trojans on Windows are spread that way too. You have to remember that due to Windows having the biggest market share, it is also the biggest market share of people who don't know that downloading "lol.jpg.exe" from an e-mail is generally a bad idea.
Common sense is the best anti-virus. Saying that, I still have NOD32 in case I'm blind drunk or something. - BlueStarr, on 11/01/2007, -1/+15It asks for your password...ASKS....so unless you're an idiot.
- ivanvanderbyl, on 11/01/2007, -3/+16The mac market share is actually 8.1% as at October 1st.
- Rudiger81, on 11/01/2007, -7/+20OMG Quick buy antivirus and go back to windows cause it has the cancel and allow security!!! come on if your that stupid to be surfing porn and say ok to installing a program AND put in your admin password then you deserve to get a virus and also get a lobotomy.
- PathDaemon, on 11/01/2007, -2/+15While "Open 'Safe' Files After Downloading" is enabled by default, its criteria for, erm, opening safe files is very reasonable.
The system will only automatically open installers that load into the built-in Installer.app, which carefully controls what they can do.
These installer packages can do NOTHING to your system, not even display a "lawlz owned" popup, without user confirmation. If you have downloaded such a package from a website you've never heard of, you shouldn't ***** click the install button.
Once you enter your admin password, all bets are off. That's confirmation that you trust the installer to have full reign over the system, installing and changing whatever it wants.
This "Trojan" exploits no security holes whatsoever, except the usual PBKAC, and would be all but impossible for the OS to combat.
Your suggestion that letting Safari open safe files isn't safe is silly — it would add an extra step to every software install and add no security — as is your recommendation that system configuration should only be changeable through the GUI. scutil is great, and removing it would piss advanced users off and, do nothing for this Trojan. Remember, with root privs it doesn't MATTER commands exist to change stuff, it can go in and edit configuration files manually. - luigi1015, on 11/01/2007, -0/+13Where are your parents?
- spitsnaugle, on 11/01/2007, -9/+21then windows (mainly vista) must be in the negatives.
- streak, on 11/01/2007, -1/+13Vista has the same "social engineering" bug in its UAC.
- starlord1, on 11/01/2007, -1/+13I love virus stories that feature the sentence... "Proceeding with the installation installs the trojan horse, and requires users to enter their administrator password which grants the malicious software full root privileges." Not only are you seedy enough to need some free only video preview, but daft enough to be unable to find ones that don't require a codec and then even more desperate to hand over your password people - Seriously, is this even a story. I can write a script that when presented with your password can do... well actually pretty much anything on your computer. Gimme a break, well at least this won't be difficult to bat away tomorrow at work when the mac haters beat a path to my door.
- Ramble, on 11/01/2007, -2/+14It's the same in Windows you know. It's just we have a higher proportion of morons.
- WiseWeasel, on 11/01/2007, -0/+11Nope, Tiger defaults to false (at least since one of the early point revisions)...
- turpenine, on 11/01/2007, -1/+12you are an idiot.
-
Show 51 - 100 of 490 discussions
© Digg Inc. 2009
— Content created and posted by Digg users is