nolancj
join:2002-06-30
Long Beach, CA
| More or less a non event
You guys should really read the article and the background (not Sophos, their account is not accuract) to this. It's not a Virus, more malware. Requires user action. Requires admin password to be typed, requires a file to manually be opened and to manually be run.
Check this for more info: »www.macrumors.com/c.php?u=http%3···40126001
Please let me know when someone get a virus or malware that comes even close to the crap that infects windows...
non event |
|
AthlGrond
Premium,MVM
join:2002-04-25
Aurora, CO
 ·Comcast
| said by nolancj  :non event Essentially.
--
You are now free to paint your hair wild colors and run around naked. -dg2 |
|
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
 ·Sprint Mobile Broa..
·Comcast
| reply to nolancj
said by nolancj :It's not a Virus, more malware. Requires user action. Requires admin password to be typed, requires a file to manually be opened and to manually be run. Please let me know when someone get a virus or malware that comes even close to the crap that infects windows... Seems not everyone agrees with you:
»www.macobserver.com/article/2006···.9.shtml
Oompa-Loompa only affects Macs with PowerPC processors running Mac OS X v10.4, according to Intego. The company also pointed out that a password won't be required if a user who's logged in as an administrator opens the file. Intego believes Oompa-Loompa is actually "a combination of all three types of malware. First, it is a Trojan horse: an executable hidden inside a file disguised as a graphic file. Then it is a virus, as it replicates in other applications on a user's computer. Finally, it is a worm, when it sends itself, via iChat, to other users." --
--
Join Red Room Forum
My Web Page
Conrail Photo Album |
|
kamm
join:2001-02-14
Brooklyn, NY
·T-Mobile US
| reply to AthlGrond
Of course: it's Apple, so it's either not true or doesn't matter, period. 
Hardcore Maccores remind me to Obi-van: a contrentic hand movement in the air and voila', nothing has happened, everything is gone.  (I have to try this in a pub next time... ) |
|
crazediamond
That's Dr. Craze to you
Premium
join:2002-01-19
Germantown, MD | reply to TKJunkMail
obviously you're wrong. this stuff doesn't exist for macs. haven't you been reading their comments in this thread? |
|
AthlGrond
Premium,MVM
join:2002-04-25
Aurora, CO
·Comcast
1 edit | reply to kamm
I have no idea how to use a Mac, nor do I want to. (Playing computer games is too important to me to go that route.)
This is just not nearly as serious a problem as what Windows users face on a daily basis where hooking the computer up to the internet can get your computer hijacked.
So this worm that requires user interaction is on the level of an Outlook VB script vulnerability, not very exciting.
Sorry.
[Edit]
I agree on one point though, because it's on a Mac it doesn't matter!
[/Edit]
--
You are now free to paint your hair wild colors and run around naked. -dg2 |
|
KeepOnRockin
Music Lover Forever
Premium
join:2002-11-08
Beaverton, OR
·Comcast
| reply to TKJunkMail
quote:
The company also pointed out that a password won't be required if a user who's logged in as an administrator opens the file.
There you have it. Who in their right mind would be logged on as Administrator for everyday use? Ok, I am of a security mindset and realize that not everyone knows the ins and outs of computing, but people should follow a simple rule:
Use your day-to-day activities in its own account without administrative privledges. Only enter administrative mode when you absolutely have to. |
|
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
·Sprint Mobile Broa..
·Comcast
1 edit | That is very good security practice. But most users don't do that. They logon with admin access so they can install all the free software and games out there.
--
--
Join Red Room Forum
My Web Page
Conrail Photo Album |
|
nolancj
join:2002-06-30
Long Beach, CA | Do you use a Mac? You don't need admin to install Most software (only stuff I can think of that does is VPN clients, and possibly a driver for a device). It's not like a PC. |
|
TKJunkMail
Enjoy the sun
Premium
join:2002-03-03
Avalon, NJ
·Sprint Mobile Broa..
·Comcast
| said by nolancj :Do you use a Mac? You don't need admin to install Most software (only stuff I can think of that does is VPN clients, and possibly a driver for a device). It's not like a PC. No. The only thing I do on Macs is help people hooking up to wireless routers and setting up wireless security settings.
--
--
Join Red Room Forum
My Web Page
Conrail Photo Album |
|
Hangmn
Don't Fight It...It's Inevitable
Premium
join:2000-04-08
Philadelphia, PA | reply to nolancj
OMG most all virii require user action...this is just the beginning
--
»davescustompc.com |
|
vernalex
Premium
join:2000-10-19
Manchester, CT
| reply to nolancj
Sorry to inform you but a virus is malware.
»www.vernalex.com/guides/malware/···#viruses
But, to be exact you are right about it not being a virus It is instead a trojan worm. A trojan because it requires user action to execute, but a worm since it spreads itself.
And this is how most malware is installed on Windows. |
|
sporkme
drop the crantini and move it, sister
Premium,MVM
join:2000-07-01
Morristown, NJ
·Optimum Online
| said by vernalex :And this is how most malware is installed on Windows. Really? A user needs to be tricked into downloading a gzipped tarfile, unzip, untar, click an icon, and then enter a password?
Wow. I had no idea..
--
Nothing in all the world is more dangerous than sincere ignorance and conscientious stupidity |
|
KeepOnRockin
Music Lover Forever
Premium
join:2002-11-08
Beaverton, OR
·Comcast
| reply to nolancj
said by nolancj :Do you use a Mac? You don't need admin to install Most software (only stuff I can think of that does is VPN clients, and possibly a driver for a device). It's not like a PC. One of the computers I use is a Mac (Tiger 10.4.3) and if the software installation needs to make configuration changes to my system, it always prompts me for the Administrator password before proceeding. |
|
vernalex
Premium
join:2000-10-19
Manchester, CT
| reply to sporkme
said by sporkme :said by vernalex :And this is how most malware is installed on Windows. Really? A user needs to be tricked into downloading a gzipped tarfile, unzip, untar, click an icon, and then enter a password? Wow. I had no idea.. Yes, really.
A lot of worms come attached as compressed executables. And I like how you make it sound hard to download and to twice double click a file, as you would with any compressed imaged on OS X. The only difference is the password since Windows, by default, won't ask to run as a higher privileged user and instead execution will just fail, whereas on the Mac will ask for the password. Although I will admit that more users run as a limited user on OS X, I still know plenty that do not and many of them would be quite willing to type a password to see the next offering from Apple. |
|
John Galt
Forward, March
Premium
join:2004-09-30
Happy Camp
 ·CenturyLink
| reply to nolancj
said by nolancj :...a file to manually be opened and to manually be run. Reminds me of this:
DEAR RECEIVER,
You have just received a Taliban virus. Since we are not so technologically advanced in Afghanistan, this is a MANUAL virus. Please delete all the files on your hard disk yourself and send this mail to everyone you know.
Thank you very much for helping me.
Chief Hacker
Taliban
--
A is A |
|
FLea973
Premium
join:2001-02-27
Morristown, NJ
clubs:
| reply to nolancj
said by nolancj :Please let me know when someone get a virus or malware that comes even close to the crap that infects windows... OK, I'll take you up on that... just let me know when Mac OS X has anywhere near the same market penetration as windows does.... After all, if you're hunting then you're more likely to aim at and HIT an elephant than you are a mouse. |
|
sporkme
drop the crantini and move it, sister
Premium,MVM
join:2000-07-01
Morristown, NJ
·Optimum Online
| reply to vernalex
said by vernalex : And I like how you make it sound hard to download and to twice double click a file, as you would with any compressed imaged on OS X. A .tgz is not a disk image, it's more akin to a zipfile.
People generally don't distribute Mac stuff as tarfiles.
Warning sign number 1. 
said by vernalex :The only difference is the password since Windows, by default, won't ask to run as a higher privileged user and instead execution will just fail, whereas on the Mac will ask for the password. Although I will admit that more users run as a limited user on OS X, I still know plenty that do not and many of them would be quite willing to type a password to see the next offering from Apple. I saw this on another message board that had less teenagers going "OMG! Teh Maxor is Haxor!":
"That's not a trojan, it's an I.Q. test."
--
Nothing in all the world is more dangerous than sincere ignorance and conscientious stupidity |
|
vernalex
Premium
join:2000-10-19
Manchester, CT
| I know what a tarball is. I never said it was a disk image, I said it appears to be a compressed image(-d).
The problem is that the extensions are hidden, and most Mac users don't even know what a file extension is anyhow. And while most Mac users may not use a tarball to send files, so they won't be too surprised by a compressed image. So, while I would have been suspicious of the file, I could see how most users wouldn't be. |
|
novaflare
The Dragon Was Here
Premium
join:2002-01-24
Barberton, OH
| reply to nolancj
said by nolancj :You guys should really read the article and the background (not Sophos, their account is not accuract) to this. It's not a Virus, more malware. Requires user action. Requires admin password to be typed, requires a file to manually be opened and to manually be run. Check this for more info: » www.macrumors.com/c.php?u=http%3···40126001Please let me know when someone get a virus or malware that comes even close to the crap that infects windows... non event Ok it has happened its this very email worm cause well put simply 99% of all viri trojans or worms require the user to download and run the file to infect them selves.
Worms and viruses that infect all on their own are extreamly rare to the point of almost no existing at all for any os.
In worms we got msblaster sasser nimda and code red. In spyware area ive realy never seen any true 100% drive by downloads. Trust me my idiot brother has infected him self with every thing out there at one point or another. I had put keyloggers and other things on his com to see just exactly what he did. At one point he had over 90 infections live at one time and the keylogger i used also recorded things such as mouse position and mouse button presses. After going over these logs i was able to find out that all but a small and questionable infection required him to click yes multiple times. The one questionable spyware app in qestion btw was wild tangent. I know from experiance this is only installed by 2 meahtods bundled software or by clicking install prompts
Im still waiting to see a true no user interaction drive by download.
--
DSLR security chat at us.ausirc.net chanel #dslr_sec lets pack this channelopen source dns server for *nix and windows »powerdns.com |
|
