Posted on 02/18/2006 6:12:41 AM PST by Clara Lou
Edited on 02/18/2006 6:15:14 AM PST by Sidebar Moderator. [history]
USA Today articles are links only
Please check this. I never post a thread, and I can't remember the rules about quoting USA Today.
http://www.cbsnews.com/stories/2006/02/17/tech/main1328677.shtml
Infection Targets Apple's Mac
Feb. 17, 2006
Thanks, Admin. The article says that the first worm to attack MacOSX has surfaced, the major significance being not the damage that the worm will do, but that it may be the first of more assualts on Mac OSX. The worm spreads over iChat. (The article itself is very short.)
ping
So, you download a gzip-ped file, and uncompress it, and tell it to install (and have to type your password to authorize the install), and THIS is called a virus/worm/attack? Trojan, yes. Malware, yes.
If you download something and install it it's up to YOU to know what you're doing. _I_ would think it suspicious if I downloaded someting called "latestpics" and it tried doing an install when, from the filename, One would think it just contained images...
A few worm creators beaten to death by enraged MAC users would be appropriate about now...
< In my opinion, UNIX and MAC worms have the potential of being much worst, at least initially, because the tools (anti-virus and spy-ware) are not in place. >
And, of course, it just CAN'T happen to them.
Ahhh, them Nancies are about as violent as the limp-wristed Linux users. Whoever started this "worm slash virus" for the Mac ain't got much to worry about, unless he gets a paper cut from all the nasty e-mail those Apple-ettes send him.
I like to live on the wild side, my middle name is "Danger". I'm gonna keep using Windoze.
Worm's and Apples, say it ain't so! Blackbird.
Dang...the people who made this worm didn't have much to do, or they like to waste time........ heh heh heh
And it hasn't happened with the Oomp-A or the Leap-A (depending on which name you want to use)... this is, at best, a Trojan. It requires the user to accept the download, install it, and then run it... most often requiring the user to supply an administrator password.
It is not even the first Trojan for OS X. That dishonor goes to a 400K piece of malware that was released two years ago pretending to be a complete pirated copy of MS Office for Mac. The two users who found their home folders deleted deserved what they got.
It does have one feature that might give it the designation of a "worm" in that it will attempt to send copies of itself to people on the infected computers iChat buddy list... but that only works if they are using Entourage Chat... something very rare... and even then the recipient has to accept the file, download it, and then install it, and run it for the first time, again supplying an administrator password.
This is the equivalent of spreading a human virus by sending a hypodermic syringe, filled with the virus, and requiring the recipient to inject it into their blood stream as a vector.
The security of OS X is based on the lack of a viable vector. That still stands. An individual computer can be compromised if the owner does something stupid (like allow a JPEG file to run as an application) but the ability to be spread is limited.
Mac users have not claimed that OS X is immune... just that it is much more secure than Windows. That remains true. ANY OS is vulnerable to a Trojan horse.
Interesting post! I need to share this information with some people. =)
Most of the Windows security problems can be traced to design decisions, rather than true security flaws.
Most Windows users run administrators with the power to install software and change any file on the system. Since the user is always in adminstrator mode, any program running on the system can modify or delete any part of the operating system. A worm can automatically launch from an attachment, install and modify anything on the system.
Unix-like operating systems (including OSX) have most users working as standard users and when they need to install software or change system files, they must enter an administration password. Unless the user is exceptionally clueless and types in his adminstrative password, there is a limit on the damage that can be done.
Worm on Windows.
1. Worm arrives in email disguised as pictures.
2. User opens file to see pictures.
3. Worm runs on system.
Worm on Unix, Linux, OSX
1. Worm arrives in email disguised as pictures.
2. User opens file to see pictures.
3. User must type in admistrative password to allow worm to install. (Something that would not happen if these were pictures.)
4. Worm runs on system.
Also, there are anti-virus programs available for Linux, but they are focused on removing Windows viruses from email servers.
If OS X and Linux were as popular as MS Windows, hackers would be writing viruses and spyware for them instead.
I just knew if I scrolled down this thread a while, I'd see exactly this bit of fud thrown out.
Fortunately, I have a reply that I've previously written to counter this silly FUD.
Oh, I don't know. Perhaps as someone else already said on this thread, it might be done for the bragging rights of having created the first successful virus/worm to attack Macs.
I've seen this charge that the small market share that Mac and Linux have is what keeps them safe. It is repeated often enough and seems reasonable enough until you actually look at the history of some other worms/viruses.
Consider: the spread of the Witty Worm.
Quoth the poster:
Witty infected only about a tenth as many hosts than the next smallest widespread Internet worm. Where SQL Slammer infected between 75,000 and 100,000 computers, the vulnerable population of the Witty worm was only about 12,000 computers. Although researchers have long predicted that a fast-probing worm could infect a small population very quickly, Witty is the first worm to demonstrate this capability. While Witty took 30 minutes longer than SQL Slammer to infect its vulnerable population, both worms spread far faster than human intervention could stop them. In the past, users of software that is not ubiquitously deployed have considered themselves relatively safe from most network-based pathogens. Witty demonstrates that a remotely accessible bug in any minimally popular piece of software can be successfully exploited by an automated attack.
I suspect there are more than 12,000 Linux and/or Mac hosts out there on the internet.
Also, consider that the folks who were hit with this were also among the more security-concious users:
The vulnerable host population pool for the Witty worm was quite different from that of previous virulent worms. Previous worms have lagged several weeks behind publication of details about the remote-exploit bug, and large portions of the victim populations appeared to not know what software was running on their machines, let alone take steps to make sure that software was up to date with security patches. In contrast, the Witty worm infected a population of hosts that were proactive about security -- they were running firewall software. The Witty worm also started to spread the day after information about the exploit and the software upgrades to fix the bug were available.
Show me a successful worm/virus against Macs and I'll listen. Until then, your talking point is FUD.
Worm on Unix, Linux, OSX
1. Worm arrives in email disguised as pictures.
1a. User, for some mysterious reason makes the image file executable.
2. User opens file to see pictures.
3. User must type in admistrative password to allow worm to install. (Something that would not happen if these were pictures.)
4. Worm runs on system.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.