Posted on 05/05/2011 3:29:50 PM PDT by Gomez
I stand corrected. The front end is Java-based, and there is OS X specific code behind it. But for it to install, the user has to accept a Java applet signed by an unknown authority; accept the certificate for that authority; then enter an administrator password after the Java applet has downloaded a native installer. The user has to actively bypass security three times.
MrShoop, That chart was reported on and discussed on FR back in November. It would never have been a news item had not Sophos' AV not basically TURNED OFF the anti-malware that OSX itself has in place to block Trojans. Of those 19 listed malware, only TWO are OSX Trojans. . .OSX/Jahlav-C and OSX.DNSCha-E . . . the rest are ALL Windows malware that were found imbedded in JPEGS, FLASH, eMails, etc. None of which would have any effect on a Mac. The two that could have had an effect on a Mac would have been blocked by the Mac itself had not Sophos effectively gotten in the way so THEIR anti-virus could find something. Whoopee-doo. This report and Sophos way of generating is considered unethical, to deliberately prevent the SYSTEM from doing its job so your software CAN FIND SOMETHING? Pathetic. That's the essence of Scareware.
I agree it is kind of sleazy of Sophos. Nonetheless, you are the one who was saying, “number of OSX viruses, worms, and involuntary spam bots is still ZERO.” Will you admit there are at least a few?
Nope. Those are Windows malware and two Trojan horse applications that will run on a Mac. They are NOT "OSX viruses, worms and involuntary spambots". A Trojan horse is merely an application that does something other than what it claims to do... and requires the user install it like any other application. My statement is absolutely true. Just because an anti-virus application can identify WINDOWS malware coming into a Mac, it does not make that Mac vulnerable TO that Malware unless that Mac is running Windows!
As I told you, there are 18 known Trojans in five distinct families (means of attack) in the wild for OSX. OSX identifies and warns the user about all of them if the user attempts to download, install, or run any of them. The user is given three distinct warnings and is required to submit three distinct administrator permissions with name and password for each of those steps to over ride those warnings... it really takes industrial strength stupidity to get infected with a Trojan on a Mac. Sophos’ AV intervened in the download step so that their software could report it found those Trojans. It allowed the Trojan downloads to occur! I think it’s better to prevent the download in the first place, as soon as OSX recognizes the signature.
this is what is known as a proof-of-concept trial Trojan... It never escalated to anything that worked in OSX.. It had similar problems in trying to get it to work in Linux.
It had several problems, MrShoop... On a Mac, these library files may exist, but they have been placed in non-executable memory locations... they cannot run where they are placed. In addition, the library it needs to be placed in requires ROOT level permission to alter. For these to execute in the Mac, something needs to be placed elsewhere and this exploit has yet to find that ability... That's why it's still listed as WINDOWS only. It's a cross platform wanna be... And isn't there yet because of the usual problem... no Mac vector to get the rest of the exploit in place.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.