We already discussed the first exploit available on the mac over 1 year ago. In fact N3WBI3 left FR for 1 month because he lost the bet we had (loser had to leave for 1 month).
The setup was take an upatched OSX box (which some users have) and execute an exploit that will run unwanted code on the machine. I won and he left for 1 month.
If you're really interested in Mac security you'd already know about the exploit. Instead you're more interested in misdirection, arguing, and attacking windows.
The more you drag it on the more foolish you make yourself look. Heck just look at exploit #1 for MOAB...you don't even need to go back to the original OSX install.
Are you talking about that ancient "Man in the middle" vulnerability that was never exploited and patched in the summer of 2002 ? Yep, you are. You called it a virus back when you frothing about N3WBI3 or I going away for 30 days. As far as I know, N3WBI3 did not lose to you. I will repeat what I told you back then.
Or perhaps it is the "Phantom Update" MITM concept created by Russell Harding... in which he postulated in 2002 that a malware COULD POSSIBLY be installed on a Mac OSX computer to spoof the SoftwareUpdate routines into connecting to a fraudulent Apple download site to further install software. Of course someone would have to install (at the ROOT level, with ROOT permissions) alterations to the SYSTEM update routines to connect to the spoofed "Apple" download site.This ancient proof-of-concept, unexploited vulnerability was addressed in Apple OSX Security Update 07-18-2002 by instituting methods to validate the connection is with Apple's website. This vulnerability does not affect any OSX after 10.2.1. - Original FR reply post.
. . .
From the Russell Harding Website:
The victim downloads a software package masquerading as a security update. In truth, it contains a backdoored copy of the Secure Shell Server Daemon, sshd. This version of sshd includes all the functions of the stock sshd, except the following: You can log in to any account on the system with the secret password "URhacked!". After logging in through this method, no logging of the connection is employed. In fact, you do not show up in the list of current users!This "Proof-of-concept" was never in the wild... and it is not a virus. It meets the definition of a "Trojan". It is neither self-replicating or self-propagating and has no vector beyond the user downloading and installing it, which requires the user to somehow download a spoofed "security update" from a non-Apple site so that the spoofed file can redirect future downloads to a non-Apple site. Right. Suuuure. Virus, your ass. - Original FR reply post.
There are other comments relating to this "challenge" but interested users can use this link to read the entire thread if they are so inclined. What it will show is that YOU are just as irritating and unreasonable now as you were then. This is the last time I will respond to your tripe on this thread. YOU are waste of time.
And it was in the wild infecting Macs exactly when?
For all I can tell, you must have stock in antivirus companies. You take theoretical and in-the-lab exploits and FUD them up to scare everybody into thinking they're in great immediate danger.
This had nothing to do with mac's or security. You said that Internet Explorer was a perfect application adn windows was without error.
If your going to lie about something I was involved in *please* do ping me to it..