[tubebender]

Thanks. I use FireFox as my primary browser. Are there any issues there?

[Richard Kimball]

Firefox gives you an option on download of saving to disk or opening with the default application. Select download to disk. This will keep you from accidentally opening a file thinking you were clicking on a link. It won't necessarily protect you if you deliberately download a zip file and then double click it to open it. As has been pointed out on this thread, many of th MS "viruses" actually get on the system by social engineering. They convince the user to install it. The best protection, AFAIC, is to be careful about downloading and installing programs. Especially, if anything asks for a password, and it's not a program you intend to install, don't give it. No media or information file (jpeg, mov, avi, psd, pdf, doc, etc.) should need a system password. Oh, if I am going to a non-trusted site, I shut off java and javascript.

[opticks]

Well, sort of. Firefox shows the file as a tar.gz file and then downloads it to your directory of choice. You still have to double-click on the file to execute the shell script.

[Swordmaker]

Thanks. I use FireFox as my primary browser. Are there any issues there?

Yes. You can still download the gZipped file and manually uncompress it and click on the supposed JPEG file thereby executing the payload. Like any trojan, it relies on tricking a user into installing and running it. Social Engineering. The Nigerians use the same approach to empty some foolish peoples' bank accounts.

I could create a similar Terminal script attach a .MOV icon to it and post it as a picture of Hillary Clinton cuddling with Vincent Foster... and trick people into clicking on it.

The fault here is that on OS X, the Icon and .extension do not necessarily denote the real type of file. That is determined by metadata in the file itself. Apple needs to insert routines to compare icon type to metadata before allowing a file to appear in the Finder. At least a warning should appear that says "WARNING: File type and Extension do not Match".