Free Republic
Browse · Search 		General/Chat
Topics · Post Article

To: tubebender
Thanks. I use FireFox as my primary browser. Are there any issues there?

Yes. You can still download the gZipped file and manually uncompress it and click on the supposed JPEG file thereby executing the payload. Like any trojan, it relies on tricking a user into installing and running it. Social Engineering. The Nigerians use the same approach to empty some foolish peoples' bank accounts.

I could create a similar Terminal script attach a .MOV icon to it and post it as a picture of Hillary Clinton cuddling with Vincent Foster... and trick people into clicking on it.

The fault here is that on OS X, the Icon and .extension do not necessarily denote the real type of file. That is determined by metadata in the file itself. Apple needs to insert routines to compare icon type to metadata before allowing a file to appear in the Finder. At least a warning should appear that says "WARNING: File type and Extension do not Match".

19 posted on 02/24/2006 7:22:49 PM PST by Swordmaker (Beware of Geeks bearing GIFs.)
[ Post Reply | Private Reply | To 12 | View Replies ]

To: Swordmaker
Most of the files I open come from friends in emails and they make me nervous. I'm even getting paranoid about updates for fear they are spoofs. I use Cox Cable. Will their filters mark these as spam?
21 posted on 02/24/2006 7:29:54 PM PST by tubebender (Everything I know about computers I learned on Free Republic...)
[ Post Reply | Private Reply | To 19 | View Replies ]

Free Republic
Browse · Search 		General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson