Re: Sony DRM CDs infect Macs, too

[Nick FitzGerald <nick () virus-l demon co uk>]

Blue Boar wrote:

> That'll show all you smug Mac bastards!

Well, technically, this "trick" can be pulled against any OS that 
supports CD media and has something vaguely akin to Windows' "autorun" 
functionality.  Of course, depending on the privileges needed to run 
the "installer" (or whatever the application is that auto-runs) and the 
availability of those to a "normal user" determines the overall 
effectiveness of the "trick" on each potential target OS.

I strongly suspect that things like this SunnComm DRM (and other 
"enhanced content" installers, not necessarily DRM) will make "normal" 
OS X users (as opposed to uber-geek OS X users) much less suspicious of 
the "give me root" dialog that pops up as a result of inserting such a 
CD in an OS X machine, and similarly, typical Windows users will 
equally quickly "learn" just to type in their admin password when 
confronted with such things after Vista is released...

I mean, in the battle between enabling the pink flying elephant feature 
and improved security, does anyone at MS or Apple really believe that 
requiring a SOHO user to type in their administrator or root password 
is really going to be a serious impediment to the installation of 
(ultimately unwanted) pink flying elephant features?


Regards,

Nick FitzGerald

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.