Interesting People mailing list archives
ma Re: c trojan in-the-wild
From: David Farber <dave () farber net>
Date: Thu, 1 Nov 2007 10:16:13 -0400
Begin forwarded message: From: "Jeff Schult" <jss () tftb com> Date: November 1, 2007 9:47:25 AM EDT To: <dave () farber net> Subject: Re: [IP] Re: mac trojan in-the-wild Reply-To: "Jeff Schult" <jss () tftb com>If a "System Restore" (to a previous time/date) scheme could be made both user-friendly and far more bullet-proof, that would go a long way toward putting a tool in the hands of users that would allow them to fix their own problems and misjudgements.
I'm referring to the MS System Restore, which seems to work occasionally now for eradicating at least minor malware installations.
I'm not a programmer but am frequently a system and network troubleshooter. "Undo" seems to be underdeveloped, at the OS level.
Jeff Schult Suite 116, Eastworks 116 Pleasant St.. Easthampton, MA 01027 USA Author, Beauty from Afar www.beautyfromafar.com ----- Original Message ----- From: "David Farber" <dave () farber net> To: <ip () v2 listbox com> Sent: Thursday, November 01, 2007 8:41 AM Subject: [IP] Re: mac trojan in-the-wild
Begin forwarded message: From: "Victor Marks" <vxm () miglia com> Date: October 31, 2007 10:04:55 PM EDT To: dave () farber net Cc: ip () v2 listbox com Subject: Re: [IP] mac trojan in-the-wild For IP if you wish Dave, Gadi, It just means that OS X is the new Linux, having joined Linux in possessing vulnerabilities and smug users who like to make fun of Windows. http://www.google.com/search?q=linux+worm&hl=en&client=safari&rls=en&start=30&sa=N Apple is using some of the same GNU and BSD licensed software and has some of the same vulnerabilities. http://apple.com/opensource Apple regularly issues security updates, although some security researchers have expressed disappointment with Apple in the past. In other cases, Apple has chosen to strike a balance between security and annoying the user. Microsoft chose a different balance with Vista's User Access Control (confirm, deny). Now apple will likely re-evaluate the whole safe auto-opening business, but in the end of the day: 1) users will still want to download items to their computers 2) they may be tempted by social engineering (want porn? get shiny new codec-trojan!) How far should the operating system makers go to prevent users (owners of their systems) from installing third-party software? Should they make it hard to download and install software? (Apple already requires an administrator password to install software that touches beyond the reach of the user's files.) Should they attempt to determine malware and prevent its installation for the user? If they should somehow attempt to determine between good software and bad software for the user, what's to say that doesn't open a whole can of worms for operating system makers and using such a thing against competition? IP readers here are some general questions that can be answered regardless of your favorite operating system distribution: what do you think the right way forward is? protecting users from themselves in some fashion (please elaborate) ? leaving users to their own devices and just more strongly encouraging not running as an administrative (non-root) user?encouraging operating system makers to take security more seriously (how?)Other? Regards, Victor Marks On 10/31/07, David Farber <dave () farber net> wrote:Begin forwarded message: From: Gadi Evron <ge () linuxbox org> Date: October 31, 2007 7:23:55 PM EDT To: dave () farber net Subject: mac trojan in-the-wildFor whoever didn't hear, there is a Macintosh trojan in-the-wild beingdropped, infecting mac users. Yes, it is being done by a regular online gang--itw--it is not yet another proof of concept. The same gang infects Windows machines as well, just that now they also target macs. http://sunbeltblog.blogspot.com/2007/10/screenshot-of-new-mac-trojan.html http://sunbeltblog.blogspot.com/2007/10/mackanapes-can-now-can-feel-pain-of.htmlThis means one thing: Apple's day has finally come and Apple users aregoing to get hit hard. All those unpatched vulnerabilities from years past are going to bite them in the behind.I can sum it up in one sentence: OS X is the new Windows 98. Investinginsecurity ONLY as a last resort losses money, but everyone has to learnit for themselves. Gadi Evron. ------------------------------------------- Archives: http://v2.listbox.com/member/archive/247/=now RSS Feed: http://v2.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com------------------------------------------- Archives: http://v2.listbox.com/member/archive/247/=now RSS Feed: http://v2.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
------------------------------------------- Archives: http://v2.listbox.com/member/archive/247/=now RSS Feed: http://v2.listbox.com/member/archive/rss/247/ Powered by Listbox: http://www.listbox.com
Current thread:
- ma Re: c trojan in-the-wild David Farber (Nov 01)
- <Possible follow-ups>
- Re: ma Re: c trojan in-the-wild David Farber (Nov 01)