ma Re: c trojan in-the-wild

[David Farber <dave () farber net>]

Begin forwarded message:

From: "Jeff Schult" <jss () tftb com>
Date: November 1, 2007 9:47:25 AM EDT
To: <dave () farber net>
Subject: Re: [IP] Re:   mac trojan in-the-wild
Reply-To: "Jeff Schult" <jss () tftb com>

If  a "System Restore" (to a previous time/date) scheme could be made  
both user-friendly and far more bullet-proof, that would go a long way  
toward putting a tool in the hands of users that would allow them to  
fix their own problems and misjudgements.

I'm referring to the MS System Restore, which seems to work  
occasionally now for eradicating at least minor malware installations.

I'm not a programmer but am frequently a system and network  
troubleshooter. "Undo" seems to be underdeveloped, at the OS level.

Jeff Schult
Suite 116, Eastworks
116 Pleasant St..
Easthampton, MA 01027 USA

Author, Beauty from Afar
www.beautyfromafar.com


----- Original Message ----- From: "David Farber" <dave () farber net>
To: <ip () v2 listbox com>
Sent: Thursday, November 01, 2007 8:41 AM
Subject: [IP] Re: mac trojan in-the-wild


> Begin forwarded message:
>
> From: "Victor Marks" <vxm () miglia com>
> Date: October 31, 2007 10:04:55 PM EDT
> To: dave () farber net
> Cc: ip () v2 listbox com
> Subject: Re: [IP] mac trojan in-the-wild
>
> For IP if you wish Dave,
>
> Gadi,
>
> It just means that OS X is the new Linux, having joined Linux in
> possessing vulnerabilities and smug users who like to make fun of
> Windows.
>
> http://www.google.com/search?q=linux+worm&hl=en&client=safari&rls=en&start=30&sa=N
>
> Apple is using some of the same GNU and BSD licensed software and has
> some of the same vulnerabilities. http://apple.com/opensource
>
> Apple regularly issues security updates, although some security
> researchers have expressed disappointment with Apple in the past.
>
> In other cases, Apple has chosen to strike a balance between security
> and annoying the user. Microsoft chose a different balance with
> Vista's User Access Control (confirm, deny). Now apple will likely
> re-evaluate the whole safe auto-opening business, but in the end of
> the day:
>
> 1) users will still want to download items to their computers
> 2) they may be tempted by social engineering (want porn? get shiny new
> codec-trojan!)
>
> How far should the operating system makers go to prevent users (owners
> of their systems) from installing third-party software? Should they
> make it hard to download and install software? (Apple already requires
> an administrator password to install software that touches beyond the
> reach of the user's files.) Should they attempt to determine malware
> and prevent its installation for the user?
>
> If they should somehow attempt to determine between good software and
> bad software for the user, what's to say that doesn't open a whole can
> of worms for operating system makers and using such a thing against
> competition?
>
> IP readers here are some general questions that can be answered
> regardless of your favorite operating system distribution:
> what do you think the right way forward is?
>
> protecting users from themselves in some fashion (please elaborate) ?
>
> leaving users to their own devices and just more strongly encouraging
> not running as an administrative (non-root) user?
>
> encouraging operating system makers to take security more seriously  
> (how?)
>
> Other?
>
> Regards,
> Victor Marks
>
> On 10/31/07, David Farber <dave () farber net> wrote:
> > Begin forwarded message:
> >
> > From: Gadi Evron <ge () linuxbox org>
> > Date: October 31, 2007 7:23:55 PM EDT
> > To: dave () farber net
> > Subject: mac trojan in-the-wild
> >
> > For whoever didn't hear, there is a Macintosh trojan in-the-wild  
> > being
> > dropped, infecting mac users.
> > Yes, it is being done by a regular online gang--itw--it is not yet
> > another proof of concept. The same gang infects Windows machines as
> > well, just that now they also target macs.
> >
> > http://sunbeltblog.blogspot.com/2007/10/screenshot-of-new-mac-trojan.html
> > http://sunbeltblog.blogspot.com/2007/10/mackanapes-can-now-can-feel-pain-of.html
> >
> > This means one thing: Apple's day has finally come and Apple users  
> > are
> > going to get hit hard. All those unpatched vulnerabilities from years
> > past are going to bite them in the behind.
> >
> > I can sum it up in one sentence: OS X is the new Windows 98.  
> > Investing
> > in
> > security ONLY as a last resort losses money, but everyone has to  
> > learn
> > it for themselves.
> >
> > Gadi Evron.
> >
> >
> > -------------------------------------------
> > Archives: http://v2.listbox.com/member/archive/247/=now
> > RSS Feed: http://v2.listbox.com/member/archive/rss/247/
> > Powered by Listbox: http://www.listbox.com
>
>
> -------------------------------------------
> Archives: http://v2.listbox.com/member/archive/247/=now
> RSS Feed: http://v2.listbox.com/member/archive/rss/247/
> Powered by Listbox: http://www.listbox.com



-------------------------------------------
Archives: http://v2.listbox.com/member/archive/247/=now
RSS Feed: http://v2.listbox.com/member/archive/rss/247/
Powered by Listbox: http://www.listbox.com