Re: mac trojan in-the-wild

[Drsolly <drsollyp () drsolly com>]

On Thu, 1 Nov 2007, Dr. Neal Krawetz wrote:

> I've been reading this thread and I don't understand why there is this
> assumption that Mac users are lax or stoopid...
>
> I have a Mac.  I also use Linux, BSD, Windows, and many other OS's.
>
> Yes: there are very few malware instances for the Mac.
> Yes: there is virtually no AV for the Mac.
>
> However, I don't know any Mac users who are not also Windows users.
> And ever Mac user I know (in and out of the security field) are much more
> cautious about their systems.  They regularly update and they don't run
> software that they don't know.  They have learned these lessons from
> watching (and being) Windows users.
>
> Based on the screen shots of this trojan, you must accept the download.
> One screen shot even requires you to enter your admin password.
> While Windows users (particularly Vista) would do this without a second
> thought, I suspect that Mac users will be more cautious and few people
> will fall for it.
>
> Mac viruses won't become wide-spread until they can auto-install and run
> without human assistance (like Windows malware).
>
> Am I missing something here?  (Beyond the Apple bashing?)

I think you're missing the fact that there aren't two distinct subspecies 
of human (Appleuseriens and Winuseriens), there's only one, and that one 
species displays the usual range of non-cluefulness (which isn't actually 
the same as stupidity, by the way). And whether you run a Mac, or Winx, 
you've probably become accustomed to your computer telling you "I need to 
get xxx to run this, OK?" and giving it authority to do that.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.