funsec mailing list archives

RE: mac trojan in-the-wild

From: "Alex Eckelberry" <AlexE () sunbelt-software com>
Date: Thu, 1 Nov 2007 15:49:15 -0400

What he said. 

Alex
 

-----Original Message-----
From: funsec-bounces () linuxbox org [mailto:funsec-bounces () linuxbox org]
On Behalf Of Drsolly
Sent: Thursday, November 01, 2007 2:23 PM
To: Dr. Neal Krawetz
Cc: funsec () linuxbox org
Subject: Re: [funsec] mac trojan in-the-wild

On Thu, 1 Nov 2007, Dr. Neal Krawetz wrote:

I've been reading this thread and I don't understand why there is this

assumption that Mac users are lax or stoopid...

I have a Mac.  I also use Linux, BSD, Windows, and many other OS's.

Yes: there are very few malware instances for the Mac.
Yes: there is virtually no AV for the Mac.

However, I don't know any Mac users who are not also Windows users.
And ever Mac user I know (in and out of the security field) are much 
more cautious about their systems.  They regularly update and they 
don't run software that they don't know.  They have learned these 
lessons from watching (and being) Windows users.

Based on the screen shots of this trojan, you must accept the

download.

One screen shot even requires you to enter your admin password.
While Windows users (particularly Vista) would do this without a 
second thought, I suspect that Mac users will be more cautious and few

people will fall for it.

Mac viruses won't become wide-spread until they can auto-install and 
run without human assistance (like Windows malware).

Am I missing something here?  (Beyond the Apple bashing?)


I think you're missing the fact that there aren't two distinct
subspecies of human (Appleuseriens and Winuseriens), there's only one,
and that one species displays the usual range of non-cluefulness (which
isn't actually the same as stupidity, by the way). And whether you run a
Mac, or Winx, you've probably become accustomed to your computer telling
you "I need to get xxx to run this, OK?" and giving it authority to do
that.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Re: mac trojan in-the-wild, (continued)
- - - Re: mac trojan in-the-wild Dude VanWinkle (Oct 31)
    - RE: mac trojan in-the-wild Alex Eckelberry (Oct 31)
    - RE: mac trojan in-the-wild Gadi Evron (Oct 31)
    - RE: mac trojan in-the-wild Larry Seltzer (Oct 31)
    - Re: mac trojan in-the-wild Brian Loe (Oct 31)
    - RE: mac trojan in-the-wild Nick FitzGerald (Oct 31)
    - Re: mac trojan in-the-wild der Mouse (Oct 31)
    - Re: mac trojan in-the-wild Dude VanWinkle (Oct 31)
    - Re: mac trojan in-the-wild Dr. Neal Krawetz (Nov 01)
    - Re: mac trojan in-the-wild Drsolly (Nov 01)
    - RE: mac trojan in-the-wild Alex Eckelberry (Nov 01)
    - Re: mac trojan in-the-wild Valdis . Kletnieks (Nov 01)
    - Re: mac trojan in-the-wild Dude VanWinkle (Nov 01)
    - RE: mac trojan in-the-wild David Harley (Nov 02)
    - RE: mac trojan in-the-wild Alex Eckelberry (Nov 02)
    - RE: mac trojan in-the-wild David Harley (Nov 02)
    - RE: mac trojan in-the-wild Larry Seltzer (Nov 03)
    - RE: mac trojan in-the-wild Nick FitzGerald (Nov 03)
    - RE: mac trojan in-the-wild Larry Seltzer (Nov 03)
    - RE: mac trojan in-the-wild Gadi Evron (Nov 03)
    - Re: mac trojan in-the-wild Dude VanWinkle (Nov 05)

(Thread continues...)