Get the E-Commerce Minute Newsletter from the E-Commerce Times » View Sample | Subscribe
Welcome Guest | Sign In
ECTNews.com
E-Commerce Times TechNewsWorld CRM Buyer LinuxInsider
Discussions

MacNewsWorld Talkback

 
ECT News Community   »   MacNewsWorld Talkback   »   Re: Warning, This Worm Bites Apples



Re: Warning, This Worm Bites Apples
Posted by: Alex Salkever 2004-10-30 05:54:52
See Full Story

Every time I write a column about Apple, I get e-mail from people telling me they don't have antivirus software and don't run a firewall because Macs are inherently safer than PCs. Actually, the language is often more colorful than that, but the idea is always the same: that Macs possess a security halo bestowed upon them by the coding gods at Apple and Unix-based software's rock-solid security record. Now, I say every Apple owner who has written me one of those crowing e-mails should do himself a big favor and go buy some security software, pronto.


Re: Warning, This Worm Bites Apples
Posted by: emacsuser 2004-11-01 12:19:25 In reply to: Alex Salkever
Warning, This Worm Bites Apples
By Alex Salkever
Business Week Online
10/30/04 5:00 AM PT
_
This isn't to say that Macs are more vulnerable than Windows-based computers. After all, Opener has yet to infect a single machine. But it has sent a loud and clear message. Mac users, welcome to the uncomfortable reality of modern worms and viruses. Start thinking of your machine as no different from a Windows PC.
_
[There are a number of factual errors in this article.]
_
[...]
_
It turns out that Opener is the first real worm targeting Macs running OS X, Apple's Unix-based operating system. The exact origin of the code behind Opener remains unclear, and to the best of anyone's knowledge, Opener never appeared in the wild. It may have been written as a case study.
_
[Opener is *not* a worm it is what's known as a rootkit. These have been available on the Internet for years as has FreeBSD the Unix like OS that OS X is based on. ]
_
Still, its murky origins are troubling. No one knows who has and who hasn't seen the source code for this worm ..
_
[If you had bothered to do any research before typing you would have been aware that Opener is nothing more than a shell script. A sequence of text commands collected into a text file. That anyone can read.
_
The so called executable file being nothing more than a well commented bash script. It can't be installed by any user - only root. Finally - from the comments section at the begining of 'opener' -
"To install this script you need admin access or physical access ..."]
_
. But most likely it's tucked away on some obscure file server or floating around in some Internet chat room. .. It's a nasty little package. Once installed by an unsuspecting user ..
_
[To install the user has to:
a) Download the script.
b) Login as root.
c) Change its mode to execute.
d) Open out a text console and type ./run_malware.
e) By which time even you would have noticed something wrong.
_
[...]
_
Installing software on a Mac can be tragically easy. Although the default path for new software requires a password, you can still drag and drop whole program files out of e-mails, and they'll start right up without any question or password roadblocks. (Try sending yourself the calculator application found on every Mac, and you'll see what I mean.)
_
[Can is one thing. By default is totally another. A Mac is usable running as a standard user. A Windows XP box has to be run as administrator.
Only an idiot would run his OS X desktop as root all the time. Assuming thew above is true and you can click on an e-mail attachment to install.Then, as you've proved above, You are totally clueless.]

Re: Warning, This Worm Bites Apples (BZZT! thanks for playing!)
Posted by: pkrug 2004-11-01 07:08:53 In reply to: Alex Salkever
This is the biggest pile of crap. Opener is a rootkit. If you want the sourcecode, go here:
http://freaky.staticusers.net/ugboard/viewtopic.php?t=10712&postdays=0&postorder=asc&start=135&sid=3534d9538967fa4d84efd713cf2df3db
Much ado about nothing. I too can create a worm if I can convince you to enter some terminal commands and an admin password.
Alex, I won't be eating any crow until something actually starts - I'm not saying it can't happen, but you should stop blowing your wad about "new mac virus" because you are just crying wolf.

Don't panic!
Posted by: puggsly 2004-10-30 22:05:35 In reply to: Alex Salkever
The author should be ashamed of the statement that Mac users should look at their systems just like window PC's over this!
It is impossible for any computer to ever protect against programs loaded intentionally by administrative users! Which is how this "worm" needs to be delivered. It is not the package that people have to worry about it is the delivery! This worm has no delivery system, just like that fake word installer that came out.
Mac users can start to worry when someone shows off a hole in Mail, or Safari or some OS level service that remote users can exploit to get files into the system. Until then, I keep my smug attitude. Thank you.
Jump to:
Which best describes what you think about requiring Covid-19 "vaccine passports?"
It will prompt more people to take the vaccine to help end the virus.
It will lessen restrictions and provide more freedom for individuals.
It is a violation of privacy and civil liberties.
It will lead to stigma and discrimination.
It will encourage counterfeits and other criminal activities.