+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast
Results 16 to 30 of 31
Jokes/Interweb Things Thread, Get a Life - You Apple Mac Fans..... in Fun Stuff; Originally Posted by GrumbleDook I've tried the proof of concept trojan and it works very nicely ... and there are ...
  1. #16

    Join Date
    Jul 2005
    Location
    Corby
    Posts
    1,056
    Thank Post
    12
    Thanked 20 Times in 18 Posts
    Rep Power
    24

    Smile Which one?

    Quote Originally Posted by GrumbleDook View Post
    I've tried the proof of concept trojan and it works very nicely ... and there are a number of other malicious possibilities for Mac OS X users ... and security should be taken seriously on them, the same way you would do for any other box.

    OS Core should be patched, apps should be patched, the machine should be hardened, any app that asks you for the admin password as part of the install should be verified that it is legit and that you have the legit copy of it.

    Anyone running MS Office is also susceptible to passing on infected files unless they run AV software on them or ensure that *all* files that come in and out of the machine are scanned.

    On another note ... I am a Mac user ... and I am a valid target for attacks because *I RUN VISTA* ...

    This is my biggest concern. Yes, we will now have a group of people who are not OS X users as their primary OS, but MS Windows users. Just because they are running it on a Mac does not mean they are any less prone to viruses, trojans or worms than any other MS Windows user!

    Then again ... my MBP is *still* the most stable machine I have had running Vista ... after trying it on 7 different notebooks (Dell, Toshiba, Acer and Fujitsu Seimens) it has the best performance and least driver problems.

    I did laugh at the cartoon though ... I know too many Mac purists who are that sad ... then again some of that lot also drool over the idea of getting a boxed ZX81 (with appropriate games) ...
    Hello.

    The usual round of "Linux kicks <insert OS here>" but kicks in. I agree with Tony to some extent- every OS user (no matter the system you use) should be fully aware of security in all its aspects. Admittedly, OS X users can be found complacent when it comes to this topic, simply because there has yet to be a serious infiltration of the operating system. That may come at some point- and perhaps it's inevitable (and will happen in the same way it occurs for Linux

    What I want to take issue with Tony is your statement about a "proof of concept" trojan. Can I ask which one(s) you have tried, and what you had to do to make the "concept" apply to your machine? I ask because all of the concepts I have seen for OS X have needed the "first you need to do this; then that; then some more here; also this; and that; to get this" mechanism to work, and then only most of the time affect the account executed under. That's the Unix way really. It isn't that Unix is impenetrable (it's not as history teaches us) but it is darned hard to break without the right things being in place to do it. It's like some kind of convergence of the stars

    Of course, being a good Mac user I take security seriously. As a Vista user too on my MBP I have anti-virus, watch what I download (just like I watch what I eat) and if passing files between systems make sure everything is as clean as I can. That's why I run ClamAV on OS X- so that I can be a good OS citizen in this world of Windows. But it would be good to know what trojans you have been looking at and how you got them working.

    Just for the sake of the discussion ;-)

    Paul

  2. #17

    Join Date
    Jul 2005
    Location
    Corby
    Posts
    1,056
    Thank Post
    12
    Thanked 20 Times in 18 Posts
    Rep Power
    24
    Quote Originally Posted by webman View Post
    @scgf: You wouldn't get those problems if you used Linux either. You'd also be a mortgage better-off financially...
    But have less time to enjoy it without buying in lots of little loans to get it to *be* a darned house that you can live in

  3. #18
    Joedetic's Avatar
    Join Date
    Jan 2006
    Location
    Walsall
    Posts
    1,316
    Thank Post
    6
    Thanked 13 Times in 13 Posts
    Rep Power
    22
    *BIG-EFFING-SIGH*

    What I call Distro-Wars has made the rounds on EduGeek yet again. Yes...cartoon not /that/ funny. Bait for flame wars. Can't people just respect other people's right to use a bloody mac if they want to! As long as it does what they want then let them to it!!!

    Btw....I own an Apple product and I'll have you know I'm sat here wearing an Ubuntu t-shirt and I don't worship steve jobs.

  4. #19

    mattx's Avatar
    Join Date
    Jan 2007
    Posts
    9,240
    Thank Post
    1,058
    Thanked 1,069 Times in 625 Posts
    Rep Power
    740
    Can't people just respect other people's right to use a bloody mac if they want to!
    Nope. ;-)

    I own an Apple product and I'll have you know I'm sat here wearing an Ubuntu t-shirt and I don't worship steve jobs.
    Yes you do, subconsciously.


  5. #20

    GrumbleDook's Avatar
    Join Date
    Jul 2005
    Location
    Gosport, Hampshire
    Posts
    9,992
    Thank Post
    1,359
    Thanked 1,828 Times in 1,135 Posts
    Blog Entries
    19
    Rep Power
    602
    Quote Originally Posted by kingswood View Post
    What I want to take issue with Tony is your statement about a "proof of concept" trojan. Can I ask which one(s) you have tried, and what you had to do to make the "concept" apply to your machine? I ask because all of the concepts I have seen for OS X have needed the "first you need to do this; then that; then some more here; also this; and that; to get this" mechanism to work, and then only most of the time affect the account executed under. That's the Unix way really. It isn't that Unix is impenetrable (it's not as history teaches us) but it is darned hard to break without the right things being in place to do it. It's like some kind of convergence of the stars
    Leap-A was a trojan *not* a virus and relied on you entering admin details, and the recipient setting their iChat to receive files from those in their buddy list automatically. Yes, it was jumping through hoops and was targetted at stupid people, but it could be done easily. The LaunchD attack is a better example of exploiting the OS rather then an integrated application, (ie the more recent malware attacks on plugins). LaunchD was very handy to build into Automator (convince the user to enter the user details and password as part of running the Automator Action) and this can be hidden into a file that can be used for subsequent re-runs of the attack. It then leaves the device open for a string of other attacks too, if the person creating the code knows where the file containing the user deatils and password is.

    Presently there are fewer attack vectors, but that will not last forever, and it will be down to user stupidity that the few obvious ones get exploited. The other attack vectors are down to poor coding and vunerabilities of apps that are cross platform anyway.

  6. #21


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    Quote Originally Posted by kingswood View Post
    But have less time to enjoy it without buying in lots of little loans to get it to *be* a darned house that you can live in
    That is ridiculous. It's windows that needs the extra (paid) programs and licenses that give it the functionality that come close to where most *nix distos are out of the box (and a 2 yr wait for MS to catch up).

  7. #22

    Join Date
    Mar 2006
    Posts
    537
    Thank Post
    2
    Thanked 3 Times in 2 Posts
    Rep Power
    19
    @Mattx

    Your hatred/fixation with MacOS X is bordering on the pathological.

    What happened is there a traumatic event in your past which tuned into a Mac-o-phobe? Did the love of your life run of with a Porsche driving Mac user.;-)

  8. #23

    Join Date
    Jul 2005
    Location
    Corby
    Posts
    1,056
    Thank Post
    12
    Thanked 20 Times in 18 Posts
    Rep Power
    24
    Quote Originally Posted by CyberNerd View Post
    That is ridiculous. It's windows that needs the extra (paid) programs and licenses that give it the functionality that come close to where most *nix distos are out of the box (and a 2 yr wait for MS to catch up).
    I wasn't talking about Windows

    Who mentioned Windows? I just stretched the analogy to lighten things up.

    Have a good week mate,

    Paul

  9. #24

    Join Date
    Jul 2005
    Location
    Corby
    Posts
    1,056
    Thank Post
    12
    Thanked 20 Times in 18 Posts
    Rep Power
    24
    Quote Originally Posted by GrumbleDook View Post
    Leap-A was a trojan *not* a virus and relied on you entering admin details, and the recipient setting their iChat to receive files from those in their buddy list automatically. Yes, it was jumping through hoops and was targetted at stupid people, but it could be done easily. The LaunchD attack is a better example of exploiting the OS rather then an integrated application, (ie the more recent malware attacks on plugins). LaunchD was very handy to build into Automator (convince the user to enter the user details and password as part of running the Automator Action) and this can be hidden into a file that can be used for subsequent re-runs of the attack. It then leaves the device open for a string of other attacks too, if the person creating the code knows where the file containing the user deatils and password is.

    Presently there are fewer attack vectors, but that will not last forever, and it will be down to user stupidity that the few obvious ones get exploited. The other attack vectors are down to poor coding and vunerabilities of apps that are cross platform anyway.
    Ahhh- this one?

    http://www.symantec.com/security_res...645-99&tabid=2

    That was patched in the 10.4.7 update (check the advisory). Of course there are others, and being "proof of concept" means they "could" work given the right convergence of events. Leap-A (coming in the form of a Trojan; a file called LatestPics.tgz) had to use Tiger (it relied on Spotlight to work). You had to put the file on your machine yourself- normally delivered over chat or from other sites purporting to give away Leopard pictures Some people were stupid enough to download and double click for sure. Leap-A didn't actually do anything "malicious"- it didn't recursively delete files (for example), and at the worst stopped applications from launching. Andrew Welch stated that it would do nasty things to your machine--but that wasn't seen. I tried it on my own system and it did...nothing.

    How did people fix the system if their applications were impacted by this trojan? Just install clean versions of the applications. Getting rid of the trojan was as easy as deleting the apphook file (though the name changed later on to something else).

    At the end of the day what we *all* need is defence in depth. And we all need educating about our respective operating system and its security needs. And then of course we all need to download from trusted sites ;-)

    My point though, was those hoops. That needs to be remembered right now. OS X is inherently more secure than some other systems, but the weak link in the chain (I think we agree here) is the user.

    Take care,

    Paul

  10. #25

    webman's Avatar
    Join Date
    Nov 2005
    Location
    North East England
    Posts
    8,413
    Thank Post
    642
    Thanked 964 Times in 664 Posts
    Blog Entries
    2
    Rep Power
    327
    Quote Originally Posted by GrumbleDook View Post
    Yes, it was jumping through hoops and was targetted at stupid people
    Most mac users then?



    I said most!! Not all!!

  11. #26

    mattx's Avatar
    Join Date
    Jan 2007
    Posts
    9,240
    Thank Post
    1,058
    Thanked 1,069 Times in 625 Posts
    Rep Power
    740
    Quote Originally Posted by ITWombat View Post
    @Mattx

    Your hatred/fixation with MacOS X is bordering on the pathological.

    What happened is there a traumatic event in your past which tuned into a Mac-o-phobe? Did the love of your life run of with a Porsche driving Mac user.;-)
    Do all Mac users drive Porsches ? Good lord, they must have very small penises then.

    note to over zealous admins: lets hope I don't get told off for that comment like i did my intercourse one. They are jokes people - just jokes !!

    Just to put the record straight, I hate Steve Jobs more than I hate Macs....;-)

    Anyone would think I just love stiring the debate or lighting the blue touch paper wouldn't they........ who knows, I may actually own a Mac....

  12. #27

    Join Date
    Jul 2005
    Location
    Corby
    Posts
    1,056
    Thank Post
    12
    Thanked 20 Times in 18 Posts
    Rep Power
    24
    Quote Originally Posted by mattx View Post
    Do all Mac users drive Porsches ? Good lord, they must have very small penises then.

    note to over zealous admins: lets hope I don't get told off for that comment like i did my intercourse one. They are jokes people - just jokes !!

    Just to put the record straight, I hate Steve Jobs more than I hate Macs....;-)

    Anyone would think I just love stiring the debate or lighting the blue touch paper wouldn't they........ who knows, I may actually own a Mac....
    Who would like stirring debate?

    And if you *did* own a Mac, I bet you hide it inside a Dell box when people come around

    And surely you don't dislike Steve Jobs *more* than Steve Balmer? Please?

    Take care,

    Paul

  13. #28
    torledo's Avatar
    Join Date
    Oct 2007
    Posts
    2,928
    Thank Post
    168
    Thanked 155 Times in 126 Posts
    Rep Power
    48
    Quote Originally Posted by mattx View Post
    Do all Mac users drive Porsches ? Good lord, they must have very small penises then.

    note to over zealous admins: lets hope I don't get told off for that comment like i did my intercourse one. They are jokes people - just jokes !!

    Just to put the record straight, I hate Steve Jobs more than I hate Macs....;-)

    Anyone would think I just love stiring the debate or lighting the blue touch paper wouldn't they........ who knows, I may actually own a Mac....
    come on you know you wouldn't be allowed to get away with that intercourse comment.

    Anyway, i'm not a die hard apple fanboy, but i would be prepared to put down a fair amount of money for an original boxed Apple Newton. A product ahead of it's time.

    ....I mean it can't be any worse than PDA's running pocket pc or Windows mobile or whatever MS call they're joke of a PDA OS. And i'm sure there are one or two newton enthusiast/owners clubs around for software and tweaks.

  14. #29

    Join Date
    Jan 2007
    Location
    Leicestershire
    Posts
    60
    Thank Post
    0
    Thanked 9 Times in 4 Posts
    Rep Power
    17
    Quote Originally Posted by CyberNerd View Post
    err, konqueror supports webdav - in a window.
    Konqueror is installed by default on the eeepc.

    probably too complicated for mac users
    <sigh> Yeah, OK, but as a Linux user for many years I couldn't find a way to use it. The default GUI on the Eee PC is not very configurable. Goodness, I remember using LaTeX and all manner of similar command-line tools. I was quite a Linux geek in my time - so I resent the aspersion that Konqueror is too difficult for me. I used KDE and Gnome and several other window managers. Funnily enough my favourite was always AfterStep . . .

    As I said before, I abandoned Linux because I didn't have time for all the tinkering and configuring. I wanted to get some work done. I also felt that computers should not be machines just for the geeks but should be accessible to the general public and usable out of the box. Geeks will always prefer an OS which allows them to receive the adulation of the majority who do not possess such advanced skills. Why would they want to lose status by adopting Mac OS X?

    OK, I have a virgin Eee PC. What do I do next to access my remote WebDAV drive using the default tools already installed . . .

  15. #30

    tech_guy's Avatar
    Join Date
    May 2007
    Location
    That little bit in the middle of Little Old England
    Posts
    8,136
    Thank Post
    1,913
    Thanked 1,345 Times in 743 Posts
    Blog Entries
    3
    Rep Power
    396
    Quote Originally Posted by torledo View Post
    but i would be prepared to put down a fair amount of money for an original boxed Apple Newton
    I suppose one of the daftest things I've done then is sell my old one for a tenner at a carboot? Go on, tell me how much it was really worth....


SHARE:
+ Post New Thread
Page 2 of 3 FirstFirst 123 LastLast

Similar Threads

  1. CPU Fans
    By Jackd in forum Hardware
    Replies: 10
    Last Post: 5th October 2007, 07:23 AM
  2. Any other 'House MD' fans out there?
    By kearton in forum General Chat
    Replies: 12
    Last Post: 12th August 2007, 06:48 AM
  3. Laptop fans
    By richard in forum Hardware
    Replies: 5
    Last Post: 8th May 2007, 01:41 PM
  4. CPU fans
    By Jobos in forum Hardware
    Replies: 2
    Last Post: 19th April 2007, 07:35 PM
  5. BF42 Fans
    By alan-d in forum Gaming
    Replies: 0
    Last Post: 23rd March 2006, 05:30 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •