I think my favorite part was right after they say how you are perfectly safe from this Trojan as long as you don't pirate software, but then go on to say how you can pirate in safety if you just buy their software first.
It's unlikely that any proof will be in the offing until long after these guys are out of business, but I still think that in the end it will turn out that anti-virus software vendors are the ones behind a lot of these viruses.
Even if this company is legit, it's really not cool the way they advertise their software as protection against this Trojan or any other Trojan. There is no anti-virus software that can protect you from a Trojan. No matter what system you use or what anti-malware software you use, the only protection against Trojans is using your common sense.
The best you can hope for is that part of the anti-virus software monitors your internet connection and can alert you to the presence of the Trojan *after* you have already installed it. But a Trojan that's purpose is to steal your personal information for example, is pretty much "out the door" with your information the very first time you see any traffic.
A Trojan also cannot be removed by anti-virus software either unless the manufacturer already knows about it and has transmitted removal info to your computer. This means you end up needing to constantly update your definitions and threats and you are now locked to your anti-virus vendor tight as a drum for the rest of your life.
IMO the "malware removal" folks are waay to tight with the actual malware folks and always have been. Other than the top one or two names in the business (and I am suspicious about those as well), there has been lots of cross-pollination between the groups in the past as well. On a Mac, installing anti-virus software and installing actual malware are pretty much the same thing to me. One is better off just using the brain to deter these kinds of attacks.
How does Intego know the exact numbers how often these "spezial" software packages have been downloaded. I would think if these packages are on P2P no one can really know!
If I were a conspiracy enthusiast I might suspect Intego of posting the said software with said trojans ... but I'm not, really.
I haven't had any issues with any of my software, but I downloaded it all several months ago. People are just dumb. Trial software is always the full version that just needs some tweeking to make it work in full. People are stupid if they don't download from the manufacturer, they are pretty much asking for it.
I haven't had any issues with any of my software, but I downloaded it all several months ago. People are just dumb. Trial software is always the full version that just needs some tweeking to make it work in full. People are stupid if they don't download from the manufacturer, they are pretty much asking for it.
I haven't had any issues with any of my software, but I downloaded it all several months ago. People are just dumb. Trial software is always the full version that just needs some tweeking to make it work in full. People are stupid if they don't download from the manufacturer, they are pretty much asking for it.
Just out of curiosity, why not just buy it? You seem like a smart person, what's the basic reason you have in your head for stealing this stuff (or do you have one at all)?
It's not like the software is a bad value proposition, it's some of the best designed office-type apps you can get, and it's cheaper than any other comparable product by quite a lot.
Personally, I can see the reasoning behind pirating things like the Adobe CS suite which are a very bad value and made by a company that is actively trying to screw it's users over. But in this case, you have a great product, cheap price, and a very supportive company that values it's customers. Doesn't that make any difference at all?
Just out of curiosity, why not just buy it? You seem like a smart person, what's the basic reason you have in your head for stealing this stuff (or do you have one at all)?
It's not like the software is a bad value proposition, it's some of the best designed office-type apps you can get, and it's cheaper than any other comparable product by quite a lot.
Personally, I can see the reasoning behind pirating things like the Adobe CS suite which are a very bad value and made by a company that is actively trying to screw it's users over. But in this case, you have a great product, cheap price, and a very supportive company that values it's customers. Doesn't that make any difference at all?
So stealing is ok as long as what is being stolen is expensive?
I think my favorite part was right after they say how you are perfectly safe from this Trojan as long as you don't pirate software, but then go on to say how you can pirate in safety if you just buy their software first.
Any one know of a good seed of VirusBarrier X4 and X5 so I can torrent it?
But seriously, why are people trying to steal copies of iWork? It's a measly $80 ($71 for students) and as others here have noted, a free 30 day trial is available.
Kiddies. They just want their machine loaded full of software that they won't ever learn how to use. They look at it as free money. Some people just can't resist the temptation to get something for nothing.
If I were a conspiracy enthusiast I might suspect Intego of posting the said software with said trojans ... but I'm not, really.
Either that or Adobe to see how many businesses are using it illegally and can be fined for doing so. Home users would be difficult to go after and but they can issue a check for business use of software and go so far as to shut them down if they haven't paid for it.
It doesn't seem like this uses the OS X installer to do the trojan installing but I've always considered Apple's installer to be a security risk. Some installations, it just asks for the password and rattles through a whole installation. You wouldn't know what it was putting on the system or where.
Every single file that is placed in an important location should be flagged and the user should be notified. The OS should perhaps flag and warn of modifications to critical system locations. It wouldn't end up like Vista as those locations won't be written to often but it's a good measure for preventing Trojans etc.
One, because they can. Some people just like to collect software. Even if they will never use it.
Two, money. While most of us feel that $80 isn't a lot of money to spend on iWork, others may feel it's too much but still feel they must have it instead of saving up the $80.
Three, they are trying to "hook up" a friend. Even if they actually bought it for themselves, they may give a copy to a friend or download it for them.
Four, OS X's relative security till now. Up until now, there really hasn't been any credible threat to someone's system if they did download something. Even mp3s. My guess is that as this story gets more circulation, many would be pirates will decide it's not worth it anymore. Or they'll install anti-virus software in the hopes of it protecting them.
2. MD 5 hash.
Someone mentioned to check the MD 5 hash. Someone else said it was easy to fake. Yes and No. MD5 is no longer as trusted as it once was. This much is true. However, it's not easy to fake. I mean if getting 200 PS3 to do the crack is easy to you, go right ahead. Re: http://www.itproportal.com/articles/...ming-consoles/
3. It's OK to steal CS4, but not iWork.
One poster mentioned the difference in price and how he could see someone stealing CS4. Another poster replied to him asking why it's OK to steal it. I don't think the original poster was saying it was OK to steal CS4, just understanding why someone would since it is very expensive. They also (I think it was the same person) added justification (to them) by claiming Adobe is out to screw people. Be that as it may, one reason software companies charge so much (and it's not the only reason) is to make up for theft. Common practice in Retail. If someone steals an item out of the store, the price of that item is partially set to help recover the cost of someone stealing it.
4. Anti-Virus software won't protect you.
Another Yes and No answer. First of all, no one AV program will be able to completely protect you. And even multiple ones aren't 100% effective. Mainly because of their virus definitions database. An AV is only as good as its DB. A virus or trojan that is new probably won't be in any AV's database for awhile, so you could get infected. Also, depending on how the AV is set, it's possible for the virus or trojan to get installed even if it is in the AV's database. However, an AV could prevent the installation of a virus or trojan if it has scanned the file prior to it being executed, or the e-mail prior to the person reading it. So, Intego's claim that their AV could protect someone would be valid.
5. Intego telling people it's OK to steal if you have their software.
I don't read it as that entirely. I read it as they say don't do it. However, to protect yourself from these two trojans it wouldn't hurt to have their AV. It's not like these two trojans couldn't be used in something else. I'm getting outside of my knowledge here on this one, but I would say it's possible for either trojan to be put into an e-mail and distributed. I might be wrong on this one. But I can see how one could read their statement as saying "Don't steal, but if you want to, use us to protect you."
Guess that's it for me on this. Just my $0.02 x 100
So stealing is ok as long as what is being stolen is expensive?
Gotta love that logic.
More like:
"Stealing something you need from a bad man who is trying to cheat you is understandable/forgivable to some degree."
Also, I wouldn't equate the two, but it's patently obvious that there are times when stealing is the more "moral" choice. The classic example is stealing a loaf of bread to feed your starving kids etc.
Watch out for the general, non-technical, fear-mongering, always get it wrong media to get a hold of this. I guarantee they will erroniously refer to it as a virus.
According to Symantec, here is what the iWork trojan looks for:
"Next, the Trojan determines if the session is running with root privileges. If not, the threat exits."
How many people are actually running their Mac with root access?
If someone really wanted iWork, serial numbers have been posted in torrent forums without needing to download any torrents. I tried the trial version and thought Pages was far too limiting compared to Word. Since Office can be obtained for $149, iWork doesn't have a chance to compete. So I dumped the Trial version and will stick with Office, which I already own. Word 2004 loads faster than Pages on my iMac G5, and I like how Word remembers the document position and zoom level. Pages always opens in a narrow window in the middle of the screen, which is annoying.
I think my favorite part was right after they say how you are perfectly safe from this Trojan as long as you don't pirate software, but then go on to say how you can pirate in safety if you just buy their software first.
If someone with the Flu sneezes in your face you may just catch the bug! Worms can spread from computer to computer in a variety of ways.
Watch out for the general, non-technical, fear-mongering, always get it wrong media to get a hold of this. I guarantee they will erroniously refer to it as a virus.
Any program that modifies your computer is considered a virus. If you read Symantec's info on the iWork trojan horse, that is exactly what it does to your computer, but only if it has root access.
"Stealing something you need from a bad man who is trying to cheat you is understandable/forgivable to some degree."
Also, I wouldn't equate the two, but it's patently obvious that there are times when stealing is the more "moral" choice. The classic example is stealing a loaf of bread to feed your starving kids etc.
Stealing is stealing no matter how much you try to justify or rationalize it.
Someone mentioned to check the MD 5 hash. Someone else said it was easy to fake. Yes and No. MD5 is no longer as trusted as it once was. This much is true. However, it's not easy to fake. I mean if getting 200 PS3 to do the crack is easy to you, go right ahead. Re: http://www.itproportal.com/articles/...ming-consoles/
I agree. I'd think it would take a lot of effort to get the filesize of the ISO and the MD5 hash to look "normal". That said, getting it from the source solves those problems.
Quote:
Originally Posted by hillstones
If someone really wanted iWork, serial numbers have been posted in torrent forums without needing to download any torrents.
IIRC, the CS4 trojan is in the cracking app, not the Adobe software itself.
Quote:
Originally Posted by hillstones
Any program that modifies your computer is considered a virus. If you read Symantec's info on the iWork trojan horse, that is exactly what it does to your computer, but only if it has root access.
Not true. Trojans, virii, and spyware are all malware that do different things and work in different ways. Your definition is overly simplistic.
I agree that software piracy is illegal and stupid. What about the trojan writers? Sure, they're just inflicting a little karma on the pirates, but don't they need to be taught a lesson. Intego needs to make public the 2 IP addresses that the trojan is contacting. Maybe somebody could DDoS them and shut down the threat on that end.
Comments
I think my favorite part was right after they say how you are perfectly safe from this Trojan as long as you don't pirate software, but then go on to say how you can pirate in safety if you just buy their software first.
It's unlikely that any proof will be in the offing until long after these guys are out of business, but I still think that in the end it will turn out that anti-virus software vendors are the ones behind a lot of these viruses.
Even if this company is legit, it's really not cool the way they advertise their software as protection against this Trojan or any other Trojan. There is no anti-virus software that can protect you from a Trojan. No matter what system you use or what anti-malware software you use, the only protection against Trojans is using your common sense.
The best you can hope for is that part of the anti-virus software monitors your internet connection and can alert you to the presence of the Trojan *after* you have already installed it. But a Trojan that's purpose is to steal your personal information for example, is pretty much "out the door" with your information the very first time you see any traffic.
A Trojan also cannot be removed by anti-virus software either unless the manufacturer already knows about it and has transmitted removal info to your computer. This means you end up needing to constantly update your definitions and threats and you are now locked to your anti-virus vendor tight as a drum for the rest of your life.
IMO the "malware removal" folks are waay to tight with the actual malware folks and always have been. Other than the top one or two names in the business (and I am suspicious about those as well), there has been lots of cross-pollination between the groups in the past as well. On a Mac, installing anti-virus software and installing actual malware are pretty much the same thing to me. One is better off just using the brain to deter these kinds of attacks.
How does Intego know the exact numbers how often these "spezial" software packages have been downloaded. I would think if these packages are on P2P no one can really know!
If I were a conspiracy enthusiast I might suspect Intego of posting the said software with said trojans ... but I'm not, really.
iNaturalSelection.
I haven't had any issues with any of my software, but I downloaded it all several months ago. People are just dumb. Trial software is always the full version that just needs some tweeking to make it work in full. People are stupid if they don't download from the manufacturer, they are pretty much asking for it.
iNaturalSelection.
"tweeking to make it work in full" = STEALING
I haven't had any issues with any of my software, but I downloaded it all several months ago. People are just dumb. Trial software is always the full version that just needs some tweeking to make it work in full. People are stupid if they don't download from the manufacturer, they are pretty much asking for it.
Just out of curiosity, why not just buy it? You seem like a smart person, what's the basic reason you have in your head for stealing this stuff (or do you have one at all)?
It's not like the software is a bad value proposition, it's some of the best designed office-type apps you can get, and it's cheaper than any other comparable product by quite a lot.
Personally, I can see the reasoning behind pirating things like the Adobe CS suite which are a very bad value and made by a company that is actively trying to screw it's users over. But in this case, you have a great product, cheap price, and a very supportive company that values it's customers. Doesn't that make any difference at all?
Just out of curiosity, why not just buy it? You seem like a smart person, what's the basic reason you have in your head for stealing this stuff (or do you have one at all)?
It's not like the software is a bad value proposition, it's some of the best designed office-type apps you can get, and it's cheaper than any other comparable product by quite a lot.
Personally, I can see the reasoning behind pirating things like the Adobe CS suite which are a very bad value and made by a company that is actively trying to screw it's users over. But in this case, you have a great product, cheap price, and a very supportive company that values it's customers. Doesn't that make any difference at all?
So stealing is ok as long as what is being stolen is expensive?
Gotta love that logic.
I think my favorite part was right after they say how you are perfectly safe from this Trojan as long as you don't pirate software, but then go on to say how you can pirate in safety if you just buy their software first.
Any one know of a good seed of VirusBarrier X4 and X5 so I can torrent it?
But seriously, why are people trying to steal copies of iWork? It's a measly $80 ($71 for students) and as others here have noted, a free 30 day trial is available.
Kiddies. They just want their machine loaded full of software that they won't ever learn how to use. They look at it as free money. Some people just can't resist the temptation to get something for nothing.
If I were a conspiracy enthusiast I might suspect Intego of posting the said software with said trojans ... but I'm not, really.
Either that or Adobe to see how many businesses are using it illegally and can be fined for doing so. Home users would be difficult to go after and but they can issue a check for business use of software and go so far as to shut them down if they haven't paid for it.
It doesn't seem like this uses the OS X installer to do the trojan installing but I've always considered Apple's installer to be a security risk. Some installations, it just asks for the password and rattles through a whole installation. You wouldn't know what it was putting on the system or where.
Every single file that is placed in an important location should be flagged and the user should be notified. The OS should perhaps flag and warn of modifications to critical system locations. It wouldn't end up like Vista as those locations won't be written to often but it's a good measure for preventing Trojans etc.
1. Why do people steal software? Many reasons:
One, because they can. Some people just like to collect software. Even if they will never use it.
Two, money. While most of us feel that $80 isn't a lot of money to spend on iWork, others may feel it's too much but still feel they must have it instead of saving up the $80.
Three, they are trying to "hook up" a friend. Even if they actually bought it for themselves, they may give a copy to a friend or download it for them.
Four, OS X's relative security till now. Up until now, there really hasn't been any credible threat to someone's system if they did download something. Even mp3s. My guess is that as this story gets more circulation, many would be pirates will decide it's not worth it anymore. Or they'll install anti-virus software in the hopes of it protecting them.
2. MD 5 hash.
Someone mentioned to check the MD 5 hash. Someone else said it was easy to fake. Yes and No. MD5 is no longer as trusted as it once was. This much is true. However, it's not easy to fake. I mean if getting 200 PS3 to do the crack is easy to you, go right ahead. Re: http://www.itproportal.com/articles/...ming-consoles/
3. It's OK to steal CS4, but not iWork.
One poster mentioned the difference in price and how he could see someone stealing CS4. Another poster replied to him asking why it's OK to steal it. I don't think the original poster was saying it was OK to steal CS4, just understanding why someone would since it is very expensive. They also (I think it was the same person) added justification (to them) by claiming Adobe is out to screw people. Be that as it may, one reason software companies charge so much (and it's not the only reason) is to make up for theft. Common practice in Retail. If someone steals an item out of the store, the price of that item is partially set to help recover the cost of someone stealing it.
4. Anti-Virus software won't protect you.
Another Yes and No answer. First of all, no one AV program will be able to completely protect you. And even multiple ones aren't 100% effective. Mainly because of their virus definitions database. An AV is only as good as its DB. A virus or trojan that is new probably won't be in any AV's database for awhile, so you could get infected. Also, depending on how the AV is set, it's possible for the virus or trojan to get installed even if it is in the AV's database. However, an AV could prevent the installation of a virus or trojan if it has scanned the file prior to it being executed, or the e-mail prior to the person reading it. So, Intego's claim that their AV could protect someone would be valid.
5. Intego telling people it's OK to steal if you have their software.
I don't read it as that entirely. I read it as they say don't do it. However, to protect yourself from these two trojans it wouldn't hurt to have their AV. It's not like these two trojans couldn't be used in something else. I'm getting outside of my knowledge here on this one, but I would say it's possible for either trojan to be put into an e-mail and distributed. I might be wrong on this one. But I can see how one could read their statement as saying "Don't steal, but if you want to, use us to protect you."
Guess that's it for me on this. Just my $0.02 x 100
http://www.symantec.com/business/sec...245-99&tabid=1
Someone trying to boost their sales?
http://forums.appleinsider.com/image...s/1smoking.gif
So stealing is ok as long as what is being stolen is expensive?
Gotta love that logic.
More like:
"Stealing something you need from a bad man who is trying to cheat you is understandable/forgivable to some degree."
Also, I wouldn't equate the two, but it's patently obvious that there are times when stealing is the more "moral" choice. The classic example is stealing a loaf of bread to feed your starving kids etc.
"Next, the Trojan determines if the session is running with root privileges. If not, the threat exits."
How many people are actually running their Mac with root access?
If someone really wanted iWork, serial numbers have been posted in torrent forums without needing to download any torrents. I tried the trial version and thought Pages was far too limiting compared to Word. Since Office can be obtained for $149, iWork doesn't have a chance to compete. So I dumped the Trial version and will stick with Office, which I already own. Word 2004 loads faster than Pages on my iMac G5, and I like how Word remembers the document position and zoom level. Pages always opens in a narrow window in the middle of the screen, which is annoying.
I think my favorite part was right after they say how you are perfectly safe from this Trojan as long as you don't pirate software, but then go on to say how you can pirate in safety if you just buy their software first.
If someone with the Flu sneezes in your face you may just catch the bug! Worms can spread from computer to computer in a variety of ways.
Watch out for the general, non-technical, fear-mongering, always get it wrong media to get a hold of this. I guarantee they will erroniously refer to it as a virus.
Any program that modifies your computer is considered a virus. If you read Symantec's info on the iWork trojan horse, that is exactly what it does to your computer, but only if it has root access.
More like:
"Stealing something you need from a bad man who is trying to cheat you is understandable/forgivable to some degree."
Also, I wouldn't equate the two, but it's patently obvious that there are times when stealing is the more "moral" choice. The classic example is stealing a loaf of bread to feed your starving kids etc.
Stealing is stealing no matter how much you try to justify or rationalize it.
Have a nice life. Karma can be a nasty thing.
2. MD 5 hash.
Someone mentioned to check the MD 5 hash. Someone else said it was easy to fake. Yes and No. MD5 is no longer as trusted as it once was. This much is true. However, it's not easy to fake. I mean if getting 200 PS3 to do the crack is easy to you, go right ahead. Re: http://www.itproportal.com/articles/...ming-consoles/
I agree. I'd think it would take a lot of effort to get the filesize of the ISO and the MD5 hash to look "normal". That said, getting it from the source solves those problems.
If someone really wanted iWork, serial numbers have been posted in torrent forums without needing to download any torrents.
IIRC, the CS4 trojan is in the cracking app, not the Adobe software itself.
Any program that modifies your computer is considered a virus. If you read Symantec's info on the iWork trojan horse, that is exactly what it does to your computer, but only if it has root access.
Not true. Trojans, virii, and spyware are all malware that do different things and work in different ways. Your definition is overly simplistic.