or Connect
AppleInsider › Forums › Software › Mac Software › Two new trojan horses threaten Mac software pirates
New Posts  All Forums:Forum Nav:

Two new trojan horses threaten Mac software pirates

post #1 of 92
Thread Starter 
Tens of thousands of users who've downloaded pirated versions of iWork '09 or Photoshop CS4 may have opened their Macs to remote attacks from malicious users.

iWork '09

Mac security software maker Intego discovered last week what it calls "OSX.Trojan.iServices.A" in pirated copies of Apple's iWork '09 making the rounds on BitTorrent file sharing networks.Â* An additional package not found in retail copies of the iWork installer called "iWorkServices.pkg" is installed as a startup item with read/write/execute abilities with the pirated versions.

According to Intego, the rogue software connects to a remote server to notify its creator that the trojan has been installed on different Macs, and he or she can "connect to them and perform various actions remotely", including downloading additional components to the machine.

Intego considers the risk of infection to be serious, warning of "extremely serious consequences" if a user's Mac is compromised by software. The security firm said 20,000 people had already downloaded the installer at the time of its alert.Â* As of now, Intego counts 1,000 more since the initial warning.



In an update on the matter Monday morning, Intego said Macs infected with the trojan are being pushed new code that downloads in the background, which is then being used to facilitate a DDoS (distributed denial of service) attack on certain websites.

Photoshop CS4

As part of its update, Intego also says it has discovered a new variant of the same Trojan horse called "OSX.Trojan.iServices.B", which can be found in pirated versions of Adobe Photoshop CS4.Â* This installer has already been downloaded by 5,000 people who are now at risk, the firm says.



This installer compromises the system not by installing an additional package, but through a crack application that serializes the program for use without a purchased retail key.Â* This app extracts an executable from its data and installs a backdoor in /var/tmp/.Â* If the user runs the crack app again, a new executable with a different random name is created, making it difficult to safely remove the malware.



Once the administrator password is entered, a backdoor with root privileges is launched, copying the executable to /usr/bin/DivX and a startup item in /System/Library/StartupItems/DivX.Â* It then makes repeated connections to two IP addresses, according to Intego.

A malicious user can then connect to the affected Macs and perform various actions and downloads remotely.Â* Intego predicts this Trojan horse may also be used to execute similar DDoS attacks.

Warning

As a result of these two very serious risks, Intego is warning Mac users not to download any cracking software from sites that distribute it.

"The risk of infection is serious, due to the number of infected users, and these users may face extremely serious consequences if their Macs are accessible to malicious users," reads a notice on the security firm's website.

Intego recommends that users never download and install software from untrusted sources or questionable websites.Â*Â*It says its own VirusBarrier X4 and X5 products with virus definitions dated January 22, 2009, or later will protect against these two Trojan horses.
post #2 of 92
Quote:
Originally Posted by AppleInsider View Post

Tens of thousands of users who've downloaded pirated versions of iWork '09 or Photoshop CS4 may have opened their Macs to remote attacks from malicious users.
*snip*

Stupid question: Why do these apps need an installer at all? Most OS X apps are .app folders that you simply need to drag and drop into the Applications folder. I understand there are exceptional cases like iTunes that need to write to the system folders, but why do iLife and iWork need to do so?
post #3 of 92
Quote:
Originally Posted by JavaCowboy View Post

Stupid question: Why do these apps need an installer at all? Most OS X apps are .app folders that you simply need to drag and drop into the Applications folder. I understand there are exceptional cases like iTunes that need to write to the system folders, but why do iLife and iWork need to do so?

Well, it depends. IMO, there are two different kind of apps - one that have installer such as CS4, iWork, iLife, Apple Pros, etc. and other that doesn't have installers are FF3, AppZap, etc. that enable to drag and drop into App folder from DMG.

I may be wrong but that is what I think.
post #4 of 92
Quote:
Originally Posted by AppleInsider View Post

Tens of thousands of users who've downloaded pirated versions of iWork '09 or Photoshop CS4 may have opened their Macs to remote attacks from malicious users.

iWork '09

Mac security software maker Intego discovered last week what it calls "OSX.Trojan.iServices.A" in pirated copies of Apple's iWork '09 making the rounds on BitTorrent file sharing networks.* An additional package not found in retail copies of the iWork installer called "iWorkServices.pkg" is installed as a startup item with read/write/execute abilities with the pirated versions.

According to Intego, the rogue software connects to a remote server to notify its creator that the trojan has been installed on different Macs, and he or she can "connect to them and perform various actions remotely", including downloading additional components to the machine.

Intego considers the risk of infection to be serious, warning of "extremely serious consequences" if a user's Mac is compromised by software. The security firm said 20,000 people had already downloaded the installer at the time of its alert.* As of now, Intego counts 1,000 more since the initial warning.



In an update on the matter Monday morning, Intego said Macs infected with the trojan are being pushed new code that downloads in the background, which is then being used to facilitate a DDoS (distributed denial of service) attack on certain websites.

Photoshop CS4

As part of its update, Intego also says it has discovered a new variant of the same Trojan horse called "OSX.Trojan.iServices.B", which can be found in pirated versions of Adobe Photoshop CS4.* This installer has already been downloaded by 5,000 people who are now at risk, the firm says.



This installer compromises the system not by installing an additional package, but through a crack application that serializes the program for use without a purchased retail key.* This app extracts an executable from its data and installs a backdoor in /var/tmp/.* If the user runs the crack app again, a new executable with a different random name is created, making it difficult to safely remove the malware.



Once the administrator password is entered, a backdoor with root privileges is launched, copying the executable to /usr/bin/DivX and a startup item in /System/Library/StartupItems/DivX.* It then makes repeated connections to two IP addresses, according to Intego.

A malicious user can then connect to the affected Macs and perform various actions and downloads remotely.* Intego predicts this Trojan horse may also be used to execute similar DDoS attacks.

Warning

As a result of these two very serious risks, Intego is warning Mac users not to download any cracking software from sites that distribute it.

"The risk of infection is serious, due to the number of infected users, and these users may face extremely serious consequences if their Macs are accessible to malicious users," reads a notice on security firm's website.

Intego recommends that users never download and install software from untrusted sources or questionable websites.**It says its own VirusBarrier X4 and X5 products with virus definitions dated January 22, 2009, or later will protect against these two Trojan horses.

HA! I don't feel sorry for those people. Pirate software will always come with Trojan, viruses, etc. I'd rather stick to legit software though.
post #5 of 92
The number of idiots downloading these astound me. Especially since they could both be downloaded directly from their respective manufacturer.

Honestly, they get what is coming to them.
post #6 of 92
Quote:
Originally Posted by JavaCowboy View Post

Stupid question: Why do these apps need an installer at all? Most OS X apps are .app folders that you simply need to drag and drop into the Applications folder. I understand there are exceptional cases like iTunes that need to write to the system folders, but why do iLife and iWork need to do so?

If you try to run the apps without installing you'll get a dialog box that says something to the effect of "Pages is missing files iWork needs. Please run the iWork installer from your disc". You can choose to Run Anyway, or Quit, as I found out recently after reinstalling OS X. How did this happen? I bought my copy of iWork after using the trial download, but Apple no longer offers iWork '08 trial downloads now that iWork '09 is around. Unfortunately it wasn't as easy as I'd hoped.
AppleInsider contributor
Reply
AppleInsider contributor
Reply
post #7 of 92
Quote:
Originally Posted by AppleInsider View Post

Intego recommends that users never download and install software from untrusted sources or questionable websites.**It says its own VirusBarrier X4 and X5 products with virus definitions dated January 22, 2009, or later will protect against these two Trojan horses.

People, don't download pirated software from the torrent sites!

Without a reliable way of verifying the MD5 hash against the downloaded ISOs, you have no way of knowing how it has been tampered with.

As much as this sucks for everyone, I have to say there is quite a helping of poetic justice for those that downloaded pirated versions vs. buying legitimate copies.

   Apple develops an improved programming language.  Google copied Java.  Everything you need to know, right there.

 

  MA497LL/A FB463LL/A MC572LL/A FC060LL/A MD481LL/A MD388LL/A ME344LL/A

Reply

   Apple develops an improved programming language.  Google copied Java.  Everything you need to know, right there.

 

  MA497LL/A FB463LL/A MC572LL/A FC060LL/A MD481LL/A MD388LL/A ME344LL/A

Reply
post #8 of 92
How does Intego know the exact numbers how often these "spezial" software packages have been downloaded. I would think if these packages are on P2P no one can really know!
post #9 of 92
Quote:
Originally Posted by JavaCowboy View Post

Stupid question: Why do these apps need an installer at all? Most OS X apps are .app folders that you simply need to drag and drop into the Applications folder. I understand there are exceptional cases like iTunes that need to write to the system folders, but why do iLife and iWork need to do so?

Actually iLife does write to some system folders, I believe. The Adobe installers allow you to customize what exactly gets installed, which wouldn't be possible with drag-and-drop. I would think any time you need custom installation options, or you're installing multiple programs, or doing anything outside of /Applications, an installer is preferable.
post #10 of 92
Quote:
Originally Posted by ZachSpear View Post

If you try to run the apps without installing you'll get a dialog box that says something to the effect of "Pages is missing files iWork needs. Please run the iWork installer from your disc". You can choose to Run Anyway, or Quit, as I found out recently after reinstalling OS X. How did this happen? I bought my copy of iWork after using the trial download, but Apple no longer offers iWork '08 trial downloads now that iWork '09 is around. Unfortunately it wasn't as easy as I'd hoped.

I understand what you're saying, but that doesn't address my question.

My question is why, from a design perspective, do iWork/iLife need to write to system directories, when apps like Firefox do not? The only reason a program should need an installer is if it writes to system directories, which /Applications is not.

As an OS X user, I've been conditioned to be suspicious of any non-Apple installer that asks for my password, and thus, tries to write to system directories.
post #11 of 92
Brian Krebs wrote about this last Thursday. I still can't get my head around why tens of thousands of idiots are installing software from utterly untrusted sources when Apple makes a 30-day trial copy freely available for download.
post #12 of 92
Quote:
Originally Posted by copeland View Post

How does Intego know the exact numbers how often these "spezial" software packages have been downloaded. I would think if these packages are on P2P no one can really know!

They probably made it up, just like the other trojan and virus scares coming from an anti-virus software vendor.
post #13 of 92
Shame they called it something as insipid as "OSX.Trojan.iServices.A"

They should have named it "karma"
post #14 of 92
Quote:
Originally Posted by Janus View Post

Shame they called it something as insipid as "OSX.Trojan.iServices.A"

They should have named it "karma"

Blog: PowerConferenceCalls.com
Reply
Blog: PowerConferenceCalls.com
Reply
post #15 of 92
Quote:
Originally Posted by copeland View Post

How does Intego know the exact numbers how often these "spezial" software packages have been downloaded. I would think if these packages are on P2P no one can really know!

Well Intego just counts how many times people download it from their servers...oops!

But seriously, why are people trying to steal copies of iWork? It's a measly $80 ($71 for students) and as others here have noted, a free 30 day trial is available.
False comparisons do not a valid argument make.
Reply
False comparisons do not a valid argument make.
Reply
post #16 of 92
Quote:
Originally Posted by John.B View Post

People, don't download pirated software from the torrent sites!
Without a reliable way of verifying the MD5 hash against the downloaded ISOs, you have no way of knowing how it has been tampered with.

Even knowing the MD5 of the original ISO, you still don't know how the file has been tampered with. MD5 is meant as a data integrity check, not as a security measure. Even if a file has been changed, it's relatively easy to craft the file such that its MD5 is the same as the original.
post #17 of 92
Quote:
Originally Posted by JavaCowboy View Post

Stupid question: Why do these apps need an installer at all? Most OS X apps are .app folders that you simply need to drag and drop into the Applications folder. I understand there are exceptional cases like iTunes that need to write to the system folders, but why do iLife and iWork need to do so?

Next stupid question: why do these applications need root privileges? Surely many of these applications need administrator privileges to be installed, but not have administrator ownership.

Incidentally, shouldn't anything calling home be triggering a permissions warning with Leopard?
post #18 of 92
Or it should be called "Your mom"
post #19 of 92
Quote:
Originally Posted by JavaCowboy View Post

My question is why, from a design perspective, do iWork/iLife need to write to system directories, when apps like Firefox do not? The only reason a program should need an installer is if it writes to system directories, which /Applications is not.

Yes, as previous stated they do need to write to the system directories. If it is the standard OS X installer app then you can see what files and directories are written if you go to File » Show Files. However, it would not be hard to spoof the installer if one were so inclined.


PS: I think you can use this to see if the trojan was added to the installer before installing.
Dick Applebaum on whether the iPad is a personal computer: "BTW, I am posting this from my iPad pc while sitting on the throne... personal enough for you?"
Reply
Dick Applebaum on whether the iPad is a personal computer: "BTW, I am posting this from my iPad pc while sitting on the throne... personal enough for you?"
Reply
post #20 of 92
Quote:
Originally Posted by JavaCowboy View Post

I understand what you're saying, but that doesn't address my question.

My question is why, from a design perspective, do iWork/iLife need to write to system directories, when apps like Firefox do not? The only reason a program should need an installer is if it writes to system directories, which /Applications is not.

As an OS X user, I've been conditioned to be suspicious of any non-Apple installer that asks for my password, and thus, tries to write to system directories.

You asked why it needs an installer, so that's the question I attempted to answer. As for the clarified question, "Why does an Apple application like iWork 'need' to write to system directories?" Probably the same reason Apple applications like QuickTime and iWeb have helper files and components in the system directories -- user/Library/Application Support/ to name just one. I'm not a programmer, but it's probably a combination of minimizing clutter in Applications, permission requirements, cross-user availability, .plist files, preference files, and so forth. Perhaps a reader with a more technically proficient background can flesh out this answer for me.

EDIT: Applications isn't the only place you'll find files related to Firefox, by the way.
AppleInsider contributor
Reply
AppleInsider contributor
Reply
post #21 of 92
I think my favorite part was right after they say how you are perfectly safe from this Trojan as long as you don't pirate software, but then go on to say how you can pirate in safety if you just buy their software first.
post #22 of 92
Quote:
Originally Posted by 7600/132 View Post

I think my favorite part was right after they say how you are perfectly safe from this Trojan as long as you don't pirate software, but then go on to say how you can pirate in safety if you just buy their software first.

It's unlikely that any proof will be in the offing until long after these guys are out of business, but I still think that in the end it will turn out that anti-virus software vendors are the ones behind a lot of these viruses.

Even if this company is legit, it's really not cool the way they advertise their software as protection against this Trojan or any other Trojan. There is no anti-virus software that can protect you from a Trojan. No matter what system you use or what anti-malware software you use, the only protection against Trojans is using your common sense.

The best you can hope for is that part of the anti-virus software monitors your internet connection and can alert you to the presence of the Trojan *after* you have already installed it. But a Trojan that's purpose is to steal your personal information for example, is pretty much "out the door" with your information the very first time you see any traffic.

A Trojan also cannot be removed by anti-virus software either unless the manufacturer already knows about it and has transmitted removal info to your computer. This means you end up needing to constantly update your definitions and threats and you are now locked to your anti-virus vendor tight as a drum for the rest of your life.

IMO the "malware removal" folks are waay to tight with the actual malware folks and always have been. Other than the top one or two names in the business (and I am suspicious about those as well), there has been lots of cross-pollination between the groups in the past as well. On a Mac, installing anti-virus software and installing actual malware are pretty much the same thing to me. One is better off just using the brain to deter these kinds of attacks.
In Windows, a window can be a document, it can be an application, or it can be a window that contains other documents or applications. Theres just no consistency. Its just a big grab bag of monkey...
Reply
In Windows, a window can be a document, it can be an application, or it can be a window that contains other documents or applications. Theres just no consistency. Its just a big grab bag of monkey...
Reply
post #23 of 92
what goes around, comes around.
post #24 of 92
Quote:
Originally Posted by copeland View Post

How does Intego know the exact numbers how often these "spezial" software packages have been downloaded. I would think if these packages are on P2P no one can really know!

If I were a conspiracy enthusiast I might suspect Intego of posting the said software with said trojans ... but I'm not, really.
Been using Apple since Apple ][ - Long on AAPL so biased
nMac Pro 6 Core, MacBookPro i7, MacBookPro i5, iPhones 5 and 5s, iPad Air, 2013 Mac mini, SE30, IIFx, Towers; G4 & G3.
Reply
Been using Apple since Apple ][ - Long on AAPL so biased
nMac Pro 6 Core, MacBookPro i7, MacBookPro i5, iPhones 5 and 5s, iPad Air, 2013 Mac mini, SE30, IIFx, Towers; G4 & G3.
Reply
post #25 of 92
I haven't had any issues with any of my software, but I downloaded it all several months ago. People are just dumb. Trial software is always the full version that just needs some tweeking to make it work in full. People are stupid if they don't download from the manufacturer, they are pretty much asking for it.

iNaturalSelection.
post #26 of 92
Quote:
Originally Posted by ICD-EVIL View Post

I haven't had any issues with any of my software, but I downloaded it all several months ago. People are just dumb. Trial software is always the full version that just needs some tweeking to make it work in full. People are stupid if they don't download from the manufacturer, they are pretty much asking for it.

iNaturalSelection.

"tweeking to make it work in full" = STEALING
post #27 of 92
Quote:
Originally Posted by ICD-EVIL View Post

I haven't had any issues with any of my software, but I downloaded it all several months ago. People are just dumb. Trial software is always the full version that just needs some tweeking to make it work in full. People are stupid if they don't download from the manufacturer, they are pretty much asking for it.

Just out of curiosity, why not just buy it? You seem like a smart person, what's the basic reason you have in your head for stealing this stuff (or do you have one at all)?

It's not like the software is a bad value proposition, it's some of the best designed office-type apps you can get, and it's cheaper than any other comparable product by quite a lot.

Personally, I can see the reasoning behind pirating things like the Adobe CS suite which are a very bad value and made by a company that is actively trying to screw it's users over. But in this case, you have a great product, cheap price, and a very supportive company that values it's customers. Doesn't that make any difference at all?
In Windows, a window can be a document, it can be an application, or it can be a window that contains other documents or applications. Theres just no consistency. Its just a big grab bag of monkey...
Reply
In Windows, a window can be a document, it can be an application, or it can be a window that contains other documents or applications. Theres just no consistency. Its just a big grab bag of monkey...
Reply
post #28 of 92
Quote:
Originally Posted by Virgil-TB2 View Post

Just out of curiosity, why not just buy it? You seem like a smart person, what's the basic reason you have in your head for stealing this stuff (or do you have one at all)?

It's not like the software is a bad value proposition, it's some of the best designed office-type apps you can get, and it's cheaper than any other comparable product by quite a lot.

Personally, I can see the reasoning behind pirating things like the Adobe CS suite which are a very bad value and made by a company that is actively trying to screw it's users over. But in this case, you have a great product, cheap price, and a very supportive company that values it's customers. Doesn't that make any difference at all?

So stealing is ok as long as what is being stolen is expensive?

Gotta love that logic.
post #29 of 92
Quote:
Originally Posted by 7600/132 View Post

I think my favorite part was right after they say how you are perfectly safe from this Trojan as long as you don't pirate software, but then go on to say how you can pirate in safety if you just buy their software first.

Any one know of a good seed of VirusBarrier X4 and X5 so I can torrent it?
Just say no to MacMall.  They don't honor their promotions and won't respond to customer inquiries.  There are better retailers out there.
Reply
Just say no to MacMall.  They don't honor their promotions and won't respond to customer inquiries.  There are better retailers out there.
Reply
post #30 of 92
Quote:
Originally Posted by wobegon View Post

But seriously, why are people trying to steal copies of iWork? It's a measly $80 ($71 for students) and as others here have noted, a free 30 day trial is available.

Kiddies. They just want their machine loaded full of software that they won't ever learn how to use. They look at it as free money. Some people just can't resist the temptation to get something for nothing.

Life is too short to drink bad coffee.

Reply

Life is too short to drink bad coffee.

Reply
post #31 of 92
Quote:
Originally Posted by digitalclips View Post

If I were a conspiracy enthusiast I might suspect Intego of posting the said software with said trojans ... but I'm not, really.

Either that or Adobe to see how many businesses are using it illegally and can be fined for doing so. Home users would be difficult to go after and but they can issue a check for business use of software and go so far as to shut them down if they haven't paid for it.

It doesn't seem like this uses the OS X installer to do the trojan installing but I've always considered Apple's installer to be a security risk. Some installations, it just asks for the password and rattles through a whole installation. You wouldn't know what it was putting on the system or where.

Every single file that is placed in an important location should be flagged and the user should be notified. The OS should perhaps flag and warn of modifications to critical system locations. It wouldn't end up like Vista as those locations won't be written to often but it's a good measure for preventing Trojans etc.
post #32 of 92
Just to address a few things.

1. Why do people steal software? Many reasons:

One, because they can. Some people just like to collect software. Even if they will never use it.
Two, money. While most of us feel that $80 isn't a lot of money to spend on iWork, others may feel it's too much but still feel they must have it instead of saving up the $80.
Three, they are trying to "hook up" a friend. Even if they actually bought it for themselves, they may give a copy to a friend or download it for them.
Four, OS X's relative security till now. Up until now, there really hasn't been any credible threat to someone's system if they did download something. Even mp3s. My guess is that as this story gets more circulation, many would be pirates will decide it's not worth it anymore. Or they'll install anti-virus software in the hopes of it protecting them.

2. MD 5 hash.

Someone mentioned to check the MD 5 hash. Someone else said it was easy to fake. Yes and No. MD5 is no longer as trusted as it once was. This much is true. However, it's not easy to fake. I mean if getting 200 PS3 to do the crack is easy to you, go right ahead. Re: http://www.itproportal.com/articles/...ming-consoles/

3. It's OK to steal CS4, but not iWork.

One poster mentioned the difference in price and how he could see someone stealing CS4. Another poster replied to him asking why it's OK to steal it. I don't think the original poster was saying it was OK to steal CS4, just understanding why someone would since it is very expensive. They also (I think it was the same person) added justification (to them) by claiming Adobe is out to screw people. Be that as it may, one reason software companies charge so much (and it's not the only reason) is to make up for theft. Common practice in Retail. If someone steals an item out of the store, the price of that item is partially set to help recover the cost of someone stealing it.

4. Anti-Virus software won't protect you.

Another Yes and No answer. First of all, no one AV program will be able to completely protect you. And even multiple ones aren't 100% effective. Mainly because of their virus definitions database. An AV is only as good as its DB. A virus or trojan that is new probably won't be in any AV's database for awhile, so you could get infected. Also, depending on how the AV is set, it's possible for the virus or trojan to get installed even if it is in the AV's database. However, an AV could prevent the installation of a virus or trojan if it has scanned the file prior to it being executed, or the e-mail prior to the person reading it. So, Intego's claim that their AV could protect someone would be valid.

5. Intego telling people it's OK to steal if you have their software.

I don't read it as that entirely. I read it as they say don't do it. However, to protect yourself from these two trojans it wouldn't hurt to have their AV. It's not like these two trojans couldn't be used in something else. I'm getting outside of my knowledge here on this one, but I would say it's possible for either trojan to be put into an e-mail and distributed. I might be wrong on this one. But I can see how one could read their statement as saying "Don't steal, but if you want to, use us to protect you."

Guess that's it for me on this. Just my $0.02 x 100
post #33 of 92
a lot of fuss about nothing: already been detected (and solved) some time ago. See eg:

http://www.symantec.com/business/sec...245-99&tabid=1

Someone trying to boost their sales?
http://forums.appleinsider.com/image...s/1smoking.gif
post #34 of 92
Quote:
Originally Posted by tomkarl View Post

So stealing is ok as long as what is being stolen is expensive?

Gotta love that logic.

More like:

"Stealing something you need from a bad man who is trying to cheat you is understandable/forgivable to some degree."

Also, I wouldn't equate the two, but it's patently obvious that there are times when stealing is the more "moral" choice. The classic example is stealing a loaf of bread to feed your starving kids etc.
In Windows, a window can be a document, it can be an application, or it can be a window that contains other documents or applications. Theres just no consistency. Its just a big grab bag of monkey...
Reply
In Windows, a window can be a document, it can be an application, or it can be a window that contains other documents or applications. Theres just no consistency. Its just a big grab bag of monkey...
Reply
post #35 of 92
Watch out for the general, non-technical, fear-mongering, always get it wrong media to get a hold of this. I guarantee they will erroniously refer to it as a virus.
post #36 of 92
According to Symantec, here is what the iWork trojan looks for:
"Next, the Trojan determines if the session is running with root privileges. If not, the threat exits."
How many people are actually running their Mac with root access?

If someone really wanted iWork, serial numbers have been posted in torrent forums without needing to download any torrents. I tried the trial version and thought Pages was far too limiting compared to Word. Since Office can be obtained for $149, iWork doesn't have a chance to compete. So I dumped the Trial version and will stick with Office, which I already own. Word 2004 loads faster than Pages on my iMac G5, and I like how Word remembers the document position and zoom level. Pages always opens in a narrow window in the middle of the screen, which is annoying.
post #37 of 92
Quote:
Originally Posted by 7600/132 View Post

I think my favorite part was right after they say how you are perfectly safe from this Trojan as long as you don't pirate software, but then go on to say how you can pirate in safety if you just buy their software first.

If someone with the Flu sneezes in your face you may just catch the bug! Worms can spread from computer to computer in a variety of ways.
post #38 of 92
Quote:
Originally Posted by Cubert View Post

Watch out for the general, non-technical, fear-mongering, always get it wrong media to get a hold of this. I guarantee they will erroniously refer to it as a virus.

Any program that modifies your computer is considered a virus. If you read Symantec's info on the iWork trojan horse, that is exactly what it does to your computer, but only if it has root access.
post #39 of 92
Quote:
Originally Posted by Virgil-TB2 View Post

More like:

"Stealing something you need from a bad man who is trying to cheat you is understandable/forgivable to some degree."

Also, I wouldn't equate the two, but it's patently obvious that there are times when stealing is the more "moral" choice. The classic example is stealing a loaf of bread to feed your starving kids etc.

Stealing is stealing no matter how much you try to justify or rationalize it.

Have a nice life. Karma can be a nasty thing.
post #40 of 92
Quote:
Originally Posted by Marz View Post

2. MD 5 hash.

Someone mentioned to check the MD 5 hash. Someone else said it was easy to fake. Yes and No. MD5 is no longer as trusted as it once was. This much is true. However, it's not easy to fake. I mean if getting 200 PS3 to do the crack is easy to you, go right ahead. Re: http://www.itproportal.com/articles/...ming-consoles/

I agree. I'd think it would take a lot of effort to get the filesize of the ISO and the MD5 hash to look "normal". That said, getting it from the source solves those problems.

Quote:
Originally Posted by hillstones View Post

If someone really wanted iWork, serial numbers have been posted in torrent forums without needing to download any torrents.

IIRC, the CS4 trojan is in the cracking app, not the Adobe software itself.

Quote:
Originally Posted by hillstones View Post

Any program that modifies your computer is considered a virus. If you read Symantec's info on the iWork trojan horse, that is exactly what it does to your computer, but only if it has root access.

Not true. Trojans, virii, and spyware are all malware that do different things and work in different ways. Your definition is overly simplistic.

   Apple develops an improved programming language.  Google copied Java.  Everything you need to know, right there.

 

  MA497LL/A FB463LL/A MC572LL/A FC060LL/A MD481LL/A MD388LL/A ME344LL/A

Reply

   Apple develops an improved programming language.  Google copied Java.  Everything you need to know, right there.

 

  MA497LL/A FB463LL/A MC572LL/A FC060LL/A MD481LL/A MD388LL/A ME344LL/A

Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Mac Software
AppleInsider › Forums › Software › Mac Software › Two new trojan horses threaten Mac software pirates