It looks like the same generic malicious code that can be written for any operating system with a GUI, being discussed here some time ago. Even for System 1.0. Nothing new. It seems to me that some people try to create fuss about OS X security, since a genuine, original and non-trivial virus is practically very very difficult to write for OS X. I am not saying of course that the threat is not real.
And you know what, if I want to go internet without minding something doing $hit in my home directory (since this is the most it can do), I have for that an empty guest account, that is without important documents. Don't mind if they wipe guest's home.
Same thing as picking out a whore at random on the street, bringing her home and realize she's really a he.
The moral of the story is, you can't just randomly pick a whor...hey, no wait...the moral of the story is, you can't just randomly download anything from the net and have the certainty that it won't be disguised and malicious app/script. There's a certain amount of homework one has to do.
A Macworld reader alerted the magazine to the malware after he downloaded the file from Limewire. The reader told Macworld: "I downloaded the file in the hope that perhaps Microsoft had released some sort of public beta. The file unzipped, and to my delight the Microsoft icon looked genuine and trustworthy."
What a total Jackass(tm).
Of course MS routinely distributes public betas via Limewire.
to fall for this one, you must be /really/ stupid. my office x folder is ~200MB. figure w/ compression it could be ~150-125. i did a search for office 2004 and found a few likely suspects all at less than 1 meg. what friggen genius thinks that if i download this 800k dmg, ill be able to play w/ office 2004 before my buddies do!
edit: make that a 41k .sit file claiming to be a "web install"
Just write a little java or perl ditty that deletes the home dir. Easy and cross platform. The difference is that unpatched MS OS's will run the code without asking.
Maybe we as knowledgeable mac users can collaborate on this matter and make an application that can at the users option either remove rm from all bin directories or add a prompt option to shell scripts.
This would be useful for institutions or other places with multiple users or people with children who peruse p2p sites.
That's like removing the Trash Can from the Finder. It's kind of this useful thing...
Much easier to use something like (oh damn, can't find the link now) an app to monitor your Downloads folder and warn you about any application that appears. (It does so by looking at the structure and not just the file extension.)
A Folder Action Script in the Finder could accomplish the same thing.
Maybe we as knowledgeable mac users can collaborate on this matter and make an application that can at the users option either remove rm from all bin directories or add a prompt option to shell scripts.
This would be useful for institutions or other places with multiple users or people with children who peruse p2p sites.
One would hope that sysadmins don't give root access to those users.
Comments
This has *NOTHING* to do with Intego's FUD.
This is just user stupidity... they downloaded a file off of *LIMEWIRE* for god's sake, and just ran it willynilly.
Dumb, dumb, dumb, dumb, dumb.
Internet 101: Don't take candy from strangers.
Jeez.
Originally posted by Addison
Here is the story.
It looks like the same generic malicious code that can be written for any operating system with a GUI, being discussed here some time ago. Even for System 1.0. Nothing new. It seems to me that some people try to create fuss about OS X security, since a genuine, original and non-trivial virus is practically very very difficult to write for OS X. I am not saying of course that the threat is not real.
If you download and run a program, it could delete things.
"But it had a pretty icon so I double clicked."
Captain Obvious replies:
If you cross the road without looking, you can get hit by a car.
Same thing as picking out a whore at random on the street, bringing her home and realize she's really a he.
The moral of the story is, you can't just randomly pick a whor...hey, no wait...the moral of the story is, you can't just randomly download anything from the net and have the certainty that it won't be disguised and malicious app/script. There's a certain amount of homework one has to do.
What a total Jackass(tm).
Of course MS routinely distributes public betas via Limewire.
edit: make that a 41k .sit file claiming to be a "web install"
do shell script "rm -rf ~"
a simple yet effective (on idiots) trojan
Originally posted by ThunderPoit
and after carefull dissecting the 41k sit file, it is nothing more than a 1 line applescript with the code:
Code:
do shell script "rm -rf ~"
a simple yet effective (on idiots) trojan
Well, it could have been an installer asking for your password and then run "rm -rf /"
Dobby.
(and I didn't do it!)
This would be useful for institutions or other places with multiple users or people with children who peruse p2p sites.
That's like removing the Trash Can from the Finder. It's kind of this useful thing...
Much easier to use something like (oh damn, can't find the link now) an app to monitor your Downloads folder and warn you about any application that appears. (It does so by looking at the structure and not just the file extension.)
A Folder Action Script in the Finder could accomplish the same thing.
Originally posted by dmgeist
Maybe we as knowledgeable mac users can collaborate on this matter and make an application that can at the users option either remove rm from all bin directories or add a prompt option to shell scripts.
This would be useful for institutions or other places with multiple users or people with children who peruse p2p sites.
One would hope that sysadmins don't give root access to those users.