Yeah but you see, by default users have read/write privileges to anything in ~/, and has read privileges on the address book data. Thus no password is required to access the address book. In fact, it is so trivial to write a program that nukes anything the user has read/write access without authentication to, i.e. here's your OS X virus:
(applescript) do shell script "rm -rf ~/Documents"
But the real problem is deployment, it simply is impossible to effectively deploy an OS X virus; no decent security holes to install programs in, no screwy e-mail clients, etc. However you can send this exact applescript application to someone else running OS X, and if they choose to execute it (mail does give a virus warning), buh bye Documents.
In fact, I seem to remember an incident a while ago where Apple distributed some program (was it iTunes?) whose installer nuked your hard disk if its name had a space in it. Maybe that was the first OS X virus, straight from Apple.
Just to be a bastardly nit-pick... that's not a virus, it's a trojan horse. Read the post before yours for the difference between a virus and a worm, a horse is something that tries to say "Look! I'm okay! Run me!" and then does something malicious, like that app-as-mp3 hack that was running around a couple weeks ago. Classic trojan horse.
Distinguishing between the three is important when discussing security issues since they have completely and utterly different characteristics of behaviour, attack, distribution, and deployment.
Closer. That'd make it a worm, a self-contained process.
A virus, as indicated in that earlier post, is a chunk of code that runs *inside* another process, rather like how a virus propagates *inside* a cell. It's not a self-contained thingy, it has to have a carrier process to exist.
Thanks to hyperb0le, torifile, Paul and others for their responses to my earlier questions. I feel somewhat more justified in my belief in OS X security. On the other hand, chych?s response indicates some reason still to worry (although my own machine is not set up in a way that his particular script would cause a problem).
Update....The virus got through to my PC at work today. Although our Mircosoft-trained IT people are not the greatest, they have at least been good in insulating us from the virus plague...until this one. We have over 2,000 employees and apparently they have to wipe the machines individually. They can't give us an estimate of when this will be completed. I plan to work at home tomorrow using my Mac.
If possible you should take it into work.. when they all come up to you and ask why your machine is running ok and theirs dont, tell them
Good idea, except I look forward to working in my grubbies at home, rather in my usual suit and tie and my set up is not all that portable in any case. Perhaps I will just phone them continually and tell them I have sent them more documents from my Mac, which they will be able to read...when they are up and running again. Actually, I already made several pointed comments about working on my Mac from home after the virus struck today.
There are a few pages in today's Toronto Globe and Mail devoted to viruses and computer security. I think that the newspaper was waiting for the next big virus to strike to publish a pull-out section like this. There is no mention at all of general superior security on OS X. Instead, we find this little blurb:
Quote:
Apple scolded on security - Security researchers are taking Apple Computer Inc. to task for the descriptions of security flaws in its advisories. Five vulnerabilities released Monday affect various components of the Mac OS X operating system. The greatest threat is a buffer overflow in the Apple filesharing system that could allow a remote attacker to take control of the system, but the firm described it as a correction "to improve the handling of long passwords".
The little story is so poorly written that it is hard to make heads or tails of it. But the overall message to readers is that, among the pages describing security problems on Windows caused by ?malicious hackers?, and describing what the brave Windows IT people and individual PC desktop users are doing to battle these hackers ? and not referring to the basic problems on Windows that allow these security vulnerabilities ? the Apple OS is mentioned only briefly and it - not Windows - is singled out as having inherent security problems.
I have used a Mac for nearly 20 years. Never had a virus.
Because I believe that the Mac's relative immunity from viruses is largely attributable to low market share, (I'm not a computer techie), I say we should NOT encourage Wintel users to switch and boost Apple's market share too much. Let them stew in their own juice.
Comments
Originally posted by chych
Yeah but you see, by default users have read/write privileges to anything in ~/, and has read privileges on the address book data. Thus no password is required to access the address book. In fact, it is so trivial to write a program that nukes anything the user has read/write access without authentication to, i.e. here's your OS X virus:
(applescript) do shell script "rm -rf ~/Documents"
But the real problem is deployment, it simply is impossible to effectively deploy an OS X virus; no decent security holes to install programs in, no screwy e-mail clients, etc. However you can send this exact applescript application to someone else running OS X, and if they choose to execute it (mail does give a virus warning), buh bye Documents.
In fact, I seem to remember an incident a while ago where Apple distributed some program (was it iTunes?) whose installer nuked your hard disk if its name had a space in it. Maybe that was the first OS X virus, straight from Apple.
Just to be a bastardly nit-pick... that's not a virus, it's a trojan horse. Read the post before yours for the difference between a virus and a worm, a horse is something that tries to say "Look! I'm okay! Run me!" and then does something malicious, like that app-as-mp3 hack that was running around a couple weeks ago. Classic trojan horse.
Distinguishing between the three is important when discussing security issues since they have completely and utterly different characteristics of behaviour, attack, distribution, and deployment.
A virus, as indicated in that earlier post, is a chunk of code that runs *inside* another process, rather like how a virus propagates *inside* a cell. It's not a self-contained thingy, it has to have a carrier process to exist.
Originally posted by chych
Of course, because in my infinite wisdom, I left out the super secret code that lets my trojan propagate itself (making it a virus)
Sheesh, does NO ONE read my posts?
Do I get a gold star now?
Originally posted by Chinney
Update....(snip) ... I plan to work at home tomorrow using my Mac.
If possible you should take it into work.. when they all come up to you and ask why your machine is running ok and theirs dont, tell them
Originally posted by gsxrboy
If possible you should take it into work.. when they all come up to you and ask why your machine is running ok and theirs dont, tell them
Good idea, except I look forward to working in my grubbies at home, rather in my usual suit and tie and my set up is not all that portable in any case. Perhaps I will just phone them continually and tell them I have sent them more documents from my Mac, which they will be able to read...when they are up and running again. Actually, I already made several pointed comments about working on my Mac from home after the virus struck today.
Originally posted by Kickaha
Ooh! Ooh! I did! I did!
Do I get a gold star now?
It's all yours.
Apple scolded on security - Security researchers are taking Apple Computer Inc. to task for the descriptions of security flaws in its advisories. Five vulnerabilities released Monday affect various components of the Mac OS X operating system. The greatest threat is a buffer overflow in the Apple filesharing system that could allow a remote attacker to take control of the system, but the firm described it as a correction "to improve the handling of long passwords".
The little story is so poorly written that it is hard to make heads or tails of it. But the overall message to readers is that, among the pages describing security problems on Windows caused by ?malicious hackers?, and describing what the brave Windows IT people and individual PC desktop users are doing to battle these hackers ? and not referring to the basic problems on Windows that allow these security vulnerabilities ? the Apple OS is mentioned only briefly and it - not Windows - is singled out as having inherent security problems.
I have used a Mac for nearly 20 years. Never had a virus.
Because I believe that the Mac's relative immunity from viruses is largely attributable to low market share, (I'm not a computer techie), I say we should NOT encourage Wintel users to switch and boost Apple's market share too much. Let them stew in their own juice.
Selfish perhaps, but a survival strategy.
Peace
eric j