lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <200711011653.12255.prb@lava.net>
Date: Thu, 1 Nov 2007 16:53:12 -1000
From: Peter Besenbruch <prb@...a.net>
To: full-disclosure@...ts.grok.org.uk
Subject: Re: mac trojan in-the-wild

On Thursday 01 November 2007 16:13:10 Paul Schmehl wrote:
> --On November 1, 2007 3:36:00 PM -1000 Peter Besenbruch <prb@...a.net>
>
> wrote:
> > Firefox throws up a download dialog, asking what I should do
> > with "prettyyoungthing.rpm," while a Javascript pop-up explains that to
> > see  these great images, I need to save the file, and type "rpm -i
> > prettyyoungthing.rpm," and that I need to do it as root.
>
> There is no need to do that.  In both Macs and Gnome or KDE on Unix, if
> you try to run rpm -i (of whatever the install paradigm is on your flavor
> of OS), you'll be *prompted* for the root password, not asked to run it as
> root.  Big difference, and one that many users do not appreciate at all.

Sadly, that doesn't seem to work on Debian. Yes, I have RPM installed.

> When an internationally recognized Ph.D psychologist can lose $3 million
> US to the 419 scam and be prepared to lose more, is it really a stretch to
> think that a fake codec trojan will make inroads on the Mac?

The question is, HAS it made inroads? From what I read, it hasn't. What are 
the factors limiting the spread? Making inroads on the Mac would be analogous 
to the Nigerians tricking many PhDs in psychology.

As I implied in my last post, the spread of malware is somewhat proportional 
to the level of interaction. Even on a Mac, you have to go through a number 
of steps to install this stuff.

-- 
Hawaiian Astronomical Society: http://www.hawastsoc.org
HAS Deepsky Atlas: http://www.hawastsoc.org/deepsky

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ