lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu, 1 Nov 2007 16:53:12 -1000 From: Peter Besenbruch <prb@...a.net> To: full-disclosure@...ts.grok.org.uk Subject: Re: mac trojan in-the-wild On Thursday 01 November 2007 16:13:10 Paul Schmehl wrote: > --On November 1, 2007 3:36:00 PM -1000 Peter Besenbruch <prb@...a.net> > > wrote: > > Firefox throws up a download dialog, asking what I should do > > with "prettyyoungthing.rpm," while a Javascript pop-up explains that to > > see these great images, I need to save the file, and type "rpm -i > > prettyyoungthing.rpm," and that I need to do it as root. > > There is no need to do that. In both Macs and Gnome or KDE on Unix, if > you try to run rpm -i (of whatever the install paradigm is on your flavor > of OS), you'll be *prompted* for the root password, not asked to run it as > root. Big difference, and one that many users do not appreciate at all. Sadly, that doesn't seem to work on Debian. Yes, I have RPM installed. > When an internationally recognized Ph.D psychologist can lose $3 million > US to the 419 scam and be prepared to lose more, is it really a stretch to > think that a fake codec trojan will make inroads on the Mac? The question is, HAS it made inroads? From what I read, it hasn't. What are the factors limiting the spread? Making inroads on the Mac would be analogous to the Nigerians tricking many PhDs in psychology. As I implied in my last post, the spread of malware is somewhat proportional to the level of interaction. Even on a Mac, you have to go through a number of steps to install this stuff. -- Hawaiian Astronomical Society: http://www.hawastsoc.org HAS Deepsky Atlas: http://www.hawastsoc.org/deepsky _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists