| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-id: <472B724D.30387.35664C0F@nick.virus-l.demon.co.uk> Date: Fri, 02 Nov 2007 18:54:05 +1300 From: Nick FitzGerald <nick@...us-l.demon.co.uk> To: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com Subject: Re: mac trojan in-the-wild Adam St. Onge wrote: > So if i put a picture of a naked girl on a website and said to see more you > must open a terminal and enter "rm -rf". > Would we consider this a trojan...or just stupidity? That would be "just stupidity", to use your terminology. "Trojan functionality" is a feature of the code of interest. Here there is no such code, just a user directly executing a (rather ill- advised) system command. The difference between what you describe and this new Mac trojan is that in the latter case the user accepts "the code of interest" as being "code to do something s/he wants" which turns out to also/instead be "code designed to do something s/he doesn't want" (there are no absolutely hard and fast definitions of "Trojan" in this context, so sorry if that seems a bit waffly, but generally "code of interest" will be some part of the fucntionality of an interpreted or executed program). So, what you describe is _not_ a Trojan but _does_ involve social engineering. Regards, Nick FitzGerald _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists