[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <004201c81e00$6e1062a0$4101a8c0@DAVID>
Date: Sat, 3 Nov 2007 10:00:53 -0000
From: "David Harley" <david.a.harley@...il.com>
To: "'Paul Schmehl'" <pauls@...allas.edu>, <full-disclosure@...ts.grok.org.uk>,
<bugtraq@...urityfocus.com>
Subject: Re: mac trojan in-the-wild
> you'll be *prompted* for
> the root password, not asked to run it as root. Big
> difference, and one that many users do not appreciate at all.
Good point. A lot has been made of the number of steps involved, but if you
accept the manifest impossibility that -any- Mac user would ever fall for
social engineering, it really isn't that hard to wind the garrotte round
your own neck.
--
David Harley
AVIEN Interim Administrator: http://www.avien.org
http://www.smallblue-greenworld.co.uk
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists