[gulmatan]

Hi all,

Humor me on this one. If OS/X is developed in UNIX and UNIX is security-laden language and thus, impossible or impervious to writing viruses in, just how did this Trojan Horse come about?

[Cold Warrior]

it's not impervious. Where did you get that idea?

Also, any security system can be compromised when a high-level individual (read: admin) downloads untrusted applications and runs them willy-nilly.

[gradient]

For starters, I've never heard anyone claim that it was impossible to create a virus for OS X. Quite the opposite.

[cgc]

Originally Posted by gulmatan 

Hi all,

Humor me on this one. If OS/X is developed in UNIX and UNIX is security-laden language and thus, impossible or impervious to writing viruses in, just how did this Trojan Horse come about?

I'd say anyone could create that "Trojan." I could, for example, write a "program" to sudo rm some files. It would require you to download it, authenticate, and agree to some things...just like this trojan does. When an exploit comes along that requires no user intervention (other than acquiring it through normal use), then I'll be worried. As it is now, this trojan isn't so scary though it's good to finally see some Windows programs ported to Mac

[mjankor]

Originally Posted by gulmatan 

Hi all,

Humor me on this one. If OS/X is developed in UNIX and UNIX is security-laden language and thus, impossible or impervious to writing viruses in, just how did this Trojan Horse come about?

The only protection against a trojan is not to install anything on your computer. A trojan is not a virus. A trojan is a program masquerading as something else.

A trojan is the software equivalent of me sitting at your computer asking for your password.

[mduell]

Originally Posted by gulmatan 

Humor me on this one. If OS/X is developed in UNIX and UNIX is security-laden language and thus, impossible or impervious to writing viruses in, just how did this Trojan Horse come about?

OS X is not 'developed in UNIX' (what does that mean?), and until 10.5 it wasn't Unix (and still isn't on PowerPC). UNIX is not a language, it's a standard, and it's not immune to viruses or other malware.

[The Yorkshire Rapper]

im furious about this, I only bought MAC becuse there are no viruses, im going to speak to the people at the apple shop about this tomorrow, it needs to be fixed!

[gradient]

There are no viruses for OS X at this time. That doesn't mean that there couldn't be in the future. There is no single way to "fix" this, or else Windows wouldn't have viruses either. As mjankor stated, a Trojan and a Virus are not the same thing at all.

Trojan horse (computing) - Wikipedia, the free encyclopedia

Don't be upset with Apple, they told you the truth. As with everything else in life, though, there is simply no such thing as absolute security when it comes to digital data.

[The Yorkshire Rapper]

Originally Posted by gradient 

There are no viruses for OS X at this time.

yes there are:
In Rare Attack, Malware Targets Macs - WSJ.com

I know about computers, Apple should patch the MAC system and make the virus undownloable.

[eggman]

Originally Posted by The Yorkshire Rapper 

yes there are:
In Rare Attack, Malware Targets Macs - WSJ.com

I know about computers, Apple should patch the MAC system and make the virus undownloable.

The article you link to disproves what you're saying: it's not a virus, it's a Trojan Horse.

There's no system so secure that it can be safe against someone who willingly decides to run a bad piece of software on it. This Trojan Horse depended upon people downloading and running code from a source that should have been suspect in the first place. The Mac always asks you when you download new software if you're sure you want to run it - there's always some risk there - always.

And if you mindlessly and reflexively always click "OK" without stopping to think that you may be running something malicious, well, that's stupid. And unfortunately, there's no technical solution to human stupidity.

Someone who claims to know about computers would know that.

[The Yorkshire Rapper]

yes, I do know all that stuff, but thats even more reason why apple should nip it in the bud before the virus gets out.

[mjankor]

It's not a bloody virus, it's a trojan. Apple have nipped it in the bud. They said "Don't install stuff you don't trust".

[The Yorkshire Rapper]

Originally Posted by mjankor 

Apple have nipped it in the bud.

Thats good, but I hate to think how many people caught it before they did the patch!

[- - e r i k - -]

Please don't mind "The Yorkshire Rapper". Some people here will remember him as the guy who thought iTunes ruined his discman.

[analogika]

Originally Posted by The Yorkshire Rapper 

yes there are:
In Rare Attack, Malware Targets Macs - WSJ.com

I know about computers

No, you don't.

THERE IS NO PATCH THAT COULD PROTECT AGAINST THIS.

The only thing that can help is user caution - DO NOT GIVE YOUR PASSWORD TO INSTALL SOFTWARE YOU DO NOT KNOW TO TRUST.

Apple warns you. The fact that you need to enter your password should warn you.

Apple has not patched anything here, nor CAN they patch anything here.

[analogika]

Originally Posted by - - e r i k - - 

Please don't mind "The Yorkshire Rapper". Some people here will remember him as the guy who thought iTunes ruined his discman.

Oh damn.

Yes.

[Kevin]

Originally Posted by Cold Warrior 

it's not impervious. Where did you get that idea?

Also, any security system can be compromised when a high-level individual (read: admin) downloads untrusted applications and runs them willy-nilly.

Another reason I would never install any APE applications. Apple has pretty much axed the way this works. And I am glad.

[Kevin]

Originally Posted by The Yorkshire Rapper 

I know about computers

Ok you say this.
Then you say this

Apple should patch the MAC system

They contradict each other.

[analogika]

http://forums.macnn.com/82/applicati...-sony-discman/

[Kevin]

haahaha

"Thanks voiceofra, at least you know about this problrm."

Ahahahahah

[ryaxnb]

You're probably confusing us with a group of comment-board/slashdot/etc. users known as "Arrogant Mac Users (With No Life)". Some of us have no life , including me, however we are generally not arrogant and do not presume the Mac to be infallible, or Mac software or hardware to be 100% perfect. We do perceive the Mac as generally better than Windows and Linux, however we're willing to admit it has weak spots, Steve Jobs (yes, we call hin "the Steve" sometimes - that doesn't mean we think he is God) is not perfect and etc.

By Contrast, Arrogant Mac Users (With No Life) have the following traits:

• Generally perceive Mac and Mac OS X as better than any other system in every way
• Get really angry and may flame when confronted with the idea that Macs are not perfect or that they suck
• Almost sure to resort to personal attacks if eithier the Mac is basically proven to be inferior in some way OR
• ... if some other Arrogant Windows User says that Macs Suck, and everyone should switch to Vista
• May troll on windows-related forums or posts.

I'm embarassed to be associated with them.

Back on the topic of security, whereas some Arrogant Mac Users (With No Life) tend to claim that Macs are basically protected against all attacks no matter what, the following is actually true:
For one, Macs have a superior permissions system then Windows - limiting how a Virus can transfer, usually resorting to fooling the user (like this Trojan does) instead of automagically through a permissions slip or bug (like many Windows worms). It also limits what damage the malware can do - it generally can't screw up the whole system -- however this is irrelevant if you're a home user and there's only one user on the machine; thus why many people think it is [screwing up the whole machine], because it basically is if you're whole machine is centered around one user. If it's at work in a office with 20 users however, the malware won't take down anymore than whoever activated it.
For another, Macs have a superior browser with less infections possible easily. Obviously bugs in the browser could result in problems, and bugs are inevitable, but the basic design leaves less room for exploitation, due to lack of integration with the Finder/Explorer ( nullified in Vista) and lack of InfectiveX problems (somewhat nullified in Vista) as well as an obsolete and being phased out zone system.
Macs also have superior infrastructure, making it hard to target some obvious areas like the ftp server, mail client, AFP/SMB server, and process window.
Finally, Macs have less marketshare, and generally less, although not none, security bugs. Getting away with less bugs is largely due to a less creaky architecture- it's not really Windows's fault it has to maintain full support for a 14-year legacy dating back to Windows NT 3.1 -- and in 32-bit Windows, partial support for a legacy dating back to 1981. (DOS) Note: DOS legacy resides mostly in the batch files that still can work with the filesystem in Windows despite having been hanging around since '81. Mac OS X, in Leopard dropped pretty much all of the Mac OS 9 legacy, with Carbon being the only bit left, and most of Carbon's crufty or exploitable pieces were removed during the switch from Classic API to the related API Carbon (Carbon is 85% the same API but adds OS X-ified features and removes crufty, annoying, or bad bits.) That was really one of Apple's most brilliant moves. :-)

[eggman]

Originally Posted by analogika 

http://forums.macnn.com/82/applicati...-sony-discman/

Andy Kaufman lives.

[ghporter]

Everybody CALM DOWN!!! The Wall Street Journal is anything but a technical journal. And like a lot of media, their story stirs up anxiety without reason. Don't download "helper apps" from porn sites, and don't let anything install that you don't absolutely know for certain is ok. Ok? Clear? Geeeeezzzz!

[cgc]

Originally Posted by The Yorkshire Rapper 

im furious about this, I only bought MAC becuse there are no viruses, im going to speak to the people at the apple shop about this tomorrow, it needs to be fixed!

You again! You're the same guy who claimed Apple's iTunes screwed up your Sony Discman...go away...

Edit: looks like someone else remembers you...buh-bye now...

[TETENAL]

Originally Posted by gulmatan 

Humor me on this one. If OS/X is developed in UNIX and UNIX is security-laden language and thus, impossible or impervious to writing viruses in, just how did this Trojan Horse come about?

a) Unix is not a language, it's an operating system
b) While security might be a concern with the development of Unix, it's not impossible to write a virus for it.
c) This trojan horse came about because a trojan horse is not a virus.

On a system that allows third-party software installation it's technically not possible to prevent trojan horses. Leopard warns you when you first run an application that was downloaded from the Internet. And it even tells you the website it was downloaded from. If the user then wants to trust something that come from a random porn site, that's his risk.

[Kevin]

But that dancing lady in the corner of my screen is SOOO seductive.

[gradient]

Originally Posted by Kevin 

But that dancing lady in the corner of my screen is SOOO seductive.

touche