To report a botnet PRIVATELY please email: [EMAIL PROTECTED] ---------- To be quite honest, I think there is also the fact that the majority of Apple users don't run AV or any type of protection suite because "Viruses are for Windows". I am not sure if that was discussed at all in this topic. I know that there are flaws with AV, but it provides a layer of protection... I don't think that this is a huge deal, other than the fact they are expanding their Horizon.
This malware isn't a real surprise to me, I think that we will start seeing more malware targeting the linux desktop, with the rise in popularity of linux on desktops, as well as very cheap linux PC's. I imagine we will have a similar flood of threads, and media hype about that aswell. Just my two cents... and this may not have made any sense, as I am very tired right now... --James Pleger On 11/1/07, Gadi Evron <[EMAIL PROTECTED]> wrote: > To report a botnet PRIVATELY please email: [EMAIL PROTECTED] > ---------- > On Thu, 1 Nov 2007, Thor (Hammer of God) wrote: > > But more importantly, let's look at things from the other side. Let's > > say I'm wrong, and that Gadi is right on target with his "hit hard" > > I'd say we are both right. > You look at it from a security researcher stand-point. There is nothing > interesting about user-interaction, and it is even kind of lame. > > >From a reasonable perspective, we refuse to believe people will act so .. > silly. > > > prediction and that we should be very concerned with this. Given the > > Not predicting, assessing. > > Criminal elements have a very clear cost/benefit calculation. For example, > they won't release a 0day such as WMF or ANI as long as their revenue > goals are met with published ones. They collect statistics on OS, browser, > language, which exploit got how many, etc. > > They have thousands on thousands of sites infecting users who surf (some > of them ad-based on real sites, or defaced sites such as forums that > remain with the same content only now infect people). Then there is also > spam directing people to these sites. > > Now, a criminal gang (could be the mob could be one guy) targets the mac. > So much so that they serve different malware by OS-type. > > As a security researcher looking at code, bits and bytes, you are simply > not usually following what's going on in operational security where things > are bleak. > > >From an operational security standpoint, this equates to what happened in > the world of the Internet back when Windows 98 was around. Not what > security features it had. > > > requirements here, that again being flagrant ignorance where all the > > above steps are executed (including the explicit admin part)-- what > > exactly are we supposed to do? If people are willing and able to go > > through the motions above what can we as security people do to prevent > > it? Far too many people in this industry are far too quick to point out > > how desperate the situation is at all turns, but I don't see many people > > offering real solutions. But you know, I have to say... If we are > > Things are in fact FUBAR. We need new ideas and new solutions as honestly, > although we want to feel we make a difference by taking care of this or > that malware or this and that C&C we are powerless and have not made a > real difference in the past 6 years while things got worse. > > We need new solutions and new ideas, and would be more than happy to have > new people exploring operational security. > > The current state of Internet security is you get slapped -- BAM! -- and > you write an analysis about it. (when speaking at ISOI I actually slapped > myself -- HARD -- when I said it on stage, not a good idea for future > reference). > > > really going to consider this "serious," and we are really going to > > define part of our jobs as being responsible for stopping people who > > have absolutely no concerns for what they do and are willing to enter > > their admin credentials into any box that asks for it, then I'd say that > > there is a *serious* misunderstanding about what security is, and what > > can be done about it-- either that, or I'm just in the wrong business. > > > > t > > Well, we can't choose the risks. They choose us. Sometimes they are cool, > sometimes they're not. > > I often start emails by saying "first off, this is not the end of the > world, the Sun will rise tomorrow and the Internet won't die today". I > tire of it. Of course the Internet won't die today, but it is Mac season. > > Apple is very much correct by not investing in security first until now -- > from a BUSINESS standpoint, however much we as security people in our > niche can't get behind it. Things are different now and unfortunately they > have a backlog to deal with. > > Gadi. > _______________________________________________ > To report a botnet PRIVATELY please email: [EMAIL PROTECTED] > All list and server information are public and available to law enforcement > upon request. > http://www.whitestar.linuxbox.org/mailman/listinfo/botnets > _______________________________________________ To report a botnet PRIVATELY please email: [EMAIL PROTECTED] All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
