First off, please use a different title and start a new thread so it's
easy to pick out if using a thread view.
On 5 Nov 2007, at 15:11, Ernest - (AfriNIC) wrote:
I notice the mac fanboys on LUG are very quiet about the trojan
doing the rounds on OSX!!
Well, in the first place, i would be very wary of a firefox plugin
that requires root access to get installed. Most dont need root
access.
"If the Mac machine's browser is set to to open *&^% files after
downloading, the .dmg gets mounted and the Installer is launched."
That would be Safari, which has config settings tied to the rest of
the
OS. If using Windoze, i would avoid IE - same as OSX, i would avoid
Safari. Firefox is a safer bet.
Remember also that the dmg getting mounted doesn't automatically
mean the
app will be installed. If the app requires root privileges, you
could be
prompted way after the dmg has been mounted.
That's the other thing. Had to google for the actual article and found
it at <http://www.intego.com/news/ism0705.asp>
Well, I don't automatically run "safe files after downloading" and I
think there's been at least one more incident where having that option
checked would cause havoc to safari users. The equivalent settings in
FireFox are off by default but I'm not sure about the default Safari
settings.
At the end of the day, replacing scutil in that .pkg with "rm -rf /"
would cause much more havoc and would run just as silently.
I wonder if we'll be able to find stats of how many mac users actually
got infected by this trojan.
Patrick.
_______________________________________________
LUG mailing list
[email protected]
http://kym.net/mailman/listinfo/lug
%LUG is generously hosted by INFOCOM http://www.infocom.co.ug/
The above comments and data are owned by whoever posted them (including
attachments if any). The List's Host is not responsible for them in any way.
---------------------------------------
