On Nov 29, 2007, at 1:30 PM, David Boatright wrote:
> Could it be this you are talking about
> http://www.itnews.com.au/News/64163,phishing-trojan-targets-mac-os-
> x.aspx
>
> Not some obscure exe requiring a admin password but a download this
> codec to get free porn malware. You know the same thing that Windows
> has been vilified for.
That's the correct trojan, but an incorrect description. See the
quote from <http://db.tidbits.com/article/9278>:
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Security software firm Intego is warning Mac OS X users about a
Trojan horse that targets the Mac. OSX.RSPlug.A is showing up on
pornography sites disguised as a video plug-in. When someone clicks
the link to watch certain video clips, a Web page states that a new
QuickTime codec must be installed. Opening the disk image that
downloads results in the installer asking for an administrator
password (which is the first serious sign of trouble); if the option
to Open "Safe" Files After Downloading is enabled in Safari, the disk
image opens automatically (you should disable that feature in Safari;
see "Significant Safari Exploit Discovered," 2007-09-07).
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
So even if you have the unsafe Safari setting that opens files
automatically, you are still prompted for an admin password. If you
cancel there, nothing happens.
So despite your spin, no, it's nothing at all like the promiscuous
way that Windows works.
-- Ed Leafe
-- http://leafe.com
-- http://dabodev.com
_______________________________________________
Post Messages to: [email protected]
Subscription Maintenance: http://leafe.com/mailman/listinfo/profox
OT-free version of this list: http://leafe.com/mailman/listinfo/profoxtech
Searchable Archive: http://leafe.com/archives/search/profox
This message: http://leafe.com/archives/byMID/profox/[EMAIL PROTECTED]
** All postings, unless explicitly stated otherwise, are the opinions of the
author, and do not constitute legal or medical advice. This statement is added
to the messages for those lawyers who are too stupid to see the obvious.
