QUOTE (dweb8888 @ Jan 23 2009, 02:19 AM)
Now, you see, when in windows I would always install a firewall just to "feel" more secured. Working in OSX these days I don't use firewalls or antivirus apps for obvious reasons, BUT, WHEN DOWNLOADING TORRENT STUFF, HAVING A FIREWALL AND ANTIVIRUS APP IS A MUST. And remember kids, when you download software like that, after you have used it for some 1000 years remember to purchase the software. Those guys need to make a living you know.
OS X has a built in firewall. Has for years.
QUOTE (macita @ Jan 23 2009, 03:41 AM)
Little snitch is a must!!!
If something has root access, it can disable little snitch without you knowing it.
QUOTE (John the Geek @ Jan 23 2009, 06:21 AM)
You mean, because it
isn't Apple's fault and it
is the stupid user's fault.
Apple cannot prevent you from installing malicious software if you want to. If
you run the installer,
you give it your password,
you let it install.
YOU are to blame, not Apple.
In a corporate world you could blame the maker of the software for violating your trust, but since this was never anything more than a stolen installer people were (still are?) rushing out to get, people really only have themselves to blame if they installed this. It's quite a SUCKER moment, but that's the way it is.
No fanboi required.
Ok lets replace Apple with Microsoft here.
You mean, because it
isn't Microsoft's fault and it
is the stupid user's fault.
Microsoft cannot prevent you from installing malicious software if you want to. If
you run the installer,
you give it your password,
you let it install.
YOU are to blame, not Microsoft.
In a corporate world you could blame the maker of the software for violating your trust, but since this was never anything more than a stolen installer people were (still are?) rushing out to get, people really only have themselves to blame if they installed this. It's quite a SUCKER moment, but that's the way it is.
No fanboi required.
QUOTE (Bob Ajob @ Jan 23 2009, 05:00 AM)
Some estimates and further thoughts from me on the current situation -
- Hardware = 20,000 x mostly Modern genuine Apple Mac desktops + few grey Intel PC 'hackintoshes' + maybe very few OSX servers
- Operating System = Mostly OSX Leopard 10.5.x + few running Tiger 10.4.x + maybe very few others
- Application = iLife 09 Trojan (Downloaded pirate software from an untrusted source - ftp/usenet/p2p/etc.)
- 20,000 hits = 20,000 stupid OSX pirates all wanting iLife09 (a nice alternative to OpenOffice and MS Office for Mac)
So, quite a successful OSX trojan but still nowhere near as effective as the hundreds of thousands (maybe millions) of infected Windows boxes out there. Next question - Is this worth the black hat bad guys 'wormifying' a population of 20,000 internet-based relatively hard Unix hosts? That is one hell of a botnet leadership control base. I bet the underground race is now on to find and merge this population with a worm that can exploit zero-day (i.e. unpatched) OSX system service vulnerabilities, or perhaps maybe just a few vulnerabilities in Safari or iTunes or other commonly used standard OSX networked applications...
I think this might eventually be positive news for Apple. We might see the following -
- More successful OSX malware, as this trojan sets an example to other black hats that success on OSX is quite possible as more stupid users start to use OSX while the overall market share population slowly increases
- More effort by black hats trying to help OSX Leopard proliferate on more hardware for free (Universal OSX Leopard LiveDVD coming soon)
- More anti-malware applications for OSX
- More publicity (bad news is still news) for OSX and therefore more interest in trying to use it
- More OSX Leopard usage (Both on genuine hardware and on cheap hackintosh PCs) as interest in OSX rises when users realise it works very nicely alongside (or even with/within) Windows and generally can replace all running functions of Windows effectively through virtualisation software such as sun VirtualBox, Parallels and VMware Fusion, except at the moment videogames, as hardware-accelerated graphics functions are currently difficult to virtualise.
- Mass takeup of OSX Leopard could happen once the critical mass blooms, as Windows pirates see how much nicer everything is, when provided with a genuinely easy choice...
- Slightly increased takeup of Linux as another multi-booting, easy-to-install and totally free (legit) operating system alternative that can also run alongside Windows on the same hardware...
- More retail sales of OSX for Apple, as hackintosh users realise how much more confident they will feel in running a 'clean' system and maybe even an increase in hardware sales as OSX runs on the real thing soooo much easier and maybe even slightly nicer
Finally, I dream of the nirvana that would be massively increased success for OSX, as most new Windows videogames could easily be redeveloped to run on OSX, through the 'Cider' and other Wine-like/crossover engines. I like running AOE3, UT2004, Call of Duty 4 and Spore (amongst many others) on OSX Leopard at the moment. If Apple do release a truly 'affordable' updated Mac Mini or iMac with onboard accelerated Nvidia Geforce 3D graphics, then that could be the tipping point for myself and many others to also try out OSX for real...
An open-minded Unix, Linux and OSx86 (Hackintosh) advocate who is genuinely agnostic when it comes to hardware and operating systems. Each system has its own strengths, just some are more specialist than others and some are for those with more acquired tastes. I always like to note that the only hardware system for true gamers is the one that natively plays ALL the latest videogames (i.e. none of the above!) so my advice for most people in this current economic climate is -
Think of value-for-money, function-over-form, quantity-for-quality ratio (bang-for-buck), invest-to-save and most important of all, sustainable development (in every aspect of life).
End rant
Everything has a beginning remember.
QUOTE (boss4908 @ Jan 23 2009, 08:58 AM)
)--><div class='quotetop'>QUOTE(
@ Jan 22 2009, 10:27 PM)
</div><div class='quotemain'><!--quotec-->
Headline says in engadget.com
iWork '09 trojan infects at least 20,000 machines.
http://www.engadget.com/2009/01/22/iwork-0...hines/#commentsPirated iWork '09 installer may contain trojan horse
in macworld.com
http://www.macworld.com/article/138380/iworktrojan.htmlI didn't have iwork09 but as i was reading, i found this and thought someone might need this.
sees if you have it at /System/Library/StartupItems for an item named iWorkServices
a copy paste of ways to get ride of it from engadget user Aaron
I am new to the Mac world and love it. I have been a windows fan from '95 and dos before that. What I hate is the fact that with windows all you have to do is visit a site and get infected. This is not a flaw in the system just a flaw in the way WE use it. If you buy software off the shelf or the original software site you have nothing to worry about. If you download a torent you better have protection. This makes the ability to install and update your Hack from the official site so important. Thanks all. Just my thoughts. Thanks Apple.
Once a system is compromised, you can never know it is truly clean until you wipe it clean and start over restoring from a known good backup. And that visit a site and get infected is not limited to windows, see
here. Don't bother trying to clean it, and instead wipe it clean. Then you'll know it's clean.
QUOTE (InorganicMatter @ Jan 24 2009, 08:36 AM)
*sigh*
An exploit that requires you to grant it root access is NOT an exploit.
Correct. I'll remember that the next time a trojan is released for Windows Vista and has to ask you for permission. Oh wait, it already has known as Antivirus 2009 where it asks you to install by entering in your password if you're a regular user and if you're an admin, you have to confirm it by clicking continue.
QUOTE (Rubber Ducky @ Jan 24 2009, 12:29 PM)
Everyone has always loved Apple computers because they have fewer viruses/trojans/spyware... Looks like that is changing as their popularity soars... Then again, Torrents and other illegal downloads have always been well known as carriers of malicious software of all kinds. Lets just be thankful they caught it and are trying to fix it!
You can't fix user stupidity.
