To report a botnet PRIVATELY please email: [EMAIL PROTECTED] ---------- Jim O'Gorman wrote: > To report a botnet PRIVATELY please email: [EMAIL PROTECTED] > ---------- > > > ------------------------------------------------------------------------ > > On 11/3/07, Gadi Evron <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> wrote: > > > > > > You really think a criminal group with revenue goals targets the mac to > > make some mac users feel unhappy? > > > > What is amusing about this whole situation is the "Mac Defender" > attitude that rises up when ever it comes out Apple is not perfect. This > happened a while back with the wireless issues and now is coming out again. > > Gadi is 100% right, these people are not doing this for fun or bragging > rights. This is a potential market opportunity that has been ignored up > to this point. Macs up to this point have not been the target of malware > attacks, and as such you have this ever growing audience of fresh > faced innocent babes that have not experienced the harsh reality that > users on windows based systems have been living with. > > A lot like some city boys driving out to some rural area where people > don't lock their doors for some easy pickings. >
I think the point of the "mac defender" is that people are treating this as a computer exploit rather than a SE exploit and saying "I told you mac's aren't secure" There is nothing you can do to stop the idiots from installing it, the Darwinian approach. Happens in any environment. The point is that this isn't an apple specific problem (no OS X vulnerabilities being exploited here) or an "in-the-wild" scenario. To be in-the-wild it would require that the infection rate is higher than the disinfection rate which I'm not seeing happening since this relies completely on human stupidity to give the program permission to install and not any computer vulnerabilities, along with, in this particular instance, relying on you being a porn viewer looking at the specific videos this fake codec is connected with compared to windows viruses that usually install themselves without a user's knowledge or permission. What makes me unhappy is that people are using an SE exploit as a way to say here's proof that a mac is as insecure as a windows box or gadi saying the itw barrier has been broken for apple (read above about requirements for itw status). No computer is 100% secure, but with a default setup of windows vs. mac a mac is still more secure. if they were to write this trojan for a windows box they wouldn't have to worry about requiring superuser authentication on the majority of systems as by default your account is an administrator account on windows and not many end users change that, or they could just take advantage of any of the multitude of vulnerabilities available on windows boxes directly connected to the internet to install it automatically without even having to attach it as a fake video codec to a porn video. http://apple.slashdot.org/comments.pl?sid=347433&cid=21202413 sums up what's going on the best. :) _______________________________________________ To report a botnet PRIVATELY please email: [EMAIL PROTECTED] All list and server information are public and available to law enforcement upon request. http://www.whitestar.linuxbox.org/mailman/listinfo/botnets
