Right, they download some infected torrent, input their password to install
the program they want to install...and with it, the trojan. But they don't
have to keep being in root/admin to have the now installed trojan to run.
On Fri, Apr 17, 2009 at 11:34 AM, Matthew Taylor
<taylorsmatt...@gmail.com>wrote:
> But they need root / admin access to install on a properly run machine.
>
> The trouble with trying to make things idiot proof is that idiots are so
> persistent and ingenious.
>
>
> On Apr 17, 2009, at 2:17 PM, mike wrote:
>
> Trouble is, these botnets don't need root to run.
>>
>> On Fri, Apr 17, 2009 at 10:55 AM, Matthew Taylor
>> <taylorsmatt...@gmail.com>wrote:
>>
>> This is what is known in the UNIX world as an "honor virus". You have to
>>> put in place software you know to be illegitimate and give it
>>> administrative
>>> access to install, or do something otherwise known to be self
>>> destructive.
>>>
>>> If I were dumb enough to do this I could discover that shock of shock my
>>> enterprise heavily firewalled role restricted servers are vulnerable.
>>>
>>> Got root / admin + malware = got security issue.
>>>
>>> Matthew
>>>
>>>
>>> On Apr 17, 2009, at 11:18 AM, Snyder, Mark - IdM (IS) wrote:
>>>
>>> Mac owners who downloaded pirated ("free") versions of iWork '09 and
>>>
>>>> Photoshop CS4 - said to be 20,000 downloads - also received the
>>>> iServices trojan. The trojan has reportedly begun to activate for DSS
>>>> attacks. Details:
>>>> <http://www.macnn.com/articles/09/04/17/mac.based.botnet.active/>
>>>>
>>>> Don't much pity those who d/l pirated software, but it is disturbing to
>>>> see OS X vulnerabilities exploited (even though this trojan requires
>>>> human stupidity to actually install it).
>>>>
>>>> Thank you,
>>>>
>>>> Mark Snyder
>>>>
>>>>
>>>
>>> *************************************************************************
>>> ** List info, subscription management, list rules, archives, privacy **
>>> ** policy, calmness, a member map, and more at http://www.cguys.org/ **
>>> *************************************************************************
>>>
>>>
>>
>> *************************************************************************
>> ** List info, subscription management, list rules, archives, privacy **
>> ** policy, calmness, a member map, and more at http://www.cguys.org/ **
>> *************************************************************************
>>
>
>
> *************************************************************************
> ** List info, subscription management, list rules, archives, privacy **
> ** policy, calmness, a member map, and more at http://www.cguys.org/ **
> *************************************************************************
>
*************************************************************************
** List info, subscription management, list rules, archives, privacy **
** policy, calmness, a member map, and more at http://www.cguys.org/ **
*************************************************************************
