Re: malware question

2005-06-04 Thread Tim Hodgson 
On Fri, Jun 3, 2005 at 12:32 am -0700, Bruce Johnson wrote:

It's like the Honor System Virus, here listed in its entire, awsum  
h4X0r p0w3r:

  THE NEW HONOR SYSTEM VIRUS:

   This virus works on the honor system.

   Please forward this message to everyone you know, then delete  
all the
   files on your hard disk.

   Thank you for your cooperation.

Worryingly, it did mutate into a more contagious form:

This virus works on the honor system: if you're running a variant of unix
or linux, please forward this message to everyone you know and delete a
bunch of your files at random. If you're running Mac OS X, have someone
else delete files at random and then assure you it was done properly and
not to bother yourself about about it. 

TimH


-- 
G-Books is sponsored by http://lowendmac.com/ and...

 Small Dog Electronicshttp://www.smalldog.com  | Refurbished Drives |
 -- Check our web site for refurbished PowerBooks  |   CDRWs on Sale!  |

  Support Low End Mac http://lowendmac.com/lists/support.html

G-Books list info:  http://lowendmac.com/lists/g-books.html
  -- AOL users, remove mailto:;
Send list messages to:  mailto:G-Books@mail.maclaunch.com
To unsubscribe, email:  mailto:[EMAIL PROTECTED]
For digest mode, email: mailto:[EMAIL PROTECTED]
Subscription questions: mailto:[EMAIL PROTECTED]
Archive: http://www.mail-archive.com/g-books%40mail.maclaunch.com/



---
iPod Accessories for Less
at 1-800-iPOD.COM
Fast Delivery, Low Price, Good Deal
www.1800ipod.com
---

malware question

2005-06-03 Thread Brian 
I'm a bit late to the frey on this issue (by more than 6 months) but  
just learned of a malware program out there called opener that  
supposedly was talked about in October (saw an older article in  
macintouch about it).  IS this little number still out there?  have  
any others popped up since then?

Brian

--
G-Books is sponsored by http://lowendmac.com/ and...

Small Dog Electronicshttp://www.smalldog.com  | Refurbished Drives |
-- Check our web site for refurbished PowerBooks  |   CDRWs on Sale!  |

 Support Low End Mac http://lowendmac.com/lists/support.html

G-Books list info:  http://lowendmac.com/lists/g-books.html
 -- AOL users, remove mailto:;
Send list messages to:  mailto:G-Books@mail.maclaunch.com
To unsubscribe, email:  mailto:[EMAIL PROTECTED]
For digest mode, email: mailto:[EMAIL PROTECTED]
Subscription questions: mailto:[EMAIL PROTECTED]
Archive: http://www.mail-archive.com/g-books%40mail.maclaunch.com/



---
iPod Accessories for Less
at 1-800-iPOD.COM
Fast Delivery, Low Price, Good Deal
www.1800ipod.com
---

Re: malware question

2005-06-03 Thread Adam Thayer 

Well, I think what we need to remember is that our key vulnerabilities are
in available services. Those that don't run services are pretty much OK.
However, each service is only as secure as the developers make it
(apache/sshd have had problems in the past), and Apple does lag behind by
about a week on these issues. This provides an opening for infection,
however, there are so many 'if's that the attack vector is nearly worthless
for a variety of reasons (finding PPC/Darwin instead of Linux servers, etc).

-Original Message-
From: G-Books [mailto:[EMAIL PROTECTED] On Behalf Of Bruce Johnson
Sent: Friday, June 03, 2005 4:33 PM
To: G-Books
Subject: Re: malware question


On Jun 3, 2005, at 4:00 PM, Brian wrote:

 I'm a bit late to the frey on this issue (by more than 6 months)  
 but just learned of a malware program out there called opener  
 that supposedly was talked about in October (saw an older article  
 in macintouch about it).

Sigh. 'opener' was never 'in the wild'. Installation requires  
physical access to the mac in question as an Admin User.

If you have that, you don't need 'opener'. It allows you to take over  
a machine you already own...oh, scy...

It's like the Honor System Virus, here listed in its entire, awsum  
h4X0r p0w3r:

  THE NEW HONOR SYSTEM VIRUS:

   This virus works on the honor system.

   Please forward this message to everyone you know, then delete  
all the
   files on your hard disk.

   Thank you for your cooperation.


It was a non-starter then, and it's a non-starter now. If 'opener' is  
the best the skriptkiddies  can do to OS X, we're sitting pretty.

   IS this little number still out there?  have any others popped up  
 since then?

AFAICT only one piece of malware ever has been released into the wild  
for OS X, a trojan posing as a 'free beta of Office 2004' that was  
alleged to have been circulated on some P2P nets.

--
Bruce Johnson

This is the sig who says 'Ni!'


-- 
G-Books is sponsored by http://lowendmac.com/ and...

 Small Dog Electronicshttp://www.smalldog.com  | Refurbished Drives |
 -- Check our web site for refurbished PowerBooks  |   CDRWs on Sale!  |

  Support Low End Mac http://lowendmac.com/lists/support.html

G-Books list info:  http://lowendmac.com/lists/g-books.html
  -- AOL users, remove mailto:;
Send list messages to:  mailto:G-Books@mail.maclaunch.com
To unsubscribe, email:  mailto:[EMAIL PROTECTED]
For digest mode, email: mailto:[EMAIL PROTECTED]
Subscription questions: mailto:[EMAIL PROTECTED]
Archive: http://www.mail-archive.com/g-books%40mail.maclaunch.com/



---
iPod Accessories for Less
at 1-800-iPOD.COM
Fast Delivery, Low Price, Good Deal
www.1800ipod.com
---


-- 
G-Books is sponsored by http://lowendmac.com/ and...

 Small Dog Electronicshttp://www.smalldog.com  | Refurbished Drives |
 -- Check our web site for refurbished PowerBooks  |   CDRWs on Sale!  |

  Support Low End Mac http://lowendmac.com/lists/support.html

G-Books list info:  http://lowendmac.com/lists/g-books.html
  -- AOL users, remove mailto:;
Send list messages to:  mailto:G-Books@mail.maclaunch.com
To unsubscribe, email:  mailto:[EMAIL PROTECTED]
For digest mode, email: mailto:[EMAIL PROTECTED]
Subscription questions: mailto:[EMAIL PROTECTED]
Archive: http://www.mail-archive.com/g-books%40mail.maclaunch.com/



---
iPod Accessories for Less
at 1-800-iPOD.COM
Fast Delivery, Low Price, Good Deal
www.1800ipod.com
---