> You really think so? I know it's not exactly on the scale of MyDoom (I > for one am not worried as I never download MP3s anyway) but it's still > a threat.
It's no more a threat than "you can download a program and execute it". > Not really - it is if anything a proof that methods of breaking into OS > X have been found. It's not a method for breaking into OS X. It's a demonstration that you can give a file a deceptive icon and name if it's already on your machine, or if you download a mac-specific archive (sit, dmg, ...) and unpack it without noticing that you downloaded and unpacked it. You can't get attacked by downloading an MP3 that hasn't been wrapped, you can't get attacked by downloading MP3s from any actual MP3 file server or peer-to-peer network, you can't get attacked by an MP3 shared over iTunes. It's not new. It's not unknown. It's an old well known and understood problem that doesn't demonstrate anything but that people are willing to accept anything if there's a good story. It's a social engineering attack, and if anything the success of the company's scare tactics are a better demonstration of how easy social engineering is. > I don't care how good Macs are it's *not* a Windows users > fault for using Windows when they get a virus. If a Windows user uses Internet Explorer, Outlook, or any other application that uses the Microsoft HTML control, and they get infected, then that is their fault. If a Mac user uses Safari and it automatically unpacks a social engineering trojan horse that contains malware, then it's their fault for leaving the default bad behaviour enabled. It's also Microsoft's and Apple's fault for their broken design. And it's the virus writer's fault for being sociopathic bastards. There's blame on all sides. Don't use IE or Outlook on Windows. Turn off the "automatic" mount and unpack options in Safari. Change the FTP helper to something like Cyberduck instead of Finder. > It never said it was a remote attack in that press release - I just > read it twice. If it's not a remote attack then there is no *reason* for having a press release. > As do I. I also hope it soaks into the rest of the Mac community that > they are not invincible or immune from the threat. It won't, not unless you and I and everyone else put the word out about where the REAL problem is instead of acting as if this demonstrates anything but one company's greed. -- Unsupported OS X is sponsored by <http://lowendmac.com/> Support Low End Mac <http://lowendmac.com/lists/support.html> Unsupported OS X list info <http://lowendmac.com/lists/unsupported.html> --> AOL users, remove "mailto:"; Send list messages to: <mailto:[EMAIL PROTECTED]> To unsubscribe, email: <mailto:[EMAIL PROTECTED]> For digest mode, email: <mailto:[EMAIL PROTECTED]> Subscription questions: <mailto:[EMAIL PROTECTED]> Archive <http://www.mail-archive.com/unsupportedosx%40mail.maclaunch.com/> Using a Mac? Free email & more at Applelinks! http://www.applelinks.com
