PDA

View Full Version : Worm targets Macs via Bluetooth


MacBytes
Feb 21, 2006, 09:32 PM
http://www.macbytes.com/images/bytessig.gif (http://www.macbytes.com)

Category: Mac OS X
Link: Worm targets Macs via Bluetooth (http://www.macbytes.com/link.php?sid=20060221223244)
Description:: A new computer worm targeting Apple Computer Inc.'s Macintosh computers has been identified for the second time in one week, security experts said.

Posted on MacBytes.com (http://www.macbytes.com)
Approved by Mudbug

requies
Feb 21, 2006, 09:41 PM
"The Bluetooth flaw the worm exploits was addressed by Apple in mid-2005, when the company released a patch to protect against it."

http://www.macworld.co.uk/news/index.cfm?NewsID=13896

oh when oh when will apple fix all these security holes?? oh wait, they already have.

Dominatus
Feb 21, 2006, 09:48 PM
Just out of curiousity did Apple patch 10.2 systems?

ezekielrage_99
Feb 21, 2006, 10:20 PM
People complain about this on a Mac but there were plenty of these types of issues with Windows XP SP1 regarding BlueTooth and yet it wasn't published as much......

Yvan256
Feb 22, 2006, 12:35 AM
"A new computer worm targeting Apple Computer Inc.'s Macintosh computers has been identified for the second time in one week, security experts said."

A worm is now the same thing as a trojan?! :confused:

Wow, "security experts" indeed. ;)

nagromme
Feb 22, 2006, 01:24 AM
An "emerging trend" says Symantec :rolleyes:

OK, so "this particular worm is not fully functional" and was patched LAST YEAR.

And yet "A new computer worm targeting Apple Computer Inc.'s Macintosh computers has been identified for the second time in one week, security experts said."

But neither "worm" has ANY ability to travel the Internet!

A fact CNN fails to mention--again. They talk about it spreading over iChat, and mention AIM... when in reality it CANNOT spread over AIM-compatible iChat, only over Bonjour... which is off by default.

Really, these facts emerged days ago. Why are they still being misleadingly reported?

(And let's be clear for the uninitiated: Bluetooth has nothing to do with public wireless access points.)

More realistically worrisome (meaning still not much by Windows standards) is auto-execution of certain scripts by Safari and Mail, which ironically is getting no mainstream press. At least that's a REAL unpatched hole, something neither of these recent "viruses" have going for them. Then again, there's no malware exploiting the hole, and Apple is bound to release a security update for it shortly.

thegreatluke
Feb 22, 2006, 05:35 AM
Well, in the news business, you report what your audience wants you to hear. CNN Tech's audience is full of Windows nerds. And Windows nerds want to hear about Macs getting viruses, because they're so jealous. No one cares about Windows viruses, because we're so used to them popping up every three seconds.

Simple. :)

autrefois
Feb 22, 2006, 08:00 AM
The worm spreads via a vulnerability in the OS X operating system called the Apple Mac OS X BlueTooth Directory Traversal Vulnerability.

Well there's the problem right there, what on Earth was Apple thinking? Why would they have named something "the Apple Mac OS X BlueTooth Directory Traversal Vulnerability"?!? :p :D

But seriously, if this was already patched by Apple, then I think CNN is doing even worse reporting than it usually does. Maybe everyone should contact CNN (http://www.cnn.com/feedback/forms/form6.html?1) with a polite message letting them know their story is very misleading since it does not mention that the problem has already been patched. The story says it's copyright Reuters, so maybe they should hear from people (http://today.reuters.com/HelpAndInfo/ContactUs.aspx) too. This is different than just bad press, this is inaccurate press.

Fiveos22
Feb 22, 2006, 08:17 AM
A worm is now the same thing as a trojan?! :confused:

Wow, "security experts" indeed. ;)

That's not from security experts. That's from journalists. There is a special place in hell for the popular press.
(and no, this is not just because of this article, or even Apple-related articles)

angelwatt
Feb 22, 2006, 08:20 AM
When I first read the article I felt it was a bit off base in terms of facts. I couldn't remember if the issue had been patched or not, but know that their story on the leap worm had quite a few errors in it so, I figured I would submit it here so people could bash CNN's "news" coverage. I thought about sending CNN some links to the forums here that talked about the worms and how ineffective they are so that they could get some facts straight, but figured they wouldn't care.

nagromme
Feb 22, 2006, 10:21 AM
Well there's the problem right there, what on Earth was Apple thinking? Why would they have named something "the Apple Mac OS X BlueTooth Directory Traversal Vulnerability"?!? :p :D
iHole 06 is a better name.

Actually... iHole 05!

tk421
Feb 22, 2006, 10:28 AM
But seriously, if this was already patched by Apple, then I think CNN is doing even worse reporting than it usually does. Maybe everyone should contact CNN (http://www.cnn.com/feedback/forms/form6.html?1) with a polite message letting them know their story is very misleading since it does not mention that the problem has already been patched. The story says it's copyright Reuters, so maybe they should hear from people (http://today.reuters.com/HelpAndInfo/ContactUs.aspx) too. This is different than just bad press, this is inaccurate press.

Thanks! I sent them my comments.

mrsebastian
Feb 22, 2006, 11:02 AM
"While this particular worm is not fully functional, the source code could be easily modified by a future attacker to do damage," Weafer said, adding that Mac users should install available software patches to their operating systems to prevent such attacks."

... and when is symantec planning on completing that code and then selling us anti-virus software?!

Mechcozmo
Feb 23, 2006, 01:11 AM
That's not from security experts. That's from journalists. There is a special place in hell for the popular press.
(and no, this is not just because of this article, or even Apple-related articles)

The especially hellish part is for them. :mad: News is just about how much money they can make.

Thanks! I sent them my comments.

Won't work. I guarantee it.


Even though this 'virus' attacks OS X via Bluetooth, I have to say Bluetooth is one of the more... un-Apple like experiences with OS X. I have dozens of Bluetooth devices, some duplicates, with no way to remove them. :rolleyes: I can see why Bluetooth was the avenue of attack here...