Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

gnasher729

Suspended
Nov 25, 2005
17,980
5,565
Does GateKeeper allow the installer to run?
In other words, is the installer code signed by a valid developer certificate?

In that case I think some developer would have just got their developer certificate revoked :eek: Plus quite possibly the police on their door.
 

spyguy10709

macrumors 65816
Apr 5, 2010
1,005
644
One Infinite Loop, Cupertino CA
Firstly, access control, "superuser" and "userland" have existed in computing long before Unix. Secondly UAC is neither useless nor a ripoff. It is similar in implementation to 'sudo' and that's all. You don't innovate on what is proven to work. It's not a competition. Thirdly, nothing is 100% secure.

I'm amazed that an "Amateur Security Researcher" would post such a meaningless statement and then direct people to "Google it duuude" as proof.

Actually - Superuser is a Unix term. It was done there, first. WinNT ripped it, along with linux. (DOS had no permission structure) UAC isn't at all like "sudo" - it's a prompt that comes up before any non-signed app launches - NOT just one that requests special permissions. (IE - it's a finger in the dyke of privilege escalation hacks on windows - don't even let a potentially malicious app run...).

You don't innovate on what is proven to work?!? Have fun with your wooden-wheeled horse drawn carriage, motorola dynatac, and powerbook 100!

And it IS a competition. It's cat and mouse with hackers v security researchers.
Nothing is 100% secure, it's true. For example - A 256-bit encryption AKS key will take 2.5 BILLION years for my macbook to crack- but yes - it is hackable...
The security offered by OS X is much better than the patchwork of security fixes on Windows. (And both suck compared to linux :D)

Oh, and by the way, I could quote the whole wikipedia article on privilege escalation on windows, but it's far too long. Just look it up, learn something, and then - please - come back.
 

Jarland

macrumors regular
Oct 10, 2006
104
0
Since when do we call phishing scams trojans? The fact that the scam is an application rather than the typical website or e-mail is a very small difference in the nature of it. One must download it, open it, type in their personal information, and accept the result. If that's a trojan, so is mailing a letter that says "Give me $5000."
 

Somian

macrumors 6502
Feb 15, 2011
290
414
Fort Wayne, IN
Since when do we call phishing scams trojans? The fact that the scam is an application rather than the typical website or e-mail is a very small difference in the nature of it. One must download it, open it, type in their personal information, and accept the result. If that's a trojan, so is mailing a letter that says "Give me $5000."

You forgot that in addition, people need to enter their root-password…
 

RedCroissant

Suspended
Aug 13, 2011
2,268
96
And people always defended OSX for being virus/spyware free... LOL. Welcome to reality. Hopefully Apple can keep up with the variations that are no doubt going to be roaming out in the wild based on this.

True, if this was either a virus or spyware. the only difference is that this "Trojan" still requires the user to allow it while other systems can be infected simply by visiting a website.

But as long as Gatekeeper is used to block the apps, then this shouldn't be a problem.
 

cerote

macrumors 6502a
Mar 2, 2009
843
269
There is another level of security you can easily add. If you contact your cell carrier, they can block any subscriptions being added to your cell phone account. Then, even if you fall for something like described in this thread, it'll still be blocked by the carrier. I use AT&T, and I know they support blocking. I would suspect other carriers could do the same.

I did that a long time ago because the scammers were able to add crap to my line without me even doing anything.

Has happened to several people I know.
 

MagnusVonMagnum

macrumors 603
Jun 18, 2007
5,193
1,442
I'm just utterly amazed at how many people on here are throwing around terms like "idiot" and "moron" in regards to trojan malware. The entire concept of a trojan is that it resembles legitimate software (when done "properly", it's EXACTLY IDENTICAL in appearance). Web sites can be hacked and hijacked. Legitimate software can be redirected to trojan versions and the poor souls that happen to download what they believed was the legitimate software from a legitimate web site before it's detected are real victims and they are NOT "morons". :mad:

All the people in this thread that think it could NEVER happen to them are like people living in the desert that think their house couldn't possibly be flooded because it hardly ever rains. The sheer amount of ignorance on this subject is simply astounding. You're sitting there behind your keyboards reading about what sounds like someone logging on to "Trojan.com" and purposely downloading a trojan and then installing it. I see lists of things to do that act like Apple's so-called "warning" of "Gee, this program was downloaded off the Internet; you sure you want to run it" is some kind of malware detector? Bullcrap. It says that for trojans and legitimate software alike. Gatekeeper's only function is try and get you to buy all your software from Apple's App store. I guess that's what you all must do since otherwise, you'd be terrified to actually click "OK" after that warning, which you MUST do in order to install ANYTHING (legit or otherwise) off the Internet. Apple's malware detection tools are ONLY useful AFTER they've added the new definition. If you get it before then, tough luck.

But nevermind all the exploits that have been found in things like Java, Flash, Webkit, etc. over the years; yeah you got lucky someone didn't take full advantage of it; but no...it's because you're too smart! Those people MUST have been "morons" or "idiots", right? Yeah, right. It's often the ones who think they couldn't ever fall for something that are particularly vulnerable because they become careless. If an anti-malware program becomes available, they won't bother to install/use it because they think they're too smart for the criminals out there. Yes, I'm sure none of you have ever visited anything but large corporate web sites and your kids have never surfed anywhere but legitimate sites too and no such web site has EVER been hijacked or hacked in the history of the Internet.... :rolleyes: :rolleyes: :rolleyes:

True, if this was either a virus or spyware. the only difference is that this "Trojan" still requires the user to allow it while other systems can be infected simply by visiting a website.

But as long as Gatekeeper is used to block the apps, then this shouldn't be a problem.

And so you ONLY install certified software and/or Apple App store apps? You sure have a limited selection to pick from.
 

AppleScruff1

macrumors G4
Feb 10, 2011
10,026
2,949
I'm just utterly amazed at how many people on here are throwing around terms like "idiot" and "moron" in regards to trojan malware. The entire concept of a trojan is that it resembles legitimate software (when done "properly", it's EXACTLY IDENTICAL in appearance). Web sites can be hacked and hijacked. Legitimate software can be redirected to trojan versions and the poor souls that happen to download what they believed was the legitimate software from a legitimate web site before it's detected are real victims and they are NOT "morons". :mad:

All the people in this thread that think it could NEVER happen to them are like people living in the desert that think their house couldn't possibly be flooded because it hardly ever rains. The sheer amount of ignorance on this subject is simply astounding. You're sitting there behind your keyboards reading about what sounds like someone logging on to "Trojan.com" and purposely downloading a trojan and then installing it. I see lists of things to do that act like Apple's so-called "warning" of "Gee, this program was downloaded off the Internet; you sure you want to run it" is some kind of malware detector? Bullcrap. It says that for trojans and legitimate software alike. Gatekeeper's only function is try and get you to buy all your software from Apple's App store. I guess that's what you all must do since otherwise, you'd be terrified to actually click "OK" after that warning, which you MUST do in order to install ANYTHING (legit or otherwise) off the Internet. Apple's malware detection tools are ONLY useful AFTER they've added the new definition. If you get it before then, tough luck.

But nevermind all the exploits that have been found in things like Java, Flash, Webkit, etc. over the years; yeah you got lucky someone didn't take full advantage of it; but no...it's because you're too smart! Those people MUST have been "morons" or "idiots", right? Yeah, right. It's often the ones who think they couldn't ever fall for something that are particularly vulnerable because they become careless. If an anti-malware program becomes available, they won't bother to install/use it because they think they're too smart for the criminals out there. Yes, I'm sure none of you have ever visited anything but large corporate web sites and your kids have never surfed anywhere but legitimate sites too and no such web site has EVER been hijacked or hacked in the history of the Internet.... :rolleyes: :rolleyes: :rolleyes:



And so you ONLY install certified software and/or Apple App store apps? You sure have a limited selection to pick from.

Another informative, intelligent, well thought out post. I enjoy reading your posts. :)
 

MacFoodPoisoner

macrumors regular
Dec 1, 2012
150
0
I'm just utterly amazed at how many people on here are throwing around terms like "idiot" and "moron" in regards to trojan malware. The entire concept of a trojan is that it resembles legitimate software (when done "properly", it's EXACTLY IDENTICAL in appearance). Web sites can be hacked and hijacked. Legitimate software can be redirected to trojan versions and the poor souls that happen to download what they believed was the legitimate software from a legitimate web site before it's detected are real victims and they are NOT "morons". :mad:

All the people in this thread that think it could NEVER happen to them are like people living in the desert that think their house couldn't possibly be flooded because it hardly ever rains. The sheer amount of ignorance on this subject is simply astounding. You're sitting there behind your keyboards reading about what sounds like someone logging on to "Trojan.com" and purposely downloading a trojan and then installing it. I see lists of things to do that act like Apple's so-called "warning" of "Gee, this program was downloaded off the Internet; you sure you want to run it" is some kind of malware detector? Bullcrap. It says that for trojans and legitimate software alike. Gatekeeper's only function is try and get you to buy all your software from Apple's App store. I guess that's what you all must do since otherwise, you'd be terrified to actually click "OK" after that warning, which you MUST do in order to install ANYTHING (legit or otherwise) off the Internet. Apple's malware detection tools are ONLY useful AFTER they've added the new definition. If you get it before then, tough luck.

But nevermind all the exploits that have been found in things like Java, Flash, Webkit, etc. over the years; yeah you got lucky someone didn't take full advantage of it; but no...it's because you're too smart! Those people MUST have been "morons" or "idiots", right? Yeah, right. It's often the ones who think they couldn't ever fall for something that are particularly vulnerable because they become careless. If an anti-malware program becomes available, they won't bother to install/use it because they think they're too smart for the criminals out there. Yes, I'm sure none of you have ever visited anything but large corporate web sites and your kids have never surfed anywhere but legitimate sites too and no such web site has EVER been hijacked or hacked in the history of the Internet.... :rolleyes: :rolleyes: :rolleyes:



And so you ONLY install certified software and/or Apple App store apps? You sure have a limited selection to pick from.

I also enjoy reading your posts very much. :)
 

Tech198

Cancelled
Mar 21, 2011
15,915
2,151
Gatekeeper wouldn't have prevented you here, since users can right click to open anyway.

I only thought it was Windows users who blindly clicked OK to UAC prompts, and i was thinking at least constantly requiring you to enter a password on Apple's systems, were more secure....

Well they are, but only as secure as the users .. :p This changes the way i think about most Apple users.
 

Max(IT)

Suspended
Dec 8, 2009
8,551
1,662
Italy
And people always defended OSX for being virus/spyware free... LOL. Welcome to reality. Hopefully Apple can keep up with the variations that are no doubt going to be roaming out in the wild based on this.
And clearly you have no idea of what a Trojan is ... This kind of virus you have to install by yourself .... Is not OS X the problem: it's the user in front of the screen.
 

macingman

macrumors 68020
Jan 2, 2011
2,147
3
And people always defended OSX for being virus/spyware free... LOL. Welcome to reality. Hopefully Apple can keep up with the variations that are no doubt going to be roaming out in the wild based on this.
This isn't a virus or spyware which are installed without user input. This is a Trojan which needs a stupid user to install it.

I have never heard of a virus on MAC as no malicious software has managed to install itself.

It is fact MACS have a much lower risk than Windows computers.

----------

Since when do we call phishing scams trojans? The fact that the scam is an application rather than the typical website or e-mail is a very small difference in the nature of it. One must download it, open it, type in their personal information, and accept the result. If that's a trojan, so is mailing a letter that says "Give me $5000."
You obviously have NO idea what a Trojan or a phishing scam actually is.

Here's some links to help you out:

http://en.m.wikipedia.org/wiki/Trojan_horse_(computing)

http://en.m.wikipedia.org/wiki/Phishing_scam
 

RedCroissant

Suspended
Aug 13, 2011
2,268
96
And so you ONLY install certified software and/or Apple App store apps? You sure have a limited selection to pick from.

Nope. How did you come to that conclusion from my post?

I install all sorts of software from all sorts of sites and am more than capable of determining which sites to visit and which files/applications to download safely. I've been doing that for quite a few years now and have yet to download a virus/Trojan/ or other malware/spyware.
 

nia820

macrumors 68020
Jun 27, 2011
2,131
1,980
And people always defended OSX for being virus/spyware free... LOL. Welcome to reality. Hopefully Apple can keep up with the variations that are no doubt going to be roaming out in the wild based on this.

And with the increase of people switching over to mac we can expect more if this. When I first got my mac people were telling me oh its no need to buy virus or malware proctection for mac because its rare. But I always like to be safe than sorry.

At my sisters job she was telling me that got some nasty malware on their macs about a year.

Times are changing for osx
 

tech4all

macrumors 68040
Jun 13, 2004
3,399
489
NorCal
No no no ... the 'processor' has nothing to do with viruses or like in this case lame phishing attempts.

It is only that MacOS has finally reached the critical mass that it is more interesting to target mac os users. This would also happened on PowerPC if it would have been more successful during that time.

But anyway - this is still not a real virus - it requires that user to download something, click the installer, enter the password, click through the warnings, enter the SMS and reply to it (or use it's 'code') ... all user initiated, nothing happens hidden in the background.

Then how do you explain OS 9's viruses even though it had even less of user base than OS X?
 

92jlee

macrumors 6502
Sep 11, 2009
277
0
Cardiff, Wales, UK
In the PowerPC days, viruses and malware in OSX was unheard of. While I agree the move from PPC was a much needed one, the switch to Intel meant trouble ahead for OS X on x86 hardware. Now Apple is getting viruses and malware. Terrible if u ask me.

Hardware has nothing to do with osx having viruses, its all down to popularity. why write a virus when macs are only 5% of PCs? Apple has become a lot more popular since the Intel switch, I don't have figures here but more than the % they had with PPC.
 
Last edited by a moderator:

Tech198

Cancelled
Mar 21, 2011
15,915
2,151
In the PowerPC days, viruses and malware in OSX was unheard of. While I agree the move from PPC was a much needed one, the switch to Intel meant trouble ahead for OS X on x86 hardware. Now Apple is getting viruses and malware. Terrible if u ask me.

no more trouble than Windows uses aready have now..
 
Last edited:
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.