New Virus!

Discussion in 'Current Events' started by funkywhat2, Jan 2, 2003.

  1. macrumors 6502a

    funkywhat2

    Joined:
    Jul 14, 2002
    #1
  2. Wes
    macrumors 68020

    Wes

    Joined:
    Jun 22, 2001
    Location:
    London
    #2
    Yes they could, but the worst it could do is corrupt your windows disc image.
     
  3. Moderator emeritus

    edesignuk

    Joined:
    Mar 25, 2002
    Location:
    London, England
    #3
    Yet another good reason for using a Mac ;) ...no one bothers to write viruses for them because of the 'small' amount of machines that would be hit :D
     
  4. macrumors 603

    rainman::|:|

    Joined:
    Feb 2, 2002
    Location:
    iowa
    #4
    My understanding is that no one writes viruses because it's hard to write one for Macs that does any damage... everything is much more secure so there aren't security breaches everywhere to exploit...

    :)
    pnw
     
  5. macrumors 604

    MrMacMan

    Joined:
    Jul 4, 2001
    Location:
    1 Block away from NYC.
    #5
  6. macrumors 6502a

    Joined:
    Dec 15, 2001
    #6
    I'm waiting for somebody to write one for Mac OS X that attacks the new System-Wide Address Book.. it couldn't be *too hard*. Of course I don't *want* it to happen, but it eventually will.
     
  7. macrumors 603

    OutThere

    Joined:
    Dec 19, 2002
    Location:
    NYC
  8. macrumors regular

    Joined:
    May 2, 2002
    Location:
    Eindhoven, the Netherlands
    #8
    Beware though, any mac folders/volumes you decide to share in vpc will possibly get infected by pc viruses...
     
  9. macrumors 65816

    Nipsy

    Joined:
    Jan 19, 2002
    #9
    Virii are primarily written by script kiddies.

    Script kiddies exploit the GAPING holes in Windows, and thankfully OS X lacks these gaping holes.

    There are security problems with OS X (and with every OS), however they are usually beyond the scope of script kiddie talent.

    Also, script kiddies will continue to target Windows exclusively until OS X virii make onto CNN. Marketshare means this is unlikely at the moment.

    In the future, we may see more Trojans, and more elegant penetrations of OS X, likely perpetrated by disgruntled programmers, however, Virus propagation on UNIX is orders of magnitude more difficut than on Windows, so we'll be likely to see stealthy machine control hacks, or DOS attacks.

    I could be wrong...there might be some really smart script kiddies using/hacking *NIX, but I really think teenage gamers are the predominant demographic writing virii, and they primarily use Windows.
     
  10. macrumors 65816

    Nipsy

    Joined:
    Jan 19, 2002
    #10
  11. macrumors 65816

    Joined:
    Aug 20, 2001
    #11
    Nipsy:

    Oh come on, this is bullcrap and you should know it. Windows does not spread the viruses, the programs do. All OSX needs to participate in all the virus goodness is a program or two with security holes and the ability to execute the same scripts as are run on Windows (such as Visual Basic).

    paulwhannel:

    Nope.
     
  12. macrumors 65816

    Nipsy

    Joined:
    Jan 19, 2002
    #12


    Here's the thing. Windows will accept system level commands from anywhere, and suffers many system level vulnerabilities. Additionally, I am including IE, Outlook Express, and the scripting engine as parts of "Windows", as they cannot be removed, only hidden. Unices use a different model, whereby a hole would have to be found in order to gain access, and then authenticate, and then launch malicious code (for instance via the Apache overflow from several weeks ago). This is not as easy as sending a malicious vbscript to an email client with lax execution policies.

    Even with OSA script, and your guard down, it is giong to be much harder to:
    Penetrate a UNIX machine
    Authenticate within the user space
    Exploit malicious code
    Propagate malicious code

    Here are some things about Windows that make it the culprit:
    Open ports a'plenty
    Lax execution rules
    Weak default settings
    Scriptable mail, VB Script, etc.
    IIS/ASP memory leak/overflow scenarios

    It is relatively easy to make Windows much more secure, but this is easy for me & you, not our dentists, plumbers, etc.

    UNIX is harder to penetrate from the ground up. The UNIX community is proactive about security, where the Windows community is reactive. Sure, there were about the same number of exploit warnings last year for linux, Solaris, and Windows. The problem is the Windows warnings came AFTER the damage was done.

    The availability of Windows exploit scripts on Google is staggering. Many are less than 100 lines of code. They arrive via e-mail, trojan, etc. and are often able to propagate with 0 user interaction.

    UNIX exploit tools enter through more secure doors, FTP, UUCP, telnet, ssh, etc. because the user space is farther from the executable space.
    These exploits require active execution by you or the hacker.

    The bar is simply higher when compromising a *nix box. It requires more knowledge, and knowledge == skill.
     
  13. macrumors 65816

    Joined:
    Aug 20, 2001
    #13
    Nipsy:

    While you make good points, I have yet to see a widespread Windows virus that does anything that can not be done on a Mac... i.e. resend itself all over, send your files all over, and delete/corrupt everything that you have permission to modify. Far from what is normal for a serious Unix, OSX even offers optional transparent admin accounts to users, which allows many users (and viruses that run under their login) to delete and/or modify most anything on the system.

    This is hardly secure, and not obviously better than what Windows 2k/XP can do.
     
  14. macrumors 65816

    Nipsy

    Joined:
    Jan 19, 2002
    #14
    Well, until we see scripted automatic execution of deliverables, without user interaction, the front door is closed & locked.

    On windows the front door is closed, but not locked.

    The admin (default user) in OSX is indeed a very privleged user. However, core level modifications do require authentication. Additionally, system file deletions are made more difficult within the admin user space, as are deletions of other users files.

    I never meant to imply that it is impossible, just that the writers of Klez & CodeRed probably aren't skilled enough to do it. FreeBSD is a damn secure foundation!
     
  15. macrumors 604

    iJon

    Joined:
    Feb 7, 2002
    #15
    It's not like anything will happen. I download viruses all the time from friends where the virus sends it self. I download it, look at it and laugh. It doesnt do anything. I just throw it away in the ol trash can. The only association a mac gets with viruses is forwarding an email to a windows machine that it will actually affect. I still think if macs were used as much as windows we would be hit with viruses every other day. Have you guys heard about that new sercurity hole when downloding music and something to do with windows media player. boy that is great, no more downloading on my pc.

    iJon
     
  16. macrumors 68030

    Les Kern

    Joined:
    Apr 26, 2002
    Location:
    Alabama
    #16
    Well, KIND of. Macro's like Mellissa or Marker "A" are still transferable, but only if you open the PC doc in the Mac environment. Macro's glom on to the Normal template and spread thusly. I really don't worry about it. A few months ago I had 16 THOUSAND infected Word docs on my servers (mostly OSX). The only reason I cleaned them up is because some docs are mailed to the poor PC folks. Other than macros, no PC virus gives a hoot about a Mac. But things change. (Helpful Hint: to lock viruses out of the Mac, LOCK the normal template and instruct users to copy/paste-to-new/rename... and NEVER agree to replace the template!)
     
  17. macrumors member

    krhodus

    Joined:
    Dec 16, 2001
    Location:
    Dublin, OH
    #17
    Think, everytime a program installs or even wants to mess with something in the system of os x, it sends a pop-up windows asking for authentication. That is why it is harder to write a virus for OS X.
     
  18. macrumors 603

    OutThere

    Joined:
    Dec 19, 2002
    Location:
    NYC
    #18
    When they were popular I got the HaHaHa virus at least 10 times and the other one that said "Here are the files" or whatever at least 30 times. It was really funny, at the time I didn't know what it was and one of my friends was saying that he really didn't want to get the hahaha virus and I finally realized that it was I virus that I kept getting. If I had had a PC my computer surely would have died 40 times over :cool: :cool:
     
  19. macrumors 65816

    Nipsy

    Joined:
    Jan 19, 2002
    #19
    Here's one to prove my point about Windows insecurity:

    There is a new Windows virus called KillBoot:

    It is a Word Macro!!!!!!!!
    It operates within the Office application space
    It overwrites (and renders useless) the master boot record. This means that the drive needs repair from a very knowledgeable user with a ERD.

    In UNIX, an application (especially an Office application) can not access NVRAM, cannot modify the kernel, etc.

    To attempt this, the Office app (a process of the user) would have to authenticate as root, and screw with NVRAM or kextload (to add a kernel extension, not modify the kernel). This is not an easy task.

    Of course, if malicious code secceeded, the fix would be:
    Reset NVRAM, via cmd-opt-p-r x 5, or open firmware

    or

    Repair the OS install

    Both easy...

    This is soooo difficult in OS X/UNIX, when compared to Windows.
     
  20. macrumors newbie

    Joined:
    Jan 9, 2003
    Location:
    Denmark
    #20
    Thompson notes mass-mailing Windows viruses were largely unsuccessful in hitting corporations in 2002, with the notable exception of organisations which did implement proper filters.

    Soo, that means that organisations with proper filters were hit!?
    :D :rolleyes:
     

Share This Page