Nothing to fear....right?

Discussion in 'macOS' started by rye9, Feb 17, 2006.

  1. rye9 macrumors 65816

    rye9

    Joined:
    Sep 20, 2005
    Location:
    New York (not NYC)
    #1
    Now with this sudden trend of viruses for a Mac, which hopefully is over... should I worry? What precautions should I take just in case? Should I have my Firewall on? I checked and it was off... Is there anything else that I should make sure is on/off? (the only thing in the list checked is "network time") Should anything else be checked?
     

    Attached Files:

  2. risc macrumors 68030

    risc

    Joined:
    Jul 23, 2004
    Location:
    Melbourne, Australia
    #2
    Excuse me but what trend of Mac viruses? Some guy posts a program some people run it, that doesn't make a virus that just makes a bunch of dumb users. No settings could of stopped this happening.

    As for your firewall if your router isn't doing NAT sure turn it on.
     
  3. rye9 thread starter macrumors 65816

    rye9

    Joined:
    Sep 20, 2005
    Location:
    New York (not NYC)
    #3
    True, nothing could have stopped that application posted. I guess I meant malicious software or whatever the term is:p . I just hope it stops. What does NAT stand for?
     
  4. trainguy77 macrumors 68040

    Joined:
    Nov 13, 2003
    #4
    Network Address Translation. Check to see if you have a 192.168.*.*
    or a 10.0.* ip address if so you have NAT on a router somewhere.
     
  5. javabear90 macrumors 6502a

    javabear90

    Joined:
    Dec 7, 2003
    Location:
    Houston, TX
  6. risc macrumors 68030

    risc

    Joined:
    Jul 23, 2004
    Location:
    Melbourne, Australia
    #6
    http://www.webopedia.com/TERM/N/NAT.html

    The only thing that can stop malicious software is the computer user. If you don't trust an app DON'T RUN IT! If you don't trust the site you got an app from DON'T RUN IT! If you downloaded a picture and it's an executable not a picture DON'T RUN IT!

    I can't really see what Apple can do to fix this problem other than have a "This is an application, are you sure you want to run it?" dialog box the first time you open an app. Maybe that is what is required. Who knows?
     
  7. rye9 thread starter macrumors 65816

    rye9

    Joined:
    Sep 20, 2005
    Location:
    New York (not NYC)
    #7
    The IP address is the 192.168.*.*. So should I leave things alone or turn Firewall on?
     
  8. rye9 thread starter macrumors 65816

    rye9

    Joined:
    Sep 20, 2005
    Location:
    New York (not NYC)
    #8
    According to risc's first reply, I guess the answer's no. ok, i guess im set then, thanks for the instructions!
     
  9. Electro Funk macrumors 65816

    Electro Funk

    Joined:
    Dec 8, 2005
    Location:
    The Opium Garden
    #9
    Turn on your Firewall... and keep it on! ;)

    Why would you not want to run an extra level of protection?
     
  10. yoda13 macrumors 65816

    yoda13

    Joined:
    Sep 26, 2003
    Location:
    Texas
    #10
    I don't because on my Powerbook, it makes airport drop its connection to the basestation, and many times I would have to reset the powerbook to get it back.:eek:
     
  11. ToastyX macrumors regular

    Joined:
    Oct 4, 2005
    #11
    How's the user supposed to know it's an executable if there's no visual indicator?
     
  12. Electro Funk macrumors 65816

    Electro Funk

    Joined:
    Dec 8, 2005
    Location:
    The Opium Garden
    #12

    Seeing filename extensions

    A filename extension consists of a dot (.) followed by several letters that identifies the type of file. The extension may determine which application opens the file. Filename extensions are usually hidden in Mac OS X, but you can show them if you find them useful.

    Select a file in the Finder and choose File > Get Info.
    Click Name & Extension and deselect the "Hide extension" checkbox.

    To show the extension for all files, choose Finder > Preferences and click Advanced.


    In some applications, you can show extensions when you save a document.
     
  13. ToastyX macrumors regular

    Joined:
    Oct 4, 2005
    #13
    What good does that do if the file name ends in .jpg?
     
  14. risc macrumors 68030

    risc

    Joined:
    Jul 23, 2004
    Location:
    Melbourne, Australia
    #14
    IMHO all this dodgy application has shown me is how little people actually know about their own computers. I come from a Linux / BSD background and even on those OSes which don't suffer from viruses you would never see an experienced user / admin downloading apps from untrusted sources.

    The fact that some people ran this application just shows a lack of clues IMO. OS X has all the tools you needed to know this was an application. From Safari warning about applications when it downloads them, to Finder being able to display previews of pictures, to ctrl clicking and getting info about the download.

    The only other thing I can see Apple doing to make sure this doesn't happen again (other than patching any exploits these apps may use) would be to have a dialog box come up saying "THIS IS AN APPLICATION. ARE YOU SURE YOU WANT TO RUN IT?".

    People can try and lay blame about this but in the end you just need to take the time and learn how to use your computer correctly. I think people might need to remember that OS X is a UNIX like OS and as such it comes with a heap of powerful tools that you can either use for good, or in the case of this app bad!
     
  15. risc macrumors 68030

    risc

    Joined:
    Jul 23, 2004
    Location:
    Melbourne, Australia
    #15
    Picture 5.png

    Here is a picture of my desktop 1 of these jpgs is a shell script can you guess which one?
     
  16. Electro Funk macrumors 65816

    Electro Funk

    Joined:
    Dec 8, 2005
    Location:
    The Opium Garden
    #16
    somebody correct me if im wrong... if you dont have file extensions turned on then it is easier for you to get fooled into thinking that executable is a .jpg (for example)... if you have file extensions on even if the file is trying to "mask" itself as something else you should still see the actual "real" extension... example you download what you think is a .zip and without extensions on it would look like MyPics.zip - but if this was infact a .tar file and you had file extensions on it would show as MyPics.zip.tar - you would therefore see that its actually not a .zip file and maybe think twice about opening it... Make sense? :confused: im a little buzzed at the moment so maybe im rambling.... :rolleyes:
     
  17. risc macrumors 68030

    risc

    Joined:
    Jul 23, 2004
    Location:
    Melbourne, Australia
    #17
    This is all completely pointless anyway I've proven here that you can tell when a jpg is not a jpg, but what if you download an app and you know it is an app but it just doesn't do what you expect? I guess it all comes back to what I said originally about only downloading from people / sites you trust.

    Oh well I'm done with this whole "virus" on OS X thing it is kind of pointless. To the OP hopefully you feel your machine is secure enough for you, if not post some more questions. :D
     
  18. ToastyX macrumors regular

    Joined:
    Oct 4, 2005
    #18
    I'm saying, what if the "real" extension is .jpg?
     
  19. trainguy77 macrumors 68040

    Joined:
    Nov 13, 2003
    #19
    I don't have my firewall on, only because i trust everyone on the network, it would only slow down my computer. If there is people on your network you don't trust then you may want to turn it on.
     
  20. ToastyX macrumors regular

    Joined:
    Oct 4, 2005
    #20
    Your example assumes "Show icon preview" is enabled, which is not the default, and someone can just provide a custom icon that appears as a preview anyway, so that's not a good visual indicator.
     
  21. risc macrumors 68030

    risc

    Joined:
    Jul 23, 2004
    Location:
    Melbourne, Australia
    #21
    Of course someone can make a custom icon which is exactly why I said this discussion is pointless, it all comes down to the user and NOT downloading files from the internet pictures or other wise if you don't trust where you are getting them from. Windows users know this, as a Linux / BSD / OS X user I know this, why is it so hard for you guys to grasp it?
     
  22. ToastyX macrumors regular

    Joined:
    Oct 4, 2005
    #22
    I come from a Linux background as well, but all I see are people blaming the user when neither the icon nor the file name provides a visual indicator that the file is executable.

    Strange, I just managed to create an example where that's not the case: http://www.toastyx.net/example.zip

    Even worse, if you're using Safari and 'Open "safe" files after downloading' is enabled, which is the default, it runs the script automatically without warning.

    It doesn't do anything bad. It's just a simple shell script that runs the screen saver as the desktop background.
     
  23. risc macrumors 68030

    risc

    Joined:
    Jul 23, 2004
    Location:
    Melbourne, Australia
    #23
    Yeah and I have Safari set to not open safe files and I downloaded your file. Unzipped it it doesn't show me an icon preview as expected, so I do ls -l example.jpg and I can see it is an executable, I then use vi to view the source.

    So who's fault is it Apple for shipping bad defaults or the users for not knowing the OS? Could it be a bit of both? Nice script btw flurry looks cool as a background. :D

    Anyway I wont be replying in this thread anymore unless it actually has something to do with the OP. Once again if you follow the basic rule of network OSes and dont download from untrusted sources not even your script would work.
     
  24. VL-Tone macrumors newbie

    Joined:
    Jul 3, 2004
    #24
    This is a (serious) problem, and Apple has been notified, which is what you should have done ToastyX before posting your example.

    (Edit: I deleted the rest of my posts since it could give ideas to some)

    Everyone that uses Safari:
    Go into the Safari--->Preference... dialog, and uncheck the "Open safe files after downloading"
     
  25. ericg macrumors newbie

    Joined:
    Dec 26, 2005
    #25
    Wow, that's really bad. When you open it in Get Info it's listed as a Terminal Command. But it looks like a JPEG, and it even has the proper extension.
     

Share This Page