OS.X Macarena 'virus' (#2): No viable threat posed; Not ex...

Discussion in 'MacBytes.com News Discussion' started by MacBytes, Nov 6, 2006.

  1. macrumors bot

    Joined:
    Jul 5, 2003
  2. macrumors regular

    MacIke

    Joined:
    Sep 6, 2003
    Location:
    The Frigid Wasteland of MN
    #2
    Move Along

    Okay Folks,

    No story here . . . just move along.


    Can this actually be called a virus?
     
  3. macrumors 603

    Warbrain

    Joined:
    Jun 28, 2004
    Location:
    Chicago, IL
    #3
    Blah blah. Better things to worry about.
     
  4. macrumors G5

    nagromme

    Joined:
    May 2, 2002
    #4
    I believed the last 3 cries of Wolf. My mistake.

    Now, I will wait until I SEE a wolf.

    I like that this one uses Windows though :D

     
  5. macrumors 601

    xsedrinam

    Joined:
    Oct 21, 2004
    #5
    I saw the article on this earlier yesterday. This one is certainly more benign and not likely to cause anything near as much fun as the First Mac OS X Virus thread did. I think there were even a couple of Demis who came to blows over all the speculation of it.
     
  6. macrumors 68000

    MacSA

    Joined:
    Jun 4, 2003
    Location:
    UK
    #6

    Hmmm so it sounds like you have to willfully download, change and install this "virus" yourself, doesn't sound much like a virus to me.
     
  7. macrumors 68000

    FadeToBlack

    Joined:
    Apr 27, 2005
    Location:
    Accoville, WV
    #7
    Yeah, me either. Doesn't really seem like anything to worry about to me.
     
  8. ntg
    macrumors regular

    ntg

    Joined:
    May 3, 2002
    Location:
    UK - Rushden, Northants
    #8
    definitely another 'Irish' virus!!:D

    nig.
     
  9. macrumors G4

    Mord

    Joined:
    Aug 24, 2003
    Location:
    Old York
    #9
    If this is a virus then AOL is the root of all evil, oh wait.

    nevermind.
     
  10. Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #10
    I do wonder if it wouldn't be good to allow for a system preventing the execution of any application that does not reside in set locations, such as the systems folder, the /applications folder, and so on....
     
  11. macrumors G5

    nagromme

    Joined:
    May 2, 2002
    #11
    Doesn't sound like a bad idea for a checkbox in Prefs. (Let the user add to the allowed locations list of course.)
     
  12. macrumors 6502a

    Swarmlord

    Joined:
    Sep 18, 2006
    #12
    People still use AOL?
     
  13. Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #13
    Mmm, it seems like it would be nice and simple. Right now there is an option that limits a user to a pre-specified set of applications. The way this is designed, it does seem like it basically lets you limit the user to apps in different logical locations (for instance, you can check all the apps in the applications folder and/or the utilities folder as a group, vs. all the Classic apps, or you can check individual applications). I haven't played around with this that much, but I guess that if this setting is turned on and I give my account blanket access to execute apps in the applications and utilities folder but nothing else, then apps located in the home directory will refuse to run....

    I should actually try this and find out. It would seem to go a long way towards addressing these sorts of vulnerabilities.
     
  14. macrumors 68040

    miniConvert

    Joined:
    Mar 4, 2006
    Location:
    Kent, UK - the 'Garden of England'.
    #14
    My eyebrows almost met when I read about this 'virus' yesterday. Just where do people get off with spreading this sort of FUD?
     
  15. Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #15
    The behavior of that option doesn't seem straightforward...hmm....

    With the option turned on and only the apps folder selected...

    1) If I copy an app such as the chess game to a location outside of /applications, it runs, even if it is renamed, even from the external location

    2) Disk images are not mountable with this option selected, which makes it a little too much to bear in the name of security.

    I'd like to see Apple work on the way this option operates somewhat more carefully...
     
  16. macrumors G5

    nagromme

    Joined:
    May 2, 2002
    #16
    Maybe it generates a list of allowed apps at login? Seems like a silly kludge, but I wonder if you moved Chess, then logged out and back in, would it then prevent you from launching it?

    In any case, a limit like this only for ALL of us--not aimed at kids--would be great.
     
  17. Moderator emeritus

    mkrishnan

    Joined:
    Jan 9, 2004
    Location:
    Grand Rapids, MI, USA
    #17
    No, I tried that, and I don't think it had any impact. It's possible it's judging Chess against something other than the name of the .app container, like the executable inside the contents or the size or something. Or it's possible that there's no way to distinguish ~/applications from /applications (I should test that), which would be ludicrous. But the fact that disk images cannot be mounted if you do this makes it useless.

    On the other hand, I have to say that I recently really restricted my standard account. It's already a managed user ... even though I'm not a kid. But the only reason I did it was to exploit the fact that you can freeze the dock for non-managed users... I wanted something like the "lock the toolbar" in Windows, so that I didn't accidentally drag things off the dock, etc.
     

Share This Page