Dashboard from Tiger may bring the first real OS X Virus...

Discussion in 'Current Events' started by dotdotdot, May 8, 2005.

Thread Status:
Not open for further replies.
  1. dotdotdot macrumors 68020

    Jan 23, 2005
    This should be on the front page or somewhere when users can see it...

    WARNING: Only visit this website if you want to see the simulation of a malicious dashboard widget! Accessing this website will only download a widget that is 100% SAFE but simulates a malicious widget! <- Malicious Widget Simulator


    Going to this website downloads a Dashboard widget automatically, but heres the catch. It can't be removed.

    Yep, visiting it with Safari will automatically download and run the widget.

    Don't worry, this website is only a simulation, and teaches you how to remove it.

    It downloads a widget to your computer and runs it. It can not be removed without deleting it and rebooting. But, in the future, the widget can be set up to download and run malicious programs, thus leading to *gasp* possibly the first OS X virus that can be widespread.

    Because I'm a windows user, I'm unnafected. Here is the text from the site:

    Right now the widgets dont really do anything except stay in the Dashboard widget chooser. The article has a widget that is NSFW because it has nudity in the dashboard widget chooser, as an example. Other sites can do this though, and since it automatically can load a website, it can steal information and maybe lead to an OS X virus. Probably not, but it COULD.

    Oh Apple, PLEASE make it easier to kill widgets and remove it from the Dashboard widget chooser!
  2. dotdotdot thread starter macrumors 68020

    Jan 23, 2005
    OK so its like the 8th repost today... BUT its the most informative!
  3. killuminati macrumors 68020


    Dec 6, 2004
  4. Balin64 macrumors 6502a


    Jul 23, 2002
    In a Mauve Dream
    8 times?

    I am not surprised: I think that we all are in a heightened security state waiting for something like this...

    in the meantime, I will only download widgets from the Apple website.

  5. Chappers macrumors 68020


    Aug 12, 2003
    At home
    How lucky us Mac users have been - but now a back door has been opened and advertised. Great.
  6. Fukui macrumors 68000


    Jul 19, 2002
    Tried the website, autoinstalled but didn't auto run.
  7. superfunkomatic macrumors regular

    Jan 6, 2003
    calgary, ab canada
    i often wonder why those that are so enraptured with security and keeping things "safe" keep publishing exploits like this.

    kinda like offering a manual for gun assisted suicide, but putting a note that it's only for demonstration purposes and shouldn't be tried, and that we don't recommend you use it.

    ever poured fuel on a fire? these "tips" offer the same result, encouraging snapperheads to start creating malicious code. maybe not such a good idea.
  8. rainman::|:| macrumors 603


    Feb 2, 2002
    I've told you a million times not to exaggerate.
  9. Maxiseller macrumors 6502a


    Jan 11, 2005
    Little grey, chilly island.
    Sometimes media sucks. You guys suck!! *grins*

    No seriously, it's stupid that we advertise to the community of hackers/malware writers out there that OSX has holes so they can take advantage of them!!

    I know we should all know blah blah, but can't we keep it to ourselves and let the lowlives who are gonna write the things work their asses off to find the holes themselves? I'm sure we'd have a lot less problems then.

    Anyway, just my thoughts! Feel free to pound on me!
  10. clayj macrumors 604


    Jan 14, 2005
    visiting from downstream
    Because "security through obscurity" is a bad, bad idea. The quickest way to get something fixed is to make sure that everyone knows there's a problem.

    Of course, under ideal circumstances the person who found the problem would contact the vendor (in this case, Apple) and give them an ultimatum: Fix the problem ASAP, or we out it. This happens to Microsoft a LOT, but they also see a lot of cases where folks do what this guy did... they just out the problem without any warning, causing two mad rushes: The developers rush to fix the issue ASAP, and hackers rush to exploit the issue ASAP.

    Let's hope the good guys win the race.
  11. clayj macrumors 604


    Jan 14, 2005
    visiting from downstream
    I thought I was the only one who used that joke. Ah, well. :rolleyes:
Thread Status:
Not open for further replies.

Share This Page