OSX Spyware?

Discussion in 'General Mac Discussion' started by xyian, Jul 13, 2004.

  1. xyian macrumors 6502


    May 24, 2004
    I recently started using Limewire and have now noticed that when I try to go to certain web sites now it is questioning the authenticity of the sites. These are major sites that I doubt allow their certificates to expire so I'm wondering if there is any spy ware to see if someone has put something(like a trojan horse) on one of the files I've downloaded.
  2. SilentPanda Moderator emeritus


    Oct 8, 2002
    The Bamboo Forest
  3. musicpyrite macrumors 68000


    Jan 6, 2004
    Cape Cod
    Yea, there is no know spyware for the Mac platform...

    Though there are key loggers, just to warn you...
  4. Horrortaxi macrumors 68020


    Jul 6, 2003
    Los Angeles
    You'd be the first. Although when the first OS X malware hits I'm sure it will come from p2p networks--disguised as something else. You think you click an installer but it's an AppleScript that does something bad to your computer. I won't feel sorry for your damage and I'll hunt you down if I get any damage. Just buy your own music and software. Your greed and somebody else's malice is just bad stuff waiting to happen.
  5. Applespider macrumors G4


    Jan 20, 2004
    looking through rose-tinted spectacles...
    Really? On my old PC I'd run Adaware et al to check for spyware/loggers etc. How would I check for a key logger on my Mac?
  6. musicpyrite macrumors 68000


    Jan 6, 2004
    Cape Cod
    Well, I'm not going to tell you the name of it for obvious reasons. ;)

    But there is only one program that I know of.

    To check and see if you have it, open Activity Monitor, and search for a process with the name 'active' 'key' or 'logger.'

    There is an extremely low chance of you having this program, because to use the program, a physical person has to sit down at the computer and install it. This program also does not report back to a 'host computer' or what ever you want to call it, the pressed keys are stored in a text file. You cannot get access to this file unless you physically sit down at the computer and open the text yourself; so it is also highly unlickly that that someone is monitoring it remotly. (of course they could aslo use FTP or SSH, but to do that they need to know your IP and your admin password).

    But I still caution you that it is possible that a family member, friend, room mate, or anyone that has physical access to the computer to install it without you knowing (but you can still check it via the Activity Monitor).

    And if I remember correctly, 10.2 doesn't have an Activity Monitor, so just open up the terminal the type:

    To quit a process via the terminal, you need to type this:

    kill -9 {proces ID}
    After you use top to find the process ID (located in the left most column) replace {process ID} with the number like: 2358

    Trust me, you really don't have anything to worry about. :)
  7. panphage macrumors 6502

    Jul 1, 2003
    Are you speaking of the "I can't verify the authenticity of site XYZ"? That just means the root certificate of the site isn't signed by an authority that your browser has been told to trust. I get that message every time I hit one of my own test sites -- they all have self-signed certificates. And I don't know of any way to "teach" safari to trust additional certificates that you have verified. Anyone have massive SSL knowledge?
  8. NusuniAdmin macrumors 6502a


    Nov 19, 2003
    mac os x.2 has a process viewer.... called process viewer...

    Ah yes and limewire has absolutely no spyware.
  9. aswitcher macrumors 603


    Oct 8, 2003
    Canberra OZ
    What about Microsoft Office 2004, does that "leak" info back to Microsoft without user knowledge?
  10. encro macrumors 6502


    May 6, 2002
    Office 2004 is fine. It checks to see if other copies of Office 2004 are running on the same subnet using the same serial though to help circumvent piracy. You can block the UDP port if you feel the need to prevent it.

Share This Page