danielwsmithee said:
How did you change them? Did you do them one at a time in the Finder's Get Info window, or did you use terminal? I want to change mine, too, but I have a lot of apps and changing one at a time would take awhile.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
The First Mac OS X Virus?
- Thread starter MacRumors
- Start date
- Sort by reaction score
How did you change them? Did you do them one at a time in the Finder's Get Info window, or did you use terminal? I want to change mine, too, but I have a lot of apps and changing one at a time would take awhile.
Peace said:
If it is in my ichat folder, why would it display it OVER a picture it just showed? And besides, I have the screensaver set to only show pictures in my iPhoto library, and I can easily see that those icons are not in my iPhoto library. If I'm wrong, please tell my why.
person1337 said:If it is in my ichat folder, why would it display it OVER a picture it just showed? And besides, I have the screensaver set to only show pictures in my iPhoto library, and I can easily see that those icons are not in my iPhoto library. If I'm wrong, please tell my why.
This is becoming off topic.I would suggest you go to the help discussions since what you describe is NOT a virus.It's a glitch.
There is a standard naming convention to help ensure that all researchers and vendors use the same name for the same malware. Nobody really uses this convention. Instead, each invents names on the fly. The "advantage" of this system is that each antivirus company can claim to have found baddies that nobody else can detectLaser47 said:
I don't see what all the fuss is about. We've known that this has been possible for some time now. There were various proof of concept files doing the rounds, and some fool deleted his home folder when he attempted to download a warez version of Office 2004.
It is impossible to completely protect a computer from human error. If you allow a user to install programs, and delete and modify files, then there is always the chance that they will do the wrong thing, and more so if a confidence trickster makes it look like they are doing something innocuous.
The old joke about emails giving instructions on how to see naked Britney pics by typing sudo rm -rf etc. is true. If you can convince a person to do a bad thing by pretending it is a good thing, then no computer is ever safe. All that remains is essentially a damage limitation exercise.
As it stands, Apple has been pretty good about making this sort of thing unlikely. If you download an app with Safari, it will warn you that it's an app. If you run an app indirectly for the first time, you will be prompted to ask if you really want to run it.
What Apple hasn't done well enough falls into two categories.
The first is that they have not been sufficiently informative of average users about the difference between admin and user accounts. Every new OS X installation ought to prompt the new user to set up two accounts: an administrator account (bare bones account) and their actual user account.
I have my Powerbook set up like this. There are user accounts for myself and my wife and a bare bones (no desktop pic, three things in the Dock) admin account. When I need admin privileges, the system prompts me and I enter the admin account name and password. In this case, I would have been immune to the virus, since it would not have had permission to write to /Applications or /Library unless I authorized it. I almost never have to switch to the admin account directly (and fast user switching means that isn't a problem in any case).
In addition Apple needs to alert users to the warning signs of malware. If a file that is not expected to prompt an authorization dialogue, does so, then users need to be educated into realizing that this is a time to stop and think about what you're doing. Frankly, the dialogue should be improved by including a short statement to the effect that, if the file you clicked on was not an application, you ought to stop and check it out (with a link to the appropriate helpfile).
Of course my home directory could still be wiped out, but while that is bad, it is not something that can render the computer inoperable. The former is a very bad day, the latter is likely an irretrievable catastrophe that will destroy everyone's stuff and require a trip to the repair shop or a complete reinstallation.
The second thing Apple needs to do is (as some people have suggested) provide some disctinction in the GUI between applications and everything else. The best and easiest suggestion I can think of is to provide a noticeable highlight to the filename of every application. It doesn't have to be bright red or anything like that, but it ought to be enough to give pause to anyone who sees a jpeg with the glowing writing underneath it.
Doing both of these things would vastly reduce the already small risk that OS X users face. Merely mounting an awareness campaign and highlighting application file names would probably be enough to prevent most idiots (i.e. all of us at one time or another) from being victimized.
It is impossible to completely protect a computer from human error. If you allow a user to install programs, and delete and modify files, then there is always the chance that they will do the wrong thing, and more so if a confidence trickster makes it look like they are doing something innocuous.
The old joke about emails giving instructions on how to see naked Britney pics by typing sudo rm -rf etc. is true. If you can convince a person to do a bad thing by pretending it is a good thing, then no computer is ever safe. All that remains is essentially a damage limitation exercise.
As it stands, Apple has been pretty good about making this sort of thing unlikely. If you download an app with Safari, it will warn you that it's an app. If you run an app indirectly for the first time, you will be prompted to ask if you really want to run it.
What Apple hasn't done well enough falls into two categories.
The first is that they have not been sufficiently informative of average users about the difference between admin and user accounts. Every new OS X installation ought to prompt the new user to set up two accounts: an administrator account (bare bones account) and their actual user account.
I have my Powerbook set up like this. There are user accounts for myself and my wife and a bare bones (no desktop pic, three things in the Dock) admin account. When I need admin privileges, the system prompts me and I enter the admin account name and password. In this case, I would have been immune to the virus, since it would not have had permission to write to /Applications or /Library unless I authorized it. I almost never have to switch to the admin account directly (and fast user switching means that isn't a problem in any case).
In addition Apple needs to alert users to the warning signs of malware. If a file that is not expected to prompt an authorization dialogue, does so, then users need to be educated into realizing that this is a time to stop and think about what you're doing. Frankly, the dialogue should be improved by including a short statement to the effect that, if the file you clicked on was not an application, you ought to stop and check it out (with a link to the appropriate helpfile).
Of course my home directory could still be wiped out, but while that is bad, it is not something that can render the computer inoperable. The former is a very bad day, the latter is likely an irretrievable catastrophe that will destroy everyone's stuff and require a trip to the repair shop or a complete reinstallation.
The second thing Apple needs to do is (as some people have suggested) provide some disctinction in the GUI between applications and everything else. The best and easiest suggestion I can think of is to provide a noticeable highlight to the filename of every application. It doesn't have to be bright red or anything like that, but it ought to be enough to give pause to anyone who sees a jpeg with the glowing writing underneath it.
Doing both of these things would vastly reduce the already small risk that OS X users face. Merely mounting an awareness campaign and highlighting application file names would probably be enough to prevent most idiots (i.e. all of us at one time or another) from being victimized.
dejo said:
Bloody Hell, all this time and I never knew Windows got something in return for sacrificing security.
Reading this thread has been worth while after all.
Agathon said:
But wouldn't an awareness campaign deteriorate Apple's "virus-free" reputation?
Die-hard Windows users admit to the Mac's seemingly virus-free interface, and an awareness campaign could have that rep shot to pieces.
Besides that, I think you are 100% right on.
Has it actually infect ANY Mac user out there? I think it has just become a big issue because it was first posted and consequently discussed on this forum by a poster who has since been banned. Its not like a Windows Trojan that infects 20 million users in the first hour around the globe and makes the headlines as a result.Stewie said:
This whole thing reminds me of
Please dont ban me for now infecting all your machines via this site
Please dont ban me for now infecting all your machines via this site
http://news.bbc.co.uk/1/hi/technology/4723390.stm
The news is out now lol
So would it be possible to trace the person who posted this thing in the forums Afterall they had to register to post.
The news is out now lol
So would it be possible to trace the person who posted this thing in the forums Afterall they had to register to post.
MacSA said:
All that could be done is trace the IP address the poster was at when they registered and posted. I seriously doubt if any of the information they gave when registering is worth anything.
Except possibly the eMail address. That might lead somewhere.
mrichmon said:
apart from the ls la command which produced nothing except a heart attack due to lack of feedback in terminal, then a message saying la: and ls: didnt exist? Anyway back in dumbed down account and, it seems to have worked great. Thanks
woodgie said:
Back to a hotmail account, that leads back to one of many proxy servers. He might even be connecting through machines he's owned. You would have to be a complete tool to dev. a virii then post it up with a public traceable IP. Tracing him via the IP he posted on is like tracking people back to payphones with call forwarding.
puuukeey said:
Laser47 said:
ummm its programmed for the mac so I doubt he's loaded OS X on his PC and developed a virus then shoved it out in the public. Think about what your saying. It's like when a PC virus comes out and someone says "I wonder if he's running a mac", only a mac user would write a virus for pc.
ANOTHER Virus???
OSX.Inqtana.A
http://securityresponse.symantec.co...ml?PHPSESSID=a65361ba8b81c99b5aa8783e627e9ba2
Another virus??? Or in this case a Worm??? What is going on here??? Vulnerability??? What vulnerability???
OSX.Inqtana.A
http://securityresponse.symantec.co...ml?PHPSESSID=a65361ba8b81c99b5aa8783e627e9ba2
Another virus??? Or in this case a Worm??? What is going on here??? Vulnerability??? What vulnerability???
ChildOL said:
what i replied to....your post.
that is not exploitable because they patched it about 8 months ago.
kinda sad that they find it now. even when apple said it was a vulnerabilty in its security update