Trolls alert, trolls alert... <red light flashing> beep beep beep beep beep.PC Enthusiast said:
<Do not feed the troll> 😀
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
The First Mac OS X Virus?
- Thread starter MacRumors
- Start date
- Sort by reaction score
<Do not feed the troll> 😀
iMeowbot said:
This is great advice. What this will mean for the power user is that you'll have to enter in the Admin password a whole lot more. So they might opt for keeping their Admin privileges in tact. But the home user wouldn't notice it as much, as they don't regularly install software, change system settings, etc.
xPismo
macrumors 6502a
xsedrinam said:
Good point. Besides, wouldn't a .jpg file be loaded in the browser first?
I'm glad to see security is being talked about, but I'll wait a day or two to see what falls out of this one.
My gut says we havn't seen the 'killer app' virus for mac yet. I still feel very safe.
Security Question!
So being a dumb user that has basked in the glory of the stable and malware free OS X, my normal user account is an administrator account.🙁 Seeing this made me create a new seperate admin account and demote my current account to a standard user.
Looking through the permissions on my /Applications directory it appears that about 10-12 applications I am the owner of and not root. Should I change them to be owned by root (chown)? Like the rest of my applications? Or are thy fine left the way ther are?
"dws" is the user name that was an admin and I just demoted to a standard user.
Here are some examples.
drwxrwxr-x 3 root admin 102 Jan 11 09:22 Automator.app
drwxr-xr-x 3 dws admin 102 Nov 21 22:04 BitTorrent.app
drwxrwxr-x 3 root admin 102 Oct 31 20:03 Calculator.app
drwxrwxr-x 3 root admin 102 Mar 20 2005 Chess.app
drwxrwxr-x 3 root admin 102 Jan 11 09:22 DVD Player.app
drwxrwxr-x 3 root admin 102 Mar 25 2005 Dashboard.app
drwxr-xr-x 12 dws admin 408 Feb 2 01:43 DesignWorks??? Lite
drwxrwxr-x 3 root admin 102 Oct 31 20:03 Dictionary.app
drwxr-xr-x 11 dws admin 374 Feb 13 18:58 EPSON APPS
-rw-r--r-- 1 dws admin 1605904 Jan 15 2002 Electricalc 2.0.1 Carbon
drwxr-xr-x 3 dws admin 102 Sep 11 17:34 Emacs.app
drwxr-xr-x 3 dws staff 102 Jan 19 19:45 Fetch Art.app
drwxr-xr-x 3 dws admin 102 Jul 5 2005 FinkCommander.app
drwxr-xr-x 3 dws admin 102 Nov 11 18:03 Firefox.app
drwxrwxr-x 6 root admin 204 Jan 13 07:30 Flip4Mac
drwxrwxr-x 3 root admin 102 Oct 31 20:03 Font Book.app
So being a dumb user that has basked in the glory of the stable and malware free OS X, my normal user account is an administrator account.🙁 Seeing this made me create a new seperate admin account and demote my current account to a standard user.
Looking through the permissions on my /Applications directory it appears that about 10-12 applications I am the owner of and not root. Should I change them to be owned by root (chown)? Like the rest of my applications? Or are thy fine left the way ther are?
"dws" is the user name that was an admin and I just demoted to a standard user.
Here are some examples.
drwxrwxr-x 3 root admin 102 Jan 11 09:22 Automator.app
drwxr-xr-x 3 dws admin 102 Nov 21 22:04 BitTorrent.app
drwxrwxr-x 3 root admin 102 Oct 31 20:03 Calculator.app
drwxrwxr-x 3 root admin 102 Mar 20 2005 Chess.app
drwxrwxr-x 3 root admin 102 Jan 11 09:22 DVD Player.app
drwxrwxr-x 3 root admin 102 Mar 25 2005 Dashboard.app
drwxr-xr-x 12 dws admin 408 Feb 2 01:43 DesignWorks??? Lite
drwxrwxr-x 3 root admin 102 Oct 31 20:03 Dictionary.app
drwxr-xr-x 11 dws admin 374 Feb 13 18:58 EPSON APPS
-rw-r--r-- 1 dws admin 1605904 Jan 15 2002 Electricalc 2.0.1 Carbon
drwxr-xr-x 3 dws admin 102 Sep 11 17:34 Emacs.app
drwxr-xr-x 3 dws staff 102 Jan 19 19:45 Fetch Art.app
drwxr-xr-x 3 dws admin 102 Jul 5 2005 FinkCommander.app
drwxr-xr-x 3 dws admin 102 Nov 11 18:03 Firefox.app
drwxrwxr-x 6 root admin 204 Jan 13 07:30 Flip4Mac
drwxrwxr-x 3 root admin 102 Oct 31 20:03 Font Book.app
Zmmyt
macrumors 68000
PC Enthusiast said:
Is it a virus?
I think it's good, that there might be a harmful program which could affect a Mac, because people need to check more carefully what they download and execute.
It's good this was the first, more or less, harmless try. Better this way than a wide spread dangerous virus.
I'm curious, what MR does about lasthope.
angelneo said:
Noob Alert, Noob Alert...<red light flashing> beep beep beep beep beep.
<The noob can't right click>
Peace
Cancelled
What I find interesting is it affects the PPC but not Intel..
And this "person" to me seems to be ticked at not being able to run OS X Intel on his windoze box so he writes this little script to try and scare people..
This is no virus and a poor shot at a Trojan..
IMeow is wise though in the suggestion of demoting your user account..
It looks for apps and not frameworks or extensions..
THAT would be a destructive virus..
very interesting..Anybody got the original they could send me ? I'd like to check it out..
And this "person" to me seems to be ticked at not being able to run OS X Intel on his windoze box so he writes this little script to try and scare people..
This is no virus and a poor shot at a Trojan..
IMeow is wise though in the suggestion of demoting your user account..
It looks for apps and not frameworks or extensions..
THAT would be a destructive virus..
very interesting..Anybody got the original they could send me ? I'd like to check it out..
I think you should just leave them be, changing it to root might cause some access problems later. The worse is that you reinstall some of the applications.danielwsmithee said:
iMeowbot
macrumors G3
Change them.danielwsmithee said:
Your new separate admin account will help keep newly installed applications from being too easily accessed, but you do want to clean up after the stuff that is already there.
It's fine, changing the owner won't take away the execute bits for all users. Installers ask for root privs and won't run into problems at upgrade time, and the admin account can replace drag-to-install applications without hassle.angelneo said:
If you're really worried that chown might have hurt anything, this is one of the few cases where the fabled Repair Permissions (run from the admin account) can check things and actually be useful.
illegalprelude
macrumors 68000
PC Enthusiast said:
Nope. Youre just an idiot and I will prove this in a simple and elegant bulleted list
1. This is a not a virus. For definition of virus is A program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes.
Source: http://www.webopedia.com/TERM/v/virus.html
2. Macs not having viruses have nothing to do with the number of users out there but the OS itself. The reason windows machine (im currently on my PC) get viruss is due to the faults in the OS and not because there is 100 PC to every Mac.
3. This is the most important one, you made an account to just post this, you need to go out and get laid, even if you have to pay somebody because you need a life.
4. This leads to even more importance, this isnt a virus witch ties into #1.
kalisphoenix
macrumors 65816
PC Enthusiast said:
There are exactly 13.75 metric butt-tons of Mac lovers that this is not proving wrong. Most of us are saying (and have been saying, if you were listening) something along the lines of "No computer attached to a network is invulnerable to the threat of a virus." Windows isn't, Mac OS isn't, Linux isn't, even OpenBSD isn't.
Granted, sometimes we are a little elitist -- and who can blame us? Apple has thusfar been very attentive to security concerns, and we have no reason to believe they've been slacking. This particular doohickey requires that one open a file from an unknown source and then execute the enclosed executable (granted, it's masquerading as a JPEG). It then can only spread to the local network, apparently, by using an OS feature that no one but Apple seems to care all that much for.
As I've opined very recently, I think this is intended to be a wakeup call, not a serious menace -- and I think it's aimed at the vocal extreme minority of Mac users who claim that a virus will never exist for the Mac.
My point is that yes, this may shut up people who don't know anything about operating systems or computer security. Good! I for one will be ecstatic not to hear them piping up during otherwise potentially-intelligent conversations. But as far as proving that OS X is not a robust OS inherently more secure than a default installation of Windows + trappings -- no, this hasn't proven a thing. The rendezvous problem will likely be patched very quickly, and I think this will light a fire under Apple's ass to fix the "executable masquerading as a media file" ********.
In short, everyone wins. Except idiot OS zealots, but then they never win.
It's going to be reported on CNET, Wired, PC Magazine tommorrow! It's going to be a tough day at the office being one of the only Mac users!Tymmz said:
plinden said:
Does that mean it makes no difference whether the virus (or trojan or malware - who cares about the name) is executed under the admin account or a user account without admin privileges? 😕
It's already hit CNN:
http://www.cnn.com/2004/TECH/internet/04/09/apple.trojan/
Sorry, that was the first-first OS X Trojan. And I remember everyone getting their panties all in a bunch then, also. So let's take a deep breath...
Look, if Trojans and Viruses all of a sudden need administrator passwords to work, then I'd like to add Office 2004 to the list of security risks. Now that's some malicious code.
My point is, if the only way to "infect" a Mac is with an Administrator's permission, then is that really a big threat? It's a lot harder for a criminal to rob you if you don't give him the key to your home.
http://www.cnn.com/2004/TECH/internet/04/09/apple.trojan/
Sorry, that was the first-first OS X Trojan. And I remember everyone getting their panties all in a bunch then, also. So let's take a deep breath...
Look, if Trojans and Viruses all of a sudden need administrator passwords to work, then I'd like to add Office 2004 to the list of security risks. Now that's some malicious code.
My point is, if the only way to "infect" a Mac is with an Administrator's permission, then is that really a big threat? It's a lot harder for a criminal to rob you if you don't give him the key to your home.