Apple’s First Trojan Horse

1) It’s not a virus, Dru. It’s just not. Sorry.

2) The installer is attached to pirated installers for other commerical products. In other words, only those who are attempting to install stolen software will be infected.

That means the the smug Mac users who believe in paying content producers for their work are just fine.

Why is it that every time malware comes out for an Apple product, it’s touted as being the “first ever?” This is nothing new, it’s just that the malware for Apple products don’t spread the way that Windows virii tend to spread. Way to stay “neat” Neatorama.

There’s always been malware designed for Apples – this is far from the first. The difference is that OS X is genuinely more secure than Windows+IE, which is why there still aren’t any self-spreading Mac viruses or worms. For example this trojan requires the user to download and install a corrupted copy of Photoshop or iLife, entering admin passwords along the way. Which is probably why McAfee dismissed this trojan – identified back in January by the way – as minor and largely irrelevant.

It’s not a matter of being smug. It just a matter of one system allowing infection if you click on the wrong link, and one system not. But of course I may be wrong, Windows is just as securely designed as OS X. and that Mac malware apocalypse really is coming. Any minute now…

Malware of Geeks bearing gifts.

Sorry, but this is not news: see http://macs.about.com/b/2009/04/16/symantec-discovers-ibotnet.htm

I think the only news here is that Symantec is trying to panic Mac users into buying their software.

A trojan horse is like three card monte, you only lose if you play. A trojan horse is like a vampire who has to ask permission to come in. A trojan horse is like the trojan horse, using social engineering where normal engineering failed. A malicious web link or misrepresented software download has to gain the attention of the user in order to gain control of the machine. It is not a security issue. Any operating system is vulnerable to the ignorance of the user, be it through malicious intent or innocent mistake. An operating system that does not let you make mistakes, like iPhone, causes an outcry in a wholly different direction and incites people to jailbreak the device specifically so it is vulnerable to their whims.

Thanx, alexx, jb, et alia.

Came for the truth, stayed for the snark.

If someone convinced people to swallow cat turds, should the headline be “CAT TURDS – THE NEW CYANIDE!!”

Or should it “Dumbasses swallow cat turds. Unrelated – Cyanide still bad for you.”

Its like a glorious virus is unleashed to a civilization where its technology is not developed enough to create vaccines (not just for this virus, but vaccines in general) and everyone blames deaths on magic

I think Apple’s first trojan was the “Sexy Ladies” HyperCard stack, which displayed a series of suggestive 1-bit images on the screen while quietly trashing the hard drive in the background. That was back in 1988.

Now they just need to stop making those god damn mac>pc commercials, its a matter of taste for FFFF sake..

“The difference is that OS X is genuinely more secure than Windows+IE, which is why there still aren’t any self-spreading Mac viruses or worms.”

Geez, people are still buying into this old canard, eh? Listen, people… OS X is genuinely SAFER, not more secure, than Windows+IE. The statement above simply could not be less true. OS X — as wonderful an OS as it is — includes practically zero protection against malware. It’s not designed with malware defense in mind, nor does it have anti-malware features built into it. Why? Because it doesn’t need it. Read this next sentence twice, please: There are not enough Mac users in the world to ensure viable paths through which malware can propagate. It’s as simple as that.

If you have sex with your wife without a condom, you are less secure than a guy who bangs fifty women with a condom, because you have not taken any protective measures and he has. But you are SAFER than the other guy because of conditions that have nothing to do with your level of security. He is potentially being exposed to assorted diseases, whereas you are under no such threat. Unless your wife is screwing around, you’re safe, and no security measures are required.

Of course if your wife gets really popular all of a sudden, you may be in trouble. Remember that when encouraging your friends to buy Macs. If Apple ever manage to achieve anything close to 30% market share, and those propagation paths start looking more and more practical, it’s going to be a rude awakening.

Can we move on now?

As has been pointed out above, Macs (and pretty much any computer ever) have always been vulnerable to Trojans. It’s viruses that they’ve generally avoided. The benefit, for the time being at least, is that there aren’t many of either targeted for the Mac.

On the one hand, yeah, there may be an explosion down the road. On the other hand, you can generally just not worry about it right now. Also, you get to be a bit smug at your neighbors. (Guess which option I chose?)