[funsec] mac trojan in-the-wild

Alex Eckelberry AlexE at sunbelt-software.com
Fri Nov 2 07:55:32 CDT 2007


Incidentally, (and perhaps "QED"), here is a comment posting I got on my
blog this morning about the Mac trojan:

" I am new to the mac life! I just bought a video camera and hooked it
up to my new macbook and the video didn't work so I downloaded whatever
popped up!!! I had no idea why my video didn't work and i figured that
mac's are suppose to be soooooo user friendly that I needed to download
it. NOW WHAT DO I DO? HOW DO I KNOW IF I GOT THIS DARN TROJAN OR NOT????
EEK please help?
New to Mac |    | Email | 11.02.07 - 1:31 am | #  "

This is quite similar to a comment I might get from a Windows user. 

The idea that Mac users are smarter and less prone to social engineering
than the rest...hmm...

Alex



-----Original Message-----
From: funsec-bounces at linuxbox.org [mailto:funsec-bounces at linuxbox.org]
On Behalf Of David Harley
Sent: Friday, November 02, 2007 7:21 AM
To: 'Dude VanWinkle'; 'Dr. Neal Krawetz'
Cc: funsec at linuxbox.org
Subject: RE: [funsec] mac trojan in-the-wild

> > I've been reading this thread and I don't understand why
> there is this
> > assumption that Mac users are lax or stoopid...

If that assumption exists, perhaps it's influenced by the number of Mac
users who believe that all Windoze users are not only stupid, but
undeserving of common courtesy. 

> > I have a Mac.  I also use Linux, BSD, Windows, and many other OS's.

I own and use Macs, and have spent many years in Mac support (and many
other
platforms). I'm not a Mac hater, and have no time for the "my OS is
better
than your OS" idiocy. But assessing IQ by OS -is- stoopid, and it's a
form
of stupidity I see most often among Mac zealots. 

> Seriously though, thinking Mac users are generally smarter 
> than everyone else is just wrong. We wouldn't need Mac IT 
> support if the users knew how to admin their stuff.

There have been studies (no, I don't remember the references: it was a
while
ago) that indicate that there is less of a support load for a Mac-using
population, in general -- I suspect that's more to do with the
usability/quality of the interface than the intrinsic intellectual
superiority of Mac users, but I'm sure the whole of focus-apple would
disagree with me. Subjectively, having supported a 50-50 Mac/PC
population,
I'd say Mac support was generally less time-consuming in that
environment.
However, I've seen --------enormous------- spikes relating to security
issues, most noticeably around the mid-90s when whole Mac-using
populations
became a prime source of macro virus dissemination. I know that OS X is
very
different to System 7, but I'm not convinced that the user population
(and I
mean the whole population, not the relatively knowledgeable people on
security-related lists) has become that much more security-savvy.
Security-aware, yes: Windows users are also much more aware than they
used
to be. What confuses the issue for both groups is the amount of
conflicting
(mis-)information with which they're bombarded.

--
David Harley
AVIEN Interim Administrator: http://www.avien.org 
http://www.smallblue-greenworld.co.uk  


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.



More information about the funsec mailing list