[slarti]

Okay, had enough trolling for one day. Good night everyone.

[MSM Hobbes]

A few articles that shed some additional light on this subject that might be of interest:

http://news.bbc.co.uk/1/hi/technology/4620548.stm

http://www.masternewmedia.org/2003/1...d_security.htm

http://www.macdevcenter.com/pub/a/ma.../security.html

http://www.eweek.com/article2/0,1759,1777202,00.asp

Yes, the dates of these articles vary - however, the meat of the discussion is still pertinent in their discussion of the threats, current and/or potential, that face a Macintosh.

Of course, there is Apple's own sites:
http://www.apple.com/macosx/features/security/

http://developer.apple.com/internet/...rityintro.html

Again, as I've said before in regards to this issue, 'nothing is impossible, there are just various degrees of probability'.

[dvk01]

Definite confirmation
MAC OS Can & does sufffer from viruses/trojans/worms and now this has been widely acknowledged in public expect to see alot more
the code is now in the "public" domain so the script kiddies wil take it up

http://www.theregister.co.uk/2006/02/16/mac_os-x_virus/

http://vil.nai.com/vil/content/v_138578.htm

http://www.sophos.com/virusinfo/analyses/osxleapa.html

[macguru]

....will be trojan hoese worm type programs requiring administrator serial number access. Thus any exploits will remain limited and never propogate much. The security situation is held down due to the design of security in Mac OS X which is far superior to Windows, and remains so.

[dvk01]

I agree Mac is more secure by design than windows but it still suffers from the same problems

Pebkac

(Problem between keyboard & chair)

in otherwords a tendancy to blindly say yes and push any button when requested

[MSM Hobbes]

Quote:

Originally Posted by dvk01

I agree Mac is more secure by design than windows but it still suffers from the same problems

Pebkac

(Problem between keyboard & chair)

in otherwords a tendancy to blindly say yes and push any button when requested

In most regards to the above,,, , esp. the PEBKAC

[MSM Hobbes]

Quote:

Originally Posted by dvk01

Definite confirmation
MAC OS Can & does sufffer from viruses/trojans/worms and now this has been widely acknowledged in public expect to see alot more
the code is now in the "public" domain so the script kiddies wil take it up

http://www.theregister.co.uk/2006/02/16/mac_os-x_virus/

http://vil.nai.com/vil/content/v_138578.htm

http://www.sophos.com/virusinfo/analyses/osxleapa.html

Ummmm... I really don't hold much faith in reports of the sky falling from those that profit from such news.

However, if desire to read probably more truthfull/accurate reports:

http://www.macworld.com/news/2006/02...afaq/index.php

Quote:

Leap-A malware: what you need to know

The worst thing you can do whenever a virus scare hits is to panic. The second worst thing you can do is not keep yourself informed.

With reports of the Leap-A program infecting some Macs, it’s important to keep the news in perspective. While Leap-A has the potential for mischief, it’s not anything like a crippling Windows virus that periodically brings the rest of the computing world to its knees. More important, as explained below, this incident doesn’t expose a security hole in the Mac operating system. Rather, it’s a piece of malware that can be easily rebuffed by vigilant Mac users.

That said, it pays to keep on top of potentially harmful things like Leap-A. After a day of research and testing the malware for ourselves, here’s what you need to know about Leap-A.

...

Some interesting descriptions of what exactly to call this mess can be found here...
http://www.macworld.com/news/2006/02/16/oompa/index.php

Macworld's take on antivirus software is here:
http://www.macworld.com/2005/02/revi...ware/index.php
...and then a review of their top-rated s/w:
http://www.versiontracker.com/dyn/mo...289&vid=199530

Again, as said before - only the foolish have no concerns or cares...

[dvk01]

We knew it was only time as Mac becomes more popular and it's worth the time and energy to attack them

I guarantee we will see a lot more and it's no good pretending that every MAc user is a security conscious as some on here because they aren't

I know all these need some degree of user intervention but so do the majority of windows attacks if you ahve a fully updated system

http://vil.nai.com/vil/content/v_138608.htm

http://news.com.com/Bluetooth+worm+t...3-6041091.html

[Cheeseball81]

This was on Yahoo.com today:

Second Apple worm targeting Macs found: experts
http://news.yahoo.com/s/nm/20060221/tc_nm/apple_worm_dc

[macguru]

....Zero. One reqiures a non-patched version of OS X another is proof of concept andf BOTH require that TWO warnings imposed by the operating system be ignored, one which states "you are downloading an application" and the other requiring an administrator password. In short anyone who gets a worm has asked for one. Advise you do not open or download anything you have not specifically asked for.
You see it could be possible to write a virus or worm for Mac OS X. It was never denied. BUT the security implementations put in place by Apple engineers make it very unlikely that happens.

[dvk01]

and now a zero day exploit that needs no user intervention and is extremely dangerous for all mac users
http://blogs.zdnet.com/Ou/index.php?p=163
http://isc.sans.org/diary.php?storyid=1138&rss

[macguru]

.....This temporary workaround:
The best immediate recourse against such an attack is to deactivate the option "Open 'safe' files after downloading" in the "General" section of Safari's preferences. Alternative web browsers such as Camino or Firefox do not support the automatic execution of files. These browsers can be prompted to automatically download a file by using the refresh command in the HTML source code of a web page. However, the file will not be executed.

If only windows viruses could be so easily mastered. Face it Windows is a cheese for viruses and trojans and Macs are just way safer. Dosen't it just make windows users squirm.....

[dvk01]

read the sans diary and it's links and you will see it isn't that simple as other things are being brought into play

It's fine if you are a knowledgeable user with the MAC but many people bought them for their security and assume wrongly that they are protected completely regardless of what they do and what they say yes to

Come into the real world Macguru and accept that Mac is vulnerable in Normal everyday use by the "AVERAGE" user and the problem will get worse as there are enough macs in use out there to make it worthwhile for the scumware purveyors to attack them

[macguru]

Get a Life. I'm not posting to an idiot thread anymore. It has stopped being a resource for users since as I post fixes here other folks have to chime in with crap. Now I am supposed to think that I have some responsibility or need to acknowledge the state of competency of end users or NOT to satisfy some one's EGO? Nah...... Mac OS X is a wonderful OS light years ahead of Microsoft, any bugs or issues are swiftly dealt with and whether or not you agree means NOTHING as there is NOTHING left to discuss anymore.

[macguru]

To effectively patch against the current unadressed weakness in Mac OS X try this plugin here......which effectively patches that weakness.

http://haoli.dnsalias.com/

Enjoy......