[LINK] Re: Windows XP versus Vista
Rick Welykochy
rick at praxis.com.au
Sat Jan 26 19:59:57 AEDT 2008
David Goldstein wrote:
> You don't look too hard. Whatever its validity, a news search using the terms apple and hacker finds the following story first:
> Criminal hackers turn on Mac users
> Security experts have warned that hackers are fast extending their efforts beyond Windows and are actively targeting Mac users.
>
> The 2008 Security Threat Report from Sophos said that organised criminal gangs have 'arrived at Apple's doorstep with the intention of stealing money'.
>
> The report acknowledged that, while malware for Macs has long existed,
> criminal gangs have not felt the need to target Mac users when there
> are so many poorly protected Windows PCs available.
> http://www.rte.ie/business/2008/0125/hackers.html
Did you actually read about the malware?
http://www.sophos.com/security/blog/2007/11/729.html
and I quote the steps to install the malware:
1. Computer users are encouraged to install a codec to allow
them to watch a video on a website.
2. The fake Codec program presents a license agreement,
which the user has to agree to before installation.
3. They next need to give permission for the program to
install itself, by entering their username and password.
"What’s important to realise, however, is that this Trojan doesn’t
exploit a vulnerability in OS X, Leopard, Tiger, or any Apple code.
This Trojan exploits the vulnerability within the person sitting in
front of the keyboard."
So if you 1. download software from an untrusted source and
2. click to accept a licence agreement and 3. enter the admin
username and password, Voila! Trojaned!
Anyone who executes steps 1 2 and 3 should return their computer
to the shop in the box it came with and hand in their Internet
driving licence.
OTOH, the same malware on Windows is described here:
http://en.wikipedia.org/wiki/Zlob_trojan
and it would take an expert eye to avoid installing it by mistake,
since *system level software* can be installed on Windows XP without
changing your access permissions: you *are* the admin in WinXP.
In this case, they simply click "OK" to a dialogue warning them
about spyware that should be removed pronto. Suckers!
BTW: "malware" can be written for *ANY* operating system. It is,
as the name implies, "evil software". Nothing too amazing about that.
What is amazing is that people will willingly download it, install
it and run it! If you could get a Linux user to download malware, install
and run it, yup, their Linux box could be compromised. But that is
not a weakness on the part of Linux. It is stupidity on the part of
the "luser".
HTH!
cheers
rickw
--
_________________________________
Rick Welykochy || Praxis Services
Any sufficiently advanced technology seems like magic.
-- Arthur C. Namesake
More information about the Link
mailing list