|
#33
April 11th, 2005, 01:09 PM
| ||||
| ||||
| I am curious what kind of local root exploits are there in PHP? You have made a big accusation that I find hard to believe as it implies a fundamental failure in the basic structure of the OS (both Linux and Darwin).  |
|
#34
April 12th, 2005, 12:44 AM
| ||||
| ||||
| Quote:
I guess I should point out that I am not a security wonk. I am a programmer. Because I write things with my client's security in mind, the security of the products I use is important to me. So I try to keep my eyes and ears open about vulnerabiilties. Also, I live in Japan, while I maintain banking and credit card accounts in Canada -- so a key logger or rootkit could pretty much ruin my day. As a result, I regularly visit Secunia, I watch the processes that are running, I read my logs. I try to be safe. I guess, regarding TommyWillB's comments, all I can say is that 'novice users' 'installing things' was the chief reason Windows is the security nightmare it is (in my opinion). Simply saying that 'it's your fault; if you installed it, you should have known what you were doing' is not enough for Microsoft users, so it shouldn't be for anyone else. Furthermore, certain vulnerabilities can mean things get installed without the user's help. So, leaving things like PHP installed when the overwhelming majority of Mac users don't know what PHP is and certainly would never use it, is dumb enough. Leaving it installed when vulnerabilities exist now and will probably exist for some time to come is dumb and risky. And leaving it installed when vulnerabilities in other products might be used to run PHP scripts locally, dumb and VERY risky. I'm real sorry for saying this, but I get the impression that I am beating a dead horse here. Just because 'Product X' (PHP, iTunes, AppleScript...) is cool, just because it's been around forever, just because everyone and their cousin uses it, doesn't mean it is secure. Before you say something is secure, you should first try to find out if it is not. Otherwise, assume it is not. |
|
#35
April 12th, 2005, 03:50 AM
| ||||
| ||||
| Quote:
__________________ iBook G3 800 MHz 384 MB SDRAM Tiger  4G iPod, 20 GB  |
|
#36
April 25th, 2005, 06:05 AM
| ||||
| ||||
| People, it's done. It's true. There's the first trojan known to me for OS X. It puts in some entries into the start up files and opens some back doors that allow intruders to run commands on root level. http://www.sophos.com/virusinfo/analyses/maccowhanda.html
__________________ Mac OS X User for life "You know what is worse than being all alone in the night, captain? To be all alone in the crowd." - Ambassador Delenn |
|
#37
April 25th, 2005, 06:28 AM
| ||||
| ||||
| so... er, what do we do? none of us have anti-virus software
__________________ Dual 1.8GHz G5 2GB, 1TB, Radeon 9600XT 128MB, 10.5 20" Apple Cinema Display + Dell 2005FPW 20" dual-head iBook G3 700MHz 640MB, 40GB, Rage128 16MB, 10.4, dying battery |
|
#38
April 25th, 2005, 06:30 AM
| ||||
| ||||
| On the link I posted, I think on the bottom, they give you instructions or tool of some sort to remove it. Have to check that out either
__________________ Mac OS X User for life "You know what is worse than being all alone in the night, captain? To be all alone in the crowd." - Ambassador Delenn |
|
#39
April 25th, 2005, 06:35 AM
| ||||
| ||||
| i assume it's a patch for Sophos antivirus - it's just not a recognised file
__________________ Dual 1.8GHz G5 2GB, 1TB, Radeon 9600XT 128MB, 10.5 20" Apple Cinema Display + Dell 2005FPW 20" dual-head iBook G3 700MHz 640MB, 40GB, Rage128 16MB, 10.4, dying battery |
|
#40
April 25th, 2005, 06:41 AM
| ||||
| ||||
| Hmm.... maybe they release something for OS X in particular, some sort of removal tool. We can also watch the Apple download sites, maybe they're aware of that also and provide something
__________________ Mac OS X User for life "You know what is worse than being all alone in the night, captain? To be all alone in the crowd." - Ambassador Delenn |
