This is really disturbing...

WeeZer51402

Registered
I was going to post this under the "Viruses for OS X" thread but it isn't really a virus. Its a multi-purpose tool. Its rather disturbing what it can do. Its called opener. This all has me kind of worried, I can't speak to the effectiveness of this stuff but it sure does not look good. I hope apple is doing something to remedy this potential problem. I really don't want my mac to end up like a malware ridden windows box.
 
I am aware of the age of my information and I am not necesarily concerned with that but rather the validity of it. Which of course I can't speak to, thats why I am asking. MisterMe you can criticize this post all you'd like but it still does not provide an upfront answer to the questions raised can we be affected by this? are the methods that it uses to compromise OS X still valid? what can be done to protect against it? All valid questions and I have yet to find a good answer.
 
In order for the root kit or the opener trojan to execute, you must explicitly execute them yourself. In order for them to gain root access, you would have to explicitly execute them as root.

These pose no more harm than a script with the sole contents of "rm -rf /" (which erases everything on your boot drive) which you would have to explicity execute yourself.

My point is that you don't need the help of these programs to screw your system up, as it would be easier for you to do what these programs do yourself. These are early attempts at hacking OS X, nothing more, and pose no real threat to your system unless you're the kind of person to arbitrarily execute programs you know nothing about.

Don't worry about 'em!
 
Thank you that was a good answer, but this could be installed by a malicious user with physical access to a logged in admin user so it still could posses a threat...but I don't leave my computer logged in....so I dont need to worry now do I
 
If a malicious person has physical access to the computer and has access to a logged-in admin account, I think that's a much greater security breach than some rootkit or opener malware...

...and that's just the point -- the hacker would somehow almost have to gain physical access to your computer, which shouldn't be an easy feat.
 
Gentlemen (and Women) you have INSECURE machines! How many of you actually run with a plain user account, not the default admin account? Be honest! How many of you have the Root user enabled? How many of you have have a DIFFERENT password for Root from the admin/user account? How many of you have an external firewall and an internal (software account). How many of you have disabled the single user mode and disabled that function? How many of you have standard security issues in place like Open Firmware Password Protection? How many actually know how many programs on your computer "call home"? (I am talking about the program call Little Snitch).

I am not trying to belittle anyone here. I want to make that clear. It just chaps my hide when people using computers have absolutly no concept of security these days. Did you know almost three quarters of most spam is sent by zombie infected computers? Also, it bugs me when so called computer experts think they also know security issues just because they can find themselves around terminal commands. Security is measured by risk, proper assessment, attitude, commitment and perseverance. Plus you have to way the level of security to the willingness of the computers user you are protecting are willing to put up with. The old saying a little commonsense can go along way in security.
 
Let's put this in perspective. I don't care if this thing is not a virus, that it is a trojan horse, or whatever. What Apple is trying to accomplish, is to entice Windows users to switch if for no other reason that they don't have to struggle with malware of various kinds. The average Windows user is sick and tired of all kinds of unwanted crap and look to OS X as their salvation to getting back to work and not fetishing over stuff under the hood. They no more want to go into Terminal than they wanted to drop into DOS. People who just want to get some work done or enjoy iLife have no more interest in UNIX exotica than they would have in trying to fix a transmission problem on their new vehicle by themselves. You may quibble that some are irresponsible or lazy because they use the same password for admin as for e.g. their e-mail, but busy people don't want to remember a slew of passwords, don't always understand or like the keychain, etc. In fact, there is no warning to a new OS X user that they ought to use different passwords for different reasons, AFAIK. Macs are supposed to be easy to use, right?

My case may be instructive: I sold my 2 yr. old IBM after being fed up with security problems and bought a Mini. I transferred over a slew of data and just wanted to get on with my computing life, but evidently got something like this Opener messing with the new computer. I definitely didn't give any admin permissions for this thing to run, all I can figure is that in my rush to transfer over data via file sharing, is that I turned off the OS X firewall to get it done, and forgot to turn it back on after I finished, and someone got access to the machine. What happened to me was, gradually but relentlessly, all my custom preferences disappeared and preference files were overwritten or generated with creation dates that show the original ones had been somehow nuked. I have no idea how or why, but it got so bad I simply returned the new computer to the dealer. I was using Tiger 1.4.2, so I can only conclude that Apple isn't up to snuff on security updates.

Toyota wouldn't be able to sell cars if the owner had to do their own repairs on unreliable transmissions, they just want to use the thing. If the vaunted Mac can't do that for consumers, it will always sit at the 5% level of market share. Yes, this is really disturbing. I wish I had my Windows machine back (I'm writing on an OS 9 Mac, which except for ageing programs, is far superior from a user's perspective to the OS X machines, no malware, better user interface, more intuitive and integrated).

Bottom line, if Apple decided to adopt the BSD underpinnings, it is incumbent upon them to implement vigorous protection against any kind of intrusion; if they do not, the switch movement upon which they rely will die on the vine. BTW, Apple Tech support didn't have any solutions for my gradual preference loss problem. They are clueless. I guess I'll wait another year and look in on a new OS X machine if and when they sort this out, if they do. Thanks for alerting me to this problem.

End of rant.
 
Back
Top