Sunbeltblog comments
I found this post amusing somehow.
Hi - Social Engineering attacks are just that. They work on any targeted OS, independent of the OS.
What active defences *could* be offered by an OS, to defend against this attack?
AFAICS, an active anti-virus package with an up-to-date signature file, and an anti-virus industry interested in Macs, would seem to be the requirements to defeat this attack - just as on Windows.
This is interesting, but not as interesting as news of a self-propagating viral infection with superuser escalation. That *would* puncture my feelings of invulnerability. This doesn't.
Am I a MacHead? I don't think so... but I am sincerely glad that I've switched to Macs, as it has crushed my system administration time, and I can focus more effort on my business and less on recovering from bizarre, partially documented and all too frequent reboots, infections, corruptions, re-installs, Windows Genuine Annoyance, etc.
I'll concede that Mac isn't perfect. But it is less continually demanding of detailed attention.
So, thanks for warning that SE attackers are now investing in Macs, but I don't think this has the threat level you imply - unlike, say, Storm on Windows 
The Mac market share is apparently now high enough to attract the attention of malware authors. Woo-hoo!
I think the reason for that 'more than slightly superior to windows users' feeling comes from two things:
One, even if you deliberately attempt to make your OS X machine vulnerable by setting Safari’s General preferences to "open 'Safe' files after downloading", you would (unlike Windows) have to type in an Administrator Account password and confirm that you wanted to install a binary package.
Two, I think that mos Mac users are bright enough to understand that this is a bad idea.
This FUD is analgous to trying to panic Porsche drivers about buying retread tires.
Nowindowshere: Have you tried Vista?
Similar experience.
The screen prompt is highly misleading -- you're just installing an innoucous Quicktime "plug-in". You don't think people aren't going to install this thing when they want their pr0n? Of course they will.
Contrary to the above, the one download site I checked (the same as in your later blog entry, with the screenshot) there was at least an attempt to make it look like the coded install worked.
There is a javascript function called activex_is_here(), which looks for a plugin called "MacCodec". If it's true, the page inserts a quicktime movie, if it's false it shows the "please download the codec" dialog.
It's entirely possible that this functionality is broken - I don't have a sacrificial VM, so I wasn't going to install the thing to check - but they're at least trying.
Mac's security worked perfectly. This is NOT a flaw in the OS. The user is tricked into installing something nasty. The trick is easy to fall for, and is very like many others on Windows.
Is the Mac at fault here? No.
Does the user have to be unusually stupid? No, not really.
Could something like this work on Windows? Yes, and it does everyday.
Could something like this work on Linux? Yes, although I can see fewer Linux users being fooled into this.
Is this really bad news for security on Mac OS X? Not really, it isn't good news to be sure, but the OS hasn't done anything "wrong".
Do Mac users need to worry about this? Probably not, but it should make them think next time they see an alert asking for the admin password.
If you are a Mac user, and the Mac is yours, the admin password is (probably) your login password. When the OS asks for this in response to an application the application will be granted permission to do whatever it wants if you supply it. If you're not sure, DON'T supply the password. It is normal to be asked for it when you're installing something, but not when you are trying to open a document (like a digital picture for example). If you downloaded the application from the Internet, ask yourself if you trust the source. But there is nothing in this that should make Mac users lose any sleep.
Jez,
No one ever said that the Mac OS did anything wrong.
The point is that Mac users have, for the first time, been targeted by professional, for-profit malware makers.
Alex
Alex,
I think the the original problem started when every PC user started heckling the Mac user as to how superior their product was to the Mac. I kind of gathered it made you a bit joyous to know that there could be a problem for the Mac and you wonder how we got our attitude? This is one compared to how many (in one day alone) on the PC?
I have used a Mac for 17 years now and I can tell you this is not the first time we had a problem with a virus or trojan. Most of us are smart enough to figure out you cannot just downlaod anything off the internet.
I have used a PC (much to my dismay) and after I am done cussing and being totally aggrivated for trying to do a simple task (as I know it on the Mac) it frustates me all the more when I hear people proclaiming the PC is so much easier to use. I disagree, period. They obviously have not used a Mac.
While knowing that Mac's are not totally immune from any attacks, it is still comforting to know that we are not the main target. Everyone should ALWAYS be careful and on watch for vicious attacks, no matter what computer they use.
Tez,
You're right, Mac's are actually very nice machines (I've used both, I own both). (I will say that my kids prefer PCs, as the latest gen of Macs are actually harder to use than Windows.)
I think what was always irritating to PC users is that there were a large amount of Mac users -- and you may not be part of this crowd -- who continually scorned PC users. This started with Apple (with the Lemmings commercial) and went on from there.
But the bigger problem is that a false sense of security can really lead to ultimate problems. Users need to be vigilant, no matter what their operating system.
Alex,
This war started before then (I think). When I would be chatting in a Macintosh channel, pc users would join in and say all kind of bad and derogotory things about the Mac's. We would have to boot them off the channel frequently. Silly if you think about it. From there, in person, we heard the same stuff. People made fun of us for using a Mac. I am talking like 1995-96 when I first noticed it. That is when I started getting a bit of an attitude. It was like we had to defend ourselves for what we wanted to use.
While I do not chat on channels any more (due to iChat) I met a lot of good people on those channels that I still talk to today. Some are out of the country too. I never imagined I would still be talking to them 12 years later!
Like we both said, be careful of what you download to your computer (or even what you might "accept"). Always type in a url and don't just click on it in an email. That is how phishing starts. Be careful always!
Fair enough. I will say that I was a major supporter of the Mac in the early days (Fat Mac time period) and was responsible for literally hundreds (if not thousands) of people getting into Macs. I also worked for several Mac software developers. So I'm not a PC fanatic. I'm just continually concerned about the false sense of security, so I admit, I took a sledgehammer to the issue.
I loved the old Mac days too. OS 9 (and before) was easier for me to figure out and finagle compared to OSX. But I do like the new OSX.
I still have some of my old computers. I think the IIci is the oldest one I have and it still works fine. I am wondering what to do with all these old machines (that still work). They have to go though.
It's good that you helped sell lots of Macs. I bet there are a lot of happy people using them (still) thanks to you!
Mac sales are up.
Therefore Mac users are up.
Who are the Mac users?
Those who opt for the Mac "lifestyle" choice have to shell out more for their hardware.
They probably have an array of other Apple products.
Maybe a European car. In fact I'm guessing everything they own, they paid a premium for "peace of mind" and/or "cool factor".
They are hardcore consumers and they have money to burn.
That coupled with the smug sense of security given by a Mac, I'm surprised the malware folks haven't seen this opportunity before.
Oh, and it's nice to see the usual Mac sniffyness in the comments above.
I own one, I just don't admit it 
Richie
The reason I moved from Windows to OS X was because I wanted something different, something less rubbish, if you will, than Windows. I got my first Mac 4 months ago and I love it.
I am not a Mac lover, or a Windows hater, but I know one thing, OS X works way better and is more stable than Windows ever was (right up to Vista!).
It just allows you to get on with what you want, but also has the ability to 'get dirty' if you need to.
Yes, Apple products are more expensive, but I only have a Mac. I have a Sony Walkman MP3 player and I love it.
Windows users are just as bad as Mac users when it comes to getting bitchy, there just seems to be some groups who get off on being idiots, but both sides have those people. It's not a Mac thing, it's a social thing.
Alex, thanks for alerting us Mac users to this (I came here from the BBC's website, where they've been rather more gentle on Mac users than you have).
It does seem that the trojan relies on human stupidity rather than OS shortcoming, so I'm not sure why you're quite so gleeful. Still, it acted as a suitable reminder for me to update my malware protection, so for this alone I'm grateful to you.
I take some comfort in the fact that the machine I use has become popular enough to warrant an attack of this kind. Perhaps this will actually help Mac users to lower their defensiveness in the light of snobbery from Windows users (yes, I know it cuts both ways - and Apple's dreadful ads really haven't helped the situation).
There have been Mac-based viruses and Trojan horses for years. That's why anti-virus packages like Virex exist. But the OS is far less vulnerable to passive infection. In this particular case the user has to pro-actively instal the malware themselves. This is not a problem specific to Macs. There is no information about what this Trojan horse actually does. Most Mac malware does very little harm because the OS cannot be penetrated the same way as Windows.
Oscar Wildebeest -- that is the greatest name.
Duckworth -- If you like, I can send you a sample of the Trojan and you can see what it does to your system. Perhaps it will do "little harm". No worries!
But what do we do the check if we've got it?
Matilda -- chances are you would know you have it... you'd be getting funny search results, etc.
You could try the instructions here:
http://www.macworld.com/2007/10/...horse/
index.php
Alex
As a mac user, I prefer using my mac but I have always seen it to be pointless indulging in my mac is better than your windows pc type debates.
The issue is one of education as the user base of mac users broaden we should be preaching safe computing regardless of os as some have stated this is more about user behaviour rather than a technical flaw. The danger for those of us in the mac community is that if we only preach mac good (and by implication immune to problems) windows bad then some mac users will think they are invincible, ok it maybe their own fault but we want everyone to have a great mac experience.
Commenting by HaloScan
