The Apple newswires have been reporting for a few days now the discovery of a new Trojan, yet curiously we've been rather quiet on that front in here...
Yes, it requires user intervention to run. No, it doesn't propogate itself willy-nilly.
Still - in the interests of keeping the Mac world, and recent switchers informed:
Someone on this board usually picks those things up right away - it is noticeable that no one has commented on this one. I think a security sticky-thread would be a great idea - I always look for comments on this issue here.
__________________
MacBookPro 13" 2.7 GHz Intel Core i7
Mainline Graphics & Communications ~ graphic design, business support services ~ Computer Tutoring: obedience training for you & your computer
That was fast, it's not a surprise that someone took advantage of this, especially since the people that reported it pretty much told them exactly how to do this (against Apple policy btw -- this sort of thing is not typically disclosed until the hole is patched).
The reason it's so quiet about this is because your risk of being affected by it is pretty near zero.
It requires a diligent effort to be at risk for it, and permission to run. While I don't mean to understate the fact that a exploitable flaw was found in OS X code, the number of users even at risk is a minority of a minority of a minority. Frankly, the various browser exploits that have appeared here and there are a much bigger "threat" to the average user.
So for now, at least, Mac users can generally continue to ignore such reports.
The reason it's so quiet about this is because your risk of being affected by it is pretty near zero.
It requires a diligent effort to be at risk for it...
I liken these types of viruses to giving a Mac user a large bucket of water and telling him/her if one dumps the water on the Mac, it'll likely break. If one is THAT stupid, one deserves a viral infection... and a problematic computer.
Well... I guess if you're in the habit of downloading, opening and installing/running everything and anything, without a little research, you're going to suffer at some point in time. Of course, these are usually leftover Windoze user habits.
The whole ARDAgent exploit is pretty much old news, with similar exploits on various UNIX and VMS based system dating back as far as 20 years ago. It is not a virus (it does not self-propagate), and it is not a trojan (because in it's native form, it does nothing to the system). More of like a problem if someone logged onto your account and "hacked it" because you put all your passwords on a Post-It note on your monitor.
The whole world is just itching for the Apple to get a virus, and any news is bound to make a ripple, even if it is just a well known 25 year old exploit. No one reports the fact that in the time I took to write this message, 7 viruses were released for Windoze. No one reports the truths about a crummy OS that had at least a hundred-thousand viruses and trojans written for it in the last calendar year, not to mention spybots and other malware.
It is a fact that an Apple can be exploited, as long as the malware can get the user to do the one critical step and install it, as all of the other methods that are so popular on Windoze will never work on OSX (or any other *nix system). And this can never be fixed on Windoze, since the programming methods of writing a device driver are the exact same methods as writing a virus/trojan.
Main attacks on OSX will consist of either: software that isn't what it is supposed to be, downloaded from oddball sites, and that tricks the user into installing it; or by purported Codecs that "you need to view this file", and do anything but view files. Security consists of downloading from known sites, using known repositories of software, and resisting the urge to view files that are in oddball and unknown formats that need special Codecs (or whatever) to be downloaded from some Bulgarian hacking club...
The new Trojan (that we're not talking about)
For sale:
Linear Mode
