[Moscool]

There was a thread last month that basically concluded that viruses on Macs were not really an issue and that paying for protection was probably money down the drain given the low probability of incidents. As Symantec has a higher price structure for the Mac I have abstained.

Given the recent panic around W32.Blaster.worm (BT, Europe's second largest ISP had its e-mail servers shut down ALL DAY yesterday), any danger of mad cow style species cross-contamination? Obviously the OS is different but what about e-mail directories, etc.?

 

[old dawg]

The Mail application has behaved oddly on my computer. Yesterday the send function started hanging and then much later I got several (maybe six) gibberish e-mails as returns.

I downloaded Virex, updated the definitions and then ran the program on all local drives. Although my machine is clean I suspect that worms are the source of my problem somehow.

The weird stuff is all coming through my web site so I will be checking that out next, but maybe a degree of concern for Mac owners is in order.

 

[used to be jwoodget]

These worms are not a direct threat to Mac users (OS 9 or X) but they have plenty of lousy indirect effects. Firstly, if you address is on the drive of any infected Windows machine (think address book) then your address will be spoofed and used to send out more copies from that machine. That results in people blaming you for sending them a virus when you've played zero role. It's also the reason your in-box will fill with server bounce messages from addresses that don't exist or if they have virus detection software.

The second problem is the sheer number of virus-loaded emails you can get (each with a 100 Kb payload). While these can't infect your Mac (even if you click on the attachment (don't do that!), they clog up the mail servers.

Finally, since this is a really big deal for many networks with Windows machines on them, often the local network just grinds to a halt as the SysAdmins close off ports to prevent as-yet un-patched PCs from spreading the worms. That's what happened to our network. Two days of virtually no functioning printers, email or WWW.

So, these code-devils are no laughing matter for anyone. It's only a matter of time before we get an OS X virus and it'll come from Microsoft (just so we don't feel left out of the party).

 

[sputnik]

And THAT is why no Microsoft is on my box.They are the first door to hell.

 

[Gerbill]

I think some Mac users are jealous of Windoze users. They get all the attention and sympathy when one of their worms or viruses appears. We should beg the virus writers to pay some attention to us!

Cheers :-> Bill

 

[used to be jwoodget]

Err... if you're feeling left out, read up on this virus or maybe this one.

The world is too full of these real bugs...

 

[Brainstrained]

Just helped a friend get rid of a virus off his windoze laptop.

Such incidents help me appreciate Macs, but also remind me not to be complacent about it.

Maybe MS won't be so complacent about their code any more. In case you hadn't heard, MS is using Linux servers, at least in the short term.

How embarassing for Bill Gates!

 

[CubaMark]

I'm still waiting for somebody (anybody!) to identify the virus for the Mac that Sophos had at... I think.. number 67 on their "active viruses" list published two months ago. And whether it's OS X or OS 9. For some reason, they didn't identify it on their site.

I need to know if my boasting to PC weenie friends that "there are no viruses for OS X" is true...

M.

 

[AlienRadar]

My ISP ,Magma, had tons of problems because of the virii last week. Total meltdown of email system, broken dial-up modem pool,and even their phone system crashed because of all the calls.

Now, these guys are a really good ISP. I 've been with them 18 months and have not recieved ONE bit of spam mail,ever. Great service,all the time.

But, 95% of their customers are Windoze, and therefore, 1000s of emails from the virus clogging up the works. So, even though we are impervious to the direct effects of this stuff, it still hits us when our ISP is brought to it's knees.

Yeah, it's still safe to gloat, I guess, but one day, one of these things is going to slam the whole net shut for a week.

 

[sniper]

i just heard over a poker game that one of my neighbors has their peecee in the shop because of the blaster virus. i instinctively laughed, forgetting that i was the only mac user there. luckily everyone else found my lack of simpathy funny, but it made me realize that windoze users are legitimately afraid of viruses. because of my lifetime mac using, i've always seen viruses as no more threatening than hurricanes in the carribbean and apocolyptic threats from evangelists.

 

[CubaMark]

The following is an exchange I had with the Sophos tech support person. My reading of the list he provides indicates NO Mac OS X virus. These all appear to be OS 9 or earlier virii (note that he does not explicitly indicate which virus affects which OS, despite my specific query).

M.

<hr>

To: [email protected]
From: xxxx <[email protected]>
Date: 08/27/2003 05:59 PM
Subject: re: Sophos and Mac OS X

Greetings,

A couple of months ago Sophos released a major virus study, identifying the top viruses affecting computer systems worldwide. It mentioned that the most-frequent Macintosh virus was up around 67 or something like that, but did not identify the virus by name, nor whether it affected OS 9, OS X, or both.

Would you be able to provide any further information on this, please?

Thanks in advance,
xxxx.

<hr>

From: [email protected]
Subject: re: Sophos and Mac OS X
To: xxxxx

Hello,

Description: Macintosh file virus

666, see Mac/Sevendust-A
ANTI-A, see Mac/ANTI-A
CDEF, see Mac/CDEF
CODE-1, see Mac/CODE-1
CODE-252, see Mac/CODE-252
CODE-9811, see Mac/CODE-9811
ERIC, see Mac/Scores
Garfield, see Mac/MDEF-A
Graphics Accelerator, see Mac/SevenD-Fam
INIT-1984, see Mac/INIT-1984
INIT-29, see Mac/INIT-29
INIT-9403, see Mac/INIT-9403
INIT-M, see Mac/INIT-M
Mac/ANTI-A
Mac/CDEF
Mac/CODE-1
Mac/CODE-252
Mac/CODE-9811
Mac/INIT-1984
Mac/INIT-29
Mac/INIT-9403
Mac/INIT-M
Mac/MBDF-A
Mac/MDEF-A
Mac/nVIR-A
Mac/nVIR-B
Mac/nVIR-Fam
Mac/Scores
Mac/SevenD-C
Mac/SevenD-D
Mac/SevenD-Fam
Mac/Sevendust-A
Mac/Sevendust-B
Mac/Sevendust-J
Mac/T4
Mac/WDEF
Mac/ZUC-A
MBDF-A, see Mac/MBDF-A
MDEF 666, see Mac/Sevendust-A
MDEF 9806, see Mac/Sevendust-A
MDEF-A, see Mac/MDEF-A
NASA VULT, see Mac/Scores
nVIR-A, see Mac/nVIR-A
nVIR-B, see Mac/nVIR-B
nVIR-Fam, see Mac/nVIR-Fam
San Jose Flu, see Mac/Scores
Scores, see Mac/Scores
SevenD-C, see Mac/SevenD-C
SevenD-D, see Mac/SevenD-D
SevenD-Fam, see Mac/SevenD-Fam
Sevendust-A, see Mac/Sevendust-A
Sevendust-B, see Mac/Sevendust-B
Sevendust-J, see Mac/Sevendust-J
SysX, see Mac/INIT-9403
T4, see Mac/T4
WDEF, see Mac/WDEF
ZUC-A, see Mac/ZUC-A

Description: Macintosh worm

Autostart 9805, see Mac/Autostart-A
Autostart-A, see Mac/Autostart-A
Autostart-B, see Mac/Autostart-B
Autostart-C, see Mac/Autostart-C
Autostart-D, see Mac/Autostart-D
Hong Kong Virus, see Mac/Autostart-A
Mac/Autostart-A
Mac/Autostart-B
Mac/Autostart-C
Mac/Autostart-D

Thank you,
Frantzy Victor

 

[Gerbill]

A lot of the stuff on the list is clearly ancient - I think it's fair to say that it's "padding" designed to support the assertion that yes, there ARE Mac viruses.

Like you, I'd like to hear about one single instance of a virus or worm that affects a current Mac OS (mainly OS X, but let's throw in 9.2 as well). I'm not sure that there is such a thing. If one exists, it must be pretty obscure and harmless, or we would certainly have heard about it.

Cheers :-> Bill

 

[Lawrence]

They forgot to add the nVIR-C virus and the Hypercard
Xmas virus, But then those are just old 68k virus's.
I tend to agree that an emergence of a virus for the
modern OS is yet to surface.

Dave

 

[The Doug]

Oh like, darn. Now his weekend is like, totally ruined. And look at the first quoted line here. Yes, and people are still laughing!

They should send him & his miscreant peers to boot-camp for 2 years, with no access to computers, television, or electronic appliances of any kind.

 

[(( p g ))]

Should we be worried about the Blaster/SoBig virus? Not really, but that's not to say that Mac users can afford to be complacent. Remember, all operating systems have vulnerabilities...and the most common one is the OS user.

Here's an interesting article on this issue. While the writer concedes that OSX is inherently safer than Windows, he makes an excellent point in noting that the sturdiness of OSX is the thing that could make it an irresistible target for virus-writing dorks.

 

[Chealion]

Well they caught the kid. Good for them. Lucky for them, this kid couldn't program his way out of a box. The Symantec employees were laughing at the code when they disassembled it. The actual code that was used to use the hole was copied from a hacking website where someone put up the code saying it was a basic way to use it. And then, they couldn't even get their text to show up.

Doug - I agree with the bootcamp idea. *sarcastic voice* Its fun to make worms that are badly coded, ineffecient and the actual hard work is already done for me *end sarcastic voice*

 

[used to be jwoodget]

The Symantec employees should not be laughing (except, of course, they and companies like them are the only benefactors of viruses). If a third rate programmer can unleash such havoc, when the heck could a team of dedicated programmers do?

Why bother with dangerous explosives if you can disrupt peoples lives by exploiting Microsofts placement of profit before quality? Last weeks spate of virusses had a real impact and cost millions to contain. The only defense is to prevent the vulnerabilities. The next version of WIndows will probably have some cool new technology that secures things if you upgrade - for a week or two.

 

[(( p g ))]

I'm sure that sends a great message to Windows users: that despite its safe-computing campaign, Microsoft's OS remains vulnerable such that one kid can render millions of PCs useless.

 

[Chealion]

jwoodget - They were laughing at how poorly it was coded, with obvious errors. They didn't even code it right to display their message. I'm not condoning the usage of such worms or virii, but really, with something that poorly done, its a shame that people will think that there is the teen that caused so much havoc.

 

[used to be jwoodget]

Chealion, precisely.... If a poorly coded program can cause so much havoc, I dread the day when a pro-version is released.