Anti Virus Software
- Thread starter mccrum
- Start date
Associate
http://www.clamxav.com/ is a good free anti-virus which will detect windows based viruses but as far as I'm aware they aren't any bad or widespread in the wild Mac viruses at the moment. But never say never.
Soldato
Care to share where you've read about these trojans? I can't say I've seen anything myself but I always like to read about emerging threats.
http://news.cnet.com/8301-10789_3-9976122-57.html
Read that yesterday, but seen a few reports over the last few months.
Associate
There's an exploit for ARDagent (Apple Remote Desktop), which can be prevented simply by turning on your Remote Desktop services
osascript -e 'tell app "ARDAgent" to do shell script "whoami"'
Pretty dumb privileged escalation bug
Deleted member 651465
D
Deleted member 651465
These exploits rely on you being a moron and / or having Safari to "open safe files automatically" when downloaded, and even then you'd need to confirm to opening of the downloaded file, THEN you'd have to type in your root password and finally click OK to confirm before it would open / run.
If you're that clueless you shouldn't be using a computer tbh
If you're that clueless you shouldn't be using a computer tbh
Associate
These exploits rely on you being a moron and / or having Safari to "open safe files automatically" when downloaded, and even then you'd need to confirm to opening of the downloaded file, THEN you'd have to type in your root password and finally click OK to confirm before it would open / run.
If you're that clueless you shouldn't be using a computer tbh
Just wait till someone finds a way to get safari to execute applescript. What I wrote above could be weaponised trivially with a browser exploit to gain root on the box. Safari has no sandboxing unlike IE (ewww!).
Good technical post here on whats currently wrong with OSX security and what improvements should be made in snow leopard: http://blog.trailofbits.com/2008/06/22/ardagent-exploit-macos-x-malware-and-snow-leopard-oh-my/
Last edited:
Deleted member 651465
D
Deleted member 651465
I'm not saying it's not a security issue, just all the current "threats" are all trivial in relation to the user input needed.
I fully agree that a automated / Applescript exploit would be bad mmmkay
I fully agree that a automated / Applescript exploit would be bad mmmkay
Most of the Windows viruses/trojans require idiots to run things too.. unfortunately there are plenty of idiots about
Apple users have been a bit blasé with security, mainly due to the myth that OS X is somehow immune to hackers/viruses etc so it wouldn't surprise me if something malicious eventually goes round like wildfire
Apple users have been a bit blasé with security, mainly due to the myth that OS X is somehow immune to hackers/viruses etc so it wouldn't surprise me if something malicious eventually goes round like wildfire
Associate
The biggest problem I see is when the first "killer" Mac OS X virus/trojan/etc. hits barely anyone is running software to protect themselves so it'll be able to run rampant.
At least on Windows, you're likely to be running software to stop this happening.
Kinda like flying vs. driving. There are way more things that can go wrong with an airplane than a car, but the fact there's such care taken with aircraft means it's actually a lot safer (statistically).
At least on Windows, you're likely to be running software to stop this happening.
Kinda like flying vs. driving. There are way more things that can go wrong with an airplane than a car, but the fact there's such care taken with aircraft means it's actually a lot safer (statistically).
Deleted member 651465
D
Deleted member 651465
I'd say it has something to do with the level of competence of the person in control of the vehicle/aircraft.
In this case, someone with a bit of common sense would be fine. I do agree that there are equally-dumb people using OS X (as Windows).