[X-Newbies] MAC VIRUS

Norman Cohen nacohen at mac.com
Tue Feb 21 13:12:23 PST 2006 

As the one who started the discussion about making sure information  
is either "correct" or is a guess (educated or otherwise), I think  
the back-and-forth has had value. As Steve points out with his ironic  
comment, it's silly for new users to blindly accept all advice, as  
traveling that road has significant danger. I think Jane understands  
that it is important to be a bit more clear in her communications.  
And I've learned that flame wars can certainly take on a life of  
their own!

Now let's get back to helping new users learn to use their Macs  
safely and effectively.

And on that note, there does appear to be a new security threat  
associated with Safari, where downloading a "safe" file that actually  
hides a certain type of shell script can lead to the shell script  
automatically running. A malicious shell script could do all sorts of  
bad things, like, say, erasing your whole user directory. I'd say  
that this is probably a fair bit worse than the Oompa Loompa worm. I  
would expect Apple to address this fairly quickly, but in the  
meantime would suggest that everyone turn off "Open "safe" files  
after downloading" option in the General Pane of Safari preferences.  
Then check the file information for the downloaded file before  
opening it. In the case of a sample exploit, the filename indicates  
that the file is a picture; however, under file preview in Column  
View in the Finder, the file is described as a Unix Executable File.  
This exploit can also occur with Mail.app, but there is not an easy  
fix for that at this point.

<http://www.heise.de/english/newsticker/news/69862> for more  
information.

Norm
---
Norman A. Cohen
nacohen at mac.com

"The enemy is anybody who's going to get you killed, no matter which  
side he's on."
Joseph Heller







On Feb 21, 2006, at 12:06 PM, Steven Rogers wrote:

> Yes, its such a pedantic waste of time to bother with  
> distinguishing between right and wrong advice. Newbies should get  
> over their computer anxiety and just follow what they read without  
> getting all up-tight about so-called "correct" information.

More information about the X-Newbies mailing list