[X4U] Malware for Mac...
Stroller
MacMonster at myrealbox.com
Tue May 10 07:08:57 PDT 2005
On May 10, 2005, at 1:46 pm, Matt Gregory wrote:
> > Try the link: <http://stephan.com/widgets/zaptastic/>
>
> I did read that before asking my question, and now I've scanned it
> again. And I see no reference in there to anything before 10.4 ....
Oh, I'm sorry... it was I who completely missed it.
Basically, you're asking: "apart from Dashboard Widgets, what other
files types might Safari be erroneously considering safe to open?"
I think was your use of "malware widgets ... in 10.3.9" which confused
me - in any case, the answer is "none that I know of". It seems to be
the case that security vulnerabilities are often the result of more
factors which seem unrelated, and which render the vulnerability
non-obvious when viewed outside of the larger context.
In this case the problem is the result that the Safari developers
consider Dashboard Widgets to be safe, but the Dashboard developers
decided that they should be run with only a single click. Thus you
could get in the situation where a website installs a widget and you
click on it in Dashboard to see what it does, only to have your browser
hi-jacked. This is very much compounded by the fact that Dashboard
widgets are non-intuitive to uninstall.
If you discount the application-bundle-masquerading-as-an-MP3 trojan,
then I can't think of anything in 10.3 which behaves this way.
Personally, I think that could have been exploited much further, and
that it displays a similar level of required user interaction to many
Windows trojans (which I deal with on a daily basis), but experts
disagree with me
<http://www.sophos.com/virusinfo/articles/macmp3.html>.
But it's also my opinion that the authors of malware & viruses often
posses a deal of imagination & ingenuity, and have a knack for
perceiving these flaws in the relationships between interacting
programs that security experts might envy. I don't think Mac users are
likely to become aware of what proportion of security issues are
inherent in target systems relative to those that are largely social
engineering (read as "stupid users", but remember that we're all stupid
sometimes) unless the Mac gains a considerably larger market share or
becomes otherwise more interesting to malware authors.
Stroller.
More information about the X4U
mailing list