a virus for mac???

[Danster]

atm i'm in a arugument with a windows friend who is content that the mac sucks and is betting me that he can lead me to a site that will upload a virus as soon as i enter the site and screw my mac up

he said he doesn't want to but is annoyed that i said that there is no viruses for mac

should i do it?

i mean it's only going to a site i have the lastest version of os x and a firewall

 

[Ric]

...he can lead me to a site that will upload a virus as soon as i enter the site and screw my mac up..
...i said that there is no viruses for mac
should i do it?
i mean it's only going to a site i have the lastest version of os x and a firewall

Not that I want to get into a my Mac is better than your PC debate, (been there done that, many years ago!), Macs pre-OSX virtually had no viruses, since the change from OS 9.xx to OSX Macs are now running Unix.

This in itself means that there are a lot more users and there are more viruses, however these are few and far between compared to what most PC users experiance.

Any good Hacker/Cracker could right some code and add it to a website, then if you went to that website and clicked on the relevant link - this in turn could do nasty things to you computer whether it is a Mac/PC/Linux etc.

Having the latest version of OSX will help against outside threats, the firewall helps protect you as well. But if you do not understand how firewalls etc work then I shouldn't really try and test whether you are safe???

I, would be prepared to have a look at your friends site though if you give me the link.

All computers are easily compromised if you know what you are doing

You should really have some form of virus protection on your Mac.

Any decent Mac programmer can right a virus for the Mac in a couple of lines of Applescript code then add it a flash game, allow people to download it off a website and voilla...

...fortunately the majority of us with that type of knowledge don't do it !

After all we are Mac People !

 

[Danster]

Can you really write a few lines of Applescript that could do nasty things?
Not you I mean i just mean anyone.

I was under the impression it was hard to screw around with the mac and that you had to manually install viruses to get any kind of effect.

Also he doesn't have any sites to lead me to but said he will find one
but then again he uses windows with I.E and doesn't know that safari doesn't autorun when you go on to some sites and you get that auto download files (sometimes)

 

[Ric]

Can you really write a few lines of Applescript that could do nasty things?
Not you I mean i just mean anyone.

I was under the impression it was hard to screw around with the mac and that you had to manually install viruses to get any kind of effect.

Also he doesn't have any sites to lead me to but said he will find one
but then again he uses windows with I.E and doesn't know that safari doesn't autorun when you go on to some sites and you get that auto download files (sometimes)

I didn't mean to alarm you!

Yes are are correct in what you say Safari doesn't autorun files: what I was saying, was that if you clicked on what appeared to be a genuine link to something that you thought you wanted to download a good programmer could fool you into thinking that you were downloading a free mp3 etc. when in fact you were downloading a compiled applescript, that when you double clicked on it it was to wipe out your hard drive, change your settings etc.

Applescript is a very powerfull language and can (in the right hands) do just about anything...

The fact that the mac is now based on Unix means that there are also other ways of attacking the Mac.

If you check your firewall logs, you will probably see upwards of "100 attacks" a day against your computer. My server at home, gets attacked around 200 times a day! These are not really against your computer, it is just hackers/kiddy scripters scanning a range of IP addresses too see if anyone isn't running an adequate firewall. If your firewall is not set up correctly then it is relatively easy for someone to break into your computer.

It doesn't really matter what computer you are running if someone wants to gain access and they really know what they are doing - they will get in !

A good place to check for any Virus threats to the Mac is Symantec

Ric

 

[Danster]

Thanks alot for your reply. I know that no system is 100% secure i mean what is. But as long as humans program computers there will always be mistakes which other people will exploit i just think that the mac has much fewer security problems than it's rivals

But could anybody create a potentialy nasty code in visual basic or c++ on a windows machine that could affect my mac?

Also how do i check my firewall log? and set it up properly I have just used it out of the box really and haven't chaged any settings

 

[Ric]

...i just think that the mac has much fewer security problems than it's rivals

This is definately true, it has, but you must make sure that you keep upto date with any system software updates that Apple puts out, this is a lot easier nowadays with broadband and the software update app. Set it up so it downloads them for you, but have a read of the notes before you allow it to install.

...But could anybody create a potentialy nasty code in visual basic or c++ on a windows machine that could affect my mac?

Yes, potentially they can, and have done. In laymans terms visualbasic could be used on a pc to write a macro/virus than runs though any Microsoft software, such as Excel, Word etc. However, these type of attachment viruses need user interaction,(you've got to open the attachment and run it!) this as you are aware is not needed on the PC-it can be run automatically)

The same is true in a way of c++, this is just another language that is used to write software, so can and is used to write viruses.

Other more internet friendly languages used are PHP, javascript, active X controlers etc.

What I would say though, not "just anyone" can write such nasty code. I wouldn't particularly worry to much about it. Just keep your firewall setup protected, be mindfull of what software you download from the internet, and install some anti-virus software.

...also how do i check my firewall log? and set it up properly I have just used it out of the box really and haven't changed any settings

Generally modern firewall's should be setup (hopefully) correctly. However, a lot of users, do not change the firewall's default admin password that comes setup. Let me know what make and model firewall you have and I will check what you ought to have set up.

Ric

 

[Danster]

​

install some anti-virus software.

What's the point in installing anti-virus programs if there are no viruses that could harm my mac (well none that can be installed unknowingly)

We have agreed that there are viruses out there but i'd be a fool to get infected by one so where's the point in getting bogged down in norton anti-virus which i'v heard bad things about?

My firewall

what do you mean by modern and setting them up i use the built in firewall which i'v heard is more than adequate.

 

[Ric]

What's the point in installing anti-virus programs if there are no viruses that could harm my mac (well none that can be installed unknowingly)

Sorry, but I haven't been very clear, there are viruses out there that can infect Mac's. The simplicity of writing virus code is aided by the existence of virus "cook books". Some of the books provide direction for the design, writing and implementation of computer viruses. The committed writer can also obtain the source, hex listings and compiled samples on the internet. A book by Mark Ludwig, "The Giant Black Book of Computer Virus", [1995 American Eagle Publications] contains the source code for two UNIX companion viruses written in the C language. The book "UNIX Security, A Practical Tutorial" by N. Derek Arnold [1993 McGraw Hill] dedicated all of Chapter 13 to the explanation of viral activity under UNIX, including a working example in C language source code. You have to remember that while OSX is relatively new UNIX is not.

On a lighter note have a read of this http://jeremy.zawodny.com/blog/archives/001797.html

We have agreed that there are viruses out there but i'd be a fool to get infected by one so where's the point in getting bogged down in norton anti-virus which i'v heard bad things about?

4th November, 2004: Websites are reporting the arrival of what many might see as the first true virus for Mac OS X. The "Opener" virus, as it is being referred to, has the potential to disable the built-in firewall, and to possibly steal information and corrupt or destroy data.
ZDNet has information on the (more accurately labelled) malware script and comment....

"Paul Ducklin, Sophos’ head of technology in the Asia Pacific, told ZDNet Australia that the malware, which Sophos calls Renepo, is designed to infect any Mac OS X drives connected to the infected system and it leaves affected computers vulnerable to further hacker attack.

Ducklin said Opener disables Mac OS X's built in firewall, creates a back door so the malware author can control the computer remotely, locates any passwords stored on the hard drive and downloads a password cracker called JohnTheRipper.

According to Ducklin, Opener tries to spread by copying itself to any drive that is mounted to the infected computer. This could be a local drive, part of a local network or a remote computer.

Most worryingly, according to Ducklin, this could be the start of a spate of malware that uses Mac OS X’s scripting features against its users."


More details and the full text of the ZDNet articile at
http://www.zdnet.com.au/news/security/0,2000061744,39164062,00.htm

ZDNet article comments that Apple do not see the 'Opener' as a virus
http://news.zdnet.co.uk/internet/security/0,39020375,39172277,00.htm

My firewall

All firewall's are good, but some are easier to break than others. Hardware firewalls are better if you can afford them or require them.

It is best to try and understand how networks, TCP/IP, ports etc work to help understand the issue of security. I can explain this in more detail if you'd like.

what do you mean by modern and setting them up i use the built in firewall which i'v heard is more than adequate.

For the most part, yes, the built in firewall with OSX is fine for most home users. But have a read of the above articles about "Opener". I personally have a Hardware firewall, various routers and other security measures in place, I do however have various servers connected to the Internet all the time, such as the one this website is hosted on:and so my network is more visible because of the open ports: HTTP for web services and SMTP for my mail servers.

I will save suggesting various AntiVirus Software for tomorrow!!!

Regards

Ric

 

[Cory Cooper]

Go

I would be happy to check it out with my Mac...

Post the link and we'll see what it will do...or is supposed to do anyway.

C

 

[Ric]

Just going back to what I said earlier, Mac's and Virus:

Just imagine what would happen if someone or something could gain access to your Mac and type/execute wrap it up in a bit of Applescript, this:

cd /
rm -r*.


9 Characters, one wiped hard drive.

don't type the above into your terminal...