Journal: News & Comment

Thursday, April 08, 2004
# 4:45:00 PM:

The honeymoon is over

Permalinks to this entry: individual page or in monthly context. For more material from my journal, visit my home page or the archive.

Antivirus vendor Intego claims that:

MP3Concept [is] the first Trojan horse that affects Mac OS X. [It] exploits a weakness in Mac OS X where applications can appear to be other types of files."

Actually, it appears to be a demo of how such a Trojan could work (thanks, MNJ), but the lesson is still there. Indeed, this Trojan demo is even supposed to work on Mac OS 9—but, I believe, not on previous systems, such as those that do not understand bundles or won't run Carbon applications.

We Mac users like to gloat about not being vulnerable to all those Windows-specific viruses and Trojans. We were also lucky that, back in the 1980s, the dedicated John Norstad squashed viruses nearly as soon as they appeared, and made virus-writing for the Mac an unfulfilling bad habit for those who practised it.

But while Windows may be exceedingly vulnerable, Macs are not immune. This particular exploit is more social than technological—it takes advantage of people's assumptions and some of Apple's poor file type metadata decisions, but a sufficiently creative programmer with nothing better to do could have come up with something essentially identical for the classic Mac OS years ago.

So get used to it.

UPDATE: Ooh ooh ooh, Mr. Kotter! This is turning into quite a kerfuffle. I mean, Apple responds! Intego explains! Wired News snickers! Mac users gripe! Drama! Excitement!


Journal Archive »

Template BBEdited on 29-Apr-2010

Site problems? Gripes? Angst? - e-mail
Site contents © 1997–2007 by Derek K. Miller

You may use content from this site non-commercially if you give me credit, under the terms of my Creative Commons license.

eXTReMe Tracker