Linked by Amjith Ramanujam on Thu 24th Jul 2008 18:01 UTC, submitted by Ward D
Bugs & Viruses Mac Antivirus developer Intego might have stumbled across an OS X specific virus being offered for auction that targets a previously unknown ZIP archive vulnerability. From Intego's posting, it appears that an enterprising auctioneer seems determined to make sure that his name is one that is not forgotten when it comes to Apple security, claiming that his exploit is a poisoned ZIP archive that will "KO the system and Hard Drive" when unarchived.
Permalink for comment 324581
To read all comments associated with this story, please click here.
RE[3]: Hardly likely
by looncraz on Fri 25th Jul 2008 16:45 UTC in reply to "RE[2]: Hardly likely"
looncraz
Member since:
2005-07-24

Well, I could write a simple recursive loop with the BeOS API which natively follows symlinks, would compile to something like 16 KB.

OR, I could just have fun giving everything a random name :-)

Nothing would be in my way of doing so.

If I REALLY wanted to be a PITA, I'd scan for any unmounted volumes and mount them first, damaging all I could.

Of course, it would be just as easy to secretly install a driver which will destroy the boot sectors, partition tables, and the first and last block on each cylinder boundary ( to prevent recovery ).

BeOS has NOTHING to prevent access, though there are indeed some tricks ( i.e. try setting read and execute permission to everything in the system folders, but not write - you may want to use group settings for that and change the user name of those files - but be careful, this is untested on BeOS kernels, and can be problematic ).


--The loon

P.S. I think I'll try the aforementioned 'trick' and see how it works, perhaps today.

-- edit: stupid stray letters...

Edited 2008-07-25 16:47 UTC

Reply Parent Score: 2