Linked by Thom Holwerda on Tue 21st Feb 2006 17:59 UTC
Mac OS X "[Last week], we reported on a Trojan horse for Mac OS X that is just like the entry for Earth in the Hitchhiker's Guide to the Galaxy in that it is mostly harmless. A new vulnerability targeted at Apple's home-grown web browser, Safari, is another matter entirely. A German security firm appears to have been the first to discover the Safari flaw, which allows for shell scripts to be executed after clicking a link."
Permalink for comment 97966
To read all comments associated with this story, please click here.
ormandj
Member since:
2005-10-09

"lol! Why the hell would anyone stupid enough to type this even have a command line open?!?! Same for the Windows "flaw"...."

They don't have to type it, and they don't have to have the command line open. A simple shell script disguised as a jpeg would do the job. ;) That's the issue at hand and discussed in the article.

The problem isn't people are so stupid as to type in commands they don't understand into a terminal, the issue is they will click on *random file name* from *random source*. Oh, and all the grandmas and 16 y/os who forward every little thing they get to hundreds of their friends. (Kidding about the grandmas and 16 y/os, although my grandmother has this habit. ;) ) I did finally get her to stop downloading "reallycoolcheckitout.exe" from random spam mail and sending it to her entire mailing list of contacts. I suspect her entire church is full of spyware laden machines by now. ;)

Reply Parent Score: 2