Linked by Thom Holwerda on Sat 18th Apr 2009 09:27 UTC
Remember the Mac trojan that we reported about earlier this year? A trojan was found piggybacking on the back of copies of iWork and Photoshop CS4 found on warez sites and networks, and it would install itself after the user had entered his or her administrator password during the software's installation. This trojan didn't seem like much of a threat back then, but as it turns out, it's now in use in the first Macintosh botnet.
Thread beginning with comment 359264
To view parent comment, click here.
To read all comments associated with this story, please click here.
To view parent comment, click here.
To read all comments associated with this story, please click here.
Member since:2005-06-29
find this doubtful. Practically all Windows games and most applications requires administrator rights to install (mainly because of arcane copy protection mechanisms), how would the OS distinguish between DRM functionality included in a game (like protections which install services) and a trojan if baked into the installation procedure? These DRM schemes, just like trojans and rootkits vary greatly and are constantly changed so there is no way the OS can be updated to keep track and identify them, not even dedicated virus software can keep up.
This isn't about UAC, this is about Windows Defender. Defender does its thing with or without UAC, with or without administrative privileges.
Member since:2008-07-15
Member since:2006-01-24
Thom Holwerda wrote:
-"This isn't about UAC, this is about Windows Defender. Defender does its thing with or without UAC, with or without administrative privileges."
Granted, I've have used Vista ever so slightly and during that time I did not install any software but I'd guess that when you install commercial software like a game or an application Windows Defender will warn you that this software can do harm to your system (due to copy protection/DRM code), and users will click past this warning in order to install said game/application. So how hard would it be for a cracked version to just include a rootkit in the crack which will then piggyback on the game/app installation?
Member since:2006-01-18
" find this doubtful. Practically all Windows games and most applications requires administrator rights to install (mainly because of arcane copy protection mechanisms), how would the OS distinguish between DRM functionality included in a game (like protections which install services) and a trojan if baked into the installation procedure? These DRM schemes, just like trojans and rootkits vary greatly and are constantly changed so there is no way the OS can be updated to keep track and identify them, not even dedicated virus software can keep up.
This isn't about UAC, this is about Windows Defender. Defender does its thing with or without UAC, with or without administrative privileges. "
Windows defender is just a trimmed down antivirus program which only scans for trojans and it is not even a good one. If you are lucky the signature of the trojan gets added and Windows defender finds it if you are unlucky you are screwed anyway...
So nothing new there, Windows defender just does what other anti virus programs also do.
The main security issue with Windows Vista and 7 is that they finally sandbox the user outside of the root context within a user context, a basic security measuer performed by any other operating system. But that does not prevent malware to get in via "social engineering" aka users hitting the ok button every time the Vista/7 program needs root access popup pops up!
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2006-01-24
Thom Holwerda wrote:
-"The funny bit is, though, that a trojan like this would NEVER get through Windows Vista/7. Malware protection is built-in now, so I'd get a nice little dialog on my Windows boxes telling me this file is dangerous, we've blocked it for you. You want us to delete it?"
I find this doubtful. Practically all Windows games and most applications requires administrator rights to install (mainly because of arcane copy protection mechanisms), how would the OS distinguish between DRM functionality included in a game (like protections which install services) and a trojan if baked into the installation procedure? These DRM schemes, just like trojans and rootkits vary greatly and are constantly changed so there is no way the OS can be updated to keep track and identify them, not even dedicated virus software can keep up.