Linked by Thom Holwerda on Tue 1st Mar 2011 00:28 UTC
Mac OS X It's sad to see that even after all these years, we still have to write articles like this one. It's all over the web right now: a new backdoor Mac OS X trojan discovered! Code execution! Indicative of rise in Mac malware! Until, of course, you actually take a look at what's going on, and see that not only is it not in the wild, it can't really do anything because it's a beta.
Thread beginning with comment 464421
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE: Maybe I'm crazy...
by wannabe geek on Tue 1st Mar 2011 12:44 UTC in reply to "Maybe I'm crazy..."
wannabe geek
Member since:
2006-09-27

Well. it can make a real difference if you are taking advantage of the Unix security model. For instance, if you create a different user to own your backups, then a user-level malware can't nuke them. If you run a rootkit detector on boot, if you have a low privilege user for dangerous activities, and so on, same thing. One caveat, though, the X server has a lousy security, so I would recommend to run diffent users in different virtual consoles. I used to run two X sessions at once, one for graphical admin tools like Synaptic and one for user stuff. You can also do without graphical admin tools and use command-line ones. Now I got tired of it and I just stick to frequent updates, NoScript and common sense, waiting for an object-capability OS.

Reply Parent Score: 2

RE[2]: Maybe I'm crazy...
by WereCatf on Tue 1st Mar 2011 14:03 in reply to "RE: Maybe I'm crazy..."
WereCatf Member since:
2006-02-15

For instance, if you create a different user to own your backups, then a user-level malware can't nuke them.

The problem isn't so much the malware that just deletes files, the problem is the malware that reads them! It's quite common for people to keep important job-related files on their computers, or they write down their passwords in some text file and so on, and as such those personal files are very lucrative for malware writers to read over.

It's only script-kiddies who want to destroy files, the real threat are those people who write malware that hides itself from the user and doesn't do anything that would attract attention.

Reply Parent Score: 2

RE[3]: Maybe I'm crazy...
by wannabe geek on Tue 1st Mar 2011 20:07 in reply to "RE[2]: Maybe I'm crazy..."
wannabe geek Member since:
2006-09-27

Good point, but then again, you can have a dedicated user for your important documents, a user who never visits suspicious websites. Cumbersome but effective, except if the malware has root access. I do agree that, in practice, a user-level malware is almost as bad, because people don't take full advantage of user-based security because it's such a chore and such a resource hog for graphical environments.

Reply Parent Score: 2