Linked by HAL2001 on Thu 19th May 2011 12:10 UTC
Privacy, Security, Encryption "A little over two weeks have passed since the appearance of MAC Defender, the fake AV solution targeting Mac users. And seeing that the approach had considerable success, it can hardly come as a surprise that attackers chose to replicate it. This time, the name of the rogue AV is Mac Protector, and the downloaded Trojan contains two additional packages. As with MAC Defender, the application requires root privileges to get installed, so the user is asked to enter the password."
Thread beginning with comment 473725
To read all comments associated with this story, please click here.
Can't get excited
by fretinator on Thu 19th May 2011 13:36 UTC
fretinator
Member since:
2005-07-06

I can't get excited about a "virus" that requires you to enter the administrator password to install. If you download stuff from web pages, and enter the root/administrator password when it wants to install, there is no good protection for you. And that is true on Windows, Linux, Mac, BSD, etc.

As Forest's momma used to say, "Stupid is as stupid does."

Reply Score: 5

RE: Can't get excited
by Neolander on Thu 19th May 2011 13:53 in reply to "Can't get excited"
Neolander Member since:
2010-03-08

At the risk of getting annoying with my sandbox advocacy... How exactly are you supposed to know *why* some piece of software requires admin rights before installing and running it, on nowadays' desktop OSs ?

Reply Parent Score: 2

RE[2]: Can't get excited
by gfolkert on Thu 19th May 2011 13:59 in reply to "RE: Can't get excited"
gfolkert Member since:
2008-12-15

In my book: If the program does not tell you why... it doesn't get installed.

Then, if you don't understand what you are granting, you shouldn’t be allowing anyway.

Social engineering in these problems is the largest problem.

Reply Parent Score: 1

RE[2]: Can't get excited
by fretinator on Thu 19th May 2011 14:10 in reply to "RE: Can't get excited"
fretinator Member since:
2005-07-06

The key is - did I download something on purpose and CHOOSE to install. Then I will grant it privilege. If you don't know why something is asking for your password, just say no. If you are unsure, say no. Only say yes when YOU have chosen to install something. Even with Windows update, I have it set to notify me when updates are ready, I review the updates, and only then do I CHOOSE to install them. When it asks for my permission, I know why.

The bottom line, is when you don't know why something is asking for permission, just say no. It was good enough for Nancy, it good enough for me.

Reply Parent Score: 3

RE[2]: Can't get excited
by WereCatf on Thu 19th May 2011 14:56 in reply to "RE: Can't get excited"
WereCatf Member since:
2006-02-15

At the risk of getting annoying with my sandbox advocacy... How exactly are you supposed to know *why* some piece of software requires admin rights before installing and running it, on nowadays' desktop OSs ?


On current OSes it's not easy, I admit that, but if someone wrote a completely new OS they could separate every API in use to two categories: privileged and non-privileged. Even file system access would have to be separated for it to be effective, and so if your application used e.g. PrivFileOpen("somefile.txt") instead of FileOpen("somefile.txt") the system would immediately notify about it and halt execution.

Similarly, executables would have to list in the executable file every function call they use (excluding parameters though) so that if the application tries to use a function call not specified it would again get halted.

Then at installation time OS would present the user with what permissions the application is asking for, ie. what privileged functionality or data it wants access to, and a short explanation of what each item might entail and possibly a warning based on heuristics on the permissions being asked.

Sure, it would require helluva lot of work and careful design from the OS developer(s), but it should still help atleast a little. Of course there are still those luddites who just click away, but clear-text explanations for items should again help with atleast some of them; people often just click "Ok" or "next" because they don't understand what's presented to them, not because they don't care.

Reply Parent Score: 1