Macs don't have viruses?

[shawn modersohn]

On that same subject, is there a virus you can get that is not in the form
of double clicking on something? I seem to remember a virus called nimda
that spread over a network, even including just being connected to your isp.
As I said earlier, I scan any file I get, kazaa, email, etc. and I do not
update all that often. In fact, from w2k sp2 - sp3, I downloaded not one
hotfix. What are the risks of a virus as long as I scan my files?

Sorry for the string of posts, but I am tired and as soon as I click send I
think of something I forgot to mention. I realize of course there is a risk
that my virus scanner does not yet recognize the virus (I do update virus
def's frequently).

 

[Indigo Moon Man]

I didn't like Mozilla. First, the browser had a lot of bugs, and a lot of
rendering problems. I also didn't like it's mail and newsreader. The last
version I used was 1.4.

What platform were you using it on? I've used it on both Linux and Windows
with no problems at all. But I use the browser only because I don't like
the Mozilla mail or newsreader either.

 

[newstome]

Ok.

Websters International
Main Entry: vi·rus
Pronunciation: 'vI-r&s
Function: noun
Plural: virii
Etymology: Latin, venom, poisonous emanation; akin to Greek ios poison,
Sanskrit visa; in senses 2 & 4, from New Latin, from Latin Date: 1599
1 archaic : VENOM 1
2 a : the causative agent of an infectious disease b : any of a large
group of submicroscopic infective agents that are regarded either as
extremely simple microorganisms or as extremely complex molecules, that
typically contain a protein coat surrounding an RNA or DNA core of genetic
material but no semipermeable membrane, that are capable of growth and
multiplication only in living cells, and that cause various important
diseases in humans, lower animals, or plants; also : FILTERABLE VIRUS c :
a disease caused by a virus 3 : something that poisons the mind or soul
<the force of this virus of prejudice -- V. S. Waters> 4 : a computer
program usually hidden within another seemingly innocuous program that
produces copies of itself and inserts them into other programs and that
usually performs a malicious action (as destroying data)

If you go to www.m-w.com, you'll see exactly that definition, except
with one change: the "Plural" line you have above is missing. Fess
up -- you added that yourself, didn't you?

 

[Guillermito]

(e-mail address removed) :

If you go to www.m-w.com, you'll see exactly that definition, except
with one change: the "Plural" line you have above is missing. Fess
up -- you added that yourself, didn't you?

Haha, that is true, indeed.

"When reality does not fit to what you believe it should be, change
the reality"

 

[Peter Young]

What do you mean about the outlook response being "sure no problem"?
Is there a virus out there
that as soon as it touches outlook I am f'd?

Yes. At least so long as you use the Auto-Preview window:
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

Outlook Express is designed for ease-of-use with little-to-no eye towards
security. The fact that it uses InternetExploder to preview HTML emails is a
weakness that has been and will continue to be exploited. It's a decent
email client from a useability standpoint, but secure it is not.

 

[Peter Young]

I see you have no idea what you are talking about. Windows has the most
viruses because Windows is so damn easy to infect. Outlook being populuar
with people who don't have a bloody clue, its autoexecute of attachments
feature has made the spreading of viruses a nonbrainer.

Autoexecute of attachments feature? Since when?

And you're accusing others of not knowing of what they speak?

 

[Peter Young]

I see you have no idea what you are talking about. Windows has the most
viruses because Windows is so damn easy to infect. Outlook being populuar
with people who don't have a bloody clue, its autoexecute of attachments
feature has made the spreading of viruses a nonbrainer.

Autoexecute of attachments feature? Since when?

And you're accusing others of not knowing of what they speak?

 

[FromTheRafters]

Thanks for posting this. I too was under the mistaken impression that virii
was a word.

It is, it is slang for more than one computervirus.
...now what's the latin word for computervirus?

 

[FromTheRafters]

It's nearly impossible to infect a linux/unix system (which includes Mac
OS/X) via email.

Yes, much more difficult.

First you have to save the attachment, then you have to
specifically make the file an executable, then you have to execute it. No
one with half a brain would do that with a file from an unknown sender.

If we are talking about "viruses", then the spreading vector would
more likely be from "known and trusted" senders anyway. Even
e-mail vector worms can and do come from known senders on
occasion.

You can thank microsoft for making viruses and worms so common in windows.

Yes, much is due to their coding, and general lack of security concerns.

Outlook's security is like having a 5 year old child guard your front door.
The kid will let anyone in who asks. Virus says, "Hi, I'm an executable
file from an unknown source that does god knows what to your system, please
execute me." Outlook responds, "Sure, no problem."

Isn't there a stupid user somewhere in that scenario?

 

[Terry Austin]

A friend of mine is very proud of his Mac and makes the claim that
Macs don't get viruses.

Is this true? Or is he kidding me?

He's full of shit.

--
Larry Flynt for Governor
Bringing dignity back to the Governor's Mansion

Terry Austin
(e-mail address removed)

 

[Jim Watt]

There are a very few native Mac viruses, and a lot of people run Office
on Macs so they can get the Office viruses.
However, thanks to the way Macs work and the way Mac users work, the
infection routes are rarely available.

I have a Z80 based CP/M machine and there are no virus's for that
as its obsolete junk too.

 

[FromTheRafters]

***
What do you mean about the outlook response being "sure no problem"? I
use Outlook Express and I am well aware of its common perception as being
the worst in terms of security.
***

Outlook and Outlook Express are different programs. I use OE also,
but I do apply patches when I feel the need to. I haven't had any of
the problems with autoexecuting that both O and OE have because
I have applied most of the critical patches.

[snip]

Plenty of malware can be autoexecuted on your machine if you
neglect to apply critical patches. The exploit that Blaster used
could be used to run *anything* that the intruder wanted to run.
It just so happened that the worm's creator wanted to run the
worm executable via the exploit.

I seem to remember a virus called nimda

Proper configuration, and patches again would be more important
than AV in preventing another malware from using the exploit(s) that
this worm uses. The AV would only intervene for *that* malware
and be blind to any *new* ones.

Sorry for the string of posts, but I am tired and as soon as I click send I
think of something I forgot to mention. I realize of course there is a risk
that my virus scanner does not yet recognize the virus (I do update virus
def's frequently).

There is still a wide open window of opportunity for malware to
get active on your machine if all you depend upon is AV to save
your butt. I think that you should rethink your considerations
with regard to patches.

 

[FromTheRafters]

Hi,



For your reference microsoft had the msblast patch ready months before it
even existed

There is no such thing as an MSBlast patch.

There was a vulnerability brought to light, then exploit code written,
then pretty quickly a patch was made available. The exploit code
was used to introduce worm code to the processor (Blaster), but
the patch was made (and named) before Blaster even existed, so
it could hardly be a MSBlast patch.

It is important to distinguish between vulnerabilty patches and
AV definitions so that some users don't think that they are okay
not to apply the patch because they have updated their AV to
catch the worm.

The vulnerability is more important to address than the worm is.

A lot of virusses are written after somebody else already has discovered a
vulnerability.

As is the case with Blaster. Sometimes the worm creator doesn't
even make trivial changes to the exploit code (such as label names
or text strings in script exploit code).

 

[JR]

<snip>


That's not correct. Unless by "OpenBSD", you mean "FreeBSD".
http://developer.apple.com/internet/macosx/intro.html



-WD

OpenBSD came from FreeBSD when Theo got pissed off with the FreeBSD people.
So the OS X could have came from either as their roots are the same.

 

[Chris Mattern]

Ok.

Websters International
Main Entry: vi·rus
Pronunciation: 'vI-r&s
Function: noun
Plural: virii

^^^^^^^^^^^^^^^^
Y'know, it's weird, but *my* edition of Webster's International doesn't
have this line. Must be defective, huh?

http://www.m-w.com/

Etymology: Latin, venom, poisonous emanation; akin to Greek ios poison,
Sanskrit visa; in senses 2 & 4, from New Latin, from Latin Date: 1599
1 archaic : VENOM 1
2 a : the causative agent of an infectious disease b : any of a large
group of submicroscopic infective agents that are regarded either as
extremely simple microorganisms or as extremely complex molecules, that
typically contain a protein coat surrounding an RNA or DNA core of genetic
material but no semipermeable membrane, that are capable of growth and
multiplication only in living cells, and that cause various important
diseases in humans, lower animals, or plants; also : FILTERABLE VIRUS c :
a disease caused by a virus 3 : something that poisons the mind or soul
<the force of this virus of prejudice -- V. S. Waters> 4 : a computer
program usually hidden within another seemingly innocuous program that
produces copies of itself and inserts them into other programs and that
usually performs a malicious action (as destroying data)

Chris Mattern

 

[Martin C.E.]

It's nearly impossible to infect a linux/unix system (which

includes Mac OS/X) via email.

What you write might be suggesting that the Mac OS is in some way
connected to Unix.

Is this correct? is there a conection?

 

[Chris Mattern]

^^^^^^^^^^^^^^^^
Y'know, it's weird, but *my* edition of Webster's International doesn't
have this line. Must be defective, huh?

http://www.m-w.com/

Not only that, but you couldn't even get the format
correct. Here's how Mirriam-Webster *actually*
denotes irregular plurals...

Main Entry: oc·to·pus
Pronunciation: 'äk-t&-p&s, -"pus
Function: noun
Inflected Form(s): plural -pus·es or oc·to·pi /-"pI/

Chris Mattern

 

[Robert Lee]

What you write might be suggesting that the Mac OS is in some way
connected to Unix.

Is this correct? is there a conection?

Uh, yeah. OS X is based on Free BSD. The Mac is now a *NIX system.

--Robert (where have you been?)

 

[FromTheRafters]

[snipped]

I see you have no idea what you are talking about. Windows has the most
viruses because Windows is so damn easy to infect. Outlook being populuar
with people who don't have a bloody clue, its autoexecute of attachments
feature has made the spreading of viruses a nonbrainer.

Autoexecute of attachments feature? Since when?

I think he refers to the inline content feature being abused via
the "Incorrect MIME type" vulnerability. Calling it an autoexecute
of attachments feature is a bit of a troll I think.

 

[Moonlit]

Hi,

I think the roman used to call that

abacus virus.

When there abacus was infected again by some barbarian virus writer.

Regars, Ron AF Greve.

;-)