Slashdot Mirror

← Back to Stories (view on slashdot.org)

Worm Claimed For Apple OS X

Posted by kdawson on from the apple-trees-have-roots-too dept.

SkiifGeek writes "Controversy is slowly building over the development of a claimed new worm that targets OS X systems, dubbed by its inventor Rape.osx. Using a currently undisclosed vulnerability in mDNSResponder, the worm is said to give access to root as it spreads across the local network. As with a number of recent Apple-related security discoveries, the author, InfoSec Sellout, is delaying reporting the vulnerability to Apple until after completing full testing of the worm. While the worm has yet to leave a testing environment (with 1,500 OS X systems), it is bound to join the likes of Inqtana and Leap as known OS X malware."

4 of 398 comments (clear)

  1. Malware vs Media Run Amuck by DECS · · Score: 0, Flamebait

    This is about a potential exploit of Bonjour that Apple has apparently already patched.

    There is no information on how it is started or spread. Usually when worms appear, they've already plowed through several million dollars worth of damage. Since a Mac worm would have to rely on a lot of planets aligning (ie, enough Macs running in the same subnet, configured similarly, and the worm being spawned by a user) it would be hard to imagine what kind of problems such a theoretical exploit would cause.

    It is easier to understand the intent and propagation of a media worm, which infects all the IDG and CNET publications and spawns out FUD about how Macs have theoretical exploits that are generating more stories than the actual exploits available for Windows.

    Given that the creator of the "worm framework" explicitly says in the article that he is getting paid to develop it to show "Apple Computers are just as susceptible to Malware as Windows based ones."

    What is malware? Slashdot cites Inqtana and Leap as known Mac OS X malware, but InqTana was a proof on concept worm designed to spread between Macs with Bluetooth file sharing enabled. It only ever existed in a lab and its propagation method has since been patched. InqTana

    Leap is a trojan for iChat that is unable to replicate. It is as dangerous as sending someone a chat request and telling them to pour water on their computer.

    This new Bonjour exploit is as yet an unproven claim. We know there are over 10,000 live malware products for Windows. So it's not really true that Macs are just as susceptible (ie "likely or liable to be influenced or harmed by a particular thing") or there would be real problems for Mac users.

    That doesn't mean there will never be Mac exploits or security problems and that users needn't bother to be concerned about security issues, but it does highlight the absurdity of a media willing to repeat the unproven claims of a nobody.

    Of course, if you're worried about Bonjour worms, you shouldn't run unknown software, and you shouldn't join unknown wireless networks with your Mac. It's hard to imagine that this will cause any damage outside of the bloggers who repeat it without any criticism as proof that "Macs can have malware!"

  2. Re:Actually... by kestasjk · · Score: 0, Flamebait

    The only people I always see spouting such crap are the people who claim to hate Apple fanboys. I've never seen an Apple fanboy make absurd claims like yours. This is like a fucking self-fullfilling prophecy. Every damn article about Apple is run over by stupid Anti-Apple trolls who write hundreds of comments laughing about imaginary Apple fanboys and the imaginary stupid things they say.

    Here's an idea: Shut up, and let those who are interested in the article discuss it. Thanks. Actually I'm mostly repeating arguments people have made against me here (I'm not a subscriber so I can't look up the ridiculous arguments I've had). I've spoken to people on this site who argue about how local vulnerabilities don't matter (on Macs), how market share isn't the reason for there being fewer OS X vulnerabilities, etc, etc.

    Most of all we all rip on Windows when a vulnerability is found, so don't take it personally when the same happens to your OS.
    --
    // MD_Update(&m,buf,j);
  3. Re:Actually... by kestasjk · · Score: 0, Flamebait

    So far, all I'm seeing is "Mac fanboys are stupid LOL." For most people a fanboy is defined as someone who supports and defends something blindly, and is stupid by definition.

    You rip on people who allegedly claim the vulnerabilities don't matter. And I don't see these people anywhere. I Googled the frustrating convo I had, though I shouldn't have to do this to convince you that Mac fanboys exist.
    Here, here (see the responses), ah this is the one I was looking for: here. Total denial in all three of these, and you see total denial of any vulnerabilities.

    My earlier satire was based entirely on my experience arguing with fanboys here on /.; you can't tell me that they don't exist and don't deserve some mockery when their false sense of security falls like a house of cards.
    I'm not against Apple's products (though I admit I do think they're overrated, and I hate their marketing), but I am against fanboys. My post was only talking about fanboys and their reaction to vulnerabilities, not about the vulnerability itself.
    --
    // MD_Update(&m,buf,j);
  4. Re:Actually... by kestasjk · · Score: 0, Flamebait

    On being provoked; if I had done it because I felt provoked the countless "haha" comments in the MS Word discussion are provocation enough.

    Actually though I posted it to have a laugh at the expense of fanboys. If you're a reasonable Apple user who doesn't like Apple products because you like the brand you should find it as funny as anyone else.

    --
    // MD_Update(&m,buf,j);