I'm not "brainwashed;" I'm simply pointing out that with the Mac you get a tiny form factor, built-in Bluetooth and Airport wireless, a suite of award-winning applications that let you edit HD movies and DVDs (that's not planning and sanctioning my life, that's letting me handle media like every OS should), other bundled applications like QuickBooks 2006 and Comic Life, Firewire built in right onto the bus and not as an "add-in card," and the increased reliability of Mac hardware and software, which means the computer won't break down in six months like the Dell, and it won't be plagued with viruses and trojans in Windows.
It's clear that the Mac mini is the much better value. Don't even get started on the iMac Core Duo which is the greatest value out there right now for a computer with those specs, and all the top business mags agree.
MacWorld and other sites have already done feature-for-feature price comparisons.
Just running out and finding the cheapest Dell computer and comparing it to the cheapest Apple computer while completely ignoring the DVD burner in the Mac, the Firewire and USB ports, the DVI connector, the iLife suite, and so on is just anti-Apple FUD.
Dvorak revealed this ridiculous column topic last week on This Week In Tech, and even Leo Laporte turned to him and asked, "Are you nuts?" I knew as soon as Dvorak explained the subject of the column that it would probably get posted to Slashdot even though it's just crazy blather from the misinformed Dvorak. And it was. He's Jon Katz without the Slashdot employment.
I keep hearing this troll, but nobody ever proves it, and several price matches with Dell disprove it. What is "overpriced" about Apple's hardware? I'm paying for lots more features, much higher quality, and a much smaller form factor.
OS X is icing on the cake as far as I'm concerned. Try an iMac sometime, it's the future of computer design today.
If a password prompt is appearing for a supposed JPEG, you know something is up. Safari already warned it was an application in the first place. That prompt means OS X is a secure system that requires the user's permission before running any automated processes.
Safari scanning compressed files and warning users that it's got an executable (requiring the user to click "Download" to continue) means this is a user flaw, not a system flaw. Other browsers warn too, though not for compressed files, but that means this isn't an OS X virus or trojan but a user-run program. And even so, applications like this that attempt to modify the system or the user's settings (like InputManager) require a password. A program written "inside of the user's space" as you put it wouldn't have much to do and wouldn't propagate.
1.) When you start to download this.tgz file in Safari, it warns you that it's an application and asks if you want to continue. Safari auto-scans all downloads that way.
2.) When you run this program, it brings up a password prompt to ask for your permission.
God, how much more does Apple have to do to tell you it's an executable and not a simple JPEG?
1.) Several proof-of-concept viruses have been written for OS X in the past, so this isn't the "first." They never propagate.
2.) When you download this.tgz file in Safari, Safari warns you that it's an application, and you have to click to continue.
3.) When you run it, an admin password prompt is displayed by OS X, and you have to enter it to continue.
Like I said--FUD of the day.
Re:If it's anywhere, it will be through Bonjour
on
First Mac OS X Virus?
·
· Score: 1
As long as OS X pops up a password prompt any time a program tries to be malicious, it's already protecting you from abuses. When the user gives the program permission to run by supplying their password, that makes it a user-run program and not a system flaw exploit.
Re:You can't man a .app look like a .jpg in OS X
on
First Mac OS X Virus?
·
· Score: 1
They're saved by the password prompt. That's the point where the user is the one giving the permission for the app to run, meaning it's not the fault of the OS. Regardless, I have a feeling Apple will modify the text of the prompt to more greatly clarify that an executable application is asking for permission and it's not just OS X asking for a password for something.
Re:You can't man a .app look like a .jpg in OS X
on
First Mac OS X Virus?
·
· Score: 1
Plain executables don't even run from the Finder. Finder wants well-formed.app bundles.
You forgot the most important part. OS X brings up a password prompt. That effectively stops any destructive program in its tracks and any automated hooking processes. On a secure system that requires the user to enter a password to grant the program permission to do what it does, that changes it from a virus/trojan to a mere user-run program.
Social engineering is a whole other issue from actual OS flaws (like the WMF vulnerability in Windows), but in this case OS X is still protecting you by prompting for your permission for this app to run.
Regardless, I imagine in the next OS X Tiger update, Apple will change the text of the password prompt to say "This program needs your password to run" instead of whatever it says now (I think it's "OS X needs your password") to make sure people realize it's an executable asking for permission.
Quite true, but the point is that this isn't an OS X security flaw. The fact a password prompt pops up means OS X is already protecting you from this kind of attack to begin with and preventing any automatic hooking processes.
Any system-damaging program could be written for any OS. But when it requires the user's entered password to run it, that means it's not a virus or a trojan at all but a user-run program.
Every year, one of these goofy "OS X viruses" pops up, and everyone has to remind people that it pops up a password and specifically requires the user to grant it privileges to run. Contrast with the Windows world, where simply viewing a WMF automatically ran code without user intervention. That's the difference and is what makes this a non-starter in comparison.
Icons can be changed because OS X is a user-customizable system. My USB drives each have a custom icon to distinguish themselves from each other.
The difference between this and Windows is that OS X doesn't run you in a root account (root isn't even enabled without a special Terminal command), and running this will give you a password prompt.
That immediately means it's not an OS X flaw. Anyone could write any destructive program they wanted to, but because it would require a password, that doesn't make it a virus or trojan. The difference here is someone copied and pasted the JPEG icon, so it's tricking people into clicking it. But again, the password prompt comes up, preventing any automated processes as in Windows trojans which just silently hook themselves and run.
People is critizing Windows for not providing "security" measures against those files so I don't see why you wouldn't do the same for mac os x
OS X gives a password prompt, so it IS providing security measures against these types of files (so to answer the headline, no, this isn't the "first OS X virus"), but Windows doesn't present a password prompt at all--viruses just silently run and hook themselves into the registry and other system files, hence the criticism. That's not a double-standard; it's justified criticism toward a dominant operating system that still runs the majority of its users in a full root access account in the year 2006.
The flaw is that a file of one type is able to present itself as a file of another. This flaw was widely exploited in Windows a few years ago with the notorious "britney.jpg.vbs" type attacks, in which even though the icon was wrong (!!) people saw the file extension and opened it.
I think people are misunderstanding how OS X handles file type icons. The file isn't presenting itself as a file of another type. If you did a Get Info, it would still say Application. On OS X, you can copy and paste any icon into file in the Get Info window. I have cool Mario icons for my various external USB drives. Someone just copied and pasted the JPEG icon in this case.
The fact that clicking this thing prompts for a password means OS X is correctly protecting you from this kind of an attack. Beyond that, anyone entering the password and enabling admin access for this program is at fault, not OS X.
1.) This isn't the "first OS X virus." Several other proof-of-concept attempts have been written over the users, notably MP3Concept.
2.) This doesn't quality as a virus, it's more of a trojan.
3.) The fact it prompts for your password immediately renders it useless and ineffective as a trojan. I could write an AppleScript that deleted all of your system files but required your password to be entered for it to run--that doesn't mean I've written the "first OS X virus." It just means I've written a goofy program that relies on stupidity, which would be the same as any other password-based system in the world and not an OS flaw.
I was expecting a bunch of rampant Apple-bashing in the comments here, but it seems a lot of people are recognizing that this is non-news. Another password-required proof-of-concept that doesn't really do anything.
My file extensions show by default in all the OS X Tiger installations I've handled.
Regardless, this "virus" pops up an admin password prompt, like every other proof-of-concept OS X trojan that's been written in the past, which effectively stops it in its tracks. This isn't really news except to Apple-haters who can go "SEE NOW U'VE GOT VIRUSES LOLZ."
Don't blame Oracle (since it's their right to buy software); blame the people selling to Oracle.
Re:This should not be considered hacking
on
OSx86 Cracked Again
·
· Score: 1
Why is it their business to try to prevent that?
Because someone always posts the DVD image to all the torrent sites, and the warez monkeys spread it around over night so nobody has to pay Apple a cent.
Posted AC, because it costs mod points to say anything against Apple on slashdot.
Bullshit. Lots of Apple criticism gets modded up. You just ignore it when it happens.
Whoa, whoa, whoa. I'm on board that just "downloading a DVD" is unethical, but if I BUY an official copy of OS/X, then who the hell is Steve Jobs to tell me what I can or can't do with it?
Steve Jobs doesn't care about something called "OS/X.":) OS X, maybe.
This is one of the main reasons I dislike Apple as a company: the arrogance. Steve wants to tell me what I can and can't play on an iPod (e.g., suing Real). Steve wants to tell me what I can and can't do with software I buy. Frankly, screw Steve!
Preventing OS X from being pirated isn't "arrogance." You're projecting perceptions all over Apple. OS X is a big feature of the Mac, and Apple makes its money selling hardware. It has every right to protect one of the Mac's big features. More importantly, it's not arrogant to not want your operating system pirated so that freeloaders don't have to pay for it.
Steve Jobs isn't "telling you" to do anything. If you don't like it, DON'T BUY AN IPOD OR MAC, dummy! Get something else instead so you don't have to bitch.
Apple could be so much more successful if they would stop being such a-hole control freaks and just sell their products and embrace people wanting to use THE SOFTWARE AND HARDWARE THAT THEY FREAKING OWN the way the want to.
Apple Macs are so successful specifically because they're control freaks. Their machines just work, because of the vertical integration--the same company writing the software and making the hardware. You clearly have no idea how the Apple business model functions. OS X on generic PCs would become as unstable as Windows.
Apple's been doing pretty damned well lately, so I think Steve Jobs knows what he's doing.
Re:If you replace enough files...
on
OSx86 Cracked Again
·
· Score: 4, Insightful
Ethics doesn't come into play in a piracy discussion. People will ALWAYS invent new justifications to wiggle out of the undeniable truth that piracy is unethical, and that you're preventing the people who made the work from getting paid that day.
In the music piracy world, it's "the RIAA made us do it!" In the PC game world, it's "the greedy publishers made us do it!" Always something to blame for your getting free shit except yourself.
Re:Yup as long as Dell isn't doing it
on
OSx86 Cracked Again
·
· Score: 4, Insightful
The fact of the matter is that Apple doesn't really care about people running OSX on a non-apple system.
They don't? Why would OS X have security measures then? Steve Jobs himself has spoken out against such "theft."
It's money in their pocket either way.
How is it money in their pocket when someone pirates a cracked DVD of OS X? Apple isn't getting a cent. It's just more freeloaders who don't want to pay for stuff and think that's a valid reason to pirate everything under the sun.
Slashdot Mirror
I'm not "brainwashed;" I'm simply pointing out that with the Mac you get a tiny form factor, built-in Bluetooth and Airport wireless, a suite of award-winning applications that let you edit HD movies and DVDs (that's not planning and sanctioning my life, that's letting me handle media like every OS should), other bundled applications like QuickBooks 2006 and Comic Life, Firewire built in right onto the bus and not as an "add-in card," and the increased reliability of Mac hardware and software, which means the computer won't break down in six months like the Dell, and it won't be plagued with viruses and trojans in Windows.
It's clear that the Mac mini is the much better value. Don't even get started on the iMac Core Duo which is the greatest value out there right now for a computer with those specs, and all the top business mags agree.
MacWorld and other sites have already done feature-for-feature price comparisons.
Just running out and finding the cheapest Dell computer and comparing it to the cheapest Apple computer while completely ignoring the DVD burner in the Mac, the Firewire and USB ports, the DVI connector, the iLife suite, and so on is just anti-Apple FUD.
Dvorak revealed this ridiculous column topic last week on This Week In Tech, and even Leo Laporte turned to him and asked, "Are you nuts?" I knew as soon as Dvorak explained the subject of the column that it would probably get posted to Slashdot even though it's just crazy blather from the misinformed Dvorak. And it was. He's Jon Katz without the Slashdot employment.
I keep hearing this troll, but nobody ever proves it, and several price matches with Dell disprove it. What is "overpriced" about Apple's hardware? I'm paying for lots more features, much higher quality, and a much smaller form factor.
OS X is icing on the cake as far as I'm concerned. Try an iMac sometime, it's the future of computer design today.
If a password prompt is appearing for a supposed JPEG, you know something is up. Safari already warned it was an application in the first place. That prompt means OS X is a secure system that requires the user's permission before running any automated processes.
Safari scanning compressed files and warning users that it's got an executable (requiring the user to click "Download" to continue) means this is a user flaw, not a system flaw. Other browsers warn too, though not for compressed files, but that means this isn't an OS X virus or trojan but a user-run program. And even so, applications like this that attempt to modify the system or the user's settings (like InputManager) require a password. A program written "inside of the user's space" as you put it wouldn't have much to do and wouldn't propagate.
1.) When you start to download this .tgz file in Safari, it warns you that it's an application and asks if you want to continue. Safari auto-scans all downloads that way.
2.) When you run this program, it brings up a password prompt to ask for your permission.
God, how much more does Apple have to do to tell you it's an executable and not a simple JPEG?
This story is the biggest FUD of the day.
.tgz file in Safari, Safari warns you that it's an application, and you have to click to continue.
1.) Several proof-of-concept viruses have been written for OS X in the past, so this isn't the "first." They never propagate.
2.) When you download this
3.) When you run it, an admin password prompt is displayed by OS X, and you have to enter it to continue.
Like I said--FUD of the day.
As long as OS X pops up a password prompt any time a program tries to be malicious, it's already protecting you from abuses. When the user gives the program permission to run by supplying their password, that makes it a user-run program and not a system flaw exploit.
They're saved by the password prompt. That's the point where the user is the one giving the permission for the app to run, meaning it's not the fault of the OS. Regardless, I have a feeling Apple will modify the text of the prompt to more greatly clarify that an executable application is asking for permission and it's not just OS X asking for a password for something.
Plain executables don't even run from the Finder. Finder wants well-formed .app bundles.
You forgot the most important part. OS X brings up a password prompt. That effectively stops any destructive program in its tracks and any automated hooking processes. On a secure system that requires the user to enter a password to grant the program permission to do what it does, that changes it from a virus/trojan to a mere user-run program.
Social engineering is a whole other issue from actual OS flaws (like the WMF vulnerability in Windows), but in this case OS X is still protecting you by prompting for your permission for this app to run.
Regardless, I imagine in the next OS X Tiger update, Apple will change the text of the password prompt to say "This program needs your password to run" instead of whatever it says now (I think it's "OS X needs your password") to make sure people realize it's an executable asking for permission.
over the users
Whoops--over the years!
Quite true, but the point is that this isn't an OS X security flaw. The fact a password prompt pops up means OS X is already protecting you from this kind of attack to begin with and preventing any automatic hooking processes.
Any system-damaging program could be written for any OS. But when it requires the user's entered password to run it, that means it's not a virus or a trojan at all but a user-run program.
Every year, one of these goofy "OS X viruses" pops up, and everyone has to remind people that it pops up a password and specifically requires the user to grant it privileges to run. Contrast with the Windows world, where simply viewing a WMF automatically ran code without user intervention. That's the difference and is what makes this a non-starter in comparison.
Icons can be changed because OS X is a user-customizable system. My USB drives each have a custom icon to distinguish themselves from each other.
The difference between this and Windows is that OS X doesn't run you in a root account (root isn't even enabled without a special Terminal command), and running this will give you a password prompt.
That immediately means it's not an OS X flaw. Anyone could write any destructive program they wanted to, but because it would require a password, that doesn't make it a virus or trojan. The difference here is someone copied and pasted the JPEG icon, so it's tricking people into clicking it. But again, the password prompt comes up, preventing any automated processes as in Windows trojans which just silently hook themselves and run.
People is critizing Windows for not providing "security" measures against those files so I don't see why you wouldn't do the same for mac os x
OS X gives a password prompt, so it IS providing security measures against these types of files (so to answer the headline, no, this isn't the "first OS X virus"), but Windows doesn't present a password prompt at all--viruses just silently run and hook themselves into the registry and other system files, hence the criticism. That's not a double-standard; it's justified criticism toward a dominant operating system that still runs the majority of its users in a full root access account in the year 2006.
The flaw is that a file of one type is able to present itself as a file of another. This flaw was widely exploited in Windows a few years ago with the notorious "britney.jpg .vbs" type attacks, in which even though the icon was wrong (!!) people saw the file extension and opened it.
I think people are misunderstanding how OS X handles file type icons. The file isn't presenting itself as a file of another type. If you did a Get Info, it would still say Application. On OS X, you can copy and paste any icon into file in the Get Info window. I have cool Mario icons for my various external USB drives. Someone just copied and pasted the JPEG icon in this case.
The fact that clicking this thing prompts for a password means OS X is correctly protecting you from this kind of an attack. Beyond that, anyone entering the password and enabling admin access for this program is at fault, not OS X.
Precisely.
1.) This isn't the "first OS X virus." Several other proof-of-concept attempts have been written over the users, notably MP3Concept.
2.) This doesn't quality as a virus, it's more of a trojan.
3.) The fact it prompts for your password immediately renders it useless and ineffective as a trojan. I could write an AppleScript that deleted all of your system files but required your password to be entered for it to run--that doesn't mean I've written the "first OS X virus." It just means I've written a goofy program that relies on stupidity, which would be the same as any other password-based system in the world and not an OS flaw.
I was expecting a bunch of rampant Apple-bashing in the comments here, but it seems a lot of people are recognizing that this is non-news. Another password-required proof-of-concept that doesn't really do anything.
My file extensions show by default in all the OS X Tiger installations I've handled.
Regardless, this "virus" pops up an admin password prompt, like every other proof-of-concept OS X trojan that's been written in the past, which effectively stops it in its tracks. This isn't really news except to Apple-haters who can go "SEE NOW U'VE GOT VIRUSES LOLZ."
Huh? That doesn't make any sense. It their right to sell to Oracle also.
I'm saying if people are going to get mad at Oracle for buying up MySQL backends, they should get mad at the people selling them.
Don't blame Oracle (since it's their right to buy software); blame the people selling to Oracle.
Why is it their business to try to prevent that?
Because someone always posts the DVD image to all the torrent sites, and the warez monkeys spread it around over night so nobody has to pay Apple a cent.
Posted AC, because it costs mod points to say anything against Apple on slashdot.
Bullshit. Lots of Apple criticism gets modded up. You just ignore it when it happens.
Whoa, whoa, whoa. I'm on board that just "downloading a DVD" is unethical, but if I BUY an official copy of OS/X, then who the hell is Steve Jobs to tell me what I can or can't do with it?
:) OS X, maybe.
Steve Jobs doesn't care about something called "OS/X."
This is one of the main reasons I dislike Apple as a company: the arrogance. Steve wants to tell me what I can and can't play on an iPod (e.g., suing Real). Steve wants to tell me what I can and can't do with software I buy. Frankly, screw Steve!
Preventing OS X from being pirated isn't "arrogance." You're projecting perceptions all over Apple. OS X is a big feature of the Mac, and Apple makes its money selling hardware. It has every right to protect one of the Mac's big features. More importantly, it's not arrogant to not want your operating system pirated so that freeloaders don't have to pay for it.
Steve Jobs isn't "telling you" to do anything. If you don't like it, DON'T BUY AN IPOD OR MAC, dummy! Get something else instead so you don't have to bitch.
Apple could be so much more successful if they would stop being such a-hole control freaks and just sell their products and embrace people wanting to use THE SOFTWARE AND HARDWARE THAT THEY FREAKING OWN the way the want to.
Apple Macs are so successful specifically because they're control freaks. Their machines just work, because of the vertical integration--the same company writing the software and making the hardware. You clearly have no idea how the Apple business model functions. OS X on generic PCs would become as unstable as Windows.
Apple's been doing pretty damned well lately, so I think Steve Jobs knows what he's doing.
Ethics doesn't come into play in a piracy discussion. People will ALWAYS invent new justifications to wiggle out of the undeniable truth that piracy is unethical, and that you're preventing the people who made the work from getting paid that day.
In the music piracy world, it's "the RIAA made us do it!" In the PC game world, it's "the greedy publishers made us do it!" Always something to blame for your getting free shit except yourself.
The fact of the matter is that Apple doesn't really care about people running OSX on a non-apple system.
They don't? Why would OS X have security measures then? Steve Jobs himself has spoken out against such "theft."
It's money in their pocket either way.
How is it money in their pocket when someone pirates a cracked DVD of OS X? Apple isn't getting a cent. It's just more freeloaders who don't want to pay for stuff and think that's a valid reason to pirate everything under the sun.