[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] mac trojan in-the-wild
- To: full-disclosure@xxxxxxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx
- Subject: Re: [Full-disclosure] mac trojan in-the-wild
- From: Nick FitzGerald <nick@xxxxxxxxxxxxxxxxxxx>
- Date: Fri, 02 Nov 2007 18:54:05 +1300
Adam St. Onge wrote:
> So if i put a picture of a naked girl on a website and said to see more you
> must open a terminal and enter "rm -rf".
> Would we consider this a trojan...or just stupidity?
That would be "just stupidity", to use your terminology.
"Trojan functionality" is a feature of the code of interest. Here
there is no such code, just a user directly executing a (rather ill-
advised) system command.
The difference between what you describe and this new Mac trojan is
that in the latter case the user accepts "the code of interest" as
being "code to do something s/he wants" which turns out to also/instead
be "code designed to do something s/he doesn't want" (there are no
absolutely hard and fast definitions of "Trojan" in this context, so
sorry if that seems a bit waffly, but generally "code of interest" will
be some part of the fucntionality of an interpreted or executed
program).
So, what you describe is _not_ a Trojan but _does_ involve social
engineering.
Regards,
Nick FitzGerald
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/