[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] mac trojan in-the-wild

To: "'Paul Schmehl'" <pauls@xxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxxx>, <bugtraq@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] mac trojan in-the-wild
From: "David Harley" <david.a.harley@xxxxxxxxx>
Date: Sat, 3 Nov 2007 10:00:53 -0000

> you'll be *prompted* for 
> the root password, not asked to run it as root.  Big 
> difference, and one that many users do not appreciate at all.

Good point. A lot has been made of the number of steps involved, but if you
accept the manifest impossibility that -any- Mac user would ever fall for
social engineering, it really isn't that hard to wind the garrotte round
your own neck.

--
David Harley
AVIEN Interim Administrator: http://www.avien.org 
http://www.smallblue-greenworld.co.uk  



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] mac trojan in-the-wild
  - From: Gadi Evron
- Re: [Full-disclosure] mac trojan in-the-wild
  - From: Thor (Hammer of God)
- Re: [Full-disclosure] mac trojan in-the-wild
  - From: Alex Eckelberry
- Re: [Full-disclosure] mac trojan in-the-wild
  - From: Peter Besenbruch
- Re: [Full-disclosure] mac trojan in-the-wild
  - From: Paul Schmehl

Prev by Date: Re: [Full-disclosure] mac trojan in-the-wild -- antair restored
Next by Date: [Full-disclosure] eBay redirects: next step in fake blogs and web search abuse
Previous by thread: Re: [Full-disclosure] mac trojan in-the-wild
Next by thread: Re: [Full-disclosure] mac trojan in-the-wild
Index(es):
- Date
- Thread