New To Mac-Forums?

Welcome to our community! Join the discussion today by registering your FREE account. If you have any problems with the registration process, please contact us!

Get your questions answered by community gurus Advice and insight from world-class Apple enthusiasts Exclusive access to members-only contests, giveaways and deals

Join today!

 
Start a Discussion
 

Mac-Forums Brief

Subscribe to Mac-Forums Brief to receive special offers from Mac-Forums partners and sponsors

Join the conversation RSS
OS X - Operating System General OS operation information and support

OS 10.4 - spyware


Post Reply New Thread Subscribe

 
Thread Tools
fastjet

 
Member Since: Sep 01, 2006
Posts: 30
fastjet is on a distinguished road

fastjet is offline
Has anybody heard if spyware can get onto your mac?
Iv'e just bought my first Mac and I was wondering if there is any good software about at the moment.
Apple don't mention problems with spyware or in fact how you protect your email account etc.
I used to run a win xp pro sys and I had to protect it by using Zonelabs.
Appreciate any comments on this subject guys, I'm new to owning a mac and still finding my way around.
QUOTE Thanks
Roo

 
Member Since: Aug 07, 2006
Posts: 48
Roo will become famous soon enough

Roo is offline
http://www.apple.com/getamac/viruses.html

QUOTE Thanks
fastjet

 
Member Since: Sep 01, 2006
Posts: 30
fastjet is on a distinguished road

fastjet is offline
Quote:
Originally Posted by Roo
hey dude thanks for the link, quite an eye opener considering Iv'e always used window based systems. I had no idea the mac was so secure in comparison.
QUOTE Thanks
Logan
Guest
 
Posts: n/a

Quote:
Originally Posted by fastjet
hey dude thanks for the link, quite an eye opener considering Iv'e always used window based systems. I had no idea the mac was so secure in comparison.
Viruses usually are related to the operating system (Since that is specifically what the virus is written for), but can also be related to software. So remember, that the software you run can be a culprit to compromising your security too. Granted I tend to broaden the term "Virus" to relate to anything that takes advantage of a system by exploiting a fault in a piece of software. Spyware is a great example of this. Spyware most of the time is crafted to take advantage of Internet Explorer and embed itself into your Windows operating system by placing itself in areas within your system that makes removal highly difficult without specialized crafted software. Spyware is really just an exploitation of the bad system structure Windows utilizes. Spyware is possible on OS X too. But it isn't, as I'll explain below. The below links are more relative to exploits, but I believe these are in the lines of potential viruses or means of attack on your system.

A website I suggest checking out on applications you run is:
http://secunia.com

OSX Link, you'll notice Apple is pretty good about patching vulnerabilities. Here is OSX's Secunia 2006 report

Not that these are specifically related but quote from Apple's link above: "In March 2006 alone, there were 850 new threats detected against Windows. Zero for Mac."

Mac is known well for it's ability to PATCH problems before they really are problems. Windows isn't. I just don't want you to think Macs are some magical piece of software that is absolutely bug free. Apple is working hard to make sure people stay safe

Secunia has 2 entries in March 2006,
Mac OS X Security Update Fixes Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 6 of 9 in 2006
Release Date:
2006-03-14 Secunia Advisory ID:
SA19129 Solution Status:
Vendor Patch
Criticality:
Impact:
Security Bypass
System access
Where:
From remote
Short Description:
Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities. (Details
1) Under certain circumstances, it is possible for JavaScript to bypass the same-origin policy via specially crafted archives.

2) A boundary error in Mail can be exploited to cause a buffer overflow via a specially crafted email with an overly long Real Name entry. This allows execution of arbitrary code on a user's system if a specially crafted attachment in the AppleDouble format is double-clicked.

3) An error in Safari / LaunchServices can cause a malicious application to appear as a safe file type. This may cause a malicious file to be executed automatically when visiting a malicious web site.


Mac OS X Security Update Fixes Multiple Vulnerabilities
Vendor Patch. Secunia Advisory 7 of 9 in 2006
Release Date:
2006-03-02 Secunia Advisory ID:
SA19064 Solution Status:
Vendor Patch
Criticality:
Impact:
Security Bypass
Cross Site Scripting
Privilege escalation
DoS
System access
Where:
From remote
Short Description:
Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.
Description:
Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities.

1) Various security issues exist in the PHP Apache module and scripting environment.

For more information:
SA17371

2) An error in automount makes it possible for malicious file servers to cause a vulnerable system to mount file systems with reserved names, which can cause a DoS (Denial of Service) or potentially allow arbitrary code execution.

3) An input validation error in the BOM framework when unpacking certain archives can be exploited to cause files to be unpacked to arbitrary locations and overwrite files via directory traversal attacks.

4) The "passwd" program, when used with the "-i" parameter, allows the creation of files in arbitrary locations with "root" privileges. The created file can potentially have insecure file permissions due to "passwd" failing to set the umask. This can be exploited via symlink attacks to create or overwrite arbitrary files.

5) User directories are insecurely mounted when a FileVault image is created, which may allow unauthorised access to files.

6) An error in IPSec when handling certain error conditions can be exploited to cause a DoS against VPN connections.

7) An integer overflow error in the "vm_allocate()" syscall in the LibSystem component can be exploited by malicious people to cause a heap-based buffer overflow via applications when requesting large amounts of memory. This can potentially be exploited to execute arbitrary code in the context of a vulnerable application.

8) The "Download Validation" in the Mail component fails to warn users about unsafe file types when an e-mail attachment is double-clicked.

9) In certain cases a Perl program may fail to drop privileges.

For more information:
SA17922

10) A boundary error in rsync can be exploited by authenticated users to cause a heap-based buffer overflow when it's allowed to transfer extended attributes. This can be exploited to crash the rsync service or execute arbitrary code.

11) A boundary error in WebKit's handling of certain HTML can be exploited to cause a heap-based buffer overflow. This can be exploited via a malicious web site to execute arbitrary code on a user's system.

12) A boundary error in Safari when parsing JavaScript can be exploited to cause a stack-based buffer overflow and allows execution of arbitrary code when a malicious web page including specially crafted JavaScript is viewed.

13) An error in Safari's security model when handling HTTP redirection can be exploited to execute JavaScript in the local domain via a specially crafted web site.

14) An error in Safari / LaunchServices may cause a malicious application to appear as a safe file type. This may cause a malicious file to be executed automatically when the "Open safe files after downloading" option is enabled.

This vulnerability is related to:
SA18963

15) An input validation error in the Syndication (Safari RSS) component can be exploited to conduct cross-site scripting attacks when subscribing to malicious RSS content.
QUOTE Thanks
Logan
Guest
 
Posts: n/a

Anything listed above with the phrasing "execute arbitrary code" is basically saying someone has root access (aka: can do whatever they want with their system) normally without your discression. I'm not trying to scare you or anything, I just want to inform you there is a lot of things constantly being fixed and improved at all times regardless of OS. Never assume you're perfectly safe, that is when you are the least safe. But I find it funny how mac advertises that they have zero viruses because they patch it before it's a problem. They still have viruses, just their life expectancy between an update is short lived.


And last comment on Windows: They see everything as a business opportunity. There is reason there are so many problems for Windows. It's a market now. Haven't you heard of Windows One Care?. Windows is going to CHARGE customers to fix THEIR problems on the operating system you paid for. Isn't that ingenius?
QUOTE Thanks
fastjet

 
Member Since: Sep 01, 2006
Posts: 30
fastjet is on a distinguished road

fastjet is offline
Quote:
Originally Posted by Logan
Anything listed above with the phrasing "execute arbitrary code" is basically saying someone has root access (aka: can do whatever they want with their system) normally without your discression. I'm not trying to scare you or anything, I just want to inform you there is a lot of things constantly being fixed and improved at all times regardless of OS. Never assume you're perfectly safe, that is when you are the least safe. But I find it funny how mac advertises that they have zero viruses because they patch it before it's a problem. They still have viruses, just their life expectancy between an update is short lived.


And last comment on Windows: They see everything as a business opportunity. There is reason there are so many problems for Windows. It's a market now. Haven't you heard of Windows One Care?. Windows is going to CHARGE customers to fix THEIR problems on the operating system you paid for. Isn't that ingenius?



Hey man appreciate the info, I'll try and take it all on board, thanks for taking the time.
Still can't get the hang of this dude yet, been with windows too long if you know what I mean.
QUOTE Thanks

Post Reply New Thread Subscribe


« OSX (Intel) Skinning Software | Tiger, no classic mode. »
Thread Tools

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off
Forum Jump

Similar Threads
Thread
Thread Starter
Forum
Replies
Last Post
mac browsers & spyware mogwai Schweb's Lounge 5 05-07-2005 08:45 PM
Spyware & AntiVirus? Gabe Switcher Hangout 5 02-04-2005 06:24 PM
Help! Spyware, viruses, adware-What do I need? Big Dog Dad Switcher Hangout 8 02-02-2005 09:09 AM
Mac, viruses, hackers and spyware Maxp0wer2004 OS X - Operating System 4 10-07-2004 11:25 PM
Definitive answer on Spyware please michaelk69 OS X - Operating System 4 09-02-2004 02:40 AM

All times are GMT -4. The time now is 06:20 PM.

Powered by vBulletin
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
X

Welcome to Mac-Forums.com

Create your username to jump into the discussion!

New members like you have made this community the ultimate source for your Mac since 2003!


(4 digit year)

Already a member?