[krystalbird]

Okay Griffin,
Everything already was unchecked in Sharing. Thanks for this info.

But what is a root exploit, please?

[zensunni]

Well, no further word on Macworld about the Mac malware scene, so thought I'd add to this thread.

Here's an article from The Register yesterday with some more information. For those of you that thought this trojan wasn't serious or poorly tested, have a look at this:

>The Applescript Trojan horse template, according to this extensive post from Brian Krebs's Security Fix blog, dropped a keystroke logger onto infected Macs. It then set up a virtual network computing server, a web-based "PHP shell" program and dynamic DNS services software to make it easy for attackers to log onto the machine and manipulate it whenever it's connected to the net.

>Interestingly, the exploit was was written modularly, so that the code that actually exploits the Mac weakness can be bundled with other malware code. That means the same weakness could be targeted over and over by a variety of other Trojans.

[zensunni]

krystalbird said:

But what is a root exploit, please?

A root exploit refers to taking advantage of bug in a program that runs with root priviliges to do things the program itself shouldn't be doing. With root privileges, you could, for instance, delete the entire contents of your hard drive. Even when logged in as an admin user you aren't running with root privileges. Best practice is that programs should run with the minimum privileges necessary to get their job done, to avoid just the type of exploit that's been reported here.

I used to run a qmail mail server which exemplified this. There were specific accounts for handling email aliases, logs, queues, sending, etc, each of which had the minimum permissions necessary to do their job. This way, if a bug was found in any one of the several running processes, the cracker would get minimal access to the mail server let alone the server itself.

[nighowl1965]

I hear there's a new burglar lurking about as well. He'll only rob from you if you let him in the front door and hand him your house keys!

[rsfinn]

Ha. That's pretty clever. :-|

On the other hand, local TV news stations frequently run stories like "there's a scam artist going door to door, tricking people into buying insurance/siding/whatever", and, as much fun as it is to mock the uninformed, people do get tricked by such scams.

This is not that different. We're still generally safer on the Mac than on That Other Platform, but we're not invulnerable, and people need to be aware of potential risks so they can take appropriate action. (That, however, does not include running around claiming the sky is falling.)