Quote: "But it was never found in the wild. It also required a user be socially engineered to execute it, or else the attacker would need physical access to the machine."

Firstly, if it was reported there's a good chance it's out there. Just not widespread enough to be classified as much of a threat.

Also, you're saying that it's not a virus because it can't propagate to other computers without human interaction. That's a worm. If it replicates to other files (I don't know myself if the one in question does), then it is a virus.

Since this post, people have been saying about "security through elitism" and remarking that virus writers need to shell out for a Mac to write viruses for one.

What about people with Mac's that wish to learn assembly for the G4/G5 processors. Considering most Windows-based viruses and worms are created out of curiosity I would hazard a guess that there are plenty of OS X viruses out there.

I know I've always found it good practice to be able to break the system in order to secure it.

Another thing worth thinking about is that there are working OS X shellcodes out there. Most "shellcoders" dabble in "VX'ing" and vice versa.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/319/31490#31490