Subscribe to IMP Live ! : iTunes / RSS
This week’s panel : Stu Helm, Nick Balaz, Michael King, Jason Martin and introducing Sebastian!
We’d like to hear from you so send your email / audio clips to haveyoursay [at] impodcast [dot] tv and we’ll get them into the mix
This week’s show notes, now with start times for each of the main segments can be found here
Podcast: Download (Duration: 1:50:56 — 52.4MB)
Subscribe to IMP Live ! : iTunes / RSS
This week’s panel : Stu Helm, Bart Busschots, Keaton Brant, Rob Hanson and Will
Apologies for Keaton’s audio quality this week, his router clearly was having an off day!
We’d like to hear from you so send your email / audio clips to haveyoursay [at] impodcast [dot] tv and we’ll get them into the mix
This week’s show notes, now with start times for each of the main segments can be found here
Podcast: Download (Duration: 1:39:13 — 46.5MB)
Although it is true that some Trojans use vulnerabilities like the current ARDAgent vulnerability to gain root access, they do not need to. The core message about Trojans is getting lost amidst all the talk about plugging this vulnerability. Even if there was not a single vulnerability in OS X we would be at the mercy of Trojans. That’s the whole point of Trojans. Any program you run can do anything you can do. Let’s think about that for a moment, what can you do on your system without needing a password? Here’s a short list for starters:
Remember, a Trojan is just an ordinary program that pretends to do something you want, but actually does something else. It could delete all your files. It could run a key logger and phone home with your credit card number, user names and passwords, bank details etc.. It could use your machine to send spam. It can set itself to automatically run each time you log in and continue with it’s nefarious actions. It can do all this WITHOUT the need to exploit a single vulnerability in your OS or your software. If you can do it, a Trojan can. Think about that for a second, it’s not a comforting thought!
It’s being reported this week that there is a Trojan Horse in the wild that’s targeted at Mac OS X (both Tiger and Leopard). This is quite a nasty beast which basically gives the attacker total control of your computer. This gives them access to all your files and allows them to snoop on everything you do, and hence collect sensitive data like banking details and credit card numbers.
If you run Mac OS X this should concern you. However, there is no need to panic and loose sight of the realities of the situation. This is not a virus or a worm, it’s a Trojan.
What’s the difference? Viruses and Worms spread from machine to machine, often without any need for any interaction on the user’s part, Trojans on the other hand have to be installed by the user. They work by pretending to be a legitimate program which an un-suspecting user then installs. They get their name because in many ways they are the digital equivalent of the wooden horse of Troy. (more…)
