Bwahaha! Like anyone would use QuickTime? The first thing I install on my Mac is called VLC.

Morons deserve it.

This isn't a QuickTime flaw. It is a link on the web page which gives a false error message regarding the codec. The user has to click on the link, download the disk image file (which may or may not mount automatically depending on the user's browser setting). Then the user has to open the disk image and double-click on the installer. Then the user will be asked for their administrator password. Only after all this is done and the user enters their password, then the trojan is installed. At any time, the user can click cancel and the trojan doesn't work.

So.. now there is Mac Porn (or should that be iPorn)? And how is that different from PC Porn (ie MSPorn)? I just can't keep up anymore.... call me old school, but I still like my DOS Porn!

This is a STUPID argument for/against Macintosh.

Give a Linux program root privileges and it will also be able to change DNS settings (just edit the /etc/hosts file, for example).

What has made Windows MORE vulnerable (in the past) is that a program did not need administrative privileges to do malicious deeds.

"What has made Windows MORE vulnerable (in the past) is that a program did not need administrative privileges to do malicious deeds."

Actually...it did. Problem is most users are always logged in with admin privileges...

Nailed it.

Good point --- and of course it was a pain to run without admin privileges.

Anti-virus software... on a Mac? Say it ain't so!

Well, at least it wasn't Mac's first time!

Could it be that Mac is not as secure as some of the idiots thought. I am sorry, but I really find this type of stuff very amusing in that their claims of being perfect are nothing but a myth.

Every operating system is subject to attack. No one is safe and anyone can be an idiot at any time.

It never has been a war against MS and Mac or Linux, but only the difference of us and them, those that do and those that don't. Security is a state of mind and can change at any point with just a click.

Suckers! No pun intended. Previous poster is right, gonna visit porn sites, better use protection! HEHEHE

News flash! If you download a program and install it as an administrator, it can do whatever it wants to your machine!

No OS, from Solaris to Windows can stop a stupid user.

I will stand by Apple's claim that their software is perfect and not prone to any attacks all other software is prone to.

thank you, pc/Windows/MS fan out...hehe

If so than why are there anti-virus and firewall programs for it? ;-)

Because companies can make people be afraid!

Yeah, thats the ticket... [rolleyes]

I say porn surfers deserve whatever internet STD's they get. You need to use protection or risk getting TEH AYDS

just stay away...

Apple's idea of security is to take control away from users. We see it with all their products. So why are people always surprised when they learn about things like this?

That said, stupidity will bypass the most secure system. But especially with Apple users since they have the illusion of invincibility.

Mac porn surfers? There's no such thing:

http://img475.imageshack...winvsmacusers6cwem4.gif

So a user has to download a program from a porn site and install it as administrator to get this?

How is Apple going to issue a fix for this? Huh?

"So a user has to download a program from a porn site and install it as administrator to get this?

How is Apple going to issue a fix for this? Huh?"

Where does it say anything about being an administrator to install?!

It clearly says "From there, the install would proceed like a normal program install".

Aside from that, it's actually quite simple to fix. Require root rights (or root group at least) to change network settings... problem solved. It'll take Apple months to figure that one out though... lol

betanews did not do its homework.

http://www.offensivecomputing.net/?q=node/549

"If the user then proceeds with installation, the Trojan horse installs; installation requires an administrator’s password, which grants the Trojan horse full root privileges."

You can not change network settings without being administrator on Mac OSX. So how again is this news?

It's in the actual report itself. The user has to enter the admin password to install the "codec".

How is every exploit for Windows news?

This is more newsworthy than most of those, as it shows (yet again) that neither Mac OS nor its smug users are invulnerable.

I am invulnerable. Was invulnerable on Windows. Who installs software from pr0n sites anyway?

"Under Mac OS X 10.4, there is no way to see the changed DNS server in the operating system's GUI."

Wow -- never looked. That's lame. Windows may suck, but it can do this at least. What, is DNS too "techie" for Mac users?

LOL... take a look at most mac forums and see what some of the topics are. It really opens your eyes as to why non-technical people get Macs in the first place...

On a serious note, it is rather difficult for a layman to get his/her network settings in any Mac OS pre 10.5. Apple has intentionally made it difficult to get to most of the more advanced (and even basic in some cases) network features. Based on their "plug it in and it just works" premise, a user should never need to look at these things.

I'm rather surprised we haven't seen this on the windows side (or have we and I missed it?).

There's been quite a lot of complaining about how Vista makes it harder (an additional click or two) to get to various 'advanced' settings areas.

...usually followed by, "I'm so glad I have my MacBook" gibberish, but it's actually a good thing.

Having been in IT all my life, the systems settings being so easy to get to always seems to cause problems for the technically challenged, as they are annoyingly proficient at messing around with them and breaking everything they can.

Agreed, but in this day and age of consumer high-speed internet and such, being able to even "view", not neccesarily change, something as essential as DNS seems to be more important now a days. I can't for the life of me figure out how Apple thinks that security by obscurity is going to work out going forward...

Just my 2 cents...

For my home connection, I've not once had to change any DNS settings on any of my PCs.

Anecdotal, I know, but....it's still possible.

I do often... I use OpenDNS because I have had tons of latency problems with my ISP's DNS servers.

But still, giving the user the ability to even easily view network settings is a step in the right direction, IMHO.

DNS is too techie for the majority of users in general!

The more attention a company gets (Apple) the more it's exposed to security vulnerablities. Perhaps in a way it's "Cool" to hack Apple products, more now, then before.

Even Mac users couldn't be that stupid... ;-)

I'd actually argue that they are.
Stupid isn't the right word though, maybe ignorant. I know several mac owners who assume they are immune from anything bad.

Wake up call to mac owners.

you do realize that MAC is an acronym for - Moron At Controls

LMAO... And what's the acronym for iMac? :-)

inept Moron At Controls
except the "nept" is silent of course for style as we all know Macs are all about style and looking good ............. sort of like blondes :-)

posters, start your flaming!

Some Mac users are stupid. Some PC users are stupid. Stupidity knows no platform boundaries.

I remember an ad from years ago about a person, who was selling their 486, and getting a Mac because they were too stupid to use the 486. ;-)