Mac OS X Word 2004 Demo Trojan

by
This entry was published at least two years ago (originally posted on May 12, 2004). Since that time the information may have become outdated or my beliefs may have changed (in general, assume a more open and liberal current viewpoint). A fuller disclaimer is available.

For the second time in just over a month, panicky news stories are alerting us about a trojan horse attack against Mac OS X. Last time the exploit was disguised as an .mp3 file, this month it’s disguised as a Microsoft Word beta installer.

And for the second time in just over a month, it’s a lot of panic over very little.

The details are simply this: one person downloaded what purported to be an installer for a public beta of Microsoft Word from the Gnutella peer-to-peer filesharing service. This “installer” — actually an AppleScript application weighing in at a hefty 108k — actually deleted the contents of their home directory when ran.

In other words, someone got stupid, got bit by a stupid (and extremely simple), if nasty, practical-joke style hack.

They then ran to MacWorld UK, who contacted Intego (the anti-virus company whose press release fanned the flames of the previous trojan scare) and Microsoft, and MacWorld UK proceeded to write two shining examples of FUD that have since started to run rampant over the ‘net.

It’s very simple, people. Don’t blindly trust every little file you run across on the ‘net, and use a little common sense.

The two best comments I’ve seen on this so far —

From Codepoet:

See, for there to be real security on a computer, a use cannot be stupid. The computer can only do half the work needed t make itself secure; the user must do the other half. The reason fo this is that a computer exists to do things we tell it to do, and if w tell it to, oh, I don’t know, run a Trojan Horse then it will run the Trojan horse. There’s nothing in the system that will say “Hey! This is a Trojan horse!” nor can there be. It’s a program, you told it to run it, and that’s that.

And from Will Parker:

I just don’t know too many people who, when they find an open soft drink bottle full of foamy yellow liquid at a bus stop, drink it to find out if there’s a new Sprite Remix flavor.

iTunes: “I Don’t Want Nobody to Give Me Nothing (Open Up the Door, I’ll Get It Myself)” by Brown, James from the album 40th Anniversary Collection (1969, 3:06).