{"id":2485,"date":"2004-05-12T19:46:53","date_gmt":"2004-05-13T09:46:53","guid":{"rendered":"http:\/\/michaelhans.com\/eclecticism\/2004\/05\/13\/mac-os-x-word-2004-demo-trojan\/"},"modified":"2019-12-10T09:40:07","modified_gmt":"2019-12-10T17:40:07","slug":"mac-os-x-word-2004-demo-trojan","status":"publish","type":"post","link":"https:\/\/michaelhans.com\/eclecticism\/2004\/05\/12\/mac-os-x-word-2004-demo-trojan\/","title":{"rendered":"Mac OS X Word 2004 Demo Trojan"},"content":{"rendered":"<div class='__iawmlf-post-loop-links' style='display:none;' data-iawmlf-post-links='[{&quot;id&quot;:11093,&quot;href&quot;:&quot;http:\\\/\\\/www.macworld.co.uk\\\/news\\\/top_news_item.cfm?NewsID=8664&quot;,&quot;archived_href&quot;:&quot;&quot;,&quot;redirect_href&quot;:&quot;https:\\\/\\\/www.macworld.com\\\/?NewsID=8664&quot;,&quot;checks&quot;:[],&quot;broken&quot;:false,&quot;last_checked&quot;:null,&quot;process&quot;:&quot;done&quot;},{&quot;id&quot;:11094,&quot;href&quot;:&quot;http:\\\/\\\/www.macworld.co.uk\\\/news\\\/top_news_item.cfm?NewsID=8665&quot;,&quot;archived_href&quot;:&quot;&quot;,&quot;redirect_href&quot;:&quot;https:\\\/\\\/www.macworld.com\\\/?NewsID=8665&quot;,&quot;checks&quot;:[],&quot;broken&quot;:false,&quot;last_checked&quot;:null,&quot;process&quot;:&quot;done&quot;},{&quot;id&quot;:11095,&quot;href&quot;:&quot;http:\\\/\\\/www.codepoetry.net\\\/archives\\\/2004\\\/05\\\/12\\\/security_through_stupidity.php&quot;,&quot;archived_href&quot;:&quot;https:\\\/\\\/web-wp.archive.org\\\/web\\\/20071026201629\\\/http:\\\/\\\/www.codepoetry.net\\\/archives\\\/2004\\\/05\\\/12\\\/security_through_stupidity.php&quot;,&quot;redirect_href&quot;:&quot;&quot;,&quot;checks&quot;:[{&quot;date&quot;:&quot;2026-03-11 12:17:38&quot;,&quot;http_code&quot;:404}],&quot;broken&quot;:false,&quot;last_checked&quot;:{&quot;date&quot;:&quot;2026-03-11 12:17:38&quot;,&quot;http_code&quot;:404},&quot;process&quot;:&quot;done&quot;},{&quot;id&quot;:11096,&quot;href&quot;:&quot;http:\\\/\\\/www.techworld.com\\\/security\\\/news\\\/index.cfm?newsid=1546&quot;,&quot;archived_href&quot;:&quot;https:\\\/\\\/web-wp.archive.org\\\/web\\\/20051128075804\\\/http:\\\/\\\/www.techworld.com:80\\\/security\\\/news\\\/index.cfm?newsid=1546&quot;,&quot;redirect_href&quot;:&quot;&quot;,&quot;checks&quot;:[{&quot;date&quot;:&quot;2026-03-11 12:17:44&quot;,&quot;http_code&quot;:404}],&quot;broken&quot;:false,&quot;last_checked&quot;:{&quot;date&quot;:&quot;2026-03-11 12:17:44&quot;,&quot;http_code&quot;:404},&quot;process&quot;:&quot;done&quot;},{&quot;id&quot;:11097,&quot;href&quot;:&quot;http:\\\/\\\/macartisan.typepad.com\\\/cupertino\\\/2004\\\/05\\\/regarding_the_m.html&quot;,&quot;archived_href&quot;:&quot;&quot;,&quot;redirect_href&quot;:&quot;&quot;,&quot;checks&quot;:[],&quot;broken&quot;:false,&quot;last_checked&quot;:null,&quot;process&quot;:&quot;done&quot;}]'><\/div>\n<p>For the second time in just over a month, panicky news stories are alerting us about a trojan horse attack against Mac OS X. Last time the exploit was <a href=\"https:\/\/michaelhans.com\/eclecticism\/2004\/04\/first_os_x_expl.html\" title=\"Concept\">disguised as an .mp3 file<\/a>, this month it&#8217;s disguised as a Microsoft Word beta installer.<\/p>\n<p>And for the second time in just over a month, it&#8217;s a lot of panic over very little.<\/p>\n<p>The details are simply this: one person downloaded what purported to be an installer for a public beta of Microsoft Word from the Gnutella peer-to-peer filesharing service. This &#8220;installer&#8221; &#8212; actually an AppleScript application weighing in at a hefty 108k &#8212; actually deleted the contents of their home directory when ran.<\/p>\n<p>In other words, someone got stupid, got bit by a stupid (and extremely simple), if nasty, practical-joke style hack.<\/p>\n<p>They then ran to MacWorld UK, who contacted Intego (the anti-virus company whose press release fanned the flames of the previous trojan scare) and Microsoft, and MacWorld UK proceeded to write two <a href=\"http:\/\/www.macworld.co.uk\/news\/top_news_item.cfm?NewsID=8664\" title=\"Mac under fake Word 2004 attack\">shining<\/a> <a href=\"http:\/\/www.macworld.co.uk\/news\/top_news_item.cfm?NewsID=8665\" title=\"Trojan is attacking Macs - Intego\">examples<\/a> of FUD that have since started to run rampant over the &#8216;net.<\/p>\n<p>It&#8217;s very simple, people. Don&#8217;t blindly trust every little file you run across on the &#8216;net, and use a little common sense.<\/p>\n<p>The two best comments I&#8217;ve seen on this so far &#8212;<\/p>\n<p>From <a href=\"http:\/\/www.codepoetry.net\/archives\/2004\/05\/12\/security_through_stupidity.php\" title=\"Security Through Stupidity\">Codepoet<\/a>:<\/p>\n<blockquote><p>\n  See, for there to be real security on a computer, a use cannot be stupid. The computer can only do half the work needed t make itself secure; the user must do the other half. The reason fo this is that a computer exists to do things we tell it to do, and if w tell it to, oh, I don&#8217;t know, <a href=\"http:\/\/www.techworld.com\/security\/news\/index.cfm?newsid=1546\" title=\"Apple lets down Mac users again\">run a Trojan Horse<\/a> then it will run the Trojan horse. There&#8217;s nothing in the system that will say &#8220;Hey! This is a Trojan horse!&#8221; nor can there be. It&#8217;s a program, you told it to run it, and that&#8217;s that.\n<\/p><\/blockquote>\n<p>And from <a href=\"http:\/\/macartisan.typepad.com\/cupertino\/2004\/05\/regarding_the_m.html\" title=\"Regarding The 'Mac Word 2004 Demo' Trojan\">Will Parker<\/a>:<\/p>\n<blockquote><p>\n  I just don&#8217;t know too many people who, when they find an open soft drink bottle full of foamy yellow liquid at a bus stop, drink it to find out if there&#8217;s a new Sprite Remix flavor.\n<\/p><\/blockquote>\n<p><strong>iTunes:<\/strong> &#8220;I Don&#8217;t Want Nobody to Give Me Nothing (Open Up the Door, I&#8217;ll Get It Myself)&#8221; by Brown, James from the album <em>40th Anniversary Collection<\/em> (1969, 3:06).<\/p>\n","protected":false},"excerpt":{"rendered":"<p>For the second time in just over a month, panicky news stories are alerting us about a trojan horse attack against Mac OS X. Last time the exploit was disguised as an .mp3 file, this month it&#8217;s disguised as a Microsoft Word beta installer.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2039],"tags":[58],"class_list":["post-2485","post","type-post","status-publish","format-standard","hentry","category-apple","tag-internet"],"_links":{"self":[{"href":"https:\/\/michaelhans.com\/eclecticism\/wp-json\/wp\/v2\/posts\/2485","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/michaelhans.com\/eclecticism\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/michaelhans.com\/eclecticism\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/michaelhans.com\/eclecticism\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/michaelhans.com\/eclecticism\/wp-json\/wp\/v2\/comments?post=2485"}],"version-history":[{"count":0,"href":"https:\/\/michaelhans.com\/eclecticism\/wp-json\/wp\/v2\/posts\/2485\/revisions"}],"wp:attachment":[{"href":"https:\/\/michaelhans.com\/eclecticism\/wp-json\/wp\/v2\/media?parent=2485"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/michaelhans.com\/eclecticism\/wp-json\/wp\/v2\/categories?post=2485"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/michaelhans.com\/eclecticism\/wp-json\/wp\/v2\/tags?post=2485"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}