Hi Everyone:
Well it appears that some bored individual has written a unix shell
script, and changed the script file meta-tag and icon to make it appear
to be Microsoft Word 2004.
http://www.macworld.co.uk/news/top_news_item.cfm?NewsID=8664
Some misguided individual in Europe downloaded what he thought was
MS-Word 2004 from LimeWire (a peer-to-peer file-sharing service). That
was his first mistake, as commercial applications are not legally
distributed via peer-to-peer file-sharing services. His second mistake
was double clicking on what he thought was MS-Word 2004. In actual
fact, this individual unknowingly executed a malicious unix shell
script. A shell script which most likely contained a rather innocuous
looking command like the following:
rm -dfRP ~/
For those of you unfamiliar with unix commands. The 'rm' command is
used for removing files. The "-" means use the following modifiers. In
this case the 'rm' was to use the these modifiers: "d" remove
directories, "f" do not challenge user for a 'yes/no' response to the
removal of a file or directory, "R" run this command recursively (that
is deletes every file or folder within any file or folder), and for
good measure "P" tells 'rm' to overwrite the files three times. The
"~/" means run the command on the home directory of the user running
the script. This script would recursively delete every file and folder
contained within that user's home directory without challenging the
user for a 'yes/no' response to each file or folder deleted.
If you have ever worked on a computer running DOS, this is similar to
but not as damaging as running the command, " C: *.* ".
Yep, this individual managed to very thoroughly delete their entire
home directory. While this would not affect any other user on that
computer, this particular user's account is completely unrecoverable.
Regardless of the hardware or operating system, the only thing that
will protect your personal account from this type of malicious
programming is good user practices. Consider creating yourself a user
level account. Apple refers to this type of account as a "Standard"
account. When you first start an new Mac, or after re-installing the
operating system, you will be asked to create and account. That first
account is an admin or administrator level account, which means that
account has access to other folders and files then just home directory
of that account (e.g. the Applications folder). By making yourself a
"Standard" account on your computer for your every day work, you are
providing a level of security for your system. This does not protect
your account for the script above, but it will keep the script from
running at an admin level. Thus providing protection against the
deletion of Applications and other files outside of your home
directory. If you are really concerned about this type of attack.
Consider creating another account for testing applications. If the
application is malicious, then only that test account will be impacted.
Should that happen, delete the test account and create a new one. Thus
preventing your working account, and the accounts of other users on the
system from being damaged. In addition, if you are downloading files
from the Internet make sure that you are downloading from a legitimate
website (e.g. www.versiontraker.com, www.macupdate.com,
www.apple.com/downloads/macosx/).
To keep someone from walking up to your computer and installing a
malicious script/application or engaging in destructive activity. Use
the security features of the operating system (e.g. turn off auto
log-in, specify that the user must provide a password once the screen
saver has been enabled). And if at all possible, physically secure your
computer (e.g. lock your office door ... if you have an office door).
If you have any questions or concerns regarding this, please email me
and I will post the question and answer to the list.
Regards,
Doug
-------------
Doug Hamilton, BA, MA, APP
Senior Apple Computer Consultant
Computers-on-Campus; Univ. of Manitoba
204-474-6196
204-474-7556
http://www.umanitoba.ca/bookstore/
Hello,
I just received a notice from Apple today regarding the Apple portable
promotion. Apparently all of the portables have to be the same. Given
the original information I thought that this might have been a good
promotion for our campuses, guess we'll have to wait until mid-July to
see what Apple offers in the way of back-to-school promotions.
Sorry for any buying confusion this may have caused.
Regards,
Doug
-------------
Doug Hamilton, BA, MA, APP
Senior Apple Computer Consultant
Computers-on-Campus; Univ. of Manitoba
204-474-6196
204-474-7556
http://www.umanitoba.ca/bookstore/
Hi Folks,
Well its official, the next version of the Macintosh OS is version
10.4. Its development name is "Tiger" and Steve Jobs will be showing
off some of the its capabilities on June 28. He will be addressing the
attendees of the Apple World Wide Developers Conference (WWDC). Why the
name "Tiger", well according to Apple it is because "Innovation never
sleeps". Wow, you really gotta appreciate the people in Apple marketing
for that by-line (note the sarcasm).
For all the details regarding this keynote follow this link:
http://www.apple.com/pr/library/2004/may/04wwdc.html
There is no word as yet about a web-stream or satellite-feed of this
keynote. If Apple decides to broadcast this event, we will most likely
know only a few days before the event. However, I will email this list
as soon as I know of any broadcast details.
Regards,
Doug
-------------
Doug Hamilton, BA, MA, APP
Senior Apple Computer Consultant
Computers-on-Campus; Univ. of Manitoba
204-474-6196
204-474-7556
http://www.umanitoba.ca/bookstore/
Hi Everyone:
Regarding the mild spam I sent out discussing Apple's latest portable
promotion (see original message below). I have received requests from
several of you wanting to know what models qualify under this
promotion.
They are as follows:
- Both stock versions of the 14" iBooks
(pricing starts at $1,333** -- 14" iBook 1.0GHz Combo Drive);
- and all of the PowerBooks
(pricing starts at $1947.00** -- 12" PowerBook 1.33GHz Combo Drive);
- or any custom configuration of the above listed base models.
[** Regular Higher-Ed pricing, doesn't include $125.00 savings of this
promotion.]
Regards,
Doug
-------------
Doug Hamilton, BA, MA, APP
Senior Apple Computer Consultant
Computers-on-Campus; Univ. of Manitoba
204-474-6196
204-474-7556
http://www.umanitoba.ca/bookstore/
On Fri, 30 Apr 2004, Doug Hamilton wrote:
>> Hi Everyone:
>>
>> I apologize if I offend any of you with this mild bit of spam.
>>
>> I just received notice that Apple has a new limited time offer on bulk
>> purchases (e.g. 10 or more) of (2) different models of the new iBooks,
>> and (5) different models of the new PowerBooks.
>>
>> Now, it is highly probable that no one on this list needs ten iBooks
>> or
>> PowerBooks. That said, I am willing to start a list of interested
>> people, if we hit the minimum number (10), then we can start the
>> ordering process.
>>
>> The promotion will save you $125.00 over the regular educational price
>> for either an iBook or PowerBook with and Apple Care warranty; custom
>> configurations are allowed.
>>
>> The window of this opportunity is April 29 to June 26th of this year.
>>
>> Re-cap:
>> -Minimum collective order must be (10);
>> -Systems (iBook/PowerBook) can be custom configured;
>> -Systems must be purchased with an Apple Care warranty;
>> -You'll save $125.00 on each system.
>> -This offer is not restricted to staff, students qualify as do
>> university institutional purchases.
>>
>>
>> Thanks for your time. If you have any questions or comments, please
>> contact me.
>>
>>
>> Regards,
>> Doug
>>
>> -------------
>> Doug Hamilton, BA, MA, APP
>> Senior Apple Computer Consultant
>> Computers-on-Campus; Univ. of Manitoba
>> 204-474-6196
>> 204-474-7556
>> http://www.umanitoba.ca/bookstore/
