One thing a lot of Linux and Mac users don't know about the latest Sobig virus is that it didn't use any exploits whatsoever. It was just a plain old exe attached to an email, asking the recipient to run it.
So I thought I'd do an experiment. On a Linux machine, in order to send an application to someone you have to tar it up, and then they have to untar it, and then run it manually. But Apple used an idea from NEXT - the app bundle - to save you a lot of hassle shipping apps around. Apple Mac OS X can run these
My experiment was to mail myself an app. I'm using a Panther Beta right now, so I don't know if this works the same on Jaguar.
The app came back to me as AppName.app.zip in the email. I double clicked it. Mail.app put up the following alert:
The attachment “AppName” is an application. Since applications can contain viruses or be harmful to your computer, be sure this attachment is from a trustworthy sender before saving or opening it.
This seems pretty much verbatim what Windows (Outlook) says.
The three options were: "Open" "Cancel" "Save"
When I clicked on Open, the app launched.
No Apple, No!!! Bad Apple!
This just seems so incredibly stupid I'm absolutely aghast. I always took the hard line that Windows was the only OS vulnerable to the stupidity of its users in spreading viruses. I was wrong.