The first Mac OS X malware has been spotted in the wild, but it appears to be something of a damp squib.

Called Leap-A by anti-virus companies, the worm appears as a JPEG file that spreads via iChat to contacts on the infected user's buddy list.

Read more >>

Lessons for Mac users: 1) Don’t routinely run as administrator, 2) Don’t accept files over chat 3) Don’t open attachments!

Pardon my ignorance... but my main, in fact, 1 and only Account "David" on my Mac's... is an admin account.

I'm still prompted for admin password when downloading a file containing a program, installing software, or making system changes....

But are you saying that it's not a good idea to run the computer from this admin account by default?

That's what Leo LaPorte was recommending on his show today.

http://leoville.tv/radio/ShowNotes/Show223

Really? Usually, he's right, but I disagree with him on this one. The worm requires you to type in an admin password even if you're logged in to an admin acccount.

As everyone knows, almost all important OS X system changes require a password (this is OS X authenticating, similar to how a user might use "sudo") so running as an admin user doesn't pose nearly as much a risk on OS X as it does Windows (which is what I suspect Leo meant to say).

That's what I thought.



Give him a call. (800) 520-1KFI

*laughs*

I like Leo and listen, but I don't have 3 hours to wait on hold

Yeah, even if "reccomended" I doubt I'd make a "restricted" account to work from, and have to log in to the admin account every time I want to make a system change, or install an app, which sometimes for me, is every day.

I'll take my chances, and be more cautious, now that I know that this kind of thing is "floating around" and OS X, as it gains popularity, will be more targeted by this sort of thing...

I consider myself a "Smart User". I've been running a PC with all of my macs, for 10 years easily, without anti-virus software, and have not had a virus.

I don't open attachments that could contain a virus, and in the last several years, I don't "Openly" browse the internet... trusted sites only, I leave the internet surfing to my macs.

I'm constantly lecturing PC Friends, and familly, WITH norton Anti-Virus, to ONLY open doc, jpg, gif, mp3, wmv, mov et... (i've made lists when asked), stating all others are "Just not worth it"

And those who "Mostly listen to me", have less of a viral history then their friends and peers.

Having said that....

Not thinking about how easy it is to change the icon for anything in OS X, (almost impossible to make an exe look like a true jpg on a pc)..and the "Saftey net" I've always felt like I was behind on a mac.

If someone on iChat sent me a zipped file with a jpg on it, I'd likely (before this) unzip it, and double click it.

If the archive asked for my admin password to unzip, I'd likely enter it, without being too suspect, then.... double clicking what looks like a Jpeg prompting a password....

As long as I was thinking clearly, and not "rushing through the motions" (I think many of us go into "password entering mode" by default, when the window pops up, it's become a bit of automatic response) I'd then, and only then, "At the edge of doom" become suspect, cancel everything, and start a dialog with the sender (who would be unaware of sending the file)

"Uh.. hey, that archived jpg you sent me, needs my admin password to view... what's up with that?"

When the " huh?? what jpg?? archive??? I didn't send you anything" reply came in, I'd delete the file.

That's just too close...

I see everyone on the boards, saying "if you get this, you're really stupid". I'm just relating a thought that security, sometimes breeds laziness, and the illusion of invincibillity, and this (be it a tiny threat), is simply a wake up call, as it was called.

If you got this thing... I don't think you are stupid, I think you were sleeping... wrapped in OS X as a security blanket.

I just switched from PCs to Macs. I have three networked in my home office. Unlike the previous PCs, I have no virus protection, etc, just my secure firewall on the router.

I would welcome recommendations on how to protect my system beyond what has already been said here. Does anyone have recommendations on protection software?

I would appreciate suggestions.

Believe it or not, I think you are as protected as you need to be with your router firewall.

BTW, are you running a wireless network? If so, then you will want to enable WPA2 Personal or better.

Rick,

Thank you for your response. Much appreciated.

I have to ask, what does "enable WPA2 Personal or better" refer to? And how would I go about doing as you suggest?

Thanks, Mike

WPA2 is the strongest encryption currently supported by Apple's Airport Extreme wireless hardware. It can use a hexadecimal passkey as long as 63 characters. If you have an Apple wireless base station, configuration is fairly simple. Wireless gear made by other manufacturers may be a little bit more difficult, but still within the grasp of mere mortals.

Instructions for Apple gear can be downloaded HERE

Michael,

Thank you for the explaination. I understand. I am currently using a Linksys router but think I can figure it out. I know it is encrypted but it was set up by someone else. I will double check it.

Thanks, Mike

Access the Security portion of the Wireless section of the router from your web browser and you will find it is easily done.

Also, while you are in there you might want to change the "Broadcast SSID" to "No" and I also change the default IP address of my router from the normal 192.168.1.1 ( I use something like 192.168.36.36).

And while you are at it change the password from the default.

Rick,

Thanks again.

Mike