Post Archive
› April 8, 2004
OSX - When MP3s Attack... **UPDATED**
Yesterday, Intego, a Mac security specialist, had posted a warning regarding the MP3Concept virus. Like many others, I rushed to spread the word of this impending scourge not knowing that the this "virus" was essentially written to illustrate how a backdoor COULD BE opened for malicious reasons. More info can be found here.
So before you rush out and buy anti-virus software (which may not be a bad investment anyways), understand that the current threat is a little overblown. Hopefully I won't be eating these words later.
Comments
1. April 9, 2004 10:09 AM
2. April 9, 2004 10:11 AM
3. April 9, 2004 10:39 AM
Dave Giffin Posted…
I am glad to see someone who reported on this has updated their report to reflect the fact that this is only a Proof of Concept. The inital report was even self-contradicting in that it said that the virus was injected into the ID3 tages, which it wasn't and then that it was a masked application, which it was. www.apple-x.net has an article posted on it which goes into this both in the article and in the comments.
In short, as long as you import MP3 files into iTunes or drop them on the iTunes application instead of double clicking on the file, there is no way that such a masked file can hurt you, as iTunes reads the file, it does not execute it as an application.
Thanks for posting this update and spreading the word that this is not a serious thread. At least, not at this point.
-- Dave Giffin
http://www.davtri.com
4. April 9, 2004 10:40 AM
Dave Giffin Posted…
Oh, by the way, I enjoy the blog. :-)
-- Dave Giffin
http://www.davtri.com
Jay Allen Posted…
For another view of the situation, see my post on the subject