20 Nov 07

Regarding the Mac Word 2004 Demo Trojan

Blog Salvage from 05.12.2004 

MacWorld UK is reporting that a Mac OS X trojan program has been encountered on a LimeWire file-sharing site. The program represents itself as an installer for a demo version of the just-released Mac Word 2004.

In a related article, also on MacWorld UK, the program is described as a 108 KB AppleScript Studio application, sporting something like a Mac Word icon. The app triggers a Unix command that deletes the entire contents of the user’s Home directory.

According to MacWorld, the only known victim said:

I downloaded the file in the hope that perhaps Microsoft had released some sort of public beta. The file unzipped, and to my delight the Microsoft icon looked genuine and trustworthy.

One thing not mentioned in either MacWorld report is the aged-in-oak reposado brand of gullibility required for anyone to fall for this litle script-kiddy capgun.

I know, I know — newbie users, gotta protect ‘em, it’s the thin end of the wedge, we’re going to start looking like Windows. Yadda-yadda.

Bull.

Anyone who mistook this toy for a real demo installer had to believe one or more of the following propositions:

  1. There is a demo version of Mac Word 2004 that fits in 108 KB.

    Yep. That’s believable. (Lovely plumage, eh, squire?)

  2. A Mac Word 2004 demo can get posted on an illegal file-sharing network before Microsoft announces its pending availability in EVERY SINGLE MAC PUBLICATION AND WEBSITE ON THE PLANET.

    No, really, the MacBU’s Marketing Department was depending on word of mouth to drive the upgrade market.

  3. A free Microsoft public beta.

    Yes, I do believe in the Easter Bunny. Why do you ask?

  4. Unlike books, the suitability and authenticity of software can best be judged by its icon.

Despite the all-too-serious consequences of triggering this program, I do not consider this pitiful toy a serious threat to most Mac users. It simply isn’t well-designed, as it depends on a level of rank ignorance rarely found outside devotees of “reality” shows.

I dunno. Maybe my expectations are too high.

I just don’t know too many people who, when they find an open soft drink bottle full of foamy yellow liquid at a bus stop, drink it to find out if there’s a new Sprite Remix flavor.

Wake me when you find evidence of a pointed stick.