Shakespeare was wrong. Forget killing the lawyers, killing off a few tech writers is probably a better idea.
Consider this jumbled of nonsense from the BBC about an amorphous hunk of malware out for the Mac.
Malicious worm aims to bite Apple
Mac users are being warned to be on the lookout for what is being called one of the first viruses for Apple computers.
What a second. The headline calls it a worm now the body calls it a virus. The two are quite different. And it is not a distinction without a difference. The way we combat these things changes according to what the malware does. -Just like in real life. – You wouldn’t want a physician to prescribe antibiotics for a human virus.
OK I’ll give him a break, the editor probably wrote a poor headline, certainly the tech writer knows better… Right?
The malicious program, known as Leap-A, tries to spread via Apple’s iChat instant messaging program. [No, it doesn’t more later -ED]
The worm disguises itself as images of Apple’s forthcoming version of its operating system, called Leopard, and plunders buddy lists if installed.
Now, it’s a virus again!
Security firms said Leap-A was not widespread and was unlikely to catch out many Apple users.
No threat
The malicious program tries to trick users into installing it and does not exploit any security holes in Apple’s OS X operating system.
If it tries to trick a user into doing something stupid and does not exploit a security hole (and self-propagate) it is NEITHER a worm NOR a virus, it is a Trojan horse.
Yet if you read the whole rest of the article, the author uses the terms interchangably and even gives us tortured paragraphs like this one:
The worm is interesting as it is one of the few written for Apple computers. The vast majority of viruses are written to attack Microsoft’s Windows operating system.
My point, goes to the heart of the point of this story. This Trojan spreads NOT because it is self-replicating. This Trojan spreads because it relies on users doing stupid things. (several stupid things in a row actually) But how can we blame the users for their ignorance when the “experts” writing these stories are clueless themselves?
]]>< 
Here’s a good description:
“Technically, it’s a bit of everything. It’s a virus, in the sense that it attaches itself to other executable code on your Mac. It’s a worm, in that it attempts to self-replicate and spread from machine to machine. It’s a piece of malware, because it can do bad things to your computer. Basically, it’s a piece of malware that’s delivered via a Trojan horse and then acts in both viral and wormy ways.”
From:
http://www.macworld.com/news/2006/02/16/leapafaq/index.php
By any measure, it barely qualifies as a virus/worm/malware. It does not exploit any security holes. It depends on the user to launch it on their system. This is nothing compared to what you get on Windows systems.
>It’s a virus, in the sense that it attaches itself to other executable code on your Mac.
OK color me confused. I read like 5 stories on it and I didn’t see it trying to attach itself to other code. I wish I could get my hands on a copy. Thanks, I’ll read the link.
http://securityresponse.symantec.com/avcenter/venc/data/osx.leap.a.html#technicaldetails
From link above:
>Second, Leap-A will start infecting Cocoa applications on your machine, via an InputManager that it installs in your user’s directory. Each time you launch an infected Cocoa application, Leap-A will use OS X 10.4’s Spotlight search feature to find the four most-recently-used applications. If they’re Cocoa apps, Leap-A will infect them as well.
That explains more.
–To a degree I guess I might could cut the guy some slack but realistically, if you are a tech writer, rather than use the words interchangably like the BBC guy, you should expalin it like the link above.
Good link George
From real close to the horse’s mouth.
http://www.ambrosiasw.com/forums/index.php?showtopic=102379
It is first and formost a trojan horse. That is how it should be classified as that is the initial mode of infection. It can’t act as a virus or a worm until it is first executed by a human who was tricked into launching it.
And you are right, a tech writer should know the difference. But then I guess it goes to show that shoddy journalism isn’t isolated to disaster and political reporting.
>It is first and formost a trojan horse. That is how it should be classified as that is the initial mode of infection. It can’t act as a virus or a worm until it is first executed by a human who was tricked into launching it.
The name game is getting silly if you read enough of the articles. it is not that complicated.
It is a Trojan with a virial payload.
True, but just with the Katrina reporting, bad information affects how people react. Should I be scanning my system twice a day until the virus threat subsides? Perhaps I should stop using iChat altogether until the worm is under control. On the other hand, if it’s a trojan horse then I just need to not be stupid enough to open a file that promises great pr0n or photos of Osama bin Laden’s capture or someother unsolicited enticement.
is being called one of the first viruses for Apple computers.
That was another annoying point. Back in the 1990s, Apple viruses, while not nearly as numerous as PC viruses, certainly existed, especially on campuses.
How about this:
It is an unwanted program that will do very bad things if executed.
As an IT professional I am always humored by the ones which bank on the stupidity of the user to succeed. No security holes in the OS, then why not try the one right smack in the middle of the person’s head.
Social engineering has always been the most powerful attack.
What JohnAnnArbor said; I worked in a college Mac lab back then and was always running into viruses packed into macros usually associated with exel spreadsheets.
kbiel
According ot the symantec stie, it “infected” 0-49 users at only 2 sites. (if i read that right)
frankly, I’m ignoring it.
John I noticed that too. nVir never happend? 😉
Great observations, Paul, as usual.
Certainly true, though that was a very different O/S. Since Apple went to Mac OS X (aka UNIX), the number of successful virus attacks has gone to zero, even though there are obviously more Macs out there now than there were pre-OS-X. Clearly this is not just a marketshare effect, no matter how you want to shake and bake it.
Whatever makes you think that journalists would be any more competent reporting on technology issues than they are reporting on politics, ethics public and private, commerce, economics, foreign affairs, military matters, cultural concerns, education, religious issues, judicial questions, national security, the weather, gardening, automotive repair, or meatloaf recipies?
How silly can you get?
“is being called one of the first viruses for Apple computers.”
Carrick has this right, the old viruses infected an entirly different operating system. This article reads like the person who wrote it has zero experience Apple products. Like the guy who published a scathing review of the iMac when it was introduced based on a six month old report on a prototype that was never release to the general public. I believe it was St. Thomas Aquinas who said about writing and speaking, “Know your subject and the words will follow”.
I was going to write a virus for mac once, but then I thought it would just be faster to handwrite a nasty letter and mail it to all the mac users individually.
Paul said:
“The malicious program, known as Leap-A, tries to spread via Apple’s iChat instant messaging program. [No, it doesn’t more later -ED] “
The article with “new” information said:
“First, it tries to send a version of itself to everyone on your iChat buddy list. All of your buddies will receive the standard iChat file transfer message, though you won’t see any activity on your end.”
Where is the “more later” disscussion? Now I’m confused!!
Paul, I have to tell you I had a moment of panic when I saw the title line on my RSS list. I mean, I’m a tech writer – I write repair and parts manuals. But I didn’t have a clue what I had done to piss you off.
Turns out, you just had a mild cranial-anal inversion. The person who wrote that article was a journalist, not a tech writer. A journalist writes (frequently) crappy, poorly researched articles for mass consumption and wrapping fish. A tech writer, on the other hand, does things like take complex engineering data and turn it into easily comprehensible instructions that allow non-engineers to use or repair equipment, or operate software.
It’s all right, though. We won’t hold it against you or disassemble your car in the driveway and leave you without a manual to put it back together. Just refocus that hostile energy on the real culprits – journalists. 😉
J
It does not “try to spread” it “gets spread.” The difference is who does the spreading. The malware itself or the end user.
The 2 are lightyears apart in computer terms.
I know you’re trolling but I answered you anyway. 😉
=======
Dave,
Technology writers, just like we have “Sports Writers.”
Calling a journalist (whose only technology class was probably a mandatory keyboarding course) a tech writer is akin to calling a teenager who picked up the ocarina in between watching episodes of Yu-gi-oh a orchestral musician. I’ve known many tech writers and the in-duh-vidual who wrote that article *isn’t* one.
Paul,
Don’t take my comments too seriously – I was mostly tongue in cheek. BUT – there is no profession outside of journalism that employs sports writers, insofar as I know. OTOH, tech writers are a distinct and (usually) honorable breed mostly unafflicted by the journalistic vices.
Thanks for the opportunity to talk bad about journalists without getting into politics. Meanwhile, back to work!
Dave as a technical writer you’ll be sure to appreciate the distinction which I draw….
That fact that “sports writers” are a complete subsest of “journalists” does not imply that “Tech Writers” must also be a subset of the same superset.
It is quite possible -indeed it is true- that the term can and is used to denote various sub-sets of “writers” some of which might be in disjointed sets.
Using the term “tech writer” to classify a subset of journaists does not demand mutual exclusivity from using the term in another way.
Am I not right? (grin)
(geeze, here I was half asleep on a Sunday moring and you had to go and make me think. 😉
Don’t make me draw a Venn Diagram for you. lol