This is an interesting addition to the new OS X release.  Although no one really knows what it does exactly, it does add an interesting glimpse on how things are changing for Apple.  Here is a short write up i found:

We’ve gotten reports about an interesting feature in Snow Leopard, the new version of Mac OS X due for release this Friday. According to reports we’ve seen – and the screen shot below – Snow Leopard contains an antimalware feature.

We’re not sure yet exactly how this works, but the above screen shot shows this feature working with a download made via Safari, detecting a version of the RSPlug Trojan horse in a downloaded disk image.

We’re naturally curious about this feature, and about how thorough it is. As soon as we can find out more, we’ll post an article here. We wonder just how serious Apple thinks the malware threat is, especially since their latest Get a Mac ads highlight the fact that PCs running Windows suffer from viruses…

There are several things that I can see this stemming from. Probably the most notorious was the iWork 09, that came with a nice trojan. While it is a horrible reality that companies are having to take extra steps to protect their product form illegally downloaded torrents, I applaud them for taking the first step at least.

(Via Mac Security Blog)

Even as a Mac user myself, I find myself thinking there is no need to worry about viruses and malware. Being in the security industry I know it is an absolutely ludicrous thought, but the chances are low enough that I I just push the idea to the side. Most people would say that the lack of exploits is mostly due to the low market share of the Mac, in attest to that sales are up, and we are seeing malware and even a talk about it at Black Hat this year.

“Most of the existing research (into) rootkits for OS X essentially take older Unix-based ideas and port them to OS X,” Dai Zovi told The Register. “Mine primarily uses the unique features of OS X and this makes it harder to detect the traditional tools and techniques.”

As just another Mach-based operating system, OS X is chock full of instructions that make sneaky rootkits possible. And yet there’s been little documentation, so far, of exactly what they are and how they can be used. Dai Zovi’s talk aims to fill the vacuum by showing how to extend native Mach RPC mechanisms that communicate with the Mac kernel.

“It’s not an inherent weakness in the system,” said Dai Zovi, co-author of the Mac Hacker’s Handbook. “It’s just extending the flexibility of the microkernel-based design in a malicious direction.”

I honestly haven’t looked at the code yet to see how hard the execution is. But with inclusion into the Metasploit Project, I am scared script kiddies everywhere will be able to pull it off.

(Via The Register.)

And so it begins. We all know this would happen as Apple started getting a little bit more market share. ZDNet has an article going back to the malware found in iWork ’09. Showing the first DDOS attack tracing back to it.

iBotnet – Researchers Find Signs Of Zombie Macs : via Packet Storm

USB to Serial cable

So after starting to buy and setup all this Cisco gear, then screwing up and forgetting to set the telnet password, and dragging it across the room to plug it back into the serial port, i decided i needed this.  A stupid USB to DB9 adapter for my Mac.  Yes, i know i could make a long crossover out of ethernet cable, but that isn’t as much fun.  And in typical fashion, drivers for USB to DB9 are not great.  So thankfully i found an article by NERD Logger. Pointing out the easy way to just use the source forge driver and screen to use the adapter in shell.