DownloadCheck
Your rating: Now say why...

0

Checks for Trojan Horses in Downloads folder.   Free
Add to my Watch List
Email me when discounted
DownloadCheck is an application that checks for Trojan horse applications in your Downloads folder. It was written in response to the MP3Concept Trojan horse release of April 2004. See John Gruber's excellent commentary on this Trojan and the controversy/hype that it generated.

It's likely that you'll never find a MP3 or other document type masquerading as an application. Most transport mechanisms on the Internet will not preserve the resource fork of the file being downloaded. Without the resource fork, the MP3Concept Trojan, and others like it, will not work. DownloadCheck is released as
Requirements
PPC, Mac OS X 10.3 or later






    Be the first to recommend a similar software title.
DownloadCheck User Discussion (Write a Review)
ver. 1.x:
Your rating: Now say why...
Overall:

sort: smiles | time
burypromote


Anonymous reviewed on 13 May 2004
I'll give you an A for good intentions, but "an application disguised as a document" is just brushing the surface of potential trojans, and one that is as you note very difficult to actually get into a user's system. And, alas, the trojan itself would most likely show up in something like an internet-enabled disk image and never show up in the download folder.

Don't run programs from untrusted sources, don't automatically launch ANY file recieved from untrusted sources, disable all the "helpful" automatic unpacking and launching you can, and open documents by dragging and dropping them into the application icon that's expecting that type.

Because all these attacks are, at the heart, a con. Social engineering. Be aware, and you won't be socially engineered. Not twice, anyway. :)
[Version 1.0]

2 Replies

burypromote
Anonymous commented on 14 May 2004
Amen.
burypromote
ChiefTypist (developer) replied on 14 May 2004
A small correction: internet enabled disk image will show up eventually as a folder in the user's download folder (after the items are copied from the disk image.) Since DownloadCheck looks in subfolders, it should pick it up.

The main problem, as you note, is the stupidity of people. If DownloadCheck flags applications in the folder, maybe it will make people think twice about opening them.

Nah...
There are currently no troubleshooting comments. If you are experiencing a problem with this app, please post a comment.

There are currently no ratings. Write a comment or review now.

Downloads:8,996
Version Downloads:5,063
Type:Utilities : Virus
License:Free
Date:13 May 2004
Platform:PPC 32 / OS X
Price:Free0.00
Overall (Version 1.x):
Features:
Ease of Use:
Value:
Stability:
Displaying 1-1 of 1
-
-
-
Please login or create a new
MacUpdate Member account
to use this feature
Watch Lists are available to
MacUpdate Desktop Members
Upgrade Now
Install with MacUpdate Desktop.
Save time moving files & cleaning
up space wasting archives.
DownloadCheck is an application that checks for Trojan horse applications in your Downloads folder. It was written in response to the MP3Concept Trojan horse release of April 2004. See John Gruber's excellent commentary on this Trojan and the controversy/hype that it generated.

It's likely that you'll never find a MP3 or other document type masquerading as an application. Most transport mechanisms on the Internet will not preserve the resource fork of the file being downloaded. Without the resource fork, the MP3Concept Trojan, and others like it, will not work. DownloadCheck is released as a deterrent for anyone who might consider writing an exploit of this type. We hope that we'll never need to use it.


- -