 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Mac Forum / Applications / Mac Applications / April 2007Macbook hacked via Safari
http://news.zdnet.com/2100-1009_22-6178131.html If this is correct, - and for the first time it seems to be, - be very, very careful with, what kind of sensitive data you have on your computer. These days we have a very harsh one running around here in Scandinavia (Denmark Norway and Sweden) - a false mail, claiming to come from FedEx. Of course it can't hurt a Mac only computer, but computers running dualboot or with an active Windows system on Parallels, it can be rather dangerous, since this spy app can search any accessable disk/partition. So take care! DONOT open such kind of files coming with your emails!!! cheers, Erik Richard > http://news.zdnet.com/2100-1009_22-6178131.html  Signature~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Rgds. Grüße, Mvh. Erik Richard Sørensen, Member of ADC <erikrichard_NOSP@M_stofanet.dk> <http://www.nisus.com> NisusWriter Express - The Future In Multilingual Textprocessing ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > If this is correct, - and for the first time it seems to be Not if you believe http://www.roughlydrafted.com/RD/RDM.Tech.Q2.07/616874CC-35CE-49D3-B859-C2719B6F F352.html > > If this is correct, - and for the first time it seems to be > > Not if you believe > http://www.roughlydrafted.com/RD/RDM.Tech.Q2.07/616874CC-35CE-49D3-B859-C2719B > 6FF352.html You need to actually read the article you cited. >>> If this is correct, - and for the first time it seems to be >> Not if you believe >> http://www.roughlydrafted.com/RD/RDM.Tech.Q2.07/616874CC-35CE-49D3-B859-C2719B >> 6FF352.html > > You need to actually read the article you cited. Yeah, the original InfoWorld article is misleading, it's not a remote exploit but with a little social engineering it can be exploited just like all the Internet Explorer malware exploits in the past. There is never going to be a remote exploit found in a default install of OS X. But once you start turning on the various services all bets are off. Greg SignatureThe ticketbastard Tax Tracker: http://www.ticketmastersucks.org/tracker.html Dethink to survive - Mclusky >> If this is correct, - and for the first time it seems to be > > Not if you believe > http://www.roughlydrafted.com/RD/RDM.Tech.Q2.07/616874CC-35CE-49D3-B859-C2719B6F F352.html Hm, a bit hard to differ, what - or who is right and what's/who's wrong here... cheers, Erik Richard Signature~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Rgds. Grüße, Mvh. Erik Richard Sørensen, Member of ADC <erikrichard_NOSP@M_stofanet.dk> <http://www.nisus.com> NisusWriter Express - The Future In Multilingual Textprocessing ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ In article <aderamey.addw-E30168.16544121042007@newsgroups.comcast.net>, > http://news.zdnet.com/2100-1009_22-6178131.html Sorry, but what does "zero day" mean? SignatureW. Oates > In article > <aderamey.addw-E30168.16544121042007@newsgroups.comcast.net>, > > > http://news.zdnet.com/2100-1009_22-6178131.html > > Sorry, but what does "zero day" mean? A security hole that's exploited on the day it's discovered. IOW, the software publisher has had no opportunity to fix it. SignatureI am extraordinarily patient, provided I get my own way in the end. - Margaret Thatcher > > In article > > <aderamey.addw-E30168.16544121042007@newsgroups.comcast.net>, [quoted text clipped - 6 lines] > > IOW, the software publisher has had no opportunity to fix it. Well you learn something every day. I had thought it was a bug in the code which had been present from the day the software was released. SignaturePaul Sture > In article > <aderamey.addw-E30168.16544121042007@newsgroups.comcast.net>, > > > http://news.zdnet.com/2100-1009_22-6178131.html > > Sorry, but what does "zero day" mean? A zero day exploit refers to a software bug that has never been exploited before and has not yet been repaired. In article <aderamey.addw-E30168.16544121042007@newsgroups.comcast.net>, > http://news.zdnet.com/2100-1009_22-6178131.html Crucial points in the original write up include the two Macbooks sitting unhacked for a day with WifI and Ethernet available to the security conference attendees, when not running any applications. So they didn't get grabbed in minutes like some older versions of Windows (where the time to being cracked is less than the download time for security fixes).. Another interesting one was that there didn't see lots of interest in hacking them just to win a Macbook. The intensive effort came when a $10,000 prize was also offered. Security because attackers don't care is probably just as false as security by obscurity, but it all helps. The weak point was again Safari, and probably a heap overflow. Allowing a shell to execute because of that is dangerous, but at least the effects are restricted to a single user. if you don't web surf as an Admin user you do have a certain degree of protection (although your files may not). Those of us who habitually surf with Javascript switched off (except for specific sites) may not be at risk. I realise some sites simply don't work with javascript off. The good thing about competition is that the nature of the attack is not being made public at the moment. Apple will be advised of the weakness, and have a chance to correct it. With only a little luck, this will be before any exploit goes wild. The people who say it is impossible to crack a Macintosh are just as wrong as the people who say it is easy. Signaturehttp://www.ericlindsay.com >> http://news.zdnet.com/2100-1009_22-6178131.html > [quoted text clipped - 4 lines] > Admin user you do have a certain degree of protection (although your > files may not). And this could be a real good reason not to use Safari! - I don't like Safari, and have only used it sporadically. - Instead I use either SeaMonkey or Opera. > Those of us who habitually surf with Javascript switched off (except for > specific sites) may not be at risk. I realise some sites simply don't > work with javascript off. I have always Java/JavaScript enabled, because my provider requires it, due to be able to use some special security tools from the provider. > [...] > The people who say it is impossible to crack a Macintosh are just as > wrong as the people who say it is easy. Nah..:-) - you can't crack a Mac running OS 7.x-9.x. If you try and manage to get contact with it, it'll just freeze up the very first time, you try to do anything.:-) - I've got a friend - a high educated data engineer in software development - to try to 'attack' two of my machines - both with OS 9.x. He managed to find them and get in contact, but when he tried to access, they both froze immediately and after the restart he was unable to locate them again, - they got new IP addresses, so he had to start all over again, - found them again... and they froze once more. - Next try - same result... cheers, Erik Richard Signature~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Rgds. Grüße, Mvh. Erik Richard Sørensen, Member of ADC <erikrichard_NOSP@M_stofanet.dk> <http://www.nisus.com> NisusWriter Express - The Future In Multilingual Textprocessing ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > The people who say it is impossible to crack a Macintosh are just as > wrong as the people who say it is easy. I know that you are right. Nonetheless, the hundreds of thousands of attacks (or is it millions by now?) on Mac OS X in government, at universities, in the media industry (especially advertising and TV,) in medical research, and at Apple itself, of course, have all failed to penetrate the OS. When I see a report that says "...took the Mac out of the box, turned it on, connected it to the network, went for coffee, came back, and the machine was compromised via the network" that will /really/ get my attention. Every penetration report that I have seen has had a disclaimer of some sort -- had the admin password; "relaxed the rules;" disabled Apple's driver and installed a third-party driver (with an admin password and physical access), or such like. In other words, couldn't compromise the Mac. Naturally, if you could persuade me to participate in the attack, you could get into my Macs (though I think that my encryption software, with an unguessable password following this paradigm Ay9-75x8-J+*pV2wM5q7fC-6t=z8zjR7 would present a very formidable challenge.) (And having that paradigm wouldn't help, either!) Likewise, you could harm me if you could persuade me to drive my car into a brick wall. You would have /great/ /difficulty/ persuading me to do either of these things. I shall continue to remain security-conscious. And I shall continue to trust to my Mac files that I would /never/ place on my networked Windows machine. Davoud Signatureusenet *at* davidillig dawt com > > The people who say it is impossible to crack a Macintosh are just as > > wrong as the people who say it is easy. [quoted text clipped - 7 lines] > came back, and the machine was compromised via the network" that will > /really/ get my attention. According to a later report from the originator of this crack, the entry is via Safari (or probably Firefox) from a website with a QuickTime file that allows Java to act. Since I never enable Java in Safari, I suspect I may be safe, but since the exploit is via Quicktime, perhaps not. I can not recall whether the default settings for Safari are to enable both QuickTime and Java. It seems at least a plausible zero day exploit. It will be interesting to read more details, when they become known. I don't see it as a major concern as yet. I am not sure Vista is as easily attacked as previous versions of Windows. At least not in the "owned out of the box" way. However given I thought Windows 286, Windows 3, 95, 98, NT, XP were all a pain in the ... I have no interest in running Vista. Signaturehttp://www.ericlindsay.com In article The World Wide Wade wrote: > http://news.zdnet.com/2100-1009_22-6178131.html "CanSecWest organizers relaxed the rules Friday after nobody at the event had breached either of the Macs on the previous day." Did they have to "relax the rules" to permit penetration of Windows Vista? Davoud Signatureusenet *at* davidillig dawt com |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.