|
|
06-03-2006, 10:07 PM
|
|
Regular
Group: Regulars
Location: /dev/null
|
Just saw the news headline on the right OS X hacked in 30 minutes
Firstly, as the article mentions there is an OS X hardening guide.
Secondly, any website worth its salt runs on a sacrificial box where if security is compromised nothing much can happen (protected from internal network and no non-public files) and can be re-imaged quickly.
Thirdly, any web software is hackable (but you don't hear how IIS is compromised do you)
Finally, if you have hardware access to a Mac then you can get the data....just boot from an install CD and change the root password.
Sigh....sometimes I love the media attention Apple is getting these days....sometimes I hate it.
Bartron
__________________
1.83G 15" MBP, 2.8G 24" iMac, 1.83G 17" iMac
flickr : redbubble
70 b3 0r |\|07 70 b3, 7|-|@ 1$ 7|-|3 QU3$710|\| |
|
|
|
|
|
|
|
06-03-2006, 10:17 PM
|
|
Regular
Group: Regulars
Location: Melbourne
|
Compared to the 2min 30sec it would take to get an XP box.
__________________
THE OFFICIAL GOD FAQ
Q: Does god exist?
A: No
iBook 14'' 1GB Ram, MBP(santa) 15" 4GB ram, iPod Nano(3G) 4gb, iPod shuffle 512mb, iPod Touch 8gb.
|
|
|
|
|
|
|
|
06-03-2006, 10:27 PM
|
|
Widgeteer
Group: Forum Leaders
|
Without any reference at all to how it was done, it may as well be fake. I'm not saying it's not possible, but why bother making a statement like that without any facts?
|
|
|
|
|
|
|
|
06-03-2006, 10:48 PM
|
|
Regular
Group: Regulars
Location: Lanes 5 & 6!
|
Quote:
Originally posted by The Fluffy Duck@Mar 6 2006, 10:17 PM
Compared to the 2min 30sec it would take to get an XP box.
|
or less if you boot into safe mode 
__________________
Sony VAIO C Series - 1.66GHz Core2Duo | 1GB | 80GB | Vista Home Premium
PowerMac G5 - Dual Core 2.0GHz | 512MB | 160GB | 6600LE | Mac OS X Tiger |
|
|
|
|
|
|
|
|
07-03-2006, 06:57 AM
|
|
Regular
Group: Regulars
Location: Wellington, NSW
|
Yeah but what ZDNet fails to mention is that the hacker was given a local account and as such the exploit was a local privilege escalation, not an external.
I myself tend to treat anything coming from ZDNet with a grain of salt.
THe University of Wisconsin has given an explanation to this hack and even put up their own Mac mini to be defaced. As of the writing of this post it's still secure.
http://test.doit.wisc.edu/
__________________
->insert something witty here<-
|
|
|
|
|
|
|
|
07-03-2006, 08:41 AM
|
|
Member
Group: Regulars
Location: Melbourne
|
There have been a lot of these alleged breakins.
I find the reaction of various sites to OS X (and Linux for that matter) fascinating.
One must remember that the whole existence of lot of vendors is based on treating the symptoms NOT the cause of problems. If trojans, viruses etc were removed, the income sources of many companies would vanish.
So, it is in their interest to say: "everybody is vulnerable" - don't get OS X, Linux, whatever - you will still be vulnerable.
At the same time, a quick look at the packets coming to the edge of my networks shows a vast amount of bad traffic, nearly all aimed at Windows.
Reality check: If OS X was really that vulnerable, where are the examples of actual exploits? If it was doable, someone would have done it just for bragging rights, if not to sell "security" software.
Security for OS X for ordinary users is simple:
o Enable the firewall
o Turn off all services (this is the default anyway)
o If you must turn on a service (like file sharing) for home use, make sure your edge firewall blocks external traffic to that port
If you really are doing server-type things (such as remote file sharing, web) get up to speed on security fast! Vulnerabilities here are still few and far between for Apache for example. However, I would be wary of file sharing.
And by the way, if you run Office 2004, MS kindly opens a port for you! Go figure..... these guys will never get it. Hopefully, of course, your edge firewall will protect you.
__________________
MacBook Pro 2.2/4gb: G4 1.2/1.5gb/240gb/ATI 9000Pro : EeePC/Linux : 60gb iPod
|
|
|
|
|
|
|
|
07-03-2006, 10:39 AM
|
|
Regular
Group: Regulars
Location: SunnyCoast.au
|
Good posts Feeze and Damian.
Honestly, giving a hacker access as a local user?!
What a load of crap! (i will be checking my jpeg downloads a little closer though...  )
__________________
iMac C2Duo + MacBook Pro C2Duo
Tradies : applecollector / thatfilthyspringbok / decryption / mwot / c3017474 / wowbagger / squozen / jarrodb
|
|
|
|
|
|
|
|
07-03-2006, 10:46 AM
|
|
Regular
Group: Regulars
Location: Sydney, Australia
|
Pardon my ignorance - but what is an "edge firewall"?
|
|
|
|
|
|
|
|
07-03-2006, 11:04 AM
|
|
Regular
Group: Regulars
Location: Melbourne
|
Quote:
Compared to the 2min 30sec it would take to get an XP box.
or less if you boot into safe mode
|
Sorry a compaq take 10min to boot :P
You mentioned viewing incommin packets how do you view that and whether they are directed towards your mac or not?
Also how do you view which ports are open and how to clsoe them?
__________________
THE OFFICIAL GOD FAQ
Q: Does god exist?
A: No
iBook 14'' 1GB Ram, MBP(santa) 15" 4GB ram, iPod Nano(3G) 4gb, iPod shuffle 512mb, iPod Touch 8gb.
|
|
|
|
|
|
|
|
07-03-2006, 11:13 AM
|
|
MacTalk Podcaster
Group: Regulars
|
|
|
|
|
|
|
|
|
07-03-2006, 11:17 AM
|
|
Regular
Group: Regulars
Location: Hobart
|
ROTFL That is GOLD! Fully sick gold!
__________________
Zion: iBook 1.33mHz; Osiris: iPod 40mB gen 4; Logos: iPod Nano 1Gig; Neb: MacBook Pro 15"
|
|
|
|
|
|
|
|
07-03-2006, 11:19 AM
|
|
Regular
Group: Regulars
Location: Melbourne
|
I like in that article they say if you get hold of the boot cds you can change anything.
Well no shit, but I would still like to see the snottey 14 year old get hold of my boot cds here in melbourne.
EDIT: I really want to shoot the person who made that post sound like another "gone in 60 seconds" car movie.
__________________
THE OFFICIAL GOD FAQ
Q: Does god exist?
A: No
iBook 14'' 1GB Ram, MBP(santa) 15" 4GB ram, iPod Nano(3G) 4gb, iPod shuffle 512mb, iPod Touch 8gb.
|
|
|
|
|
|
|
|
07-03-2006, 11:59 AM
|
|
Not so serious ;)
Group: Administrators
Location: Fukuoka, Japan (originally Canberra)
|
Unfortunately, Mac OS X, if left on an open network, is not secure. There have been cases of machines being compromised from the internet without any trace as to how it was done using "undocumented" vulnerabilities.
Sad to say, that ZDNet artical is spot-on.
|
|
|
|
|
|
|
|
07-03-2006, 01:59 PM
|
|
Regular
Group: Regulars
Location: Brisbane
|
Quote:
Originally posted by Currawong@Mar 7 2006, 11:59 AM
Unfortunately, Mac OS X, if left on an open network, is not secure. There have been cases of machines being compromised from the internet without any trace as to how it was done using "undocumented" vulnerabilities.
Sad to say, that ZDNet artical is spot-on.
|
No it's not currawong.
Read the top news item on the right of the front page.
__________________
I have no successful trades
|
|
|
|
|
|
|
|
07-03-2006, 02:13 PM
|
|
NSLog(@"%@", [self customTitle]);
Group: Regulars
Location: Melbourne
|
Yep, I though something was seriously fishy about the lack of information in that ZDNet article. It's sad to see people spreading FUD like that....
__________________
"A company must go out and find what the customer wants ... The need is not for, say, half a million Ό-inch drill bits. The needs is that there are ten million Ό-inch holes that need to be drilled." - Robert Noyce
"Algorithms that forget their history are doomed to repeat it" - Artificial Intelligence, A Modern Approach (Russel & Norvig)
|
|
|
|
|
|
