|
Go
|
New
|
Find
|
Notify
|
Tools
|
Reply
|
|
| First Major OS X Trojan Horse
| Login/Join
|
Master Baiter |
That's actually a good point. I'm surprised nobody has done it just as an intellectual everest. "Because it's there". That's really part of the hacker and virus writer mentality. But it is tough for people to take credit for this stuff, without getting caught. Because another feature of the mentality is that they'll stab each other in the back. They will out each other and sic the law on them if they figure somebody is getting too big for their britches. The dudes that brag, are the ones that end up in jail. At least I hope so. I think maybe Mac users have been spared because they're the underdogs, they're up against Microsoft and bigger computer companies, so they're the little guy. A small target, but also Jobs used to be the kind of anti-Gates. Maybe virus guys all love their iPods, who knows. But I'm sure it's coming. There's enough of a challenge out there that some idiot is going to try to bring Apple to its knees with some OS X virus that's going to be damaging and pervasive. I think it's just a matter of time. |
|||
|
|
THALO.net brother |
A very good question. Actually, there is already a lot of software for OS X out there that on every other platform would definitely qualify as malware or spyware. Let's do a little exercise in Zen-Buddhism (you know, where people reach enlightenment by being asked questions like "What is the sound of one hand clapping ?"): You've probably heard about those "Safari-Enhancers". Maybe you're even using one yourself. There's a whole bunch of'em out there, but since i'm not using OS X myself, i've only read about them :-) Now, you download a piece of software. You don't have to enter your administrator password, that means no software is installed (or at least the system makes you believe that). If you looked at your Safari installation, you would notice no change at all. However, the next time you click a certain button in Safari, it behaves totally different from the last time you clicked it, before you downloaded the software. How can that be ? P.S.: A good read: http://blogs.zdnet.com/Ou/?p=165 This message has been edited. Last edited by: klapauzius, |
|||
|
THALO.net divinity |
So what you are saying Klap is that the user has to install the malware/spyware to be infected. So the only real protection is if you eliminate the user to stop the infections.
The only time I use Safari is to change my default browser setting. I have been stuck in Mozilla the last year. I had always used Camino which was an off shoot of the old Netscape Navigator. The Camino Project killed the browser when Tiger was released by making it Global History centric changing it into IE Firefox Safari. It is still probably the fastest OS X browser the browsing part though is all convoluted Global History mishmash like Safari/IE. |
|||
|
|
THALO.net brother |
No. What i'm saying is that the user doesn't have to "install" anything to be infected. Read this: http://www.zdnet.com.au/news/security/soa/Mac_OS_X_hack...1744,39241748,00.htm Good luck with OS X. You may need it. This message has been edited. Last edited by: klapauzius, |
|||
|
|
THALO.net divinity |
Now brother klapauzius you can not be serious. Here is the first sentence from your link:
Set his Mac Mini up as server? Oh so I see to have your Mac hacked the User has to set it up as a server first to broadcast a signal to open it up for attack. I like this gem -- with various remote services running and local access to users… So which OS again protects itself from the User? |
|||
|
|
THALO.net brother |
You, sir, don't have a clue. |
|||
|
|
THALO.net divinity |
Hmmm...Klappy you say that as though somehow you have clue. |
|||
|
|
THALO.net brother |
The usual sequence for a "hack" is as follows: 1. A non-privileged user downloads something from the internet or a LAN. In the case of OS X, this doesn't even have to be installable software (or something that looks like it). In the case of OS X, you're never really sure what you actually download from the internet, since the information presented to the user (the icon, the file-suffix etc.) may be totally bogus. 2. Because of security holes and/or design flaws in the operating system, this "something" is started and gains administrator privileges. This is called "privilege escalation", since "something" initially had the privileges of the user referred to under 1. 3. "something" installs some software, optionally hiding the installed software in a very clever way (this is usually referred to as "root-kits") 4. This software then does whatever it wants, since it has administrator/root privileges. This can of course include activating services, opening ports and so forth. Because of point 1. above the hacking contest i referred to makes perfect sense and actually says a lot about the (non-existent) security of OS X. Several holes have been found in OS X over the last few weeks that refer to point 2. above. Several more holes are out there and known in the hacker community according to the succesful hacker + several independent security experts. The latest security update from Apple does NOT fix these problems, it only adds some additional warnings and checks in a number of situations. |
|||
|
Mockerator |
The usual sequence for a "hack" is as follows:
I'm unsure whether that word is referring to brother Rico or the procedure.  Maybe both. |
|||
|
|
THALO.net divinity |
So what you are saying klappy that "something" is the user escalating privileges to facilitate the "hack".
How do we protect against the end user? What if we say Nelson all of sudden realizes wait I am not the end user I am the only user what then I ask. How does brother Nelson protect against hacking himself? |
|||
|
|
Mockerator |
How does brother Nelson protect against hacking himself?
A much-needed, and at this point totally theoretical, girlfriend. |
|||
|
|
THALO.net divinity |
I was going to suggest video surveillance but did not think it was something we needed to visually imagine.
|
|||
|
|
THALO.net poet laureate |
A much-needed, and at this point totally theoretical, girlfriend.
I’m sure you’ll find one soon, brother Brad. In the mean time, there’s always the solace of great art. |
|||
|
|
THALO.net brother |
No. I have to elaborate. A hack with OS X might happen like this: A non-admin user downloads something that looks like a jpeg image, a pdf document, whatever innocent file types there are. Note that "download" might refer to a "download" in safari, but also to opening an e-mail in Mail or opening something in iChat. All Programs using Launch Services are affected. This something, however, is actually a shell script, an executable program, a cocoa bundle, whatever. Now proceed with point 2. above, noting that because of the zen-inspired mechanisms present in OS X, "something" does not have to be started by the user to become active. All the user has to do is to start any Cocoa application, and "something" will become active like through magic. This is the bad design i was referring to above, namely in connection with the Input Managers. At this point, "something" is active but still running with the user's non-admin privileges. However, because of security holes and bugs in OS X, something is able to gain admin privileges, although it was started in the context of a non-admin user (not BY the user). Now proceed with point 3. above. |
|||
|
|
Mockerator |
I’m sure you’ll find one soon, brother Brad. In the mean time, there’s always the solace of great art.
Believe me, I expect no condolences or sympathy because I’m such a pain in the ass that the Julia Robertses of the world aren’t knocking down my door. But there is a side to that "art-as-solace" thing that makes sense for me. I’m truly an idealist and there is no woman on earth who is good enough for my ideal, although one with a friggin’ sense of humor would be a start. God, how absolutely tight people are these days, if you ask me. And even GAH-uh-duh (said as a three syllable word like a Sunday morning preacher) comes up short in my all-encompassing critical stare. But in art and ideas there can truly be perfection. It may be a somewhat stale, cold perfection when compared to the imperfection of a warm, supple, needy, nagging, clinging, dependent, did I mention nagging? woman. But it is a perfection nonetheless. Thanks for that near-perfect piece of art, brother yabor. |
|||
|
|
Master Baiter |
Did you guys ever see the horror movie "May" with Angela Bettis?
Brother Brad, you have to rent it. |
|||
|
|
Mockerator |
Sounds interesting, thalo. I'll put that on the list.
|
|||
|
|
THALO.net divinity |
I think I am getting what you are saying klappy. Let me recount.
The active innocence of the user to download whatever files is something pointing towards being hacked successfully. Right it all starts when the user downloads whatever. |
|||
|
|
THALO.net divinity |
I think I saw that movie. It is out there.
|
|||
|
| Powered by Social Strata | Page 1 2 3 |
|
© 2005 THALO.net