"Mac OS X hacked in half an hour"
- Thread starter editor
- Start date
so are we all agreed this is a call out thread? 24hr ban for Ed? 
cybertect
It's grim up north (London)
In this particular case, the guy was inviting people to create their own shell accounts on the target machine, and provided them with an ssh connection in to use it, which turns it into an exercise in privilege escalation. It's practically identical to putting a Windows machine on the Internet with Terminal Services enabled and allowing any random Joe to log in. It's not something that most users are likely to ever even think about doing.
Bear in mind also that Mac OS X ships with ssh turned off by default.
All that's been proven is that any user with local access privileges can escalate them, which is in a whole different league to the implication of the article that you can hack a Mac OS X box that's being used as 99% of users will employ it.
Bear in mind also that Mac OS X ships with ssh turned off by default.
All that's been proven is that any user with local access privileges can escalate them, which is in a whole different league to the implication of the article that you can hack a Mac OS X box that's being used as 99% of users will employ it.
Guys, guys, guys. It's fine because if MacOS does, by some miracle from above, become more popular (and hence, paradoxically, more unpopular) than Windows, we'll just uninstall it and install Windows Vista. They're all the same inside now.
Anyway, surely MacOS has anti-virus software and all that?
Anyway, surely MacOS has anti-virus software and all that?
lobster
Well-Known Member
>>Best take it up with security researcher Neil Archibald - he's already credited with finding numerous vulnerabilities in OS X, and reckons he knows of numerous security vulnerabilities in Apple's operating system that could be exploited by attackers.
And here's what he thinks:
"The only thing which has kept Mac OS X relatively safe up until now is the fact that the market share is significantly lower than that of Microsoft Windows or the more common UNIX platforms... If this situation was to change, in my opinion, things could be a lot worse on Mac OS X than they currently are on other operating systems."<<<
I can fully understand that, if linux was on more desktops than 5%, there would be more exploits. One can also argue the fact that linux and bsd varients come with the source and therefore anyone can fix the exploits unlike windows and mac OSx where only a tight-nit of developers fix the exploits by users reporting the exploit experiences.
As people have pointed out having only services that you need running instead of all of them greatly increases security as Bruce Schneier and others have written books about.
Openbsd has none or hardly any running out the box, plus all the source is audited everyday.
Obscurity is another issue that greatly effects security, look at openvms, who honestly uses it outside of financial institutions or universities? I am sure if it was used by much much more people, it would be a target.
And here's what he thinks:
"The only thing which has kept Mac OS X relatively safe up until now is the fact that the market share is significantly lower than that of Microsoft Windows or the more common UNIX platforms... If this situation was to change, in my opinion, things could be a lot worse on Mac OS X than they currently are on other operating systems."<<<
I can fully understand that, if linux was on more desktops than 5%, there would be more exploits. One can also argue the fact that linux and bsd varients come with the source and therefore anyone can fix the exploits unlike windows and mac OSx where only a tight-nit of developers fix the exploits by users reporting the exploit experiences.
As people have pointed out having only services that you need running instead of all of them greatly increases security as Bruce Schneier and others have written books about.
Openbsd has none or hardly any running out the box, plus all the source is audited everyday.
Obscurity is another issue that greatly effects security, look at openvms, who honestly uses it outside of financial institutions or universities? I am sure if it was used by much much more people, it would be a target.
It's a simple fact that the security model in OS X/BSD is a hell of alot better than that of Windows NT using it's SAM database.
I think what the editor is saying is true about the lower user base not attracting as many hackers to OS X, but it's again a simple fact that the default windows security system until XP Service pack 2 sucked big time.
If you where to run an out of the box XP machine (pre SP2) and plug it into the internet it would probably get infected in no time at all. Internet Explorer is to blame for the majority of spyware though, what a stupid mistake integrating it into the OS was.
Microsoft overlooked the whole security thing in a massive way.
I think what the editor is saying is true about the lower user base not attracting as many hackers to OS X, but it's again a simple fact that the default windows security system until XP Service pack 2 sucked big time.
If you where to run an out of the box XP machine (pre SP2) and plug it into the internet it would probably get infected in no time at all. Internet Explorer is to blame for the majority of spyware though, what a stupid mistake integrating it into the OS was.
Microsoft overlooked the whole security thing in a massive way.
lobster
Well-Known Member
>>If you where to run an out of the box XP machine (pre SP2) and plug it into the internet it would probably get infected in no time at all. Internet Explorer is to blame for the majority of spyware though, what a stupid mistake integrating it into the OS was.
Microsoft overlooked the whole security thing in a massive way.<<
I also believe some of it was made vunerable on purpose, so ms can sell a anti-spyware software , who knows if ms own anti-spyware companies.
The same can be said for viruses on windows, as soon as a anti-virus software can detect and clear a virus , a new one is discovered plus the user has to dig out more money to update the software in order for it to clear the virus, and the cycle continues. I know its illegeal for anti-virus software companies to create virus's for the sole purpose of profit, but the commerical software world is corrupt alot of the time(of course there are lots of honest commerical software companies, selling a good product)
Microsoft overlooked the whole security thing in a massive way.<<
I also believe some of it was made vunerable on purpose, so ms can sell a anti-spyware software , who knows if ms own anti-spyware companies.
The same can be said for viruses on windows, as soon as a anti-virus software can detect and clear a virus , a new one is discovered plus the user has to dig out more money to update the software in order for it to clear the virus, and the cycle continues. I know its illegeal for anti-virus software companies to create virus's for the sole purpose of profit, but the commerical software world is corrupt alot of the time(of course there are lots of honest commerical software companies, selling a good product)
cybertect
It's grim up north (London)
I'm tempted to agree largely with what Dask just wrote above.
The market share argument doesn't necessarily hold water either.
Back around five years ago, Apache commanded something like 63% of the web server market and IIS about 20%. The security in IIS 5.0 stunk and the result was the round of Nimda, Code Red and other worms that spread like wildfire across the Net.
Now, I'll happily concede that MS got their act together a bit more with IIS 6.0 and that any version of Apache is not perfect from the standpoint of security, but the point remains that the market share argument would have had Apache leading in both quantity and seriousness security holes, which, at that time, it didn't.
There are many other factors to take into account, such as the technical ability of server admins, the number of other exploitable services running on the box, particularly when you consider the defaults set by the manufacturer, and also the quality of the code.
To assert that Mac OS X is only at lesser risk from a remote exploit than any Windows box because there are fewer Macs around need not hold true.
The market share argument doesn't necessarily hold water either.
Back around five years ago, Apache commanded something like 63% of the web server market and IIS about 20%. The security in IIS 5.0 stunk and the result was the round of Nimda, Code Red and other worms that spread like wildfire across the Net.
Now, I'll happily concede that MS got their act together a bit more with IIS 6.0 and that any version of Apache is not perfect from the standpoint of security, but the point remains that the market share argument would have had Apache leading in both quantity and seriousness security holes, which, at that time, it didn't.
There are many other factors to take into account, such as the technical ability of server admins, the number of other exploitable services running on the box, particularly when you consider the defaults set by the manufacturer, and also the quality of the code.
To assert that Mac OS X is only at lesser risk from a remote exploit than any Windows box because there are fewer Macs around need not hold true.
IIS 6 was a vast improvement from IIS 5 in terms of security.
I remember when a server our company administered got hacked into via the blank system administrator password that SQL Server used to install by default. Effectively if you followed the default installation instructions and put the machine on the net it could be hijacked in about 30 seconds using pre built scripts made to exploit that particular weakness.
What a joke that MS overlooked all of this up until about 3/4 years ago.
I remember when a server our company administered got hacked into via the blank system administrator password that SQL Server used to install by default. Effectively if you followed the default installation instructions and put the machine on the net it could be hijacked in about 30 seconds using pre built scripts made to exploit that particular weakness.
What a joke that MS overlooked all of this up until about 3/4 years ago.
editor said:
You're missing the point here. Jaed is suggesting that Mac OS X is more secure than windows, an argument that empiricaly at least is difficult to argue with. Ythe article linked to suggests OS X is not 100% secure.
These two statements are not mutually exclusive.
editor said:
How about this then from theregister.
http://www.theregister.co.uk/security/security_report_windows_vs_linux/
Woops, it's not OSX (I'm no a fan of proprietary operating systems anyway), but it's a good summation of why *nix systems are far more secure than Windows, by design.
mellowmoose
viva la Palestine !
editor in mac OS X bashing shocker 
editor
hiraethified
Hey, I'm not knocking it - I just thought people should know that it's perhaps not as ultra safe as some people think.mellowmoose said:editor in mac OS X bashing shocker
I'm in no doubt that, right now, a Mac users is far less likely to hacked/hit by a virus than a Windows user.
editor
hiraethified
Hold on. You know the 'Mac OS X Security Test' test that was at http://test.doit.wisc.edu/?
They said it was going to run until Friday but they've rather curiously closed it already (after just 38 hrs!) because of the "enormous attention."
Hmmmm.... anyone else think this a little odd?
They said it was going to run until Friday but they've rather curiously closed it already (after just 38 hrs!) because of the "enormous attention."
Hmmmm.... anyone else think this a little odd?
editor said:
Nah, it's probably legit
30 mbps is pricey, and would probably have pissed off whoever's running the network. And dictionary attacks are futile (as you can be confident they'll have chosen a totally random password), require no skill, and are common to any machine with remote login.
Still rather lame though, they should have guessed this would happen.
editor
hiraethified
I've no idea. But is sure sounds like someone/something fucked up.jæd said:
Inviting hackers to do their worst is simply asking for trouble and withdrawing a high profile challenge early is bound to raise eyebrows...
There is no mention of a lack of authorisation from the university, btw, although they're not really coming out too well from all this.
editor said:
Gotta love the way you defended the original test, and its conclusions, but you're citing this test as "fucked up"... And anyway the new test was more a test of ssh and apache than of OS X...
Personally... I'd wait until more details are out before assuming stuff..
Crispy
The following psytrance is baṉned: All
jæd said:
Or perhaps because it made the front page of Slashdot, the poor little mac mini just couldn't cope? How are you supposed to hack a box if it's effectively being DOS'd?
Agree with the above that OSX is more secure by design than Windows (not installing the main user as root for a start). Naturally Window's popularity makes it a bigger target, but the hacker's job is made easier by windows' fucked-up design. Apparently, Vista will be better behaved.
editor
hiraethified
Where did I "defend the original test and its conclusions" please?jæd said:
And I didn't describe the University's test as "fucked up" - I said that "it sure sounds like someone/something fucked up" which is a fair analysis when the plug is pulled on a high profile test after just 38 hours.
I really wish you'd stop trying to misrepresent me.
editor said:
Well... At no time have you be seen to appreciate the first tests key flaw. This has now been pointed out by enough people that the publishers have added a disclaimer.
I'm still interested in why you think that someone "fucked up"... So they ended the test for an unspecified reason. Perhaps waiting and seeing what the reason is before deciding something...? Perhaps saying that someone "fucked up" is misrepresenting *them*...?
If you're so concerned about misrepresentation, can you not appreciate how the original study is a misrepresentation of OS X security...?
editor
hiraethified
Don't wriggle please. You made a claim that I "defended the original test and its conclusions." That is a lie.jæd said:
FFS: they made a big announcement about their Security Test and then promptly withdrew it three days early!jæd said:
I'd call that a fuck up - unless your idea of a successful public five day trial is one that disappears after just 38 hours.
Similar threads
