PDA

View Full Version : 10 questions for MacBook hacker Dino Dai Zovi


MacBytes
Apr 25, 2007, 10:54 AM
http://www.macbytes.com/images/bytessig.gif (http://www.macbytes.com)

Category: Opinion/Interviews
Link: 10 questions for MacBook hacker Dino Dai Zovi (http://www.macbytes.com/link.php?sid=20070425115438)
Description:: I caught up with security researcher Dino Dai Zovi to discuss his successful hijack of a MacBook Pro machine at last week's CanSecWest conference in Vancouver, Canada. We talk about the specific vulnerability, the motivation for the attack, Apple's response and his plans around Mac OS X research.

Posted on MacBytes.com (http://www.macbytes.com)
Approved by Mudbug

dejo
Apr 25, 2007, 11:09 AM
On my site, I list several vulnerabilities I've found and reported to Apple and I've found them to be very responsive and upfront about verifying things and giving credit. Some things are fixed quicker than others and maybe you can say they take too long on some things but when there are interdependencies on components being fixed, it can be a month of two before you see a patch.

They do tend to be a little quiet when dealing with researchers. They'll communicate on an as-needed basis and if you don't provide adequate information, maybe they'll follow up and ask for more. When I report bugs to Apple, I send full details including an exploit. They've been very good about pinpointing the issue and providing a fix.

I had an issue once where their engineers had trouble reproducing a vulnerability and I had to send more information and an actual exploit. After that, they found it and fixed it. I've always received appropriate credit.
Sounds like a very different experience than David Maynor and Jon Ellch had. Hmm...

nagromme
Apr 25, 2007, 02:23 PM
Sounds like a very different experience than David Maynor and Jon Ellch supposedly had. Hmm...

I added a word there :) The failure of Maynor and Ellch to this day to reveal proof of their accusations against Apple is just one of the extremely suspicious aspects of their saga.

http://daringfireball.net/2007/04/in_my_world

http://daringfireball.net/2007/03/show_me

miniConvert
Apr 25, 2007, 02:33 PM
That was quite an interesting read, Dino Dai Zovi comes across quite well. I think his skills could be put to good use probing OS X much harder to ensure the continued reputation of the OS.

guitarmaster18
Apr 25, 2007, 04:09 PM
Anyone know the details of how he did it? Like, what HTML code would be used to do that?

nagromme
Apr 25, 2007, 09:06 PM
Anyone know the details of how he did it? Like, what HTML code would be used to do that?

Yes :) Zovi and his partner know, the company they sold the details to knows, and Apple knows :) And that's as it should be until there's a patch.

dartzorichalcos
Apr 25, 2007, 09:46 PM
Is an Intel mac easier to hack into than a PPC Mac? Is it because of this (from Wikipedia):

PowerPC processors enforce some restrictions on the alignment of executable code, which could make exploiting certain vulnerabilities less difficult on an Intel CPU, however most modern Intel chips offer similar security features. One possible loss of security that is fundamental to the architecture is that the return address is passed on the stack in x86, unlike PowerPC, which have a special Link Register to store the return address, which is only pushed on the stack if the procedure calls another procedure, which makes buffer-overflow attacks easier on x86, though Mac OS X supports the XD bit which make it harder to actually cause an buffer-overflow attack to execute code.

nagromme
Apr 25, 2007, 10:30 PM
Is an Intel mac easier to hack into than a PPC Mac? Is it because of this (from Wikipedia):

I don't believe any Mac exploits related to that have been found.

winmacguy
Apr 25, 2007, 11:46 PM
Very interesting reading. A very reasonable guy.