Go Back   MacRumors Forums > Apple Hardware > Notebooks > MacBook Pro

Reply
 
Thread Tools Search this Thread Display Modes
Old Jan 29, 2011, 10:53 PM   #1
4lisawriter
macrumors newbie
 
Join Date: Jan 2011
Location: marietta, ga
Question Can a MAC be hacked? How do I know if it happens? Security advise welcome.

Can someone advise if my MAC Book Pro can be hacked? If so, how will I know if/when it happens and what security measures to you advise. This is my first MAC. I bought it because I was tired of getting virus' and being hacked on my windows desktop.

Thank you,
4lisawriter is offline   0 Reply With Quote
Old Jan 29, 2011, 11:07 PM   #2
altecXP
macrumors 65816
 
Join Date: Aug 2009
Quote:
Originally Posted by 4lisawriter View Post
Can someone advise if my MAC Book Pro can be hacked? If so, how will I know if/when it happens and what security measures to you advise. This is my first MAC. I bought it because I was tired of getting virus' and being hacked on my windows desktop.

Thank you,
Yes macs can be hacked, and get virii. They just do LESS then Windows due to its small market share.

Look at is like this, Would you rather take over/take down 80% of internet users? or 10%? Mac's rely in obscurity for their security

So you bought a Mac because you don't know how to protect your PC? Well remember: Security by Obscurity is no security at all. The more popular Mac gets the more just like Windows it will be when it comes to spyware/infections.

Here is a blog post about securing OS X better: http://keithschwerin.com/blog/?p=75

Also I can guarantee you were never hacked. If you were then you should look out for identity fraud.
__________________
Home - 13in MacBook Air: 1.7GHz i5, 4GB DDR3, 128GB SSD
Work - (not in use)2011 15in MacBook Pro: 2.2GHz i7, 8GB DDR3, 500GB HDD
(in use) 2008 15in MacBook Pro: 2.5GHz Core2Duo, 4GB DDR2, 160GB HDD
altecXP is offline   0 Reply With Quote
Old Jan 29, 2011, 11:13 PM   #3
el-John-o
macrumors 65816
 
Join Date: Nov 2010
Location: Missouri
Hacking, even Windows, is incredibly difficult. What is more likely is that you had trojans sucking information out (which were put there by you, they may be pretending to be something else, hence the name, but still put there by you), or fell to phishing sites.

Definitely read up on PC security!

Edit: I do remember an old episode of "The Screen Savers", in which they were trying to prove, once and for all, which OS was more secure (Windows or Mac OS, at the time it was Mac OS 9 I think), so they booted up a PC, and one of the brand new iMac G4s RIGHT after they came out (whatever the most expensive version was, the 15" 800Mhz I believe), the challenge was, the first person to place a text file on the desktop with their address, got the new iMac shipped to their house. Same went for the PC, which was a powerful custom build machine. They released the IP addresses on the air, and 10 minutes later, the PC had a new home. 72 hours later, when the challenge ended, the iMac had still not been touched.

There is something to be said about OSX security, but nothing compares to common sense, a basic understanding of computer security, and using discretion with everything you do on your computer.
__________________
Windows7 PC - Phenom II 965@4GHz x4 Cores, 16GB DDR3-2133, Radeon HD7970 | iPhone 5 32GB | iPad Air WiFi+LTE 128GB | Mid 2012 MacBook Pro 13", Dual 256GB SSD's in RAID 0, 16GB DDR3-1600

Last edited by el-John-o; Jan 29, 2011 at 11:24 PM.
el-John-o is offline   1 Reply With Quote
Old Jan 29, 2011, 11:21 PM   #4
Mactrillionaire
macrumors regular
 
Join Date: Oct 2010
Back in the day, hackers used to make it painfully obvious that systems were compromised. Nowadays, since the motivation for hacking has shifted, it makes more sense for users not to be aware that their systems are compromised. So, most malware these days, regardless of what operating system it runs on, is actually designed to conceal its presence. A compromised computer is now considered most valuable to a hacker for the value of the information it can provide and its processing power for use with what the hacker intends to do. All in all, there are little things that can be done to disincentivize hacking in a big way, but many of those things make life a bit inconvenient. In any event, Macs provide the opportunity to put your confidential files into an encrypted Macintosh disk image (.dmg). It is best to take advantage of this feature to ensure that others do not get to your sensitive data. Just make sure that you don't include any publicly distributed files in your encrypted Macintosh disk image since that would enable a person to compare commonly distributed files to the contents of the disk image for the purpose of guessing the password.
__________________
OS X: More useful than Linux, less aggravating than Windows.
Mactrillionaire is offline   0 Reply With Quote
Old Jan 29, 2011, 11:30 PM   #5
Azeworai
macrumors newbie
 
Join Date: Jan 2011
Hi Mate,

You can never be too careful nowadays on any OS. I'd recommend installing Little Snitch as a firewall to let you know of network activity on your mac. It is generally easy to use and whenever you're unsure of a notification from little snitch just google the name and see if it is a 'safe' app to set acceptance rules for them.

There may be lesser viruses and on the MacOS but you're still quite susceptible to phishing attacks or trojans and key loggers. Having little snitch will give you more control over what apps 'phone home' or have network access. The Demo version works nicely enough for me with a 3 hour limit before you have to 're-arm' it. I'm not in any way related to the little snitch developers, i'm just a happy user of their demo product.

I'd also recommend looking up LastPass which is what I use to manage passwords. It's basically a free cross platform tool but you'd have to buy a subscription for their premium service on iOS(iphone/ipad). Basically with lastpass you create a master password and remember that one password for access to all of your other passwords. I personally generate the maximum allowable password length with a mixture of every allowable characters to make passwords for any of my online services (eg. gmail,ebay). This will give you strong unique passwords to every service to prevent a 'one password to hack them all' scenario. Look up ubikey with lastpass too.

Basically, having a strong unique password for every account and monitoring what apps have internet access in and out of your machine can beef up your security to prevent getting 'hacked'. As a general rule, don't click on strange links and emails, buy genuine software limit the exposure of your personal details on your social networking profiles. This is to prevent social engineering or guesses to your weaker passwords.

Hope this information is good for you because I was a victim once where the offender took my ebay account and rang up about 700 dollars worth of purchases(which i promptly cancelled). I took that guy's IP and reported him to the cops.

update: the earlier poster's encrypted drive is also a very good thing to do if you're deeply concerned about your security. It is relatively easy to setup too.
Cheers.
Azeworai is offline   0 Reply With Quote
Old Jan 30, 2011, 08:46 AM   #6
4lisawriter
Thread Starter
macrumors newbie
 
Join Date: Jan 2011
Location: marietta, ga
Thank you folks. I'll def look into Little Snitch, encryption and Last Pass. I like the name of the first one! LOL
4lisawriter is offline   0 Reply With Quote
Old Jan 30, 2011, 08:56 AM   #7
simsaladimbamba
Guest
 
Join Date: Nov 2010
Location: located
Quote:
Originally Posted by altecXP View Post
Yes macs can be hacked, and get virii. They just do LESS then Windows due to its small market share.

Look at is like this, Would you rather take over/take down 80% of internet users? or 10%? Mac's rely in obscurity for their security

So you bought a Mac because you don't know how to protect your PC? Well remember: Security by Obscurity is no security at all. The more popular Mac gets the more just like Windows it will be when it comes to spyware/infections..
While Macs can get viruses (the proper plural for computer viruses), they won't affect Mac OS X, as there haven't been any in the last decade that can affect Mac OS X, as those viruses have been written for Windows.
Quote:
Originally Posted by GGJstudios View Post
Btw, the marketshare argument is not really true: http://seekingalpha.com/article/5272...myth-continues

Did you know, that Mac OS 8 and 9 had viruses that could affect it? And all while the marketshare was lower than today. Strange, isn't it?
simsaladimbamba is offline   0 Reply With Quote
Old Jan 30, 2011, 11:50 AM   #8
ZebOfMac
macrumors regular
 
Join Date: Feb 2010
It is all dependent on whom the one writing the virus is going after. If anyone wanted to design one for the OS X I am sure it would not take to long as liek windows there are known design flaws. The idea machines to go after would be the pre Intel model as they are at a point where apple is not creating new updates.
ZebOfMac is offline   0 Reply With Quote
Old Jan 30, 2011, 11:55 AM   #9
Tikkabhuna
macrumors newbie
 
Join Date: Jan 2011
Mac's can be hacked it is just extremely rare.

http://news.techworld.com/security/1...cking-contest/
Tikkabhuna is offline   0 Reply With Quote
Old Jan 30, 2011, 12:03 PM   #10
simsaladimbamba
Guest
 
Join Date: Nov 2010
Location: located
Quote:
Originally Posted by ZebOfMac View Post
It is all dependent on whom the one writing the virus is going after. If anyone wanted to design one for the OS X I am sure it would not take to long as liek windows there are known design flaws. The idea machines to go after would be the pre Intel model as they are at a point where apple is not creating new updates.
Then why hasn't there been one in the last decade? And PPC Macs are not as widespread as Intel Macs, and there are still Security Updates for Tiger, the OS that came with the first and second and third Intel Macs.
Mac OS X 10.0/1/2/3 is not as common as Mac OS X 10.4/5/6.
Maybe you should take a look at http://seekingalpha.com/article/5272...myth-continues and:
Quote:
Originally Posted by GGJstudios View Post
simsaladimbamba is offline   0 Reply With Quote
Old Jan 30, 2011, 12:10 PM   #11
bobr1952
macrumors 68000
 
bobr1952's Avatar
 
Join Date: Jan 2008
Location: Melbourne, FL
And has been mentioned MANY times, anti-virus software is useless against something that doesn't exist. If and when a Mac OS virus does ever exist, then anti-virus software will be able to protect against it--once it has been identified and defined by the software vendor. Now, all it can do is keep Windows users from getting infected files from you--if you share vulnerable files.
__________________
2012 rMPB, 2.3 Intel Core i7, 8GB Ram, 256 SSD; 2008 iMac, 24", 2GB, 500GB; Time Capsule 500GB (1st Gen); ATV3; ATV2; Airport Express; Black 64GB iPhone 4S; Black iPad Air, 32GB, wi-fi
bobr1952 is offline   0 Reply With Quote
Old Jan 30, 2011, 01:40 PM   #12
Eddyisgreat
macrumors 601
 
Eddyisgreat's Avatar
 
Join Date: Oct 2007
Location: Seattle, Wa
Quote:
Originally Posted by ZebOfMac View Post
If anyone wanted to design one for the OS X I am sure it would not take to long as liek windows there are known design flaws.
There are design flaws, and then there are fundamental differences in security approaches between *Nix and NT.
__________________
iCloud Logo Courtesy of : JiP
Eddyisgreat is offline   0 Reply With Quote
Old Jan 30, 2011, 01:44 PM   #13
NickZac
macrumors 68000
 
Join Date: Dec 2010
How important is your data and how badly can it harm you if it is compromised? Depending on the severity, there are companies that specialize in data protection. Obviously, something like a few nude shots of Nikki Ziering isn't as much to worry about as say certain quantum physics experiments, so how much time/money that goes into it is a personal call on need.

IIRC the new SandForce 2000 based SSDs are going to introduce some 'surious' security.
__________________
If you can read this, thank a teacher.
If you can read this in ENGLISH, thank a Veteran.
NickZac is offline   0 Reply With Quote
Old Jan 30, 2011, 02:20 PM   #14
Tikkabhuna
macrumors newbie
 
Join Date: Jan 2011
Quote:
Originally Posted by NickZac View Post
How important is your data and how badly can it harm you if it is compromised? Depending on the severity, there are companies that specialize in data protection. Obviously, something like a few nude shots of Nikki Ziering isn't as much to worry about as say certain quantum physics experiments, so how much time/money that goes into it is a personal call on need.

IIRC the new SandForce 2000 based SSDs are going to introduce some 'surious' security.
Just had a look at the SandForce 2000 stuff. It just looks like you can enable fulldrive encryption like you can currently do with programs like TrueCrypt. Currently you shouldn't do fulldrive encryption on SSDs as it interferes with wear levelling. This also only stops physical theft of data. Once you put your password in and your chosen OS boots the data can still be stolen.
Tikkabhuna is offline   0 Reply With Quote
Old Jan 30, 2011, 02:29 PM   #15
NickZac
macrumors 68000
 
Join Date: Dec 2010
Quote:
Originally Posted by Tikkabhuna View Post
Just had a look at the SandForce 2000 stuff. It just looks like you can enable fulldrive encryption like you can currently do with programs like TrueCrypt. Currently you shouldn't do fulldrive encryption on SSDs as it interferes with wear levelling. This also only stops physical theft of data. Once you put your password in and your chosen OS boots the data can still be stolen.
I figured it would be limited. I wouldn't worry about it impacting wear leveling though...the SF2k is supposed to take it up even a notch. So then their 'security' does nothing for online theft I presume?
__________________
If you can read this, thank a teacher.
If you can read this in ENGLISH, thank a Veteran.
NickZac is offline   0 Reply With Quote
Old Jan 30, 2011, 03:29 PM   #16
munkery
macrumors 68020
 
munkery's Avatar
 
Join Date: Dec 2006
Quote:
Originally Posted by Tikkabhuna View Post
Mac's can be hacked it is just extremely rare.

http://news.techworld.com/security/1...cking-contest/
Those contests only show examples of arbitrary code execution without privilege escalation. Arbitrary code execution without privilege escalation does not allow worms or viruses to be installed. Privilege escalation vulnerabilities are rare for Mac OS X and only roughly 25% of vulnerabilities are exploitable. In the history of Mac OS X, there is no example of client side remote exploitation being strung together with local privilege escalation to allow worms and viruses to be installed.

But, remote and local exploitation being strung together still commonly occurs in the wild in even the most recent Windows NT based OSes. For example, http://forums.macrumors.com/showpost...0&postcount=82.

Browser exploitation is still problematic as it does allow access to the user's files. But, this is not occurring in the wild without privilege escalation because the amount of work required to make it profitable is much greater than finding means to exploit OSes with privilege escalation.

If you are worried about your user files being accessed despite no examples of this being used in the wild, then there are steps that can be taken to reduce these risks.

1) Encrypt security sensitive files in the manner shown in the following post:

http://forums.macrumors.com/showpost...44&postcount=6

2) Do not maintain any local storage of your emails that are associated with your email accounts in Mail.app.
Attached Thumbnails
Click image for larger version

Name:	Screen shot 2011-01-30 at 12.02.48 PM.png
Views:	49
Size:	10.5 KB
ID:	269352  
__________________
Mac Security Suggestions
munkery is offline   0 Reply With Quote
Old Jan 30, 2011, 03:37 PM   #17
gnasher729
macrumors G5
 
gnasher729's Avatar
 
Join Date: Nov 2005
Quote:
Originally Posted by altecXP View Post
Yes macs can be hacked, and get virii. They just do LESS then Windows due to its small market share.
I wouldn't take security advice from anyone who thinks "virii" is a word.
gnasher729 is offline   0 Reply With Quote
Old Jan 30, 2011, 03:46 PM   #18
mikeo007
macrumors 65816
 
Join Date: Mar 2010
People using the term "virus" as a catch all for the more generic term "Malware" might be confused by this thread.

A virus is usually a self-replicating piece of code that is spread without any user intervention. As far as I know, OSX is inherently immune to this type of Malware.

OSX is not however, immune to the Trojan, which is a file that masquerades or piggybacks with another file. This is something the user would unknowingly install, and may be installed as either "drive-by" malware from the web browser or as something attached to another file (the iLife trojan for example).

Windows 7 is actually very resistant to actual Viruses, making their spread very unlikely on these systems. However, the "trojan" malware problem is much more widespread on Windows systems, and this IS partially due to market share. More stuff to download=more infected files, which means a higher chance of downloading a file with something piggybacking on it. But windows 7 does also have some remote code execution exploits.

The best way to stay safe is to be informed and understand how these things can get on your system. Knowledge is way more powerful than any anti-malware software out there.
mikeo007 is offline   0 Reply With Quote
Old Jan 30, 2011, 03:46 PM   #19
GGJstudios
macrumors Westmere
 
Join Date: May 2008
Let's count all the false statements in this post:
Quote:
Originally Posted by altecXP View Post
Yes macs ... get virii.
False. They don't get viruses, either. Because there ARE no viruses that run on current Mac OS X.
Quote:
Originally Posted by altecXP View Post
They just do LESS then Windows due to its small market share.
The market share myth is exactly that. Macs have a much greater market share than ever before, and growing at over a million Macs per month, yet the number of viruses has gone from a few back in the days of OS 8 and 9, to...... zero. Market share grew, viruses available went down. So much for the market share theory.
Quote:
Originally Posted by altecXP View Post
Mac's rely in obscurity for their security
False. If that were the case, there would be no firewall or built-in malware protection in Mac OS X, which there is.
Quote:
Originally Posted by altecXP View Post
Also I can guarantee you were never hacked.
No, you can't. It IS possible to hack into a Mac, and you have absolutely no basis on which to guarantee that any particular user has or hasn't been hacked.
Quote:
Originally Posted by mikeo007 View Post
People using the term "virus" as a catch all for the more generic term "Malware" might be confused by this thread.
That's why they should read this: Mac Virus/Malware Info
Quote:
Originally Posted by mikeo007 View Post
As far as I know, OSX is inherently immune to this type of Malware.
Macs are not, and have never been immune to any particular form of malware, including viruses. No OS is immune. There simply are no viruses in the wild that run on current Mac OS X. That doesn't mean it can't be done.
Quote:
Originally Posted by mikeo007 View Post
OSX is not however, immune to the Trojan
No OS is immune to the biggest threat: users!
Quote:
Originally Posted by mikeo007 View Post
Knowledge is way more powerful than any anti-malware software out there.
Quite true!

Last edited by GGJstudios; Jan 30, 2011 at 03:52 PM.
GGJstudios is offline   0 Reply With Quote
Old Jan 30, 2011, 03:51 PM   #20
munkery
macrumors 68020
 
munkery's Avatar
 
Join Date: Dec 2006
Network security is an issue for all computer users regardless of OS. Networks where other untrusted users are connected leave you open to various OS independent attacks.

Specifically, you may be at risk of Man-In-The-Middle (MITM) attacks. Using this type of attack, the attacker can monitor all your traffic that is not encrypted. This includes login credentials to various websites that do not use SSL encryption. Make sure to use the SSL encrypted login for such websites. An easy way to do this is to use the encrypted search engine https://duckduckgo.com/ that redirects you to encrypted logins for popular websites such as facebook, twitter, & etc.

Also, using DNS spoofing with MITM, the attacker can redirect you to spoofed websites, such as bank or paypal, to steal your credentials. Some software tools for such attacks even allow the attacker to spoof the digital certificate of websites that use SSL encryption, such as bank and paypal. Make sure to click the lock icon that is displayed for encrypted websites to view the content of the digital certificate to make sure the certificate belongs to the right organization. Spoofed certificates will not show the correct information.

MITM attacks can be detected with tools such as http://www.macupdate.com/app/mac/29459/mocha

EDIT: Firewalls of either direction provide no protection against these types of attacks.

EDIT: Only use email services that have full session encryption, such as Gmail.
__________________
Mac Security Suggestions

Last edited by munkery; Jan 30, 2011 at 05:36 PM.
munkery is offline   0 Reply With Quote
Old Jan 30, 2011, 03:51 PM   #21
ZilogZ80
macrumors 6502a
 
Join Date: Aug 2010
+1 for Little Snitch
if you can control what data is being sent out from your computer that is half the battle. It is interesting to see just which apps are trying to "phone home" and it's nice to get the option to block them if you privacy is a concern for you.
ZilogZ80 is offline   0 Reply With Quote
Old Jan 30, 2011, 04:10 PM   #22
munkery
macrumors 68020
 
munkery's Avatar
 
Join Date: Dec 2006
Quote:
Originally Posted by ZilogZ80 View Post
+1 for Little Snitch
if you can control what data is being sent out from your computer that is half the battle. It is interesting to see just which apps are trying to "phone home" and it's nice to get the option to block them if you privacy is a concern for you.
There is a free alternative to Little Snitch called TCPBlock.

The inherent problem of outgoing firewalls is that payloads can be added to malware that turn off or create exceptions for themselves that largely make outgoing firewalls ineffective. There are examples of this occurring in the wild for outgoing firewalls that have become popular. Of course, the payload requires elevated privileges to modify the outgoing firewalls settings.

It is much better to insulate your system from being accessed in the first place and to secure your data in the event that it is accessed by an attacker.
__________________
Mac Security Suggestions
munkery is offline   0 Reply With Quote
Old Jan 30, 2011, 04:16 PM   #23
GGJstudios
macrumors Westmere
 
Join Date: May 2008
Quote:
Originally Posted by munkery View Post
Of course, the payload requires elevated privileges to modify the outgoing firewalls settings.
Therein lies the rub. If a user is careful about entering their admin password, such payloads hit a brick wall.
GGJstudios is offline   0 Reply With Quote
Old Jan 30, 2011, 04:22 PM   #24
munkery
macrumors 68020
 
munkery's Avatar
 
Join Date: Dec 2006
Quote:
Originally Posted by GGJstudios View Post
Therein lies the rub. If a user is careful about entering their admin password, such payloads hit a brick wall.
At least in Mac OS X .
__________________
Mac Security Suggestions
munkery is offline   0 Reply With Quote
Old Jan 31, 2011, 08:46 AM   #25
ExiledMafia
macrumors regular
 
Join Date: Jan 2011
Quote:
Originally Posted by gnasher729 View Post
I wouldn't take security advice from anyone who thinks "virii" is a word.
haha thats not even close, he got 2 letters wrong lolz
ExiledMafia is offline   0 Reply With Quote

Reply
MacRumors Forums > Apple Hardware > Notebooks > MacBook Pro

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
iPhone 5s Finger Print security hacked ItBeMe22 iPhone Tips, Help and Troubleshooting 3 Sep 23, 2013 04:24 PM
Help, Iíve been hacked! (or maybe I haven't!) Please help me improve my security. ToTo Man Mac Basics and Help 6 Jun 4, 2013 10:21 AM
so I decided I'm getting my first Mac - can you help/advise? new-to-mac MacBook Pro 4 Jun 15, 2012 06:00 AM
Need advise regarding the Mac Pro Apple-Guy Mac Pro 43 Jun 6, 2012 07:09 PM
mac problems! need advise steverodriguez iMac 0 Jun 6, 2012 09:46 AM

Forum Jump

All times are GMT -5. The time now is 05:24 AM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC