Go Back   MacRumors Forums > Apple Systems and Services > Programming > Mac Programming

Reply
 
Thread Tools Search this Thread Display Modes
Old Dec 11, 2005, 11:07 AM   #1
Jordan72
macrumors member
 
Join Date: Nov 2005
Unix Backdoor: Are Our Macs safe with Unix?

I checked out this Unix link.

http://catb.org/~esr/jargon/html/U/Unix-conspiracy.html

Does anyone "know" if there is a backdoor? I don't think it matters if it's labeled a conspiracy, because conspiracy theories are only labeled conspiracy by people who neither know if a theory is true or not. These people can't prove the theory to be true, but this doesn't prove the theory not to be true, thus they find themselves floundering in the realm of conspiracy. To prove a theory not true, you have to show why it would be impossible for the theory to be true, which would mean proving no back door could physically exist. Does anyone know how to prove Unix is not possible to have a backdoor or can anyone prove Unix does have a backdoor?


I'm sure Microsoft and Apple would both create a backdoor atleast by covert government mandate, but how could we know for sure either way? That would require the logic above, prove a backdoor impossible or prove there is one.

Now that I've set the subject matter at hand, here is my main question: what is the basic description of an OS design that logically ensures the highest amount of security? We are dealing with physical laws here, which are finite, so there is a solid logical answer.

I'm looking for people to throw ideas for discussion here, as well as intelligently critique others ideas.

Here's my whack at it: Create an open source, simplistic Protect OS that you can sit Unix and other systems on top of. All protected files would be on the partition of the Protect OS without a backdoor. Now I'm sure the processor still could recieve commands in any case to read a "protected partition", but this is where encrytion and a physical start up disk should guard pretty well against that. As well as a buffer zeroing function for added security. Let me know your ideas and your critiques.

Last edited by Jordan72; Dec 11, 2005 at 11:14 AM.
Jordan72 is offline   0 Reply With Quote
Old Dec 11, 2005, 11:26 AM   #2
greatdevourer
macrumors 68000
 
Join Date: Aug 2005
UNIX may well have a backdoor, but when you take into the fact that the only UNIX Apple have ever released was for 68ks, I'd say we're safe
greatdevourer is offline   0 Reply With Quote
Old Dec 11, 2005, 11:31 AM   #3
robbieduncan
Moderator
 
robbieduncan's Avatar
 
Join Date: Jul 2002
Location: London
Quote:
Originally Posted by greatdevourer
UNIX may well have a backdoor, but when you take into the fact that the only UNIX Apple have ever released was for 68ks, I'd say we're safe
WTF? OSX is a Unix. Even Apple think so. That said this really not a worry. OSX is based on a free BSD base. All the source is available to be examined. An backdoor would be obvious.
robbieduncan is offline   0 Reply With Quote
Old Dec 11, 2005, 12:03 PM   #4
greatdevourer
macrumors 68000
 
Join Date: Aug 2005
Quote:
Originally Posted by robbieduncan
WTF? OSX is a Unix. Even Apple think so. That said this really not a worry. OSX is based on a free BSD base. All the source is available to be examined. An backdoor would be obvious.
No, not UNIX. Darwin is not UNIX. Linux is not UNIX. BSD is not UNIX. Solaris is not UNIX. They are *NIXs - UNIX clones
greatdevourer is offline   0 Reply With Quote
Old Dec 11, 2005, 12:39 PM   #5
savar
macrumors 68000
 
savar's Avatar
 
Join Date: Jun 2003
Location: District of Columbia
Send a message via AIM to savar
Quote:
Originally Posted by greatdevourer
No, not UNIX. Darwin is not UNIX. Linux is not UNIX. BSD is not UNIX. Solaris is not UNIX. They are *NIXs - UNIX clones
Technically that's true, but it doesn't stop Apple from calling themselves the #1 distributor of Unix.

Back to the original question: I've not looked at the source code for Mach, BSD, or Darwin, but since its all open and available I'd be shocked if somebody slipped a back door in there and nobody ever noticed.

Either way, I don't intend to break any major laws, so if the government spies on me and I'm none the wiser what's the big deal?

Edit: Oops, I re-read the first post and saw what the actual question was:

Quote:
Now that I've set the subject matter at hand, here is my main question: what is the basic description of an OS design that logically ensures the highest amount of security? We are dealing with physical laws here, which are finite, so there is a solid logical answer.
The highest amount of security is to unplug the computer and lock it in safe. Underground. With motion sensors. And armed guards. Even then its still accessible. You could destroy the drive platters, but somebody could reassemble them given enough time.

For practical security, there is one important variable: who has direct access to the computer? If you can sit down in front of a computer for a few minutes while nobody is watching, there isn't much you can't do. Any OS X passwords can be undone by booting from the install CD. Easier yet, hook the target computer up to a laptop using target disk mode, and skip the password altogether. You can encrypt your files, but somebody can just brute force them later. (Although the excessive time it takes to do so is a good disincentive.)

Remote security is much more realistic. Run a firewall which blocks all ports which aren't explicitly needed. Add a NAT router to confuse things even more. Any services which are running, make sure they are written to enforce system-wide security standards. Buffer overflows can be prevented by running on hardware which prevents stack smashing. (I think Intel is headed in that direction.) Honestly, I feel pretty good about my remote security right now.
__________________
Mehce

Last edited by savar; Dec 11, 2005 at 12:50 PM.
savar is offline   0 Reply With Quote
Old Dec 11, 2005, 01:13 PM   #6
Jordan72
Thread Starter
macrumors member
 
Join Date: Nov 2005
Quote:
Originally Posted by savar
Either way, I don't intend to break any major laws, so if the government spies on me and I'm none the wiser what's the big deal?
Good point. But, maybe you are working on a proprietary project and you need to access the Internet. You're not breaking the law, but a backdoor means others can force access to your project, which is breaking the law.
Jordan72 is offline   0 Reply With Quote
Old Dec 11, 2005, 02:15 PM   #7
bousozoku
Moderator emeritus
 
Join Date: Jun 2002
Location: Gone but not forgotten.
Quote:
Originally Posted by greatdevourer
No, not UNIX. Darwin is not UNIX. Linux is not UNIX. BSD is not UNIX. Solaris is not UNIX. They are *NIXs - UNIX clones
Then, you'd better tell IBM, HP, Sun, and others not to pay their UNIX licensing fees.

Even AT&T UNIX is different from itself, depending on era. BSD is based on version 7 UNIX, but is AT&T code free, hence, FreeBSD.

The various commercial UNIXes were supported by AT&T as part of a consortium to bring strength to the UNIX market. If Solaris and Irix were good enough for AT&T, shouldn't they be good enough for you?

On the original topic, considering that everything is out in the open, any backdoor would have been exploited by now. In the 1970s, there were several minor exploits using backdoors which never really made it to the news because computer crime wasn't a hot topic.

However, for those picking up Mac OS X and its betas from P2P, they take a huge risk of having a backdoor added to their systems.
bousozoku is offline   0 Reply With Quote
Old Dec 11, 2005, 02:29 PM   #8
greatdevourer
macrumors 68000
 
Join Date: Aug 2005
Quote:
Originally Posted by bousozoku
Then, you'd better tell IBM, HP, Sun, and others not to pay their UNIX licensing fees
They do have the UNIX kernel, as does A/UX et al. However, the OSS "UNIXs" do not
greatdevourer is offline   0 Reply With Quote
Old Dec 11, 2005, 03:14 PM   #9
bousozoku
Moderator emeritus
 
Join Date: Jun 2002
Location: Gone but not forgotten.
Quote:
Originally Posted by greatdevourer
They do have the UNIX kernel, as does A/UX et al. However, the OSS "UNIXs" do not
Since IBM made some BSD-style modifications to the kernel for information collection, does it still have a UNIX kernel?
bousozoku is offline   0 Reply With Quote

Reply
MacRumors Forums > Apple Systems and Services > Programming > Mac Programming

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
OSX - built from UNIX air4life OS X 11 Oct 10, 2014 12:59 PM
Help me delete some files in mac's unix cool11 OS X 9 Mar 5, 2014 06:20 PM
Unix YOO-NIX Mac Basics and Help 4 Jul 20, 2013 06:05 PM
How UNIX is OS X? Caze OS X 10 Jun 16, 2013 03:43 PM
UNIX/linux monkeybagel Mac Pro 6 Nov 30, 2012 02:54 AM

Forum Jump

All times are GMT -5. The time now is 06:29 PM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC