Register FAQ / Rules Forum Spy Search Today's Posts Mark Forums Read
Go Back   MacRumors Forums > Archive > Archives of Old Posts > MacBytes.com News Discussion

 
 
Thread Tools Search this Thread Display Modes
Old Mar 13, 2009, 08:33 AM   #1
MacBytes
macrumors bot
 
Join Date: Jul 2003
Mac OS X easy to crack, says researcher




Category: Mac OS X
Link: Mac OS X easy to crack, says researcher
Description:: none

Posted on MacBytes.com
Approved by Mudbug
MacBytes is offline   0
Old Mar 13, 2009, 08:39 AM   #2
steveza
macrumors 65816
 
steveza's Avatar
 
Join Date: Feb 2008
Location: UK
Quote:
"Writing exploits for Vista is hard work. Writing exploits for Mac is a lot of fun,"
Some people need to get out more
steveza is offline   0
Old Mar 13, 2009, 08:40 AM   #3
r.j.s
Moderator emeritus
 
r.j.s's Avatar
 
Join Date: Mar 2007
Location: Fort Knox
Quote:
Originally Posted by steveza View Post
Some people need to get out more
Really, if it is so easy to crack, why haven't we seen any actual exploits?
r.j.s is offline   0
Old Mar 13, 2009, 08:52 AM   #4
Sehnsucht
macrumors 65816
 
Join Date: Sep 2008
Yeah, OK whatever.

Brings to mind that old line, "Nobody wants to hack Macs because nobody uses them."

Plenty of people use Macs.

Hackers will hack anything that can be hacked.

If OS X were really as "easy to crack" as this dude claims then, yes, it would have already been breached by a massive attack launched from Redmond.
__________________
Farewell...
Sehnsucht is offline   1
Old Mar 13, 2009, 08:55 AM   #5
MistaBungle
macrumors 6502a
 
Join Date: Apr 2005
I do agree with that line somewhat that deals with us being ignored by the scene since there aren't that many.

I mean, iPhones and Touchs have been hacked, so it isn't like they are ignoring Apple altogether but I don't think OS X is going to be a big target as this guy claims.
__________________
went to school and got a degree in rocket appliance
MistaBungle is offline   0
Old Mar 13, 2009, 09:02 AM   #6
supmango
macrumors 6502
 
Join Date: Feb 2008
"Things will be more difficult once Mac OS X 10.6 Snow Leopard arrives, as its version of Address Space Layout Randomisation will be much more effective (making it far harder to determine the location of specific routines), and writable memory will be marked as non-executable."

So, Apple IS doing something about what they are talking about. I wonder why they didn't speculate on the statement "It is practically certain that not all of these flaws have been fixed, and that there are more waiting to be found"; seems a little biased to me.

I am also with those of you who point out that if it were so easy to hack a Mac, why don't more people do it? Hacking is not about profit or affecting the most users (like a virus), it is about competence and competition. Clearly, a Mac is an area that people simply just stay away from because there are so few vulnerabilities and the challenges make it not worth their time.
supmango is offline   0
Old Mar 13, 2009, 09:02 AM   #7
goMac
macrumors 603
 
Join Date: Apr 2004
"For example, if a routine doesn't check the length of a string properly, it can be written to an area of memory that's too short to hold it, resulting in other values being overwritten.

If an attacker can cause the contents of that string to include values that correspond to a useful set of machine code instructions and have that deposited at a location that will be executed, it is possible to gain control of the system."

Really? That's the attack?

That's called a buffer overflow attack and that's possible on every single system on the market.
goMac is offline   0
Old Mar 13, 2009, 09:26 AM   #8
HyperZboy
macrumors 6502a
 
Join Date: Feb 2007
This Just In...

"Many security and IT experts on crack, says researcher"



HyperZboy is offline   0
Old Mar 13, 2009, 09:29 AM   #9
aarond12
macrumors 6502a
 
aarond12's Avatar
 
Join Date: May 2002
Location: Dallas, TX USA
Whatever

This "researcher" needs to put his money where his mouth is.

If he's talking about having physical access to the machine, then yes, Mac OS X is incredibly easy to hack. I know this from first-hand experience.

I was on an overseas flight with my PowerBook G4 freshly-updated to Mac OS X 10.5.0. I was bitten by the bug that caused all accounts to be demoted to Standard Users. Without my Mac OS X DVD and without access to the Internet (as I was at 35,000 feet on my way to Tokyo), I was able to break into OS X and elevate my permissions on the two accounts I had installed to Administrator-level users. (No, I will not divulge how to do this.)

If he's talking about remote access to the system, then he's wrong. Dead wrong. I've run scanners, sniffers, etc., on my OS X machines (and iPhone, just for good measure!), and there are no significant vectors of insecurity.

If he's found something new, then great! Share it with Apple and get the problems resolved. Otherwise, **** and GBTW.

-Aaron-
aarond12 is offline   0
Old Mar 13, 2009, 09:37 AM   #10
wheelhot
macrumors 68000
 
Join Date: Nov 2007
Quote:
If OS X were really as "easy to crack" as this dude claims then, yes, it would have already been breached by a massive attack launched from Redmond.
Haha, you got a point there , considering how bad Apple tarnished MS image, MS would take anything bad they can portray Apple with.
__________________
To me owning a Mac is like owning a piece of artwork.
wheelhot is offline   0
Old Mar 13, 2009, 10:02 AM   #11
dashiel
macrumors 6502a
 
Join Date: Nov 2003
Quote:
Originally Posted by MistaBungle View Post
I do agree with that line somewhat that deals with us being ignored by the scene since there aren't that many.
i don't. there were what, 20 million mac users in 2006/2007 and apple has increased market share since then, maybe as much as doubled it. then you take in to account that apple users are statistically more affluent; many windows boxes in the market are work machines that aren't connected to the net and/or have no intrinsic value (no bank numbers, no social security, etc...). finally take in to account there are way too many apple users think "more secure" means they don't have to do anything.

so you have a large (though not a dominant market share) population of high-value targets, who aren't expecting to get attacked and it's supposedly fun and easy to do. that's like saying i'd rather hunt for a lion in africa than at the local zoo.
dashiel is offline   0
Old Mar 13, 2009, 10:05 AM   #12
rfruth
macrumors regular
 
Join Date: Feb 2007
Location: Texas
If some script kiddie knows the root password anything is possible -
__________________
G3 iMac - x86 Linux box - iMaci soon ? Why join the navy if you can be a pirate - Steve Jobs
rfruth is offline   0
Old Mar 13, 2009, 10:24 AM   #13
scaredpoet
macrumors 603
 
scaredpoet's Avatar
 
Join Date: Apr 2007
Quote:
Originally Posted by dashiel View Post
i don't. there were what, 20 million mac users in 2006/2007 and apple has increased market share since then, maybe as much as doubled it. then you take in to account that apple users are statistically more affluent; many windows boxes in the market are work machines that aren't connected to the net and/or have no intrinsic value (no bank numbers, no social security, etc...). finally take in to account there are way too many apple users think "more secure" means they don't have to do anything.

One other "plus" for cracking a Mac: ever noticed that people with Macs like to brag about their uptime or about hw they leave their machines running for weeks? The stability inherent in the underpinnings of OS X means those computers stay on a lot longer than Windows machines. The same reasons that hackers like to find weaknesses in high availability servers makes Macs just as attractive: a stable platform to use as a "supernode" to marshall your millions of Windows zombie boxes and issue commands to your botnets.

For this reason and others, I no longer buy the security-by-obscurity argument. There are compelling reasons for cracking a Mac, and even if their market share is small, they would be valuable assets in a botnet... if only they were so easy to crack....
__________________
If you're not a clairvoyant, then you shouldn't be speaking for a dead guy.
I'm here to talk about Apple stuff, and related tech stuff. Your political beliefs? I really couldn't care less about.
scaredpoet is offline   0
Old Mar 13, 2009, 10:25 AM   #14
dejo
Moderator
 
dejo's Avatar
 
Join Date: Sep 2004
Location: The Centennial State
Quote:
Originally Posted by rfruth View Post
If some script kiddie knows the root password anything is possible -
Assuming the root account has been enabled... (it's disabled by default, except on Mac OS X Server).
dejo is offline   0
Old Mar 13, 2009, 10:45 AM   #15
Krevnik
macrumors 68020
 
Krevnik's Avatar
 
Join Date: Sep 2003
Quote:
Originally Posted by rfruth View Post
If some script kiddie knows the root password anything is possible -
On top of what the other poster said:

Elevation uses the user's password, so if they exploited to get user access on the machine, they still need to exploit to root, or crack the user's password (reasonable to assume the user is an admin on the box).

To get on the box in the first place, services need to be enabled. Right now, the only port open on a normal install is the mDNS port. Thankfully, that service is sandboxed in 10.5, meaning it runs with near-zero permissions (really only getting read permissions to specific parts of the main drive).
__________________
iMac 2013 27", 13" rMBP, iPad 4, iPhone 5s
Krevnik is offline   0
Old Mar 13, 2009, 10:50 AM   #16
rfruth
macrumors regular
 
Join Date: Feb 2007
Location: Texas
If the script kiddie (or whoever) doesn't use google and hasn't heard of support.apple.com you're okay http://support.apple.com/kb/HT1528
rfruth is offline   0
Old Mar 13, 2009, 10:52 AM   #17
Krevnik
macrumors 68020
 
Krevnik's Avatar
 
Join Date: Sep 2003
Quote:
Originally Posted by rfruth View Post
If the script kiddie (or whoever) doesn't use google and hasn't heard of support.apple.com you're okay http://support.apple.com/kb/HT1528
Huh, so your argument hinges on someone who /already has root access/ enabling the root account? Why in the world would they turn on the account they already have access to? Why not just do whatever they were going to do (trash the place, install malicious packages) right then while they had access and be done with it?
__________________
iMac 2013 27", 13" rMBP, iPad 4, iPhone 5s
Krevnik is offline   0
Old Mar 13, 2009, 11:12 AM   #18
rfruth
macrumors regular
 
Join Date: Feb 2007
Location: Texas
No my argument hinges on someone (the script kiddie) knowing more than the average user does yet you hear over & over again that OS X is safe and malware isn't a problem so no precautions are needed when the message should be that X is solid but the user needs to do their part (physical security important, port forwarding etc.)
__________________
G3 iMac - x86 Linux box - iMaci soon ? Why join the navy if you can be a pirate - Steve Jobs
rfruth is offline   0
Old Mar 13, 2009, 11:15 AM   #19
Krevnik
macrumors 68020
 
Krevnik's Avatar
 
Join Date: Sep 2003
Quote:
Originally Posted by rfruth View Post
No my argument hinges on someone (the script kiddie) knowing more than the average user does yet you hear over & over again that OS X is safe and malware isn't a problem so no precautions are needed when the message should be that X is solid but the user needs to do their part (physical security important, port forwarding etc.)
Yet you linked to a KB article discussing how to enable root. A script kiddie who doesn't know your admin password (or already have root access) cannot use that to enable root on your system if they have user-level access.

If they already have root access or your admin password, they can enable it, sure, but then again, they already have root access at that point and don't need to.
__________________
iMac 2013 27", 13" rMBP, iPad 4, iPhone 5s
Krevnik is offline   0
Old Mar 13, 2009, 11:22 AM   #20
Winni
macrumors 68030
 
Winni's Avatar
 
Join Date: Oct 2008
Location: Germany.
It's more lucrative to write an exploit for Windows. Over 900 million machines on the planet run Windows, and most of those machines are used in companies -> that's where the data is that you want to steal, that's where the money is, that's where high speed Internet connections for your bot nets are.

I don't have a doubt that OS X is easier to crack than Vista. Vista's got a bunch of new security layers especially designed to protect it from memory modifications that previous Windows versions didn't have.

But who has says that there are no successful exploits already out there and being used? If it comes from a clever criminal mind, nobody would notice it. Those guys want to come back anytime they want, and they want to stay in control over your system for whatever reason. They're no script kiddies who only want to wreck havoc.

Most Mac users live in a dangerously false sense of security and pride themselves because of their ah-so-secure system. Well, we have a saying in Germany: "Hochmut kommt vor dem Fall" - Pride/Arrogance comes before the fall.
__________________
Coming soon: http://endnacht.de.
Winni is offline   0
Old Mar 13, 2009, 12:10 PM   #21
nagromme
macrumors G4
 
nagromme's Avatar
 
Join Date: May 2002
Quote:
Originally Posted by Winni View Post
It's more lucrative to write an exploit for Windows. Over 900 million machines on the planet run Windows, and most of those machines are used in companies -> that's where the data is that you want to steal, that's where the money is, that's where high speed Internet connections for your bot nets are.
Definitely more lucrative. But criminals don't attack ONLY the #1 MOST lucrative target. They attack any lucrative target they can. That's why convenience stores get robbed, not just banks. That's why malware attacks multiple different versions of Windows, not just the most-installed. (Not to mention Linux.) And plenty of educational institutions, scientific and government projects, and large media companies have lots of Macs worth attacking. Macs are a smaller target, and that's a very good reason to use a Mac... but they ARE still a target.

Quote:
Originally Posted by Winni View Post
But who has says that there are no successful exploits already out there and being used? If it comes from a clever criminal mind, nobody would notice it. Those guys want to come back anytime they want, and they want to stay in control over your system for whatever reason. They're no script kiddies who only want to wreck havoc.
Correction: there are plenty of script kiddies who WANT to wreak havoc on Mac... they just haven't been able to. The world is filled with millions of sad, angry kids, many of which "hate" Macs for whatever 1990s reason peer pressure has drilled into them.

You're right, there could, by some chance, be only ONE type of Mac exploiter: ones that stay secret and undetected and attack very few targets, carefully chosen. But the world has a LOT of people in it, and it's far more likely that the Mac's would-be attackers include the full spectrum, from those simply seeking prestige (which a Mac exploit offers better than Windows) to those seeking mass infection for botnets, to those seeking mass intrusion to harvest for identity theft.

Meanwhile, there are two very different things people talk about, and it's important to acknowledge the difference:

1. An individual person breaking into an individual Mac (either sitting there in person or remotely). Of course individual Macs HAVE been successfully attacked, by methods that start with guessing the password and work their way up to more sophisticated methods.

2. Mass attacks that spread through the Internet: malware. Viruses and worms. These are what most users REALLY worry about, because one person can attack thousands of machines at a time instead of just one. There has NEVER been a successful virus or worm on Mac. There have been a couple of failures (they required lots of user help and only affected specific non-standard Mac installs--like the iChat worm a couple years back) and a couple lab experiments.

So while no OS is perfect, or will ever be--and while BOTH Vista and OS X have specific security advantages that the other lacks--the reality remains that you are safer on OS X.

I doubt that will change: someday OS X will probably have its first real-world virus or worm. (I keep waiting--it's been about 8 years now.) It will then have ONE. And it will be quickly known, and patched by the community within hours and then by Apple within days.

Then there are Trojans--but no platform is ever protected from them, because a Trojan is simply a lie. Make a useful program to wipe the user's hard drive before they sell the computer. Call it "HD Eraser" and charge $5 and it's legitimate software. Call the same thing "System Accelerator" and it's a destructive lie. Make it do TWO things, one useful and one not, and it's still a destructive lie. A Trojan horse.

As for individuals personally hacking into your machine--yes, that's a possibility on any platform, and lets all hope that Windows and Mac alike keep squashing bugs and patching flaws. Because every OS had flaws, and always will.

So the reasons why Macs are safer are complex--it's not just design, it's not just obscurity--both help. And it's NOT perfect safety--and I've never seen a Mac user claim it was. (Though I often see Windows users CLAIM that Mac users claim that. Funny.) It is, however an imperfect safety (which is the best we can have in this world) that leaves you better off than Windows users. For the last 8 years and still today.

(And better off doesn't just mean free from attack, it means free from spending time, effort or money defending your machine, and bogging it down with constantly-running, constantly-updating anti-malware apps. The single thing I hate most about running Windows is the anti-malware updaters always chugging away when I wake the system.)

Meanwhile, neither OS is sitting still... but Apple is advancing faster, and with Snow Leopard their OS is getting leaner, more efficient, less code-bloated and less legacy-burdened. These are all good things for security, and good things for making flaws easier to fix when found. And they are all the opposite of the legacy-plagued massive code-base that is Windows, driven by thousands of programmers and layers of managers. I don't see much future reason to predict OS X will get worse relative to Windows.

P.S. ... Which brings to mind one amusing common argument for choosing Windows: the situation could reverse someday! Macs could one day have numerous mass attacks and need multiple anti-malware apps, while Windows users might all run lean and safe. Seems unlikely, but we can't see the future! Granted. So some people suggest staying with the less safe OS.... just to be on the safe side
nagromme is offline   0
Old Mar 13, 2009, 12:16 PM   #22
MisterMe
macrumors G4
 
Join Date: Jul 2002
Location: USA
Quote:
Originally Posted by Winni View Post
It's more lucrative to write an exploit for Windows. Over 900 million machines on the planet run Windows, and most of those machines are used in companies -> that's where the data is that you want to steal, that's where the money is, that's where high speed Internet connections for your bot nets are.
You are ignoring valid points already made in this thread. The vast majority of Windows computers in business are used by wage slaves. They have no critical data on them unless you think that secretaries' high scores in Solitaire is mission-critical data.
Quote:
Originally Posted by Winni View Post
I don't have a doubt that OS X is easier to crack than Vista. Vista's got a bunch of new security layers especially designed to protect it from memory modifications that previous Windows versions didn't have.
Vista is a tiny portion of the installed base and most certainly an even smaller portion of the mission-critical installed base. That said, you don't get away with the assertion about what you doubt or don't doubt. What you believe is irrelevant. There are zero exploits of MacOS X. You can't get less than zero.
Quote:
Originally Posted by Winni View Post
But who has says that there are no successful exploits already out there and being used? If it comes from a clever criminal mind, nobody would notice it. Those guys want to come back anytime they want, and they want to stay in control over your system for whatever reason. They're no script kiddies who only want to wreck havoc.
Wild speculation is not an argument.
Quote:
Originally Posted by Winni View Post
Most Mac users live in a dangerously false sense of security ....
How many years have you people been saying this now? I'm waiting.
__________________
Neither a borrower nor a lender be
For loan oft loses both itself and friend
William Shakespeare from Hamlet
MisterMe is offline   0
Old Mar 13, 2009, 12:49 PM   #23
rfruth
macrumors regular
 
Join Date: Feb 2007
Location: Texas
Not too long ago I was a wage slave & there was lots of juicy docs, spreadsheets e-mails etc. on my & others (XP) computers - what really gets me are comments like there are zero exploits of Mac OS X - what are you people smoking and where can I get some ?!
rfruth is offline   0
Old Mar 13, 2009, 01:22 PM   #24
jayducharme
macrumors 68010
 
jayducharme's Avatar
 
Join Date: Jun 2006
Location: The thick of it
Quote:
Things will be more difficult once Mac OS X 10.6 Snow Leopard arrives, as its version of Address Space Layout Randomisation will be much more effective
So in other words, the author's premise is possibly valid, but only until Snow Leopard comes out? Why didn't the author publish this sooner, when Leopard was released, so that Apple could fix the flaws he found?
jayducharme is offline   0
Old Mar 13, 2009, 01:38 PM   #25
IJ Reilly
macrumors P6
 
IJ Reilly's Avatar
 
Join Date: Jul 2002
Location: Palookaville
Quote:
Originally Posted by rfruth View Post
Not too long ago I was a wage slave & there was lots of juicy docs, spreadsheets e-mails etc. on my & others (XP) computers - what really gets me are comments like there are zero exploits of Mac OS X - what are you people smoking and where can I get some ?!
We're getting it from Apple, and you can get as much of it for yourself as you like from the same connection. I'm sure you can arrange a back-alley meeting if would make you feel like it's illicit.

This has already been explained in detail above, but all of the OSX exploits demonstrated thus far have been essentially theoretical, meaning they haven't been packaged into deliverable viruses or worms. It has always been a source of amusement to me how Windows geeks can insist that the theoretical ability to exploit OSX outweighs the very real ability to exploit Windows. And they say Mac owners live in a fool's paradise.
__________________
*The season starts too early and finishes too late and there are too many games in between.
Bill Veeck
IJ Reilly is offline   0


 
MacRumors Forums > Archive > Archives of Old Posts > MacBytes.com News Discussion

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Similar Threads
thread Thread Starter Forum Replies Last Post
Crack that Mac bbapps MacBook Pro 7 Apr 13, 2013 04:33 PM
If Mt Lion Mac is stolen, is it easier to crack if in Sleep Mode vs full Shut Down? katewes OS X 10.8 Mountain Lion 0 Apr 3, 2013 08:29 PM
General: Researcher Needs Help with Services Preferences stphnmc iOS 6 0 Oct 16, 2012 05:21 AM
How would a paediatrician, TV Doctor and near death researcher deal with an 11yr old? niuniu Politics, Religion, Social Issues 20 Aug 10, 2012 01:02 PM

Forum Jump

All times are GMT -5. The time now is 12:36 AM.

Mac Rumors | Mac | iPhone | iPhone Game Reviews | iPhone Apps

Mobile Version | Fixed | Fluid | Fluid HD
Copyright 2002-2013, MacRumors.com, LLC