Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Apple.co.kr Hacked?
- Thread starter MacRumors
- Start date
- Sort by reaction score
WildCowboy said:
oh man.
but would lawyers running loose on the interweb be better or worse than the hackers?
I bet that we would rather have the hackers.
swingerofbirch said:
Actually they boasted that God Himself couldn't sink her...and it wasn't England as a whole...just the obnoxious White Star Line.
As for Apple's boasting, they are just stating facts, whether people agree that OS X is invulnerable or not. Nothing is impossible. At least...we haven't found the impossible thing yet.
What if Apple is right though? What if OS X IS the "Unstoppable Force"?? The mind boggles...
However without all of the details we'll continue to see this thread fill up with more radical ideas than a French Economic convention. Sooooo....
Patience lads...patience.
longofest said:...As we can see, with Apple attracting more attention to themselves, it looks like we may see more and more exploits.
...glad to see someone's with me here
Word up. I know how to keep it real wit' my peeps from No. VA (McLean, personally).
The more I think about it, the more it makes sense that this was in response to the advertisements--are they running in Europe as well as the States? Whoever it was probably tried several different localizations until he was able to pinpoint a hole in the .kr page.
There are some very sensitive hackers out there! I, for one, hoped Apple would advertise a specific (new) product rather than misleading generalizations. This is probably just a blip on their radar anyway.
longofest said:
Hate to use your own source against you..
Mac OS X:
- 2003: 23 advisories
- 2004: 15 advisories
- 2005: 22 advisories
Windows XP:
- 2003: 30 advisories
- 2004: 29 advisories
- 2005: 45 advisories
I guess it depends on what your definition of "often" is.
boncellis said:
Again, looking at the attacker stats on the Zone-H site, it appears that By Dinam has been a busy little beaver.
I'm confident that is has little to nothing to do with the ads.
http://www.zone-h.org/defacements/filter/filter_defacer=By Dinam
Enjoy.
more osx sites have been hit!
The floodgates have opened
http://www.zone-h.org/en/defacements/filter/filter_defacer=By+Dinam/page=1/
The floodgates have opened
http://www.zone-h.org/en/defacements/filter/filter_defacer=By+Dinam/page=1/
shawnce said:
I only enable SSH from a narrow set if IP addresses. Even if one of your SSH users need access from a DHCP configured machine his IP address would come from a relatively small pool.
Requiring ong passwords can be counter productive. Users will either make up easy to remember passwords like "onetwothreefourfive" or they will write down the password or (worse) store it in some text file.
Our company uses a combination of single use password and a normal user password. So a compromise of either does no harm.
just to stem the discussion, website hacks are common and are typically the result of poorly configured scripts or security holes in apache/php.
and defacement of a file doesn't necessarily mean the person could have run arbitrary code etc...
the fact that it ran under Mac OS X isn't necessarily relavent, and if it were a random Mac OS X site and not Apple.co.kr, it wouldn't have made page 1. Even with Apple.co.kr, it was somewhat debatable, but enough sites had picked it up already.
arn
and defacement of a file doesn't necessarily mean the person could have run arbitrary code etc...
the fact that it ran under Mac OS X isn't necessarily relavent, and if it were a random Mac OS X site and not Apple.co.kr, it wouldn't have made page 1. Even with Apple.co.kr, it was somewhat debatable, but enough sites had picked it up already.
arn
I was reading that they used the admin password, so maybe they got it while sleeping with the sysadmin...arn said:guess it depends how it was hacked
arn
Microsoft Frontpage Apache Extensions?
If you look at the source of applestore.co.kr there's a meta tag that was left my a Microsoft Web Page editor.
"<META content="MSHTML 6.00.2730.1700" name=GENERATOR>"
Do they update their site with Frontpage? If so then that means that MS frontpage server extensions might be installed on Apache. Maybe a clue.
That meta tag doesn't come up on apple.com/store, so maybe the web servers are set up differently and apple.co.kr isn't as secure.
If you look at the source of applestore.co.kr there's a meta tag that was left my a Microsoft Web Page editor.
"<META content="MSHTML 6.00.2730.1700" name=GENERATOR>"
Do they update their site with Frontpage? If so then that means that MS frontpage server extensions might be installed on Apache. Maybe a clue.
That meta tag doesn't come up on apple.com/store, so maybe the web servers are set up differently and apple.co.kr isn't as secure.
I think dinam needs a girlfriend or an alternative form of distraction, like maybe to go outside and play in the traffic for a bit judging by that list of websites that have been hacked or defaced.yellow said:
yellow said:Easier said than done. Where exactly does one send the lawyers?
Seeing as the Apple Store was hacked ... follow the order for 10,000 MacBook Pros
Oh, wait. This is Apple Tracking we are talking about. Better ask apecode
longofest said:
Or, a broader perspective:
Windows XP Home:
http://secunia.com/product/16
23 out of 116 advisories, rated up to Highly Critical, are marked as unpatched by Secunia.
XP Professional:
http://secunia.com/product/22
27 out of 131 advisories, rated up to Highly Critical, are marked as unpatched.
Internet Explorer 6.x:
http://secunia.com/product/11
19 out of 99 advisories, rated up to Moderately Critical, are marked as unpatched.
Safari 2.x:
http://secunia.com/product/5289
1 out of 3 advisories, rated up to Not Critical, are marked as unpatched.
Mac OS X:
http://secunia.com/product/96
1 out of 69 advisories, rated up to Highly Critical, are marked as unpatched.
In any case, you may be confusing a couple things if you find yourself arguing against Mac users who contend (as I do) that Macs are more secure than Windows.
1. Personal computer security from viruses and web server security from defacement are two very different things. We usually discuss the former, but this is the latter.
2. Number of vulnerabilities isn't the be-all measure. There's also the likelihood of that vulnerability being exploited. Even within a category (like "Highly Critical" by Secunia's criteria), not all vulnerabilities are created equal. Design and target size both are factors there.
But when all the oversimplification is said and done, I still see Macs being a much safer platform to have my data on--and I do NOT see users claiming that safety is perfect. It isn't--it's just much better than Windows. (BOTH by design and by market share--and both advantages are here to stay.)
Was your objection against Mac users saying we're perfectly safe? Or against Mac users saying we're safeER?
wow. you guys are seriously sensitive about this security risk stuff...
too bad OS X is getting less secure every day...
too bad OS X is getting less secure every day...
nagromme said:
On a realated note: Woman has purse snatched after parking her Toyota and this get listed as a "toyota related security problem" Has with the person who just drove a Honda geting listed as a "Honda problem". So if someone gues a password on a Solaris system doesthis count as a "Solaris Problem".
What you all have to remember is the Mac OSX is UNIX. It rund the same server code that runs on Linux, Solaris and BSD. Apache is Apache. It don't mater if Apache drives a Toyota or a Honda. In this case it likely was not even Apache that was exploited. More likely it was something in Apples web design
This didnt seem to have any political point, less sending people to the hackers email. It doesnt state anything about an activest group, a microculture with in Turkey, or political party.
I think we can rule out any brute force methods, so either this guy applied some social engenering (or was socialy engineered her/him self) or he did some great data scaveging and extrapolated out some sort of pattern to Apples password. Likely she/he spoofed his address along with any password requirements.
Well done (I dont condone defacement of sites, but I admire the effort). This was a lot of work for this person to do, regardless of what loopholes were exploited.
It seems like the hacker gave Apple a break by not having any vulgarity or a clear message (other than self aggrandizement.)
Is it page one news... no.
Also, Kudos to Apple for catching quickly.
from Zone-harchive. <!--#include file="database.asp"-->
<!--#include file="Server-CreateObject.asp"-->
<%
If hacked.eof then
Response.Write (" This Web Page Hacked ")
Response.Write (" Hacked By Dinam ")
Response.Write (" RSA key fingerprint : 4f:b8:e8:83:h7:82:1g:t4:2e:49:72:41:f2:19:66:ea ")
Response.Write (" Are you sure you want to continue connecting (yes/no)? ")
Response.Write (" yes ")
Response.Write (" Root: Hacker By Dinam ")
Response.Write (" password: ******* ")
Response.Write (" Md5 : 3f3082fd88c694198de78162285940bf ")
Response.Write (" Checksum : --->> Game Ower
End If
%>
I think we can rule out any brute force methods, so either this guy applied some social engenering (or was socialy engineered her/him self) or he did some great data scaveging and extrapolated out some sort of pattern to Apples password. Likely she/he spoofed his address along with any password requirements.
Well done (I dont condone defacement of sites, but I admire the effort). This was a lot of work for this person to do, regardless of what loopholes were exploited.
It seems like the hacker gave Apple a break by not having any vulgarity or a clear message (other than self aggrandizement.)
Is it page one news... no.
Also, Kudos to Apple for catching quickly.
At least it's reported by Netcraft to be Mac OS X.
http://uptime.netcraft.com/up/graph?site=www.apple.co.kr
http://uptime.netcraft.com/up/graph?site=www.apple.co.kr
UberMac said:
eva01 said:who thought it was invulnerable?
The people who say viruses cannot be written for the mac (and there are a lot of these people).. now, this is not a virus and heck, who knows what was hacked (apache, OSX??) but yeah, a lot of people said OSX was invulnerable. If you want to find out who they are, go read any thread that discusses viruses in the microsoft world. I'm sure you'll find many mac fanatics loudly exclaiming how that could never happen on a mac. Make a list of the names and then examine it carefully, You might be surprised to find yourself on it.
benpatient said:
Actually it's a two fold problem.
1.) Perception- we are finding out about problems as we look for them. They were always there in OS X, but as we find them, it looks as though there are more. So in this case I disagree.
2.) Reality- As any OS adds features, 3 things happen. It becomes larger. It has more bugs. It has a larger number of security holes/flaws. So as Apple adds features I agree, but on a day to day basis the OS it's self is not becoming less secure.
MicroSoft, Sun, Apple and the Open source OS s are all making larger and larger OS S, with more features, more bugs to fix, and with intentional and unintentional security holes.
I do wonder why people are touchy about pointing out OS Xs exploits. One cant preach the virtues of ones self with out also acknowledging ones foibles.