Can a MAC be hacked? How do I know if it happens? Security advise welcome.

Discussion in 'MacBook Pro' started by 4lisawriter, Jan 29, 2011.

  1. macrumors newbie

    4lisawriter

    Joined:
    Jan 21, 2011
    Location:
    marietta, ga
    #1
    Can someone advise if my MAC Book Pro can be hacked? If so, how will I know if/when it happens and what security measures to you advise. This is my first MAC. I bought it because I was tired of getting virus' and being hacked on my windows desktop.

    Thank you,:)
     
  2. macrumors 65816

    Joined:
    Aug 3, 2009
    #2
    Yes macs can be hacked, and get virii. They just do LESS then Windows due to its small market share.

    Look at is like this, Would you rather take over/take down 80% of internet users? or 10%? Mac's rely in obscurity for their security

    So you bought a Mac because you don't know how to protect your PC? Well remember: Security by Obscurity is no security at all. The more popular Mac gets the more just like Windows it will be when it comes to spyware/infections.

    Here is a blog post about securing OS X better: http://keithschwerin.com/blog/?p=75

    Also I can guarantee you were never hacked. If you were then you should look out for identity fraud.
     
  3. el-John-o, Jan 29, 2011
    Last edited: Jan 29, 2011

    macrumors 65816

    Joined:
    Nov 29, 2010
    Location:
    Missouri
    #3
    Hacking, even Windows, is incredibly difficult. What is more likely is that you had trojans sucking information out (which were put there by you, they may be pretending to be something else, hence the name, but still put there by you), or fell to phishing sites.

    Definitely read up on PC security!

    Edit: I do remember an old episode of "The Screen Savers", in which they were trying to prove, once and for all, which OS was more secure (Windows or Mac OS, at the time it was Mac OS 9 I think), so they booted up a PC, and one of the brand new iMac G4s RIGHT after they came out (whatever the most expensive version was, the 15" 800Mhz I believe), the challenge was, the first person to place a text file on the desktop with their address, got the new iMac shipped to their house. Same went for the PC, which was a powerful custom build machine. They released the IP addresses on the air, and 10 minutes later, the PC had a new home. 72 hours later, when the challenge ended, the iMac had still not been touched.

    There is something to be said about OSX security, but nothing compares to common sense, a basic understanding of computer security, and using discretion with everything you do on your computer.
     
  4. macrumors regular

    Joined:
    Oct 16, 2010
    #4
    Back in the day, hackers used to make it painfully obvious that systems were compromised. Nowadays, since the motivation for hacking has shifted, it makes more sense for users not to be aware that their systems are compromised. So, most malware these days, regardless of what operating system it runs on, is actually designed to conceal its presence. A compromised computer is now considered most valuable to a hacker for the value of the information it can provide and its processing power for use with what the hacker intends to do. All in all, there are little things that can be done to disincentivize hacking in a big way, but many of those things make life a bit inconvenient. In any event, Macs provide the opportunity to put your confidential files into an encrypted Macintosh disk image (.dmg). It is best to take advantage of this feature to ensure that others do not get to your sensitive data. Just make sure that you don't include any publicly distributed files in your encrypted Macintosh disk image since that would enable a person to compare commonly distributed files to the contents of the disk image for the purpose of guessing the password.
     
  5. macrumors newbie

    Joined:
    Jan 29, 2011
    #5
    Hi Mate,

    You can never be too careful nowadays on any OS. I'd recommend installing Little Snitch as a firewall to let you know of network activity on your mac. It is generally easy to use and whenever you're unsure of a notification from little snitch just google the name and see if it is a 'safe' app to set acceptance rules for them.

    There may be lesser viruses and on the MacOS but you're still quite susceptible to phishing attacks or trojans and key loggers. Having little snitch will give you more control over what apps 'phone home' or have network access. The Demo version works nicely enough for me with a 3 hour limit before you have to 're-arm' it. I'm not in any way related to the little snitch developers, i'm just a happy user of their demo product.

    I'd also recommend looking up LastPass which is what I use to manage passwords. It's basically a free cross platform tool but you'd have to buy a subscription for their premium service on iOS(iphone/ipad). Basically with lastpass you create a master password and remember that one password for access to all of your other passwords. I personally generate the maximum allowable password length with a mixture of every allowable characters to make passwords for any of my online services (eg. gmail,ebay). This will give you strong unique passwords to every service to prevent a 'one password to hack them all' scenario. Look up ubikey with lastpass too.

    Basically, having a strong unique password for every account and monitoring what apps have internet access in and out of your machine can beef up your security to prevent getting 'hacked'. As a general rule, don't click on strange links and emails, buy genuine software limit the exposure of your personal details on your social networking profiles. This is to prevent social engineering or guesses to your weaker passwords.

    Hope this information is good for you because I was a victim once where the offender took my ebay account and rang up about 700 dollars worth of purchases(which i promptly cancelled). I took that guy's IP and reported him to the cops.

    update: the earlier poster's encrypted drive is also a very good thing to do if you're deeply concerned about your security. It is relatively easy to setup too.
    Cheers.
     
  6. thread starter macrumors newbie

    4lisawriter

    Joined:
    Jan 21, 2011
    Location:
    marietta, ga
    #6
    Thank you folks. I'll def look into Little Snitch, encryption and Last Pass. I like the name of the first one! LOL:D
     
  7. simsaladimbamba

    Joined:
    Nov 28, 2010
    Location:
    located
    #7
    While Macs can get viruses (the proper plural for computer viruses), they won't affect Mac OS X, as there haven't been any in the last decade that can affect Mac OS X, as those viruses have been written for Windows.
    Btw, the marketshare argument is not really true: http://seekingalpha.com/article/52722-the-mac-os-x-malware-myth-continues

    Did you know, that Mac OS 8 and 9 had viruses that could affect it? And all while the marketshare was lower than today. Strange, isn't it?
     
  8. macrumors regular

    ZebOfMac

    Joined:
    Feb 13, 2010
    #8
    It is all dependent on whom the one writing the virus is going after. If anyone wanted to design one for the OS X I am sure it would not take to long as liek windows there are known design flaws. The idea machines to go after would be the pre Intel model as they are at a point where apple is not creating new updates.
     
  9. macrumors newbie

    Joined:
    Jan 30, 2011
  10. simsaladimbamba

    Joined:
    Nov 28, 2010
    Location:
    located
    #10
    Then why hasn't there been one in the last decade? And PPC Macs are not as widespread as Intel Macs, and there are still Security Updates for Tiger, the OS that came with the first and second and third Intel Macs.
    Mac OS X 10.0/1/2/3 is not as common as Mac OS X 10.4/5/6.
    Maybe you should take a look at http://seekingalpha.com/article/52722-the-mac-os-x-malware-myth-continues and:
     
  11. macrumors 68000

    bobr1952

    Joined:
    Jan 21, 2008
    Location:
    Melbourne, FL
    #11
    And has been mentioned MANY times, anti-virus software is useless against something that doesn't exist. If and when a Mac OS virus does ever exist, then anti-virus software will be able to protect against it--once it has been identified and defined by the software vendor. Now, all it can do is keep Windows users from getting infected files from you--if you share vulnerable files.
     
  12. macrumors 601

    Eddyisgreat

    Joined:
    Oct 24, 2007
    Location:
    Seattle, Wa
    #12
    There are design flaws, and then there are fundamental differences in security approaches between *Nix and NT.
     
  13. macrumors 68000

    NickZac

    Joined:
    Dec 11, 2010
    #13
    How important is your data and how badly can it harm you if it is compromised? Depending on the severity, there are companies that specialize in data protection. Obviously, something like a few nude shots of Nikki Ziering isn't as much to worry about as say certain quantum physics experiments, so how much time/money that goes into it is a personal call on need.

    IIRC the new SandForce 2000 based SSDs are going to introduce some 'surious' security.
     
  14. macrumors newbie

    Joined:
    Jan 30, 2011
    #14
    Just had a look at the SandForce 2000 stuff. It just looks like you can enable fulldrive encryption like you can currently do with programs like TrueCrypt. Currently you shouldn't do fulldrive encryption on SSDs as it interferes with wear levelling. This also only stops physical theft of data. Once you put your password in and your chosen OS boots the data can still be stolen.
     
  15. macrumors 68000

    NickZac

    Joined:
    Dec 11, 2010
    #15
    I figured it would be limited. I wouldn't worry about it impacting wear leveling though...the SF2k is supposed to take it up even a notch. So then their 'security' does nothing for online theft I presume?
     
  16. macrumors 68020

    munkery

    Joined:
    Dec 18, 2006
    #16
    Those contests only show examples of arbitrary code execution without privilege escalation. Arbitrary code execution without privilege escalation does not allow worms or viruses to be installed. Privilege escalation vulnerabilities are rare for Mac OS X and only roughly 25% of vulnerabilities are exploitable. In the history of Mac OS X, there is no example of client side remote exploitation being strung together with local privilege escalation to allow worms and viruses to be installed.

    But, remote and local exploitation being strung together still commonly occurs in the wild in even the most recent Windows NT based OSes. For example, http://forums.macrumors.com/showpost.php?p=11800870&postcount=82.

    Browser exploitation is still problematic as it does allow access to the user's files. But, this is not occurring in the wild without privilege escalation because the amount of work required to make it profitable is much greater than finding means to exploit OSes with privilege escalation.

    If you are worried about your user files being accessed despite no examples of this being used in the wild, then there are steps that can be taken to reduce these risks.

    1) Encrypt security sensitive files in the manner shown in the following post:

    http://forums.macrumors.com/showpost.php?p=11807844&postcount=6

    2) Do not maintain any local storage of your emails that are associated with your email accounts in Mail.app.
     

    Attached Files:

  17. macrumors G5

    gnasher729

    Joined:
    Nov 25, 2005
    #17
    I wouldn't take security advice from anyone who thinks "virii" is a word.
     
  18. macrumors 65816

    Joined:
    Mar 18, 2010
    #18
    People using the term "virus" as a catch all for the more generic term "Malware" might be confused by this thread.

    A virus is usually a self-replicating piece of code that is spread without any user intervention. As far as I know, OSX is inherently immune to this type of Malware.

    OSX is not however, immune to the Trojan, which is a file that masquerades or piggybacks with another file. This is something the user would unknowingly install, and may be installed as either "drive-by" malware from the web browser or as something attached to another file (the iLife trojan for example).

    Windows 7 is actually very resistant to actual Viruses, making their spread very unlikely on these systems. However, the "trojan" malware problem is much more widespread on Windows systems, and this IS partially due to market share. More stuff to download=more infected files, which means a higher chance of downloading a file with something piggybacking on it. But windows 7 does also have some remote code execution exploits.

    The best way to stay safe is to be informed and understand how these things can get on your system. Knowledge is way more powerful than any anti-malware software out there.
     
  19. GGJstudios, Jan 30, 2011
    Last edited: Jan 30, 2011

    macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #19
    Let's count all the false statements in this post:
    False. They don't get viruses, either. Because there ARE no viruses that run on current Mac OS X.
    The market share myth is exactly that. Macs have a much greater market share than ever before, and growing at over a million Macs per month, yet the number of viruses has gone from a few back in the days of OS 8 and 9, to...... zero. Market share grew, viruses available went down. So much for the market share theory.
    False. If that were the case, there would be no firewall or built-in malware protection in Mac OS X, which there is.
    No, you can't. It IS possible to hack into a Mac, and you have absolutely no basis on which to guarantee that any particular user has or hasn't been hacked.
    That's why they should read this: Mac Virus/Malware Info
    Macs are not, and have never been immune to any particular form of malware, including viruses. No OS is immune. There simply are no viruses in the wild that run on current Mac OS X. That doesn't mean it can't be done.
    No OS is immune to the biggest threat: users! :)
    Quite true!
     
  20. munkery, Jan 30, 2011
    Last edited: Jan 30, 2011

    macrumors 68020

    munkery

    Joined:
    Dec 18, 2006
    #20
    Network security is an issue for all computer users regardless of OS. Networks where other untrusted users are connected leave you open to various OS independent attacks.

    Specifically, you may be at risk of Man-In-The-Middle (MITM) attacks. Using this type of attack, the attacker can monitor all your traffic that is not encrypted. This includes login credentials to various websites that do not use SSL encryption. Make sure to use the SSL encrypted login for such websites. An easy way to do this is to use the encrypted search engine https://duckduckgo.com/ that redirects you to encrypted logins for popular websites such as facebook, twitter, & etc.

    Also, using DNS spoofing with MITM, the attacker can redirect you to spoofed websites, such as bank or paypal, to steal your credentials. Some software tools for such attacks even allow the attacker to spoof the digital certificate of websites that use SSL encryption, such as bank and paypal. Make sure to click the lock icon that is displayed for encrypted websites to view the content of the digital certificate to make sure the certificate belongs to the right organization. Spoofed certificates will not show the correct information.

    MITM attacks can be detected with tools such as http://www.macupdate.com/app/mac/29459/mocha

    EDIT: Firewalls of either direction provide no protection against these types of attacks.

    EDIT: Only use email services that have full session encryption, such as Gmail.
     
  21. macrumors 6502a

    Joined:
    Aug 5, 2010
    #21
    +1 for Little Snitch
    if you can control what data is being sent out from your computer that is half the battle. It is interesting to see just which apps are trying to "phone home" and it's nice to get the option to block them if you privacy is a concern for you.
     
  22. macrumors 68020

    munkery

    Joined:
    Dec 18, 2006
    #22
    There is a free alternative to Little Snitch called TCPBlock.

    The inherent problem of outgoing firewalls is that payloads can be added to malware that turn off or create exceptions for themselves that largely make outgoing firewalls ineffective. There are examples of this occurring in the wild for outgoing firewalls that have become popular. Of course, the payload requires elevated privileges to modify the outgoing firewalls settings.

    It is much better to insulate your system from being accessed in the first place and to secure your data in the event that it is accessed by an attacker.
     
  23. macrumors Westmere

    GGJstudios

    Joined:
    May 16, 2008
    #23
    Therein lies the rub. If a user is careful about entering their admin password, such payloads hit a brick wall.
     
  24. macrumors 68020

    munkery

    Joined:
    Dec 18, 2006
    #24
    At least in Mac OS X ;).
     
  25. macrumors regular

    Joined:
    Jan 26, 2011
    #25
    haha thats not even close, he got 2 letters wrong lolz
     

Share This Page