Mac OS X Security! Anyone can see files!

Discussion in 'macOS' started by SpaceMagic, Jan 3, 2006.

  1. SpaceMagic macrumors 68000

    SpaceMagic

    Joined:
    Oct 26, 2003
    Location:
    Cardiff, Wales
    #1
    I just put my iBook in Target disk mode (as in hold T while booting, so that it appears as an external disk on my g5 via a firewire cable) and my G5 has root (well, unlimited) access to the iBook's hard disk! No passwords asked!

    I could just take anyone's computer and attach with a firewire cable.. and bob's your uncle, access to anyone's files! What's going on?!
     
  2. Randall macrumors 6502a

    Randall

    Joined:
    Dec 12, 2005
    Location:
    Norwood, MA
    #2
    If this is true then that's the biggest security hole I've ever read about in my life. Wow! You sure don't have to be l33t to do some damage there.
     
  3. Linam macrumors regular

    Joined:
    Dec 25, 2005
  4. SpaceMagic thread starter macrumors 68000

    SpaceMagic

    Joined:
    Oct 26, 2003
    Location:
    Cardiff, Wales
  5. crap freakboy macrumors 6502a

    crap freakboy

    Joined:
    Jul 17, 2002
    Location:
    nar in Gainsborough, me duck
  6. croshtique macrumors 6502

    Joined:
    Apr 28, 2005
    Location:
    Cambridge, UK
    #6
    Yes it is possible; but if someone has physical access to your machine and is able to do this, then you might as well let all security measures go out the window...
    You can, however, enable Open Firmware password protection to stop people booting up in Target Disk Mode.
     
  7. eva01 macrumors 601

    eva01

    Joined:
    Feb 22, 2005
    Location:
    Gah! Plymouth
    #7
    so did i :rolleyes:
     
  8. grapes911 Moderator emeritus

    grapes911

    Joined:
    Jul 28, 2003
    Location:
    Citizens Bank Park
    #8
    Still not a good solution. I can break that password in about 2 minutes.
     
  9. Lacero macrumors 604

    Lacero

    Joined:
    Jan 20, 2005
    #9
    What about with File Vault? Technically, they shouldn't be able to access your home directory.

    The use of encrypted disk images should be used, if the information is really sensitive. I have one called Confidential.dmg, which I store all my banking passwords, financial info, naked images of myself in compromising positions, etc. Let's also not forget my stash of hot donkey porn!

    Here's to the Crazy Ones [​IMG]
     
  10. iMeowbot macrumors G3

    iMeowbot

    Joined:
    Aug 30, 2003
    #10
    This is what encrypted disk images (with or without the FileVault scheme) are for.
     
  11. ffakr macrumors 6502a

    Joined:
    Jul 2, 2002
    Location:
    Chicago
    #11
    Are you all kidding?

    Seriously, Are you all kidding?
    People are shocked that a computer system is not secure when you've got raw access to that computer's drive on another machine?

    You can pull the drive out of any computer system and plug it into another computer system and get full access to that data. We pull NTFS drives all the time and copy user data to new computers or recover data onto other computers. We reset Windows 2K and XP passwords with recovery CDs by writing directly into the hive. I can boot OS X or any other Unix system into single user mode (Root) and have free run over the whole filesystem.

    As soon as you give up physical access of your machine or a physical console on that machine you have absolutely no security unless you implement some sort of physical security barrier (like bio-metrics) or some sort of encryption like encrypted disk images or encrypted filesystems.

    This isn't a shock. It isn't a huge security hole. This is just reality. Freaking out about whether or not your unencrypted drive is secure after someone steals your computer makes even less sense than expecting your home safe to be secure after someone steals the whole safe.

    ffakr
     
  12. howesey macrumors 6502a

    Joined:
    Dec 3, 2005
  13. semaja2 macrumors 6502a

    Joined:
    Dec 12, 2005
    Location:
    Adelaide
    #13
    wow im amazed how people are shocked at this even with a windows machine you can crack it open by ripping out the hdd unless you use efs which macosx has as well, but i think at that point you would be more concered at that fact they have your laptop, but target disk mode it great i hear for when your mac crashes you can recover your files quick and easy
     
  14. EGT macrumors 68000

    EGT

    Joined:
    Sep 4, 2003
    #14
    I knew about this but I still think being able to reset the password with an Installation CD is complete bull.

    Complete bull in the sense that it's crap you can do it, not that it's not true. Sorry, it's a very slowww day today.
     
  15. Aarow macrumors 6502a

    Joined:
    Jun 14, 2005
    #15
    If anybody took my computer, I'd roundhouse kick them to the face:cool: .

    Also, Bob's your uncle?
     
  16. SpaceMagic thread starter macrumors 68000

    SpaceMagic

    Joined:
    Oct 26, 2003
    Location:
    Cardiff, Wales
    #16
    Well I didn't know about it, nor do I think it's right.

    1) A PC cannot read Mac formatted drives natively so it's not as if PCs can rip out a mac drive and view the info.

    2) I always thought permissions were set on the file in Unix, in fact I know they are as you can CHMOD them. However, permissions therefore on my iBook's drive should be to their user... who is not present on the Mac targeting the drive. Therefore a password should be requested.

    3) The point is many of you here I'm sure have information you wouldn't particularly like your parents or lover to see ;). While you're in the shower, out to the shops, eating fish n chips.. all they have to do is press T on your mac! They then have Spotlight to find ANY information they please.

    4) Open Firmware Passwords. Ok... fair enough. But how many of you have this enabled? And then how many of the newer mac users even know about it?

    I suggest a computer should ask for your admin password in order to go into target disk mode.
     
  17. Poff macrumors 65816

    Poff

    Joined:
    Sep 16, 2003
    Location:
    Stavanger, Norway
    #17
    Or.. you could just use filevault as someone else here suggested.

    Target disk mode has nothing to do with os x. it comes "before" unix and osx.
     
  18. jemeinc macrumors 6502a

    Joined:
    Feb 14, 2004
    Location:
    South Jersey
    #18
    I consider that a feature... I use it sometimes for transferring video projects from one machine to another... I guess "technically" it could be looked at as a security flaw, but it still requires physical access to your machine... I see the point, but for me it's not the type of security problem I'm concerned with...
     
  19. portent macrumors 6502a

    Joined:
    Feb 17, 2004
    #19
    The most effective form of computer security yet devised is a deadbolt lock on the door to the building. Once someone has physical access to your machine, it's all over (unless you store everything on an encrypted volume.)

    If you make a habit of keeping embarrassing secrets from your lover/parents/children/roommate, encrypt them.
     
  20. EGT macrumors 68000

    EGT

    Joined:
    Sep 4, 2003
    #20
    Filevault requires a lot of hard drive space though.
     
  21. katie ta achoo macrumors G3

    Joined:
    May 2, 2005
    #21
    encrpyting a disk image is so easy in OS X.
    Just open up disk utility, follow a few steps (Sorry, Don't know them.. I'm not at my PB) and Bam! encrypted disk image.

    isn't that where everyone keeps their banking passwords, financial info, and naked images of themselves in compromising positions?
    Lacero, you're my hero!
     
  22. blackpeter macrumors 6502a

    Joined:
    Aug 14, 2001
    #22
    How's that?
     
  23. iMeowbot macrumors G3

    iMeowbot

    Joined:
    Aug 30, 2003
    #23
    Open it up, add or remove some RAM, zap the PRAM and you're in. Here's a nice little article on the deal.
     
  24. blackpeter macrumors 6502a

    Joined:
    Aug 14, 2001
    #24
    Very cool. Thanks...
     
  25. Diatribe macrumors 601

    Diatribe

    Joined:
    Jan 8, 2004
    Location:
    Back in the motherland
    #25
    The only way to be really secure is using an encrypted disk image for sensitive data. It's time that Apple let's File Vault only encrypt wanted folders and not the entire home folder... who wants their music library encrypted anyway?
     

Share This Page