Is it possible for a Mac to be bugged so that people can monitor what I do and get my passwords etc...?
I know it can be done on a PC.
Thanks
I know it can be done on a PC.
Thanks
Got a tip for us?
Let us know
Can a Mac be Bugged?
- Thread starter lexus
- Start date
Yeah, I'm pretty sure keyboard input etc could be monitored, but something would need to be installed on the Mac to enable that and it'd likely require authentication. Do you have a particular requirement?
O/T: Just noticed your avatar - do you own a Vertu? I have the Ascent model. Totally excellent
O/T: Just noticed your avatar - do you own a Vertu? I have the Ascent model. Totally excellent
Yes it can, there are some keyloggers out there, however the ones i have seen don't log passwords.
I think that the hardware keyloggers (little device that are put between the keyboard and usb slot) will probably also work.
I think that the hardware keyloggers (little device that are put between the keyboard and usb slot) will probably also work.
Aren't they crazy expenisve.O/T: Just noticed your avatar - do you own a Vertu? I have the Ascent model. Totally excellent
logKext
Lol, you can bug anything.
But check out logKext (just Google it). It acts between as a kernel extension, so it's pretty low level. But you'd need to be an admin to install such a devious piece of software.
And if someone already has admin, and therefore root access to your box, they could even modify any tool that could detect their software. Which is pretty scary. So keep a good password, etc
Lol, you can bug anything.
But check out logKext (just Google it). It acts between as a kernel extension, so it's pretty low level. But you'd need to be an admin to install such a devious piece of software.
And if someone already has admin, and therefore root access to your box, they could even modify any tool that could detect their software. Which is pretty scary. So keep a good password, etc
I thought Mac's were very very secure.Lol, you can bug anything.
But check out logKext (just Google it). It acts between as a kernel extension, so it's pretty low level. But you'd need to be an admin to install such a devious piece of software.
And if someone already has admin, and therefore root access to your box, they could even modify any tool that could detect their software. Which is pretty scary. So keep a good password, etc
They are, from viruses, spyware, etc.
If someone has access to your root user on your box in person, though, it is a different story.
Then the there is precious little they can do(installing applications wise, doesn't stop inadvertidley giving out the information through phising sites etc.), except for the hardware keyloggers but a quick check of your usb ports should put your mind at rest.
If they had a Mac OS X install disk, they could actually reinstall the OS without any password and set a new password and access your files from there. However, you'd probably notice that your password isn't working when they leave.
I had to use typeagent once...works well on passwords but needs admin to install...
www.typeagent.com
www.typeagent.com
No matter how secure your box is, if someone knows the administrator / root password, they can bypass everything you could dream of setting up.
And it's possible to remove the password in Single-User mode - which gives you administrator access without asking for a password. Though you can disable single user mode if you're sufficiently paranoid - though I don't recommend doing so. Keep in mind, single user mode's only a risk if the person has physical access to the box - in which case you probably have more important things to worry about then your computer being hacked.
I personally haven't had any experience with filevault but the general advise is to steer well clear.
If you have really important files i would just make encrypted disk images with very secure passwords. And possibly put the disk images in an invisible folder.
In what circumstances are you using your mac in which you are so concerned with security.
If you have really important files i would just make encrypted disk images with very secure passwords. And possibly put the disk images in an invisible folder.
In what circumstances are you using your mac in which you are so concerned with security.
That's too much work, mate. It's a lot simpler to boot up into single user mode, which dumps you into a console logged in as root. then use passwd.
Or the elegant way..get the pass hashes and crack them, so you know the password but don't leave much of a trace that you did anything.Alternatively you could use the install disk to reset the password, not do a complete reinstall, which would defeat the purpose of having access to files on the computer in many cases..
So basically..physical access == all bets off. Use all the passwords you want, but I could always physically remove the hard drive. Et cetera.
If security is this much of a concern, an invisible folder that can be found with a trivial ls -a is not the best way to hide files. Maybe from someone using Finder, but why would you use Finder if the terminal is so much easier? Might as well leave the disk image on your Desktop, for all the good that'll do.
FileVault uses your password as the key. So if they know the password, not much point in it being encrypted.
As it stops the casual passer-by seeing it, after all if the dmg is encrypted it is more interesting.
By that logic, you might as well leave anything important out in the open - "It's not important enough to encrypt, dont bother with it" is just poor security sense.
Sure, encrypted .dmg's might gain attention, but that's nothing compared to anyone reading something they shouldnt be reading
Buggin' my mac.
Is it possible for a Mac to be bugged...
It really bugs my mac when i tell her that her ass is getting fat and i'm going to trade her in for a hot little number who goes by the name of Santa Rosa... oh, not that kind of bug. Sorry.
No need to go cracking passwords...delete one file and you can make yourself a shiny new admin account. http://forums.macrumors.com/showthread.php?t=159703That's too much work, mate. It's a lot simpler to boot up into single user mode, which dumps you into a console logged in as root. then use passwd.
Alternatively you could use the install disk to reset the password, not do a complete reinstall, which would defeat the purpose of having access to files on the computer in many cases..
So basically..physical access == all bets off. Use all the passwords you want, but I could always physically remove the hard drive. Et cetera.
If you're really worried, set a strong password, use filevault and set a firmware password (link) and keep your mac physically secure, so people can't get to it in the first place.
Well if you actually look at what i originally wrote rather than just reading a part of it. I suggested putting everything important inside encryted .dmgs. Rather than go down the filevault route.By that logic, you might as well leave anything important out in the open - "It's not important enough to encrypt, dont bother with it" is just poor security sense.
Sure, encrypted .dmg's might gain attention, but that's nothing compared to anyone reading something they shouldnt be reading
Well, I was just detailing a couple of ways to do it. Sure you can do that, but it leaves behind (at the least) evidence that there exists another admin account, and maybe you don't want to do thatNo need to go cracking passwords...delete one file and you can make yourself a shiny new admin account. http://forums.macrumors.com/showthread.php?t=159703
