Is it possible for a Mac to be bugged so that people can monitor what I do and get my passwords etc...?
I know it can be done on a PC.
Thanks
I know it can be done on a PC.
Thanks
O/T: Just noticed your avatar - do you own a Vertu? I have the Ascent model. Totally excellent
Lol, you can bug anything.
But check out logKext (just Google it). It acts between as a kernel extension, so it's pretty low level. But you'd need to be an admin to install such a devious piece of software.
And if someone already has admin, and therefore root access to your box, they could even modify any tool that could detect their software. Which is pretty scary. So keep a good password, etc
I thought Mac's were very very secure.
They are, from viruses, spyware, etc.
If someone has access to your root user on your box in person, though, it is a different story.
What if they dont have the admin PW?
What if they dont have the admin PW?
No matter how secure your box is, if someone knows the administrator / root password, they can bypass everything you could dream of setting up.I thought Mac's were very very secure.
No matter how secure your box is, if someone knows the administrator / root password, they can bypass everything you could dream of setting up.
And it's possible to remove the password in Single-User mode - which gives you administrator access without asking for a password. Though you can disable single user mode if you're sufficiently paranoid - though I don't recommend doing so. Keep in mind, single user mode's only a risk if the person has physical access to the box - in which case you probably have more important things to worry about then your computer being hacked.
What if they dont have the admin PW?
If they had a Mac OS X install disk, they could actually reinstall the OS without any password and set a new password and access your files from there. However, you'd probably notice that your password isn't working when they leave.
If security is this much of a concern, an invisible folder that can be found with a trivial ls -a is not the best way to hide files. Maybe from someone using Finder, but why would you use Finder if the terminal is so much easier? Might as well leave the disk image on your Desktop, for all the good that'll do.f you have really important files i would just make encrypted disk images with very secure passwords. And possibly put the disk images in an invisible folder.
FileVault uses your password as the key. So if they know the password, not much point in it being encrypted.what if I use filevault?
If security is this much of a concern, an invisible folder that can be found with a trivial ls -a is not the best way to hide files. Maybe from someone using Finder, but why would you use Finder if the terminal is so much easier? Might as well leave the disk image on your Desktop, for all the good that'll do.
By that logic, you might as well leave anything important out in the open - "It's not important enough to encrypt, dont bother with it" is just poor security sense.As it stops the casual passer-by seeing it, after all if the dmg is encrypted it is more interesting.
Is it possible for a Mac to be bugged...
It really bugs my mac when i tell her that her ass is getting fat and i'm going to trade her in for a hot little number who goes by the name of Santa Rosa... oh, not that kind of bug. Sorry. at least i didn't think you said bugger.
That's too much work, mate. It's a lot simpler to boot up into single user mode, which dumps you into a console logged in as root. then use passwd. Or the elegant way..get the pass hashes and crack them, so you know the password but don't leave much of a trace that you did anything.
Alternatively you could use the install disk to reset the password, not do a complete reinstall, which would defeat the purpose of having access to files on the computer in many cases..
So basically..physical access == all bets off. Use all the passwords you want, but I could always physically remove the hard drive. Et cetera.
By that logic, you might as well leave anything important out in the open - "It's not important enough to encrypt, dont bother with it" is just poor security sense.
Sure, encrypted .dmg's might gain attention, but that's nothing compared to anyone reading something they shouldnt be reading
Well, I was just detailing a couple of ways to do it. Sure you can do that, but it leaves behind (at the least) evidence that there exists another admin account, and maybe you don't want to do thatNo need to go cracking passwords...delete one file and you can make yourself a shiny new admin account. https://forums.macrumors.com/threads/159703/