Can a Mac be Bugged?

kick52

macrumors member
Aug 2, 2007
90
0
England
I'm quite sure it could, though I'm not sure if you could do it without authentication, and I haven't heard of any instant keyloggers. (As in, silent, without any input)
 

miniConvert

macrumors 68040
Yeah, I'm pretty sure keyboard input etc could be monitored, but something would need to be installed on the Mac to enable that and it'd likely require authentication. Do you have a particular requirement?

O/T: Just noticed your avatar - do you own a Vertu? I have the Ascent model. Totally excellent ;)
 

xUKHCx

Administrator emeritus
Jan 15, 2006
12,587
6
The Kop
Yes it can, there are some keyloggers out there, however the ones i have seen don't log passwords.

I think that the hardware keyloggers (little device that are put between the keyboard and usb slot) will probably also work.


O/T: Just noticed your avatar - do you own a Vertu? I have the Ascent model. Totally excellent ;)
Aren't they crazy expenisve.
 

davidschlachter

macrumors newbie
Aug 2, 2007
1
0
logKext

Lol, you can bug anything.

But check out logKext (just Google it). It acts between as a kernel extension, so it's pretty low level. But you'd need to be an admin to install such a devious piece of software.

And if someone already has admin, and therefore root access to your box, they could even modify any tool that could detect their software. Which is pretty scary. So keep a good password, etc ;)
 

lexus

macrumors 68000
Original poster
Mar 26, 2006
1,568
0
Depends Greatly On The Weather
Lol, you can bug anything.

But check out logKext (just Google it). It acts between as a kernel extension, so it's pretty low level. But you'd need to be an admin to install such a devious piece of software.

And if someone already has admin, and therefore root access to your box, they could even modify any tool that could detect their software. Which is pretty scary. So keep a good password, etc ;)
I thought Mac's were very very secure.
 

xUKHCx

Administrator emeritus
Jan 15, 2006
12,587
6
The Kop
What if they dont have the admin PW?
Then the there is precious little they can do(installing applications wise, doesn't stop inadvertidley giving out the information through phising sites etc.), except for the hardware keyloggers but a quick check of your usb ports should put your mind at rest.
 

XnavxeMiyyep

macrumors 65816
Mar 27, 2003
1,131
3
Washington
What if they dont have the admin PW?
If they had a Mac OS X install disk, they could actually reinstall the OS without any password and set a new password and access your files from there. However, you'd probably notice that your password isn't working when they leave.
 

NoOneButMe

macrumors regular
Dec 10, 2006
130
0
I thought Mac's were very very secure.
No matter how secure your box is, if someone knows the administrator / root password, they can bypass everything you could dream of setting up.

And it's possible to remove the password in Single-User mode - which gives you administrator access without asking for a password. Though you can disable single user mode if you're sufficiently paranoid - though I don't recommend doing so. Keep in mind, single user mode's only a risk if the person has physical access to the box - in which case you probably have more important things to worry about then your computer being hacked.
 

lexus

macrumors 68000
Original poster
Mar 26, 2006
1,568
0
Depends Greatly On The Weather
No matter how secure your box is, if someone knows the administrator / root password, they can bypass everything you could dream of setting up.

And it's possible to remove the password in Single-User mode - which gives you administrator access without asking for a password. Though you can disable single user mode if you're sufficiently paranoid - though I don't recommend doing so. Keep in mind, single user mode's only a risk if the person has physical access to the box - in which case you probably have more important things to worry about then your computer being hacked.
what if I use filevault?
 

xUKHCx

Administrator emeritus
Jan 15, 2006
12,587
6
The Kop
I personally haven't had any experience with filevault but the general advise is to steer well clear.

If you have really important files i would just make encrypted disk images with very secure passwords. And possibly put the disk images in an invisible folder.

In what circumstances are you using your mac in which you are so concerned with security.
 

janey

macrumors 603
Dec 20, 2002
5,319
0
sunny los angeles
What if they dont have the admin PW?
If they had a Mac OS X install disk, they could actually reinstall the OS without any password and set a new password and access your files from there. However, you'd probably notice that your password isn't working when they leave.
That's too much work, mate. It's a lot simpler to boot up into single user mode, which dumps you into a console logged in as root. then use passwd. :D Or the elegant way..get the pass hashes and crack them, so you know the password but don't leave much of a trace that you did anything.

Alternatively you could use the install disk to reset the password, not do a complete reinstall, which would defeat the purpose of having access to files on the computer in many cases..


So basically..physical access == all bets off. Use all the passwords you want, but I could always physically remove the hard drive. Et cetera.

f you have really important files i would just make encrypted disk images with very secure passwords. And possibly put the disk images in an invisible folder.
If security is this much of a concern, an invisible folder that can be found with a trivial ls -a is not the best way to hide files. Maybe from someone using Finder, but why would you use Finder if the terminal is so much easier? Might as well leave the disk image on your Desktop, for all the good that'll do.
 

xUKHCx

Administrator emeritus
Jan 15, 2006
12,587
6
The Kop
If security is this much of a concern, an invisible folder that can be found with a trivial ls -a is not the best way to hide files. Maybe from someone using Finder, but why would you use Finder if the terminal is so much easier? Might as well leave the disk image on your Desktop, for all the good that'll do.
As it stops the casual passer-by seeing it, after all if the dmg is encrypted it is more interesting.
 

NoOneButMe

macrumors regular
Dec 10, 2006
130
0
As it stops the casual passer-by seeing it, after all if the dmg is encrypted it is more interesting.
By that logic, you might as well leave anything important out in the open - "It's not important enough to encrypt, dont bother with it" is just poor security sense.

Sure, encrypted .dmg's might gain attention, but that's nothing compared to anyone reading something they shouldnt be reading :rolleyes:
 

jczubach

macrumors 6502
May 15, 2007
385
0
northwest
Buggin' my mac.

Is it possible for a Mac to be bugged...
It really bugs my mac when i tell her that her ass is getting fat and i'm going to trade her in for a hot little number who goes by the name of Santa Rosa... oh, not that kind of bug. Sorry.:rolleyes: at least i didn't think you said bugger.
 

OutThere

macrumors 603
Dec 19, 2002
5,730
0
NYC
That's too much work, mate. It's a lot simpler to boot up into single user mode, which dumps you into a console logged in as root. then use passwd. :D Or the elegant way..get the pass hashes and crack them, so you know the password but don't leave much of a trace that you did anything.

Alternatively you could use the install disk to reset the password, not do a complete reinstall, which would defeat the purpose of having access to files on the computer in many cases..


So basically..physical access == all bets off. Use all the passwords you want, but I could always physically remove the hard drive. Et cetera.
No need to go cracking passwords...delete one file and you can make yourself a shiny new admin account. http://forums.macrumors.com/showthread.php?t=159703 :eek:

If you're really worried, set a strong password, use filevault and set a firmware password (link) and keep your mac physically secure, so people can't get to it in the first place.
 

xUKHCx

Administrator emeritus
Jan 15, 2006
12,587
6
The Kop
By that logic, you might as well leave anything important out in the open - "It's not important enough to encrypt, dont bother with it" is just poor security sense.

Sure, encrypted .dmg's might gain attention, but that's nothing compared to anyone reading something they shouldnt be reading :rolleyes:
Well if you actually look at what i originally wrote rather than just reading a part of it. I suggested putting everything important inside encryted .dmgs. Rather than go down the filevault route.
 

rdowns

macrumors Penryn
Jul 11, 2003
27,400
12,410
I've installed this
http://upc.*************/uploads/gifs/bug.gif
on your Mac.