Can a Mac be Bugged?

Discussion in 'Mac Apps and Mac App Store' started by lexus, Aug 2, 2007.

  1. lexus macrumors 68000

    lexus

    Joined:
    Mar 26, 2006
    Location:
    Depends Greatly On The Weather
    #1
    Is it possible for a Mac to be bugged so that people can monitor what I do and get my passwords etc...?

    I know it can be done on a PC.

    Thanks
     
  2. kick52 macrumors member

    Joined:
    Aug 2, 2007
    Location:
    England
    #2
    I'm quite sure it could, though I'm not sure if you could do it without authentication, and I haven't heard of any instant keyloggers. (As in, silent, without any input)
     
  3. miniConvert macrumors 68040

    miniConvert

    Joined:
    Mar 4, 2006
    Location:
    Kent, UK - the 'Garden of England'.
    #3
    Yeah, I'm pretty sure keyboard input etc could be monitored, but something would need to be installed on the Mac to enable that and it'd likely require authentication. Do you have a particular requirement?

    O/T: Just noticed your avatar - do you own a Vertu? I have the Ascent model. Totally excellent ;)
     
  4. xUKHCx Administrator emeritus

    xUKHCx

    Joined:
    Jan 15, 2006
    Location:
    The Kop
    #4
    Yes it can, there are some keyloggers out there, however the ones i have seen don't log passwords.

    I think that the hardware keyloggers (little device that are put between the keyboard and usb slot) will probably also work.


    Aren't they crazy expenisve.
     
  5. lexus thread starter macrumors 68000

    lexus

    Joined:
    Mar 26, 2006
    Location:
    Depends Greatly On The Weather
    #5
    Is there anyway I can check if anything like that is installed?

    Thanks
     
  6. davidschlachter macrumors newbie

    Joined:
    Aug 2, 2007
    #6
    logKext

    Lol, you can bug anything.

    But check out logKext (just Google it). It acts between as a kernel extension, so it's pretty low level. But you'd need to be an admin to install such a devious piece of software.

    And if someone already has admin, and therefore root access to your box, they could even modify any tool that could detect their software. Which is pretty scary. So keep a good password, etc ;)
     
  7. lexus thread starter macrumors 68000

    lexus

    Joined:
    Mar 26, 2006
    Location:
    Depends Greatly On The Weather
    #7
    I thought Mac's were very very secure.
     
  8. barr08 macrumors 65816

    barr08

    Joined:
    Aug 9, 2006
    Location:
    Boston, MA
    #8
    They are, from viruses, spyware, etc.

    If someone has access to your root user on your box in person, though, it is a different story.
     
  9. lexus thread starter macrumors 68000

    lexus

    Joined:
    Mar 26, 2006
    Location:
    Depends Greatly On The Weather
    #9
    What if they dont have the admin PW?
     
  10. xUKHCx Administrator emeritus

    xUKHCx

    Joined:
    Jan 15, 2006
    Location:
    The Kop
    #10
    Then the there is precious little they can do(installing applications wise, doesn't stop inadvertidley giving out the information through phising sites etc.), except for the hardware keyloggers but a quick check of your usb ports should put your mind at rest.
     
  11. XnavxeMiyyep macrumors 65816

    XnavxeMiyyep

    Joined:
    Mar 27, 2003
    Location:
    Washington
    #11
    If they had a Mac OS X install disk, they could actually reinstall the OS without any password and set a new password and access your files from there. However, you'd probably notice that your password isn't working when they leave.
     
  12. markfc macrumors 6502a

    markfc

    Joined:
    Sep 18, 2006
    Location:
    Prestatyn, Wales, UK
    #12
    I had to use typeagent once...works well on passwords but needs admin to install...
    www.typeagent.com
     
  13. NoOneButMe macrumors regular

    Joined:
    Dec 10, 2006
    #13
    No matter how secure your box is, if someone knows the administrator / root password, they can bypass everything you could dream of setting up.

    And it's possible to remove the password in Single-User mode - which gives you administrator access without asking for a password. Though you can disable single user mode if you're sufficiently paranoid - though I don't recommend doing so. Keep in mind, single user mode's only a risk if the person has physical access to the box - in which case you probably have more important things to worry about then your computer being hacked.
     
  14. lexus thread starter macrumors 68000

    lexus

    Joined:
    Mar 26, 2006
    Location:
    Depends Greatly On The Weather
    #14
    what if I use filevault?
     
  15. xUKHCx Administrator emeritus

    xUKHCx

    Joined:
    Jan 15, 2006
    Location:
    The Kop
    #15
    I personally haven't had any experience with filevault but the general advise is to steer well clear.

    If you have really important files i would just make encrypted disk images with very secure passwords. And possibly put the disk images in an invisible folder.

    In what circumstances are you using your mac in which you are so concerned with security.
     
  16. macbotics macrumors member

    Joined:
    Jul 30, 2007
    Location:
    Melbourne
    #16
    i reccomend steer well clear of filevault ive had bad experiences:mad:
     
  17. janey macrumors 603

    janey

    Joined:
    Dec 20, 2002
    Location:
    sunny los angeles
    #17
    That's too much work, mate. It's a lot simpler to boot up into single user mode, which dumps you into a console logged in as root. then use passwd. :D Or the elegant way..get the pass hashes and crack them, so you know the password but don't leave much of a trace that you did anything.

    Alternatively you could use the install disk to reset the password, not do a complete reinstall, which would defeat the purpose of having access to files on the computer in many cases..


    So basically..physical access == all bets off. Use all the passwords you want, but I could always physically remove the hard drive. Et cetera.

    If security is this much of a concern, an invisible folder that can be found with a trivial ls -a is not the best way to hide files. Maybe from someone using Finder, but why would you use Finder if the terminal is so much easier? Might as well leave the disk image on your Desktop, for all the good that'll do.
     
  18. NoOneButMe macrumors regular

    Joined:
    Dec 10, 2006
    #18
    FileVault uses your password as the key. So if they know the password, not much point in it being encrypted.
     
  19. xUKHCx Administrator emeritus

    xUKHCx

    Joined:
    Jan 15, 2006
    Location:
    The Kop
    #19
    As it stops the casual passer-by seeing it, after all if the dmg is encrypted it is more interesting.
     
  20. NoOneButMe macrumors regular

    Joined:
    Dec 10, 2006
    #20
    By that logic, you might as well leave anything important out in the open - "It's not important enough to encrypt, dont bother with it" is just poor security sense.

    Sure, encrypted .dmg's might gain attention, but that's nothing compared to anyone reading something they shouldnt be reading :rolleyes:
     
  21. jczubach macrumors 6502

    jczubach

    Joined:
    May 15, 2007
    Location:
    northwest
    #21
    Buggin' my mac.

     
  22. OutThere macrumors 603

    OutThere

    Joined:
    Dec 19, 2002
    Location:
    NYC
    #22
    No need to go cracking passwords...delete one file and you can make yourself a shiny new admin account. http://forums.macrumors.com/showthread.php?t=159703 :eek:

    If you're really worried, set a strong password, use filevault and set a firmware password (link) and keep your mac physically secure, so people can't get to it in the first place.
     
  23. xUKHCx Administrator emeritus

    xUKHCx

    Joined:
    Jan 15, 2006
    Location:
    The Kop
    #23
    Well if you actually look at what i originally wrote rather than just reading a part of it. I suggested putting everything important inside encryted .dmgs. Rather than go down the filevault route.
     
  24. rdowns macrumors Penryn

    rdowns

    Joined:
    Jul 11, 2003
    #24
    I've installed this
    http://upc.*************/uploads/gifs/bug.gif
    on your Mac.
     
  25. janey macrumors 603

    janey

    Joined:
    Dec 20, 2002
    Location:
    sunny los angeles
    #25
    Well, I was just detailing a couple of ways to do it. Sure you can do that, but it leaves behind (at the least) evidence that there exists another admin account, and maybe you don't want to do that :)
     

Share This Page