Can a Mac be Bugged?

I'm quite sure it could, though I'm not sure if you could do it without authentication, and I haven't heard of any instant keyloggers. (As in, silent, without any input)

 

Yeah, I'm pretty sure keyboard input etc could be monitored, but something would need to be installed on the Mac to enable that and it'd likely require authentication. Do you have a particular requirement?

O/T: Just noticed your avatar - do you own a Vertu? I have the Ascent model. Totally excellent

 

Yes it can, there are some keyloggers out there, however the ones i have seen don't log passwords.

I think that the hardware keyloggers (little device that are put between the keyboard and usb slot) will probably also work.

Aren't they crazy expenisve.

 

logKext

Lol, you can bug anything.

But check out logKext (just Google it). It acts between as a kernel extension, so it's pretty low level. But you'd need to be an admin to install such a devious piece of software.

And if someone already has admin, and therefore root access to your box, they could even modify any tool that could detect their software. Which is pretty scary. So keep a good password, etc

 

They are, from viruses, spyware, etc.

If someone has access to your root user on your box in person, though, it is a different story.

 

Then the there is precious little they can do(installing applications wise, doesn't stop inadvertidley giving out the information through phising sites etc.), except for the hardware keyloggers but a quick check of your usb ports should put your mind at rest.

 

If they had a Mac OS X install disk, they could actually reinstall the OS without any password and set a new password and access your files from there. However, you'd probably notice that your password isn't working when they leave.

 

I had to use typeagent once...works well on passwords but needs admin to install...
www.typeagent.com

 

No matter how secure your box is, if someone knows the administrator / root password, they can bypass everything you could dream of setting up.

And it's possible to remove the password in Single-User mode - which gives you administrator access without asking for a password. Though you can disable single user mode if you're sufficiently paranoid - though I don't recommend doing so. Keep in mind, single user mode's only a risk if the person has physical access to the box - in which case you probably have more important things to worry about then your computer being hacked.

 

I personally haven't had any experience with filevault but the general advise is to steer well clear.

If you have really important files i would just make encrypted disk images with very secure passwords. And possibly put the disk images in an invisible folder.

In what circumstances are you using your mac in which you are so concerned with security.

 

i reccomend steer well clear of filevault ive had bad experiences

 

That's too much work, mate. It's a lot simpler to boot up into single user mode, which dumps you into a console logged in as root. then use passwd. Or the elegant way..get the pass hashes and crack them, so you know the password but don't leave much of a trace that you did anything.

Alternatively you could use the install disk to reset the password, not do a complete reinstall, which would defeat the purpose of having access to files on the computer in many cases..


So basically..physical access == all bets off. Use all the passwords you want, but I could always physically remove the hard drive. Et cetera.

If security is this much of a concern, an invisible folder that can be found with a trivial ls -a is not the best way to hide files. Maybe from someone using Finder, but why would you use Finder if the terminal is so much easier? Might as well leave the disk image on your Desktop, for all the good that'll do.

 

FileVault uses your password as the key. So if they know the password, not much point in it being encrypted.

 

As it stops the casual passer-by seeing it, after all if the dmg is encrypted it is more interesting.

 

By that logic, you might as well leave anything important out in the open - "It's not important enough to encrypt, dont bother with it" is just poor security sense.

Sure, encrypted .dmg's might gain attention, but that's nothing compared to anyone reading something they shouldnt be reading

 

Buggin' my mac.

 

No need to go cracking passwords...delete one file and you can make yourself a shiny new admin account. http://forums.macrumors.com/showthread.php?t=159703

If you're really worried, set a strong password, use filevault and set a firmware password (link) and keep your mac physically secure, so people can't get to it in the first place.

 

Well if you actually look at what i originally wrote rather than just reading a part of it. I suggested putting everything important inside encryted .dmgs. Rather than go down the filevault route.

 

I've installed this
http://upc.*************/uploads/gifs/bug.gif
on your Mac.

 

Well, I was just detailing a couple of ways to do it. Sure you can do that, but it leaves behind (at the least) evidence that there exists another admin account, and maybe you don't want to do that