xfire asks on every launch. The WoW launcher also does. I have to give admin access to anothereac3togui or it doesn't display disc info. Those ones come to mind. I'm sure there are others.
Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Researcher Set to Announce 20 Zero-Day Holes in Mac OS X
- Thread starter MacRumors
- Start date
- Sort by reaction score
xfire asks on every launch. The WoW launcher also does. I have to give admin access to anothereac3togui or it doesn't display disc info. Those ones come to mind. I'm sure there are others.
I still haven't read any article about this being used at pwn2own....
I'm not sure what you mean by mirrored? If it's that the ends of cable are wired the same on both ends this is true of any ethernet cable.
Crossover cables are commonly used when building your own router. A box with a bunch of ethernet cards, you can choose from several linux router distros to use. A popular one is smoothwall. Seems like it would be foolish to use linux if it removes it's security?
As far as I know all it is for is direct connection between computers without the need for a router/hub. Nothing more than that. Of course you would lose your routers firewall by doing that...
Edit: took out misinformation.
Try connecting to macs together with a regular ethernet cable and see how much access you have to other machine. (Edit: requires user to allow "Internet Sharing" in System Preferences prior to being able to access other machine.)
Edit: I was wrong. Miller's exploits require a local area network and an artificial (as in unlikely in the wild) situation.
Second Edit: I was double wrong, exploitation using these methods are not uncommon in the wild. But, it is rare in the wild in OS X because the impact of such exploitation in Mac OS X is limited by the low incidence rate of privilege escalation exploits and user space security mitigations that prevent keyloggers and other malware from logging security sensitive passwords, such as from authentication prompts or website logins, without privilege escalation. BTW, user interaction is required to hack a Mac via a crossover cable as the user has to allow "Internet Sharing" in System Preferences. Man-in-the-middle attacks facilitate these methods on wireless networks. Navigating to a malicious website facilitates these methods across the web.
Last edited:
Oh I know you can't connect to any system directly with an ethernet cable. I am well aware that this is what crossover cables are for. I just don't believe it causes the issues you suggest. Otherwise you wouldn't build your own router and there wouldn't be linux distros for you to use specifically for this purpose.
Nor is there any mention of it being used at pwn2own...
Computers connected via crossover treat it like any other network connection. You just bypass the need for a router.
Interesting, must be new to windows 7, or because these apps were written properly such that they ask when they need the rights.
It was this way in vista as well. And no, they aren't written properly. But that's not the point. The point is is that when you grant admin in windows it's not giving the app permanent rights forever. Just for that install. Apps that need admin to run cannot run again without you granting permission.
In a router you do it so that the different components can actually communicate with each other. This is exactly what is happening in OSX. Just like making a router. Most router software includes ipfw, dummynet, etc.
Edit: I was wrong. Miller's exploits require a local area network and an artificial (as in unlikely in the wild) situation.
Second Edit: I was double wrong, exploitation using these methods are not uncommon in the wild. But, it is rare in the wild in OS X because the impact of such exploitation in Mac OS X is limited by the low incidence rate of privilege escalation exploits and user space security mitigations that prevent keyloggers and other malware from logging security sensitive passwords, such as from authentication prompts or website logins, without privilege escalation. BTW, user interaction is required to hack a Mac via a crossover cable as the user has to allow "Internet Sharing" in System Preferences. Man-in-the-middle attacks facilitate these methods on wireless networks. Navigating to a malicious website facilitates these methods across the web.
Last edited:
The purpose of a router is direct traffic between 2 different networks. It is inherently more secure to a small degree, but it is a huge difference when you have a public IP on one side and you keep your internal machines on the generic non-publicly routable address'
Technically you can do this with more advanced switches as well (Cisco), by setting up different VLANs across switch ports.
Are you talking about the default admin account or user generated standard account. I know the admin account is insulated from standard accounts. You do know there is a reorganization of the permissions in a standard account in relation to admin.
My point is a worm can get into windows and nuke whatever level of the system that is running. As in KNEBER using a running applications permissions (Windows Live Messenger too spoof an update).
yes, but you are saying that a crossover cable is bypassing OSX security.
All it's done is allowing two computers to communicate together.
Higher end NICs and Switches have the ability to detect and correct for crossover or not. Early on some cheap switches only had this ability on port 1, but now just about all decent switches do it. As far as NICs its really up in the air whether they have that intelligence or not.
Once upon a time network gear, above and beyond what you normally have in a house, required crossover cables between devices. Nowadays they work either way. Even today in the household stuff though.... most ISP provided routers/modems will work with either as well.
I dont get these types of announcements.
All OSes have hundreds if not thousands of Zero Day Security flaws.
All OSes have hundreds if not thousands of Zero Day Security flaws.
This is correct. To say OSX can be compromised by a crossover cable seems ridiculous to me. I'm not saying its not possible..... in networking and software, anything is possible. But, whats the point in even discussing the possibility?? I'm certainly not worried about a bad guy coming into my house when I'm away and hooking up a crossover cable to my machine. He might as well just take the machine out of my house. It would be faster and more efficient.
default admin. Well it doesn't really matter if it's admin or standard account. apps require admin to install. Just like OSX. Some need elevated permissions to run, just like OSX. Windows is no different in this regard.
Kneber is a trojan/botnet who's purpose is to steal banking info and aimed at corporations. Estimated 75k infections worldwide out of hundreds of millions of PC's. So that would put the infection rate below 1%. It requires that the user download it and this is typically down by links in spam mail. The most infected machines are windows xp sp2. The more updated the machines the lower the case of infection, xp sp3 had less than sp2, Vista less still, Vista sp1 even less and so on.
The only damage it can do is data theft. It's a glorified keylogger. And keyloggers do exist on mac. Lot's of reports of getting keylogged on macs on the wow forums.
Boot Camp and Win7 Security
Isn't it dangerous to use Win7 alongside Mac OS (via Boot Camp)? I mean if you're booted into Win7, couldn't a virus or what-not take out the Mac OS Partition? I use the Win7 for games mainly, but sometimes I check my mail or a website while I'm booted there. I have a virus scanner in Win7, none on the Mac partition.
Isn't it dangerous to use Win7 alongside Mac OS (via Boot Camp)? I mean if you're booted into Win7, couldn't a virus or what-not take out the Mac OS Partition? I use the Win7 for games mainly, but sometimes I check my mail or a website while I'm booted there. I have a virus scanner in Win7, none on the Mac partition.
Viruses and spyware do not spontaneously or magically appear and run on Windows machines, they are the result of user error. Windows and security is far different than it was 10 years ago. Most of the time that is just opening a malicious e-mail or visiting a malicious website AND running the malicious code.
Security has little to do with it.
The reason "security by obscurity" IS the reason is because the Windows targeting malicious websites, e-mails and etc ONLY thrive because of the large Windows base. It's not just because Windows is living in "the bad part of town." It's because Windows is living in a network magnitudes larger than OSX with a much larger population able to spread the "virus."
If someone creates an OSX virus they run into the problem of SPREADING it.
It doesn't matter how large your bot/spam network is. If only ~5% of the people who actually receive the e-mail AND maybe 5% of that tiny base run it... A wide distribution of any kind is impossible. 95% who receive the file via e-mail or elsewhere can't even run the file if they tried. There is no secret magical way of targeting only the Macs of the world.
So what is the point of spending any significant time trying to target OSX?
There isn't. Until the day comes when Macs make up a much larger base of the consumer base, you won't see any "real" viruses.
Security has little to do with it.
The reason "security by obscurity" IS the reason is because the Windows targeting malicious websites, e-mails and etc ONLY thrive because of the large Windows base. It's not just because Windows is living in "the bad part of town." It's because Windows is living in a network magnitudes larger than OSX with a much larger population able to spread the "virus."
If someone creates an OSX virus they run into the problem of SPREADING it.
It doesn't matter how large your bot/spam network is. If only ~5% of the people who actually receive the e-mail AND maybe 5% of that tiny base run it... A wide distribution of any kind is impossible. 95% who receive the file via e-mail or elsewhere can't even run the file if they tried. There is no secret magical way of targeting only the Macs of the world.
So what is the point of spending any significant time trying to target OSX?
There isn't. Until the day comes when Macs make up a much larger base of the consumer base, you won't see any "real" viruses.
There used to be no danger at all because Windows cannot natively access the UFS+ file system of MacOS. However, the latest Bootcamp adds new kexts for Windows that allow it to read and write to the Unix file systems. Ultimately this comes down to how you have it configured. If you set things up so Windows can share your Mac data then yes, technically, you could be at risk.
Would I worry about it? Almost 100% no. Just make sure you do standard due diligence with your Windows Bootcamp install as you would any other Windows install.
Here is an article that overviews ipfw and bridging in relation to ethernet interfaces.
http://www.kozubik.com/published/freebsd_bridging_ipfw.txt
Edit: I was wrong. Miller's exploits require a local area network and an artificial (as in unlikely in the wild) situation.
Second Edit: I was double wrong, exploitation using these methods are not uncommon in the wild. But, it is rare in the wild in OS X because the impact of such exploitation in Mac OS X is limited by the low incidence rate of privilege escalation exploits and user space security mitigations that prevent keyloggers and other malware from logging security sensitive passwords, such as from authentication prompts or website logins, without privilege escalation. BTW, user interaction is required to hack a Mac via a crossover cable as the user has to allow "Internet Sharing" in System Preferences. Man-in-the-middle attacks facilitate these methods on wireless networks. Navigating to a malicious website facilitates these methods across the web.
Last edited:
Doesn't matter what they're called. They are executable software that runs resident in memory, and they all require some sort of action by the end user for them to infect your system. Whether you are not smart and you have a vulnerable system on a public IP, or you visit the wrong website and happen to have an unpatched or vulnerable webbrowser, or whether you are just a GDI and you click on the Anna Kornikova nekkid email attachment... its all the same.
The only difference with Worms, is that they generally try to infect other systems on your LAN after infecting a system. In that situation other computers may have a worm magically appear if the system is unprotected and unpatched, but it still required a dumbass at some starting point.
Please read the second sentence of the page MorphingDragon linked to:
That's fine and dandy but that article is 9 years old. Things change. Especially in the tech world.
Still, no mention of crossover cable being used at pwn2own, at least not that i've found. No point in really discussing this until we know otherwise.
Worms are self replicating and self executing.
The infamous Conficker "It uses flaws in Windows software and Dictionary attacks on administrator passwords to co-opt machines and link them into a virtual computer that can be commanded remotely by its authors."