Was my MacBook hacked?

[RiCEADDiCTBOY]

No.

Look, I'm not going to claim that OS X is invulnerable (it really, really isn't) -- but the marketshare argument is BS.

Why? Well someone else has said it best. From this Slashdot comment:



Same applies for OS X (although to a lesser extent, in part due to Apple's prioritization of user experience over security.)

That's not to claim that OS X won't ever be exploited, but I do think that it presents a much, much smaller target than Windows. Dig?

I am not attempting to be a pundit or what not - but, I will have read too many articles from security analysts (which I will not go tracking down - google is for that) and hacking competitions that i am going to have to side with them.

lets just agree to disagree. going to sleep. laters.

 

[peepboon]

Well, I'd be amazed if a website was capable of sending a shutdown command to a Mac

Porn is the ultimate power ;D it can do anything hahaha

 

[ppc750fx]

I am not attempting to be a pundit or what not - but, I will have read too many articles from security analysts (which I will not go tracking down - google is for that) and hacking competitions that i am going to have to side with them.

Security analysts have been predicting the fall of Linux and Mac OS X every year for years now. One day they're bound to get it right -- but until they can actually point to some piece of evidence of malicious software that supports their claims, I'm going to tend to believe that they're just doing what they do best: blustering and kicking up a big fuss in an attempt to make a name for themselves.

 

[RiCEADDiCTBOY]

Security analysts have been predicting the fall of Linux and Mac OS X every year for years now. One day they're bound to get it right -- but until they can actually point to some piece of evidence of malicious software that supports their claims, I'm going to tend to believe that they're just doing what they do best: blustering and kicking up a big fuss in an attempt to make a name for themselves.

umm...they do and at hacking events reflect that as well. osx is generally the first to become compromised. these guys aren't trying to make a name for themselves whenever they are talking about the faults for generally every os. news flash - its their job. i don't know what articles you are reading but, not one have i read was about the "fall of osx." simply that company "x" or "y" needs to go back to the drawing board to fix a broken wall.

b-e-z.

 

[kolax]

Actually there are. They're just rare and not as effective as Windows viruses. It also depends on what you mean by virus. It's very easy to write code that delete all your files and shut down your computer. All you need is an exploit to launch that code arbitrarily.

A virus has to be able to do this itself. That's where the security of Unix helps - if anything wants to do serious damage, the user has to enter their admin password unless there is an exploit, which then again, wouldn't open the door to a virus. There is plenty OS X trojans and malware about - it is user stupidity/incompetence that will get them infected.

There is no viruses for OS X. There's nothing that can infect your computer undetected/unknown to the user and manipulate itself.

 

[ux4all]

There's nothing that can infect your computer undetected/unknown to the user and manipulate itself.

I disagree to some extent with this generalization. If a trojan is nested in an install there is nothing that OS X will do as far as notifying the user of a specific threat. OS X will traditionally challenge you for your password and be done with it.

I think you should have said:

Silent malware does not exist on OS X that I have found. However, they can be nested within an install. When the parent install asks for the password, there is NOTHING that alerts the user that they are doing anything out of the ordinary.

THUS, a silent install without a user knowing.

FTW.

User stupidity is not an excuse for security, you should know that.

 

[kolax]

I disagree to some extent with this generalization. If a trojan is nested in an install there is nothing that OS X will do as far as notifying the user of a specific threat. OS X will traditionally challenge you for your password and be done with it.

I think you should have said:

Silent malware does not exist on OS X that I have found. However, they can be nested within an install. When the parent install asks for the password, there is NOTHING that alerts the user that they are doing anything out of the ordinary.

THUS, a silent install without a user knowing.

FTW.

User stupidity is not an excuse for security, you should know that.

Not really..

If the user is installing a legit application, what is there to worry about? The only trojans that have infected people are ones that have come from pirated torrents.

The trojan doesn't "silently" install itself - nested or not, it still requires your username and password. And if you are using dodgy software, you should know better.

User stupidity is an excuse for security. Are you seriously not blaming user stupidity on things like following spam emails.. or even giving their credit card details to someone dodgy over the phone..?

There's only so much "security" we can implement before user stupidity outweighs it. Yes, OS X isn't perfect, and there is loop holes, but a lot of this virus and trojan talk is purely based on user stupidity..

 

[ChrisN]

Your fine, that kind of thing happened to me once.

ChrisN

 

[pellets007]

Any sense of security is fool hearted. At recent hacking competitions Mac OSX was usually always the first to be hacked. Exploits are just as disastrous as a virus. There are viruses as well for the OSX. The only reason why Apple can tout safety and give users "a sense of security" is simply because at this point the user install base vs pc users aren't of much interest for time and effort involved for hackers and etc. As the user install base increases - you have to be prepared for an increase and that armor starting to chip away. Nothing is fail safe. Nothing.

Keep in mind Apple continues to neglect to correct reoccurring Safari exploits. The most current one is the Java exploit. The only way to prevent being a victim is to disable Java completely in Safari.

You do understand what you're saying, right? First off, the hacking was done in under a few minutes, not researched or found in under those minutes. They found a simple exploit under Safari which probably took them a few hours to manipulate. The second part. You're saying that, as Apple professes to have an untarnished "no-virus" record, that no one would dare touch them just because of a smaller market share? Extremely doubtable and coincidental. No, they, the virus makers, would make a big name for themselves if they made one that infected millions of users.

 

[Jigsawjammer]

User stupidity is an excuse for security. Are you seriously not blaming user stupidity on things like following spam emails.. or even giving their credit card details to someone dodgy over the phone..?

There's only so much "security" we can implement before user stupidity outweighs it. Yes, OS X isn't perfect, and there is loop holes, but a lot of this virus and trojan talk is purely based on user stupidity..

I agree...I have never gotten a virus even under windows because I'm careful with what I do. My sister on the other hand has thrown out computers due to viruses.

 

[ppc750fx]

umm...they do and at hacking events reflect that as well. osx is generally the first to become compromised. these guys aren't trying to make a name for themselves whenever they are talking about the faults for generally every os. news flash - its their job. i don't know what articles you are reading but, not one have i read was about the "fall of osx." simply that company "x" or "y" needs to go back to the drawing board to fix a broken wall.

Ok, let's go over a couple things "RiCEADDiCTBOY":

1) OS X is indeed often the first to fall. The reason for that is not necessarily due to the availability of an exploit, but rather the PR value of the exploit. If I have a "drive-by" browser exploit for IE and a "drive-by" exploit for Safari, which do you think will get me in the headlines? Both take about about the same amount of effort/time to execute -- but one will get me on the front page of every single tech. rag for the better part of a week, and the other (if I'm lucky) will get my name at the bottom of a Secunia bulletin.

2) Yes, they're doing it for PR. Oh hell yes. Take a look at Charlie Miller, for example -- why do you think he sat on the recent "Pwn2Own" exploit for as long as he did? In his words:

Vulnerabilities have a market value so it makes no sense to work hard to find a bug, write an exploit and then give it away.

In this case, the value was press time -- he got interviews in ZDnet and the like, and I'm sure his consulting business benefited quite a bit from all the press he got.

3) Yes, none of the articles I had in mind had the exact phrase "fall of OS X" -- but there is no shortage of articles predicting the imminent rise of rampant malware for OS X; a quick Google search will yield hundreds if not thousands of such predictions.

As for what articles I read, I don't usually. I prefer to either watch the presentations from the researchers themselves or, if they're not presenting at CCC or DEFCON, read their whitepaper/slides. I find that reading the write-up from the researchers themselves gives me far more accurate information than I'd obtain from a digested, dumbed-down article. I want to know _why_ OS X's NX support is broken, not just that the exploit "let me put code in memory" (an explanation which is essentially worthless.) (As an aside, the answer to that question is that with Leopard while the stack is not executable by default, the heap is.)

 

[ux4all]

The trojan doesn't "silently" install itself - nested or not, it still requires your username and password. And if you are using dodgy software, you should know better.

From a pure messaging perspective there is nothing that an ignorant end-user (I don't assume my users' intelligence level) would be aware of that an install is "dodgy". I also do not assume in my systems that the person downloading the software is the same user as the installer.

User stupidity is an excuse for security. Are you seriously not blaming user stupidity on things like following spam emails.. or even giving their credit card details to someone dodgy over the phone..?

Social engineering's relationship to security is something entirely different and complex. A system needs to be aware of behavior and look for changes. Unless you want that system to be spying on you moment to moment you have to be proactive and anticipate. There is a lot of value in analysis of this type from security breach to customer retention.

There's only so much "security" we can implement before user stupidity outweighs it. Yes, OS X isn't perfect, and there is loop holes, but a lot of this virus and trojan talk is purely based on user stupidity..

User stupidity and User ignorance are not the same thing. Would you prefer some sort of 'phone home' validation [DRM to the rescue!]...

 

[unixfool]

Depends on what you define "virus" as.

There is currently no self-propagating malicious software out there capable of infecting Mac OS X machines.

The malicious software that has been seen "in the wild" requires the user to either execute it or give it their root password in order to do anything.

Agreed.

Everything discovered so far (vulnerability-wise) are proof-of-concepts. Also, writing code to delete files and shut down computers isn't the definition of of a virus. Viruses usually take advantage of known vulnerabilities and are usually automatons (meaning the code automatically executes).

 

[Skeletal-dæmon]

*MacBook snuffles*

SWINE 'FLU!

But in all seriousness, no it was likely just one of those freak things that happens once in a blue moon. Either that or something caused Safari to crash in an epic proportion, which can happen on rare occasion.