troubleshooting/tutorials/security

02/08/2006, 2:55pm, EST

Wednesday, February 8th

'Hardened' PowerBook compromised

A security researcher at the recent ShmooCon hacking conference was taken by surprise when an unknown hacker compromised his PowerBook running Mac OS X, disabling the firewall and starting up a file server. The PowerBook had been 'hardened' to all known attacks at the time, and future analysis of the PowerBook revealed nothing about how the attacker managed to penetrate the system. "The machine was as hardened as best practices could suggest for anyone," the researcher said. The researcher believes that a previously unknown exploit caused the compromise, and with Apple's switch to Intel-based Macs, crackers will feel at home with the memory architecture and other elements below the application level. The successful attack underscores a number of trends that has already caused a shift in focus amidst security analysts and could result in more attacks on Mac OS X, according to SecurityFocus.


Filed under: troubleshooting

, , 25comments, del.icio.us, slashdot, digg, buzz


25 comments
Reader Reactions (Please use <i></i> for italic text)

subscribe to comments
for this article




Expand All   Global Settings
mpbritt
Unattended
0
02/08, 3:21pm, EST
This guy most likely left his PowerBook unattended for a few minutes in a roomful of hackers. Of course someone is going to walk over and install a rootkit on it. Duh.
Junior Member
Joined Feb 2001
User is offline
bokubob
but maybe....
0
02/08, 3:31pm, EST
...he was wrong.

Let's all freak out anyway.
Fresh-Faced Recruit
Joined Aug 2001
User is offline
l008com
wtf
0
02/08, 3:38pm, EST
This is the most pathetic bullshit story i've ever seen. I can't believe macnn posted this. What is their goal, to simply post the most mac stories possible, regardless of quality?
Professional Poster
Joined Jan 2000
User is offline
Salmon
Fair enough
0
02/08, 3:49pm, EST
Honestly, the article struck me as reasonably balanced. I can't substantiate this specific story, but it is common knowledge that UNIX has never been, and is not now, a perfectly secure operating system; there are viruses for it, there are exploits for it. I love my Macintosh, but all the folks who insist that the operating system is perfectly secure with its UNIX core are deluding themselves.
Fresh-Faced Recruit
Joined Sep 2005
User is offline
mr100percent
Intel makes no difference
0
02/08, 3:55pm, EST
Using Intel chips won't make it any less safer. How come windows is more insecure than Intel on linux? It's the operating system, not whether a hacker can access the x86 architecture
Fresh-Faced Recruit
Joined Dec 1999
User is offline
UpQuark
I agree...
0
02/08, 3:57pm, EST
Nothing is secure as soon as you put it on a network. There are just different degrees..
Fresh-Faced Recruit
Joined May 2005
User is offline
Lance Moody
And hanging from the door
0
02/08, 4:01pm, EST
...was a bloody hook.

Doesn't get any closer to an urban legend than this. No names, or other facts that could be checked. Calling him a "researcher" instead of "this guy" does not make the story any more credible.

Pathetic.
Fresh-Faced Recruit
Joined Dec 2001
User is offline
VinitaBoy
What A Load!
0
02/08, 4:14pm, EST
OK, so my ex-wife's third cousin's mother-in-law says she knows for certain that her butcher's youngest son has a friend whose step-brother belongs to a group somewhere in the midwest that knows how to hack OS X! REALLY! It's true!
Fresh-Faced Recruit
Joined Oct 2001
User is offline
redwood
Give me a break..
0
02/08, 4:30pm, EST
First of all, "All known best practices" is way to general a statement. I just went through a hardining guide last night in fact that was 25 pages long and would take at least a couple of hours to complete properly. I would like to know what measures this guy took, was it simply to turn on the firewall? Did he have a password on startup? Was his open bios protected with a password? on and on and on...

Furthermore, many other people there with powerbooks at no problems. How likely is it that only one powerbook would be attacked.

Anyway, this is to quote the story comments "Long on FUD, short on facts."

Fresh-Faced Recruit
Joined Oct 2003
User is offline
porieux
non-story
0
02/08, 4:34pm, EST
A roomful of hackers with physical access to the machine? Wow, that's really representative of the real world isn't it?

Not to mention this 'hardening' process is probably where he compromised his security in the first place...
Baninated
Joined Mar 2001
User is offline
additional comments:..1..2..3..Next
Your Comments

In order to post comments: If you are a registered member, please login with your MacNN Forums username and password otherwise please uncheck the checkbox below.


Registered Member?
macnn forums login:

macnn forums password:

Not a member of the MacNN forums? Register now for free.

MacNN iPodNN Electronista
top searches
1. apple
2. iphone
3. apple TV
4. ipod
5. mac
6. BBC
7. icons
8. icon
9. macbook
10. leopard
search for more ..
RSS Feeds

Have the latest content delivered to your desktop via RSS. Use the links below to get access to a specific blog, news, or reviews feed.



  MacNN -all

  MacNN Reviews

  MacNN Podcasts

  iPodNN

  Electronista

  Left Lane News
Want To Sell Your Laptop? Any Condition - receive Top Cash. Get an instant quote. Free shipping www.CashForLaptops.com
Buy from The Apple Store, iTunes.com, Amazon.com, TechDepot, OfficeDepot, Computers4Sure, or donate.