 BosstonesOwn
join:2002-12-15
Everett, MA
clubs:
 ·Comcast
·Comcast Formerly ..
| 1 question Is this a lie about many exploits unpublished ? Im guessing not and I think we may say more malware for the mac os as it gets bigger.
--
"It's always funny until someone gets hurt......and then it's absolutely friggin' hysterical!" | |
|
 | |
| |
| | |
| 
danclan
join:2005-11-01
Midlothian, VA | It wasnt a lie this whole thing is a joke EVERYONE HAD AN SSH ACCESS AND LOCAL ACCOUNT...making hacking infinitely easier when you start with local access to the os.... | |
|
| | 
SmD Frylock
join:2001-08-09
Farrell, PA
·RoadRunner Cable
1 edit | Re: 1 question Kinda like the access an actual user of OSX would have, right?
You know, the user some hacker will trick into running some malicious code, exploit root, and FUBAR the machine?
--
Frankly, I no longer fear Hell anymore, because I know Satan will just put me in my old office and proceed to unleash an unending barrage of stupidity towards me. | |
|
| 
a
@qwest.net | if only the user were 1/2 as intelligent as the os were... | |
|
AquaVita
Premium
join:2003-01-14
Garland, TX | Heh Oh shit, countdown to flame-war of total death..
5...4...3..2..
--
=-There is no more nature....There is only technology-= | |
|
| 
Phucker
Premium
join:2001-09-12
Reno, NV
clubs: | Re: Heh duck!!!! | |
|
| | 
pokesph
It Is Almost Fast
Premium
join:2001-06-25
Sacramento, CA
clubs: | Re: Heh said by Phucker  :duck!!!! AND PROUD OF IT!! | |
|
| | |
| 
N3OGH
Bear patrol must be working like a charm
Premium
join:2003-11-11
Philly burbs
 ·Verizon Online DSL
| said by AquaVita :Oh shit, countdown to flame-war of total death.. 5...4...3..2.. Mushroom cloud...... | |
|
| | 
David
Last man standing
Premium,VIP
join:2002-05-30
Granite City, IL
clubs:
 ·magicjack.com
·AT&T Midwest
| Re: Heh said by N3OGH :said by AquaVita :Oh shit, countdown to flame-war of total death.. 5...4...3..2.. Mushroom cloud...... I take this from the movie Hoodwinked where the tree drops between the 2 turtles..
"RUUUUUUNNNNN!!"
--
If you have a topic in the direct forum please reply to it or a post of mine, I get a notification when you do this. Koetting Ford, Granite City, illinois... YOU'RE FIRED!! | |
|
gate1975mlm
Premium
join:2001-09-30
Philadelphia, PA
2 edits | Mac no better then windows! Mac is no better then windows! The only reason windows has so many more virus,spyware on pc is because a lot more people use windows vs mac. If everyone had a mac then it would be just as bad as windows. | |
|
| wilburyan
join:2002-08-01
| Re: Mac no better then windows! Actually I might go as far as to say Windows xp sp2 is better than OS X .
Most of the world uses Windows, because of this exploits are found and used on a widespread basis, and because of this Microsoft is forced to constantly update it's product.
Macs are less common and much less frequently targeted (for now). OS X has more security holes in it in comparison to Windows XP, but seldom do hackers try to exploit a Mac OS box.
Normally when a virus author writes a virus they are looking to have maximum impact. If your shooting for bragging rights, which hacker would you rather be? The one that writes a windows virus that affects millions of computers around the world? Or one that writes a Mac virus and infects 5 or 10 thousand? | |
|
N3OGH
Bear patrol must be working like a charm
Premium
join:2003-11-11
Philly burbs
·Verizon Online DSL
| Anything made by man can be hacked "According to gwerdna, the hacked Mac could have been better protected, but it would not have stopped him because he exploited a vulnerability that has not yet been made public or patched by Apple."
Let's face it, any lock, any security measure, any operating system made by a human can be hacked by another human.
And I'm not saying this from any "fanboy" standpoint. Windows can be hacked, OS X can be hacked. Period.
Anyone who believes otherwise has their head in the sand.. | |
|
| 
Jason Levine
Premium
join:2001-07-13
Albany, NY
| Re: Anything made by man can be hacked I can set up an unhackable computer. First I disconnect all wires and place the computer in the middle of the street. Then I run over it with a steamroller, collect all of the pieces, and mix them in concrete. Next I dig a 10 foot deep hole and pour the computer-concrete mixture in. Finally, I fill up the hole. I challenge anyone to hack such a computer. (What, you wanted an unhackable and a usable computer?  )
 :D:D
--
-Jason Levine
My Gallery | Jason's Toolbox | PCQandA.com | URateit.com | |
|
| | 
NyQuil Kid
8f The Nyquil Kid
join:2001-01-06
Brick, NJ | Re: Anything made by man can be hacked Wouldn't I have to "hack" away at the concrete with a tool to get to the computer?
[8F] The NyQuil Kid | |
|
| |
eddieVroom
@srar.com | Poulsen's Law (was: Anything made by man can be hacked You forgot to quote Poulsen's Law: Information is secure when it costs more to get it than it's worth. | |
|
amungus
Premium
join:2004-11-26
America
clubs:
| how 'bout that... that's funny stuff... all of 1/2 an hour, ha. Still, that's better than the 10 minutes or so that they say a windows box is automatically compromised with spyware/virus' etc...
I would also say that osx is still a little better off security wise because of how it's set up initially. | |
|
| Shark_615
join:2006-01-17
Pickering, ON | Re: how 'bout that... Who says what?
All of those studies are done on a Windows XP SP1 or less machine.
Considering the advances in said OS those studies are a moot point. | |
|
| 
LiamJunket
Premium
join:2002-03-03
Ocean City, NJ
·Comcast
| said by amungus :that's funny stuff... all of 1/2 an hour, ha. Still, that's better than the 10 minutes or so that they say a windows box is automatically compromised with spyware/virus' etc... Putting out the challenge was pretty funny. It almost guarantees a successful attack will be launched. Anonymity is one of the best ways to maintain security. Begging to be hacked is one of the worst. As MAC systems become more widespread, the chance of widespread attacks grows.
--
--
Join Red Room Forum
BLOG tkjunkmail.blogspot.com
My Web Page | |
|
| | |
| | | raythompsontn
join:2001-01-11
Oliver Springs, TN
| Re: how 'bout that... said by Hall :said by LiamJunket : Putting out the challenge was pretty funny. It almost guarantees a successful attack will be launched. Not true. A few years ago, before Apple switched to using a BSD-based system, there was a "hack the mac" competition that ran for a long time and was never hacked into. There was a decent cash reward for the victor too. Who ran the contest? Apple? If Apple ran the contest and their product was found to be flawed would they announce it? Nope. They just got free security testing. And no one is the wiser. | |
|
| | | 
sporkme
drop the crantini and move it, sister
Premium,MVM
join:2000-07-01
Morristown, NJ
·Optimum Online
| said by Hall :said by LiamJunket : Putting out the challenge was pretty funny. It almost guarantees a successful attack will be launched. Not true. A few years ago, before Apple switched to using a BSD-based system, there was a "hack the mac" competition that ran for a long time and was never hacked into. There was a decent cash reward for the victor too. Of course they were probably smart enough to not have ssh enabled, open to any IP and using password auth. This could be a "Linux Hack" contest. Pretty much any unix where you leave the front door open like that will be owned.
--
Nothing in all the world is more dangerous than sincere ignorance and conscientious stupidity | |
|
| | |
| | | 
gogeta6
join:2002-06-20
San Diego, CA
clubs: | Re: how 'bout that... Why does someone always have to say this? People were not confused between the two above. Sheesh. | |
|
| rgillis70
Premium
join:2002-12-30
Herndon, VA
·Cox HSI
| Actually - there was a NAT challenge in the Security forum - the last step of which was to take a SP2 Windows box and stick it online. It was not hacked.
Proof is in the pudding - with the SP2 firewall on - the machine fared just as well as sitting behind a router. | |
|
| RadioDoc
58ef2c0
Premium,ExMod 2000-03
join:2000-05-11
·AT&T Midwest
| Giving you the specious "10 minute" figure, that would be with thousands of script kiddies and other malevolent types banging away at it. This was one guy, who did it in a documented 30.
If the Mac folks continue to bury their heads in the sand it's going to bite them in the ass, hard.
--
Toolmaster of La Grange. | |
|
| | 
guhuna
R.I.P Mike
Premium
join:2001-03-31
Birds Landing, CA
·Covad Communications
·SONIC.NET
·PAXIO
·Pacific Bell - SBC
| Re: how 'bout that... said by RadioDoc :Giving you the specious "10 minute" figure, that would be with thousands of script kiddies and other malevolent types banging away at it. This was one guy, who did it in a documented 30. If the Mac folks continue to bury their heads in the sand it's going to bite them in the ass, hard. Its still going to be either Bush's fault or Microsoft's fault in the end.
Always happens 
--
My new friend!Buy Danish! | |
|
| | | Insder
There never was a second I in my name
Premium
join:2005-04-27
Salem, MA
| Re: how 'bout that... I blame the Republicans. Raising taxes caused this, somehow. That or Microsoft's Monopoly. Either way, Macs are unhackable.
[/end sarcastic politics!]
--
The one, the only, the Insder. :: Verizon Online DSL (2793/719) and Deer Alpha Firefox! | |
|
| Kearnstd
Elf Wizard
Premium
join:2002-01-22
Mullica Hill, NJ
| yea ive allways wondered about some of these time figures, i mean i for years didnt know much about securing my OS and never had an issue. i also never gave anyone a reason to snoop at my IP and i avoid questionable sites. course nowdays im a patch-a-holic.
--
[65 Arcanist]Filan(High Elf) Zone: Broadband Reports | |
|
|
| 
oliphant
I Have 8 Boobies
Premium
join:2004-11-26
Corona, CA | Re: Great Would you want that before or after the Firefox exploits that make the FF fanboys cry?
--
WAR HAS NEVER SOLVED ANYTHING, except ending slavery, facism, communism, Nazism.... | |
|
| 
Anonymous
Premium
join:2004-06-01
IA | Well unlike Apple users I never said Firefox is perfect or in any way superior (not seriously, I did as a joke to piss people off ). | |
|
Phucker
Premium
join:2001-09-12
Reno, NV
clubs:
| Only a matter of time "The only thing which has kept Mac OS X relatively safe up until now is the fact that the market share is significantly lower than that of Microsoft Windows or the more common UNIX platforms.… If this situation was to change, in my opinion, things could be a lot worse on Mac OS X than they currently are on other operating systems," said Archibald at the time.
It is only a matter of time...............
--
TBG/Drop File | |
|
GilbertMark
Premium
join:2001-05-02
Gilbert, AZ
·Cox HSI
2 edits | Hmm According to slashdot: "The security contest also allowed people to have local access via SSH, so that had a lot to do with the crack."
Well that was a stupid thing to do. Why would you allow this to be open? That was a stupid idea. I don't leave SSH open to the world. Pointless contest.
Anything made by a man can be taken apart by another man. Nothing is completely secure or can foil reverse engineering.
Maybe we should have a contest to make the most secure OS instead. | |
|
|
Phucker
Premium
join:2001-09-12
Reno, NV
clubs: | Re: Hmm well that just wouldnt be as much fun.
It just makes too much sense anyways. | |
|
| raythompsontn
join:2001-01-11
Oliver Springs, TN
| said by GilbertMark :According to slashdot: "The security contest also allowed people to have local access via SSH, so that had a lot to do with the crack." Well that was a stupid thing to do. Why would you allow this to be open? That was a stupid idea. I don't leave SSH open to the world. Pointless contest. Because people that use computers do stupid things. Almost all of the exploits of Windows have been because people do stupid things with their computers, like visit really suspicious web sites.
It was also stated that an open SSH was NOT required to gain access. A known flaw still exists that has not been fixed by Apple. | |
|
|
| 
ThirdShifter
Premium
join:2002-03-16
Vernon Rockville, CT | Re: SSH Shit happens.. also mc osx got hacked.. so its a good thing to know you can never be to careful. It'll keep apple on their toes.
--
Saya anak malaysia | |
|
| BosstonesOwn
join:2002-12-15
Everett, MA
clubs: | SSH was NOT used to get root. Read the articles on the pages. | |
|
| |
sporkme
drop the crantini and move it, sister
Premium,MVM
join:2000-07-01
Morristown, NJ
·Optimum Online
| Re: SSH said by BosstonesOwn :SSH was NOT used to get root. Read the articles on the pages. SSH was used to get a shell on the machine. From there the attacker elevated his privs. At the point that someone has interactive access, you're basically f*cked. If ssh was not enabled, or if the user turned off password auth, or only allowed known administrative IPs to connect, there would be no front-page news story.
This would be like putting an XP box on the net with a telnet/ssh daemon installed and then saying "oh look! someone broke in!".
--
Nothing in all the world is more dangerous than sincere ignorance and conscientious stupidity | |
|
| | |
pnh102
Reptiles Are Cuddly And Pretty
Premium
join:2002-05-02
Mount Airy, MD
·Comcast
| Something wrong with his SSH setup, not his OSX Read the details of the contest - »rm-my-mac.wideopenbsd.org.nyud.net:8090/
Summarized, he states that he was giving out SSH accounts to anyone who wanted them (I read somewhere that in OSX you have to explicitly turn on SSH, could someone confirm this?). The box was not hacked because of defects in Mac OSX, but rather security holes that manifested themselves after a user got in via SSH.
--
Rove / Rumsfeld 2008! | |
|
|
GilbertMark
Premium
join:2001-05-02
Gilbert, AZ
·Cox HSI
| Re: Something wrong with his SSH setup, not his OSX said by pnh102 :Read the details of the contest - » rm-my-mac.wideopenbsd.org.nyud.net:8090/Summarized, he states that he was giving out SSH accounts to anyone who wanted them (I read somewhere that in OSX you have to explicitly turn on SSH, could someone confirm this?). The box was not hacked because of defects in Mac OSX, but rather security holes that manifested themselves after a user got in via SSH. Yes you must turn on SSH. You don't enable it unless you know exactly what you are doing.
--
Just because a word has an S in it doesn't mean it needs an apostrophe too. | |
|
| Shark_615
join:2006-01-17
Pickering, ON | Where does the hacker say he used SSH to get in? | |
|
volntn
The Volunteer
Premium
join:2002-01-05
Cleveland, TN
clubs: | Told Ya so. :) Now if we can only get the Mods here to put the stories about Linux and Firefox exploits on the front page we all can be happy.
Where's the arrogant Mac users comments. | |
|
|
See 6 replies to this post |
|
72276539
Premium
join:2001-01-19
Atlanta, GA | This story is obviously a lie There is no way in hell this could REALLY happened.
--
RIP Dimebag- August 20, 1966 to December 8th, 2004. | |
|
| 
envoid
join:2002-12-21
Duluth, GA
| Re: This story is obviously a lie said by 72276539 :There is no way in hell this could REALLY happened. ha ha funny  | |
|
Denjin
join:2001-01-18
Schaumburg, IL
| More just an idiot problem By default no ports are open, all are firewalled on OS X.
This is like saying I gave anyone RDP access to the system or something, among other things. shrug. Out of the box, you certainly can't get in this way.
--
Ningen wa, ningen da. | |
|
Bobcat
Cablevision sucks donkey balls
Premium
join:2001-02-04
Bedminster, NJ
·Verizon Online DSL
| Where's the outrage? quote:
he exploited a vulnerability that has not yet been made public or patched by Apple.
So where is the outrage about these security problems not being fixed by Apple fast enough? Or is that reserved only for Microsoft?
--
"...a wiretap requires a court order."
» George W. Bush, April 20, 2004 | |
|
| 
MoeDumb
I already have a Messiah.
Premium
join:2002-09-23
1 edit | Re: Where's the outrage? said by Bobcat : quote:
he exploited a vulnerability that has not yet been made public or patched by Apple.
The whole story, including the above, is beginning to smell like bull$hit thrown into a FUD fan.
--
"tick...tick...tick..."
»www.jtf.org/
| |
|
crazediamond
That's Dr. Craze to you
Premium
join:2002-01-19
Germantown, MD
| obviou$ly more lie$ paid for by dollarBill Gate$ Clearly, thi$ i$ ju$t more fake new$ paid for by micro$oft. Right? Even $ome of the re$pon$e$ here are calling it the trendwhore term "FUD" becau$e it'$ unpubli$hed. Keep burying your head in the $and kid$.
The dollar sign thing is super irritating to type, which amuses me even more.
--
And if I show you my dark side, will you still hold me tonight? And if I open my heart to you, and show you my weak side, what would you do? | |
|
kamm
join:2001-02-14
Brooklyn, NY | Hilarious, another clueless Mac user... ... has been embarrased publicly.
This is truly the classic story about the idiocies of "true believer" Mac users.:D:p | |
|
|
|
See 8 replies to this post |
|
G_Poobah
join:2004-01-17
Schenectady, NY
| What abou the so called 'TCP' Chip? The major 'improvement' the TCP chip supposedly offers is that it stop virii and hackers from getting into you PC. Apple, in fact, uses the "Treacherous Computing" chip on the Mac-Mini, to lock down the system for the benefits of the users, because it stops hackers and virus dead in their tracks. One of the 'side effects' of the TCP chip, is that your computer media is also secure from YOU !
So, what this in fact shows, is that the TCP chip doesn't stop hackers, but it does stop you, the legitimate owner. That's justification enough to never support/buy anything with said chip right there.
--
Flabby? pastey-skinned? riddled with phlebitis? Then you've got a good Republican body! So compare your lives to mine, and then kill yourself. | |
|
|
|
See 6 replies to this post |
|
Deadpool
Go Sens Go
Premium,VIP
join:2001-03-29
Canada
·Bell Sympatico
| Interesting fact... "Apple recently issued a patch that fixes 20 vulnerabilities in the operating system, which makes you wonder how many uncritical bugs are present in the OS that can be found only when the company has a massive user base and a select few who purposely search for security holes. As much as I would like to appreciate Apple for releasing a quick patch, it’s almost disappointing to know that a few "uncritical" bugs were discovered as long as eight months ago, and Apple was aware of them all along. You would think that a company with such few security bugs would be able to take care of them sooner, but apparently not."
Source: »www.cooltechzone.com/Departments···3062213/
--
Sens 7 (40 GF) - Leafs 0 (14 GF) **** Final Round: April 15, 2006 | |
|
| 
brooklynman4
join:2004-09-07
Brooklyn, NY | Re: Interesting fact... Anything could be hackable u find the right peopl and tools and bam u have a white rabbit lol | |
|
| | obie
join:2003-06-27
New York, NY | Hac-A-Mac For all of us backetball fans, I guess it's no more Hack-A-Shaq. So I guess we can call this "Hac-A-Mac." | |
|
|
|
|
Hack My Mac, Please
·
Great
