Join Early Retirement Today
Reply
 
Thread Tools Search this Thread Display Modes
OS X hacked in under 30 minutes
Old 03-06-2006, 12:54 PM   #1
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
cute fuzzy bunny's Avatar
 
Join Date: Dec 2003
Location: Losing my whump
Posts: 22,697
OS X hacked in under 30 minutes

http://www.zdnet.com.au/news/securit...9241748,00.htm

Interesting article. I wasnt aware that OS X was that swiss cheese holey...
__________________

__________________
Be fearful when others are greedy, and greedy when others are fearful. Just another form of "buy low, sell high" for those who have trouble with things. This rule is not universal. Do not buy a 1973 Pinto because everyone else is afraid of it.
cute fuzzy bunny is offline   Reply With Quote
Join the #1 Early Retirement and Financial Independence Forum Today - It's Totally Free!

Are you planning to be financially independent as early as possible so you can live life on your own terms? Discuss successful investing strategies, asset allocation models, tax strategies and other related topics in our online forum community. Our members range from young folks just starting their journey to financial independence, military retirees and even multimillionaires. No matter where you fit in you'll find that Early-Retirement.org is a great community to join. Best of all it's totally FREE!

You are currently viewing our boards as a guest so you have limited access to our community. Please take the time to register and you will gain a lot of great new features including; the ability to participate in discussions, network with our members, see fewer ads, upload photographs, create a retirement blog, send private messages and so much, much more!

Re: OS X hacked in under 30 minutes
Old 03-06-2006, 01:01 PM   #2
Thinks s/he gets paid by the post
 
Join Date: Jun 2005
Posts: 4,005
Re: OS X hacked in under 30 minutes

OS X = POS ?
__________________

__________________
justin is offline   Reply With Quote
Re: OS X hacked in under 30 minutes
Old 03-06-2006, 01:06 PM   #3
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
cute fuzzy bunny's Avatar
 
Join Date: Dec 2003
Location: Losing my whump
Posts: 22,697
Re: OS X hacked in under 30 minutes

Well, from what i understand one of the biggest problems with it is that it was derived from some older version of unix that didnt get all the good and more recent security fixes.

I was surprised a couple of times yesterday while doing some googling for baby toys to hit some goofy sites that try to invent their content based on your search, that my virus scanner picked up and stopped trojan/exploits that appeared on the pages. Havent had that sort of thing too much over the years, usually just stuff when I'm downloading 'questionable' applications and other executable content.

I wish they'd just make doing this stuff a basic felony and make it easy for people to report it for prosecution.
__________________
Be fearful when others are greedy, and greedy when others are fearful. Just another form of "buy low, sell high" for those who have trouble with things. This rule is not universal. Do not buy a 1973 Pinto because everyone else is afraid of it.
cute fuzzy bunny is offline   Reply With Quote
Re: OS X hacked in under 30 minutes
Old 03-06-2006, 04:28 PM   #4
Full time employment: Posting here.
 
Join Date: Feb 2006
Posts: 784
Re: OS X hacked in under 30 minutes

I don't know why they don't just make Apple a bunch of skins and some extra apps and stuff for Linux... the whole thing would be a helluva lot easier for them...
__________________
Cool Dood is offline   Reply With Quote
Re: OS X hacked in under 30 minutes
Old 03-06-2006, 07:45 PM   #5
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 18,281
Re: OS X hacked in under 30 minutes

http://tinyurl.com/ovwc5

Turns out there were some non-default setups on that Mac OSX server. And remember, these were attacks on a server, not a client (like most of us are when we are on the web):

The web site author had enabled SSH, the Unix "Secure Shell" tool .... so that visitors to the site could add their own shell accounts to the system.

Needless to say, most web servers are not set up with the ability to give out free shell accounts to anyone who wants one. SSH is not even enabled by default on OS X, although server administrators can choose to do so if they wish. So the "hacking" contest was not very indicative of the security of an OS X computer, even a web server, that is set up open to the Internet.

... the real lesson from this contest should be this: security is a non-trivial problem, and simply choosing one operating system or platform over another does not automatically solve the problem with no further thinking required.


So, I'll keep my ears open for reports of actual attacks on users. Until then, I'm feeling pretty safe by just using common sense on the web.

-ERD50

__________________
ERD50 is offline   Reply With Quote
Re: OS X hacked in under 30 minutes
Old 03-06-2006, 07:50 PM   #6
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
cute fuzzy bunny's Avatar
 
Join Date: Dec 2003
Location: Losing my whump
Posts: 22,697
Re: OS X hacked in under 30 minutes

Thats a good PR story, but the 'hacker' used a not well known hole in OSX to get his access. The SSH availability and the fact that it was a server werent relevant. He also said he had several other plausible approaches to get access if that one was closed.

I hope this isnt taken as some anti-mac attack. I just still keep hearing mac folks saying they dont need firewalls, virus scanners or spyware protection. Read the materials, follow the links, and act prudently.

Plus I havent had a good argument with ladelfina lately.
__________________
Be fearful when others are greedy, and greedy when others are fearful. Just another form of "buy low, sell high" for those who have trouble with things. This rule is not universal. Do not buy a 1973 Pinto because everyone else is afraid of it.
cute fuzzy bunny is offline   Reply With Quote
Re: OS X hacked in under 30 minutes
Old 03-06-2006, 08:07 PM   #7
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
 
Join Date: Sep 2005
Location: Northern IL
Posts: 18,281
Re: OS X hacked in under 30 minutes

Quote:
Originally Posted by Cute n' Fuzzy Bunny
I just still keep hearing mac folks saying they dont need firewalls, virus scanners or spyware protection. Read the materials, follow the links, and act prudently.
Well, I have enabled the firewall in OSX, I have a wireless router (which I understand provides some protection in and of itself), but currently, I don't feel any need for virus scanners or spyware protection on OSX. The only people that I know on OSX that do are the ones that are trying to avoid passing Windows viruses to other Windows users.

That could change in an instant though

Act prudently is a requirement indeed - phishing is something that can catch someone regardless of OS - heck, the bad guys can pull that one off over the telephone. No computer required. "Hello, this is your bank calling, and we noticed a problem in your account...."

-ERD50
__________________
ERD50 is offline   Reply With Quote
Re: OS X hacked in under 30 minutes
Old 03-06-2006, 08:33 PM   #8
Recycles dryer sheets
 
Join Date: Jan 2005
Posts: 57
Re: OS X hacked in under 30 minutes

While this story doesn't really affect me as I'm still using Windows 98 on an old Dell computer, I wonder about the reliability of the source(s) of this story. CFB has often warned us to look at who has a financial interest in whatever research or study is being touted. I'm not saying that it's not true or that Apple might not have security issues (as I'm the guy that still uses a rotary dial phone I realize technology matters are a bit out of my league ), but the article about this on Yahoo has a lot of quotes from a senior director with Symantec. And I think Symantec has stuff that they'd like to sell to Apple owners.
__________________
Yipee-Ki-O is offline   Reply With Quote
Re: OS X hacked in under 30 minutes
Old 03-06-2006, 09:35 PM   #9
Give me a museum and I'll fill it. (Picasso)
Give me a forum ...
cute fuzzy bunny's Avatar
 
Join Date: Dec 2003
Location: Losing my whump
Posts: 22,697
Re: OS X hacked in under 30 minutes

Its easy. Every complex machine, especially computers...have exploits and problems.

To think that because you paid extra or that the product is bulletproof or that security through obscurity is a good way to go...do so at your own peril.

In particular with the boatload of press lately on the macs relative obscurity and the low market share not drawing a lot of attention from hackers and whatnot, I would sense a great opportunity for some 15 year old to 'rise above the masses' and be the hacker who 'wiped out the mac community' overnight...

As far as the virus people having a financial angle...yep, you're right...but on the other hand I've never paid for a virus product and given that the virus companies offer essentially free upgrades every year...nobody needs to really buy it more than once.

And it is true that sometimes the virus s/w or firewall s/w itself can be a problem, and sometimes moreso than an errant virus itself. I'd rather my damage be self inflicted most of the time.
__________________

__________________
Be fearful when others are greedy, and greedy when others are fearful. Just another form of "buy low, sell high" for those who have trouble with things. This rule is not universal. Do not buy a 1973 Pinto because everyone else is afraid of it.
cute fuzzy bunny is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
GAO Chief on 60 Minutes OkieTexan Other topics 17 03-05-2007 04:59 PM
Ed Bradley of 60 minutes dead. MJ Other topics 1 11-09-2006 09:08 PM
Latest cheap emergency cell phone deal cute fuzzy bunny FIRE and Money 68 05-29-2006 08:55 AM
ARGH! Hacked twice in a month. BigMoneyJim Other topics 23 03-05-2006 11:34 AM
More on Inflation: FOMC minutes wabmester FIRE and Money 1 10-13-2005 09:15 AM

 

 
All times are GMT -6. The time now is 12:50 AM.
 
Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.