Posted on 06/11/2008 12:34:17 PM PDT by NormsRevenge
I really really hope they told the media their computers were hacked because the computers contained fake info they wanted the Chinese to have. Otherwise, they just let the Chi-coms know that they got what they were looking for.
That is not evidence of a widespread problem.
Charlie Miller, the hacker who won the contest by getting into user level access on the MacBook Air, is an ex-NSA computer security expert. He stated that he and his team of two other ex-NSA computer experts had worked for three weeks on their hack of the Mac in preparation for the contest. The two minutes was merely the time necessary to connect the MacBook Air to their computer and have the contest referees navigate to their prepared website and download a malicious file to instigate their prepared exploit. Miller also stated that his exploit would have worked on all three of the challenge machines.
The Windows Vista laptop fell six hours later to a team who said they started working on the problem that morning.
None of the machines were hacked on the first day when it was necessary to actually break into the out-of-the-box computers without user assistance.
Incidentally, the vulnerability in Safari and Java (a third-party application) that Miller used to access the MacBook Air was closed less than two weeks after it was reported to Apple.
Actual evidence of the Mac's greater security is shown by the US Army announcement that they were deploying more Macs because of the Macs' greater security.
PS, nobody won the Linux machine.
Contrary to some claims, that's falseneither have been seen in the wild. They exist only in Security company labs as proofs of concepts.
Inqtana.A was an attempt at a Bluetooth exploit that required the target user to accept a download from an unknown Bluetooth source (someone within 30 feet) and then install and run the file. It was intended to then copy itself to any executable files present in the same directory (ignoring OS X's system prohibition against any application modifying files in the same folder). It was a failed attempt at making an OS X worm. Symantec says:
"OSX.Inqtana.A is a proof-of-concept worm that runs on Macintosh OS X and spreads by exploiting a the Apple Mac OS X BlueTooth Directory Traversal Vulnerability (as described in Bugtraq ID 13491)."
Incidentally, Inqtana.A used a vulnerability that had been closed by Apple over one year before Inqtana's author sent copies of his work to various security companies.
Leap.A (also named Oompa-Loompa.A) is a proof-of-concept worm that was intended to infect OS X computers over the Bonjour local area networking capabilities of the Mac using the iChat instant messaging function. Fortunately, it also did not work. When copies of it were sent to Secunia, they brought together two of their security engineers, two Mac software engineers, and couple of Mac specialists from Macworld. It took these experts over six hours to merely get it to copy itself from one Mac to another... and then it required the assistance of the targeted user. When they finally got it to the target Mac, it failed to work. Symantec reports that the number of infections in the wild was 0 - 49. That is only true because it includes the number ZERO.
Both of these POC "viruses" were essentially two day wonders in the computer punditry that were laughed out of town as very poor efforts.
By-the-way, you missed Macarena, another proof-of-concept... that simply did not work as intended. In fact, the author imbedded the comment "So little code, so many problems," which is interpreted to mean that he had a lot of difficulty getting it to do what he intended.
You also missed OS X.Renepo or OSX.Opener, purported to be an OS X root kit. It is merely a UNIX script file. It can only impact someone who installs it who has activated Root. it cannot self-replicate or self-transmit, and requires an administrator password to be installed. At best it could be called a Trojan Horse malware.
Another one is the OSX.RSPlug.A Trojan horse that masquerades as a video codec, found last October. This one IS in the wild... but it really requires industrial strength stupidity to get invaded by it and it is very easy to remove. It is found only on porn sites that required the download of a video Codec to view certain porn movies... but the OS halts the download and announces that the files being downloaded contain an executable application. It then requires the user to install it, providing an administrator password, and then requires the user to OK the execution of a downloaded application for the first time. The OS gives the user every opportunity to stop and think.
Then there was the Pirate Office for Mac Trojan that "infected" exactly one user (at least one who admitted to it). This was merely a 10 KILO byte Applescript file that purported itself to be a pirated copy of Microsoft Office for Mac 2004, an application that weighed in at around 230 MEGA bytes. The idiot who got infected installed this ten K file and was shocked when it erased his home directory when he clicked on it.
Have I missed any?
Oh, yeah, I have. I forgot OSX_MACSWEEP.A. The OS X FUD spreaders were so desperate for bad news to smear OS X with that they started yelling "Malware! Malware! Malware!" about a commercial product that could be at best termed "Scareware." They even gave it a "Virus" name, OSX_MACSWEEP.A, to make it more scary in the stories they wrote about it. MacSweeper is a product that advertises itself to new Mac users, preying on their Windows induced fears and past Windows experiences, as a utility that will "clean up" their Macs of "unwanted" filesfiles such as cache files, cookies, and temporary filesand "Defrag" the Mac's hard drive. These are things that OS X does by itself in the background. If a user downloaded a "trial version" of Macsweeper and ran it, it would find "malicious applications" (little used Apple utilities and applications) and "spyware," (the cache files and cookies) and pop up an add telling the user that the only way they could get rid of this "infection" was to purchase the full version of Macsweeper for $39.95.
David Howe, an analyst at Blackfriar's Communications, put it this way:
". . . I think it's important to distinguish between having two exploits on the roughly 50 million Mac OS X computers (the latest of which is actually a Trojan Horse, and not a virus) and the roughly 140,000 viruses extant for the hundreds of millions of Microsoft Windows computers worldwide. Two vulnerabilities don't make an epidemic. And given that Mac OS X is a harder target to penetrate, I don't expect those ratios to change dramatically any time soon."
(I think Howe's "50 Million" is a tad exaggerated. I believe the latest statistics put the number of OS X Macs at around 35,000,000.)
With physical access, like other platforms including Windows and Linux, I can gain access to your files with nothing more than a Mac OS installation disk. No password required.
While you can reset the administrator password on an unprotected OS X system with an OS X install disk, that won't work on a machine that has a Firmware Password set. You can't start up from a DVD or CD without the pass phrase, nor can you start it up in Target Disk mode. Even without the firmware protection set, you cannot get access to my files as they are protected with Filevault and have AES-128 bit encryption.
I can also put my really sensitive data into a disk image. That allows me to use AES-256 bit encryption.
for later read
Linux Ignored, Not Immune, Says Hacker Contest Sponsor
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9074102
"It was actually a lack of interest" on the part of the PWN to OWN contestants, Forslof said. "Shane Macaulay's exploit would have worked on Linux. He could have knocked it over. But the contestants get a lot more mileage out of attacks on the Mac or Windows," she continued.
No, Texas, it i had to hold an objective discussion with people who post myth as fact. You stated that Leap.A and Inqtana.A were Mac OS X viruses that had been seen in the wild. I merely provided the facts about ALL of the OS X so-called malware. That's just SEVEN malware candidates in over seven years of OSX's being in the wildand only two absurd malware actually being found in the wild. Compare that to the over 300,000 in the wild malware that has been inflicted on Windows. Relatively, Texas, the Mac is secure, exceedingly secure, when compared to Windows. That is being objective... not your claims of objectivity based on a lack of experience with the platform you are disparaging.
Your very first sentence is an ad hominem attack on me, although I wrote nothing that was not factual, where YOU have. You then insult me by implying that I am like a liberal, blind to my faults. You then call my expert and experienced opinion of the security of OS X "laughable" based on your total lack of experience and expertise on the platform. You then add a non sequitur about market share that has nothing to do with the relative security of the Mac. That is hardly trying to hold an "objective discussion."
Firmware passwords also protect computers other than Macs.
Did I say anywhere in my post that Firmware passwords don't protect other computers? You on the other hand made a sweeping indictment of Macs by claiming you could get into one by just being able to use the install CD (actually, its a DVD). I merely pointed out that it is completely possible to really nail down the data on a Mac so that no one can get to it in a reasonable time.
. . . false confidence . . .
When the Mac is being attacked by REAL self replicating, self transmitting viruses in the wild, not your failed experimental, proof-of-concept viruses, perhaps, then my confidence in the security of this product might be considered "false," but that has not happened yet. When it does, then I will consider what steps are necessary to protect this machine beyond what it is already capable of, out-of-the-box.
Shhhh. I know. Nobody wanted it.
;^)>
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.