Free Republic
Browse · Search
Smoky Backroom
Topics · Post Article

Skip to comments.

Mac, Windows QuickTime Flaw Opens 'Month Of Apple Bugs'
Information Week ^ | Jan 2, 2007 03:04 PM | Gregg Keizer

Posted on 01/03/2007 11:04:31 AM PST by newgeezer

The exploit could be used by attackers to compromise, hijack, or infect computers running either Windows or Mac OS X.

The Month of Apple Bugs project kicked off Monday by posting a zero-day vulnerability in Apple's QuickTime media player. It also posted an exploit that could be used by attackers to compromise, hijack, or infect computers running either Windows or Mac OS X.

The Month of Apple Bugs (MoAB), which will announce a new security vulnerability in Apple's operating system or other Mac OS X software each day in January, is a follow-on to November's "Month of Kernel Bugs" campaign, and is co-hosted by that project's poster, a hacker who goes by the initials "LMH," and a partner, Kevin Finisterre, a researcher who has posted numerous Mac vulnerabilities and analyses on his own site.

The debut vulnerability is in QuickTime 7's parsing of RTSP (RealTime Streaming Protocol); the protocol is used to transmit streaming audio, video, and 3-D animation over the Web. Users duped into clicking on an overlong rtsp:// link could find their PCs or Macs compromised. It also may be possible to automatically trigger an attack simply by enticing users to a malicious Web site.

"Exploitation of this issue is trivial," said LMH in the vulnerability's write-up on the MoAB Web site. The associated exploit code has been tested on Mac OS X running on Intel-based systems, and works against QuickTime 7.1.3, the current version of the player, LMH and Finisterre said.

Other security researchers rang alarms Tuesday. Danish vulnerability tracker Secunia, for example, pegged the bug as "highly critical," the second-from-the-top threat in its five-step score, and Symantec alerted customers of its DeepSight threat network of the vulnerability.

An Apple spokesman declined to confirm the vulnerability, or, if it was legitimate, when the flaw might be fixed. In an e-mail, he said that "Apple takes security very seriously and has a great track record of addressing potential vulnerabilities before they can affect users. We always welcome feedback on how to improve security on the Mac."

LMH, who didn't immediately reply to several questions sent via e-mail, said on the MoAB site that Apple's Mac OS X operating system was chosen as the target for the month of vulnerabilities because "we like to play with OS X, we enjoy hate e-mail, and it's not as crowded as (random software vendor), yet. Thus, it's really comfortable for research and there's so much to be worked out."

He also said that Apple -- and other vendors whose Mac OS X applications might be the focus of a bug posted during the month's run -- would not be notified in most cases before the information went live, and dismissed that practice. "The point is releasing them without vendor notification. The problem with so-called 'responsible disclosure' is that for some people, it means keeping others on hold for insane amounts of time, even when the fix should be trivial. And the reward (automated responses and euphemism-heavy advisories) doesn't pay off in the end."

LMH, Finisterre, and commercial security vendors recommended that users cripple QuickTime's ability to process rtsp:// links. In Windows, launch QuickTime, select Edit|Preferences|QuickTime Preferences, click the File Types tab, expand Streaming, and clear the box marked "RTSP stream descriptor." In Mac OS X, select System Preferences|QuickTime|Advanced|MIME Settings|Streaming|Streaming Movies and clear the "RTSP stream descriptor" box.

Apple's QuickTime was last in the news during December, when a bug in the player was exploited by fraudsters on MySpace. That vulnerability remains unpatched.

LMH expects to see more QuickTime attacks now that his newest flaw has gone public. He said, "It's a matter of time to see this getting abused in the wild."


TOPICS:
KEYWORDS: apple; bugs; moab; security; threadjester
Navigation: use the links below to view more comments.
first previous 1-20 ... 481-500501-520521-540541-557 last
To: Swordmaker
Quite frankly, I am surprised the Admin Moderators have not given him a "time out" for his behavior on this thread. They have to several other Freepers who have acted similarly in the past.

Wow I'm shocked (not really) that you would tell the admin mods when someone doesn't agree with you or points out your broken logic. Oh well, the fact that they didn't kick me must tell you something ;-)

541 posted on 01/15/2007 11:56:21 AM PST by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 540 | View Replies]

To: Golden Eagle
. . . get a load of this exchange from over a year ago:

"Mac OS X will only run on Macs"

"That'll be hacked about five minutes out of the gate."

That is more mis-quotation and taken out of context.

Anyone reading your comment, structured the way you have, would make the assumption that Antirepublicrat said both of those things.

The first comment, "Mac OS X will only run on Macs," was a statement in the article from an official Apple Computer spokesman. The second was Antirepublicrat's response to that statement. It was a statement of his opinion ... which proved to be somewhat true as hackers did indeed get a version of OS X running on PCs several weeks later. Only his predicted timing was off. Are you arguing that his prediction is a "lie" or are you taking the position that his opinion of what would happen is somehow a "support" of hackers breaking Apple's protections???

Why are you so obsessed with this?

542 posted on 01/15/2007 11:58:41 AM PST by Swordmaker (Remember, the proper pronunciation of IE is "AAAAIIIIIEEEEEEE!)
[ Post Reply | Private Reply | To 538 | View Replies]

To: antiRepublicrat
Oops, should have pinged you to previous comment.
543 posted on 01/15/2007 12:00:44 PM PST by Swordmaker (Remember, the proper pronunciation of IE is "AAAAIIIIIEEEEEEE!)
[ Post Reply | Private Reply | To 542 | View Replies]

To: Swordmaker

ROFL! I already gave the exact link! For the reading impaired:

http://www.freerepublic.com/focus/f-news/1426853/posts?page=50#50

"Mac OS X will only run on Macs"

"That'll be hacked about five minutes out of the gate."


544 posted on 01/15/2007 12:01:23 PM PST by Golden Eagle
[ Post Reply | Private Reply | To 542 | View Replies]

To: for-q-clinton; antiRepublicrat
Wow I'm shocked (not really) that you would tell the admin mods when someone doesn't agree with you or points out your broken logic. Oh well, the fact that they didn't kick me must tell you something ;-)

Wow, I'm shocked (not really) that you again mis-represent what I wrote and attribute to me statements that are clearly NOT in the reply I wrote.

I did not write that I had told the admin moderators about your behavior.

The truth is that I have been told by other Freepers that THEY have reported your behavior to the Admin Moderator because they do not appreciate your hijacking of the thread, your ad hominem methods of argument, your rudeness toward Antirepublicrat, and your mis-quotations of me.

You keep this up, and I suspect they will "kick you."

545 posted on 01/15/2007 12:08:36 PM PST by Swordmaker (Remember, the proper pronunciation of IE is "AAAAIIIIIEEEEEEE!)
[ Post Reply | Private Reply | To 541 | View Replies]

To: Swordmaker
Why are you so obsessed with this?

Obsessed? LOL he continues to lie in defense of illegal hacking of OSX and laughably attempt to claim he actually supports Apple's copyright, while I'm simply showing the record clearly shows otherwise. Why are you even defending him? Do you support the illegal hacking of OSX, and his lies he admits he made for months in defense of the Russian hackers?

546 posted on 01/15/2007 12:08:46 PM PST by Golden Eagle
[ Post Reply | Private Reply | To 542 | View Replies]

To: for-q-clinton

Must be time to leave, they're threatening to get the whole thread pulled, which I'm sure they'd love to do as it fully exposes what a liar and hypocrite antiRepublican is. See ya.


547 posted on 01/15/2007 12:10:41 PM PST by Golden Eagle
[ Post Reply | Private Reply | To 541 | View Replies]

To: Golden Eagle; antiRepublicrat
ROFL! I already gave the exact link! For the reading impaired:

Yes, you did.

And what, exactly is your point?

What is wrong with Antirepublicrat's comment?

What has gotten you so upset about that?

Your citation here still mis-represented it as far as I can see, by attributing the spokesperson's comment to Antirepublicrat.

You took his comments out of context to show some obscure point about his opinion that is not clear to anyone but you.

Was not the Apple spokesperson quoted in the article as saying "Mac OS X will only run on Macs"?

Did not Antirepublicrat write his opinion of that statement? Was his opinion about what would happen, in essence, not correct?

Implying that I am somehow "reading impaired" is another form of ad hominem attack. It gets you nowhere.

548 posted on 01/15/2007 12:16:14 PM PST by Swordmaker (Remember, the proper pronunciation of IE is "AAAAIIIIIEEEEEEE!)
[ Post Reply | Private Reply | To 544 | View Replies]

To: Golden Eagle
Why are you even defending him? Do you support the illegal hacking of OSX, and his lies he admits he made for months in defense of the Russian hackers?

I've read Antirepublicrat's commentary in complete conversational context they come from and understand his position.

I am not basing my opinion of his statements on your cut-and-paste, out of context postings that need to be understood in the context of the entire conversation of the thread, but rather on the entirety of his commentary on FreeRepublic as I have seen it.

I think he should not have used the false statements he admits to using apparently to merely to hoist you on your own petard... but that is something YOU should have gotten over long ago.

I also think that your campaign against LINUX is misguided and unappreciated on the threads you post it on.

These are opinions. My opinions.

549 posted on 01/15/2007 12:24:11 PM PST by Swordmaker (Remember, the proper pronunciation of IE is "AAAAIIIIIEEEEEEE!)
[ Post Reply | Private Reply | To 546 | View Replies]

To: Swordmaker

The context is perfect, to support my position, as a matter of fact. The thread was entitled:

Mac OS on a Dell? Dell in favor, Apple opposed

Clearly Apple is opposed to OSX running on Dell. What is antiRepublican's SOLE comment to the thread?

His defiant proclomation that DESPITE Apple's wishes, OSX will be hacked by his Russian hacker buddies "in less than 5 minutes". Which is no surprise, he calls himself a hacker in this very thread and has already been defending the hackers since the actual crack was announced, with lies he admits to knowingly and purposefully making at that time in their defense.

Find me a quote other than this thread where he claims to support anyone's DRM such as that which protects Apple's OSX LOL. There may be one but these are the types of post of his I keep finding:

http://www.freerepublic.com/focus/f-news/1377815/posts?page=46#46

"Too effin' bad, I'll hack the hardware so I can watch my German DVDs as much as I want to. CSS is trying to keep me from taking fair use snippets and making backups? Too effin' bad, the tools I need to exercise my rights that were made illegal under the DMCA aren't illegal in other countries, and the WWW is far-reaching."

Golden Eagle Out


550 posted on 01/15/2007 12:33:21 PM PST by Golden Eagle
[ Post Reply | Private Reply | To 548 | View Replies]

To: Swordmaker
You keep this up, and I suspect they will "kick you."

You know you and Miss Infomation are guilty of what you accuse other's of. I have not been kicked for a reason....think about it. But as far as I know no one has reported your behavior, so if I were a tattle tale and wanted to take my ball and go home I would report you and Miss Information. But I'm not that childish.

However, this thread has gone WAYYYYY past the topic (and I'm the only one (that I can recall) that even tried to get this back on topic.

But you may want to report abuse to get this thread pulled as it makes your infallable MAC look fallable.

551 posted on 01/15/2007 2:26:32 PM PST by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 545 | View Replies]

To: Golden Eagle
Must be time to leave, they're threatening to get the whole thread pulled, which I'm sure they'd love to do as it fully exposes what a liar and hypocrite antiRepublican is. See ya.

Good point. I'll try my best not to post anymore in this thread. I'd hate for you to lose your ammo against him.

I'll let them get the final word as it appears that's what they want...to them they think "he who speaks last is right".

552 posted on 01/15/2007 2:28:22 PM PST by for-q-clinton (If at first you don't succeed keep on sucking until you do succeed)
[ Post Reply | Private Reply | To 547 | View Replies]

To: Golden Eagle
Your history has been directly linked, as well as your posts here, a clear disdain for copyright, copyright protection like DRM, and software patents.

Prove your assertion that I have a disdain for copyright.

True, I do have a disdain for DRM, always have. Interesting term though, "Digital Rights Management." The problem is it usually manages and protects only the rights of the copyright holder, not of the people.

And nice to see you going back to saying I'm against just software patents, which is true. I agree with the position of the United States Patent and Trademark Office before an activist court forced them to accept software patents. So now when are you going to go back to saying I'm against all patents again?

553 posted on 01/15/2007 7:31:43 PM PST by antiRepublicrat
[ Post Reply | Private Reply | To 537 | View Replies]

To: Golden Eagle
ROFL, who does he think he is trying to kid, now trying to claim he supports Apple's copyright protection/DRM

Prove that statement. I don't ever remember supporting Apple's DRM. The closest I've come is to say that as far as DRM goes, it at least partially recognizes the rights of the people (though by no means completely). That still doesn't mean I support it.

554 posted on 01/15/2007 7:34:10 PM PST by antiRepublicrat
[ Post Reply | Private Reply | To 538 | View Replies]

To: Swordmaker

No problem. I keep wavering between "This is annoying" and "Whack-a-Troll is fun" on this thread. In any case, I need this thread to remain since it is a treasure-trove reference for later.


555 posted on 01/15/2007 7:36:51 PM PST by antiRepublicrat
[ Post Reply | Private Reply | To 543 | View Replies]

To: Golden Eagle; Swordmaker
Clearly Apple is opposed to OSX running on Dell. What is antiRepublican's SOLE comment to the thread? His defiant proclomation that DESPITE Apple's wishes, OSX will be hacked by his Russian hacker buddies "in less than 5 minutes".

Is a statement of the incredibly obvious too much for you? It's like the Democrats get elected and I post "Here come the tax raises." Does anyone honestly think it won't happen?

DRM is flat-out a losing battle. The only way to sort-of make DRM work is to make cracking it illegal, but of course the collateral damage for that is our fair use and first sale rights. Ever ripped a CD? The RIAA thinks that should be illegal, and would like to enforce that through DRM, to the extent of root-kitting your system!

That I why I think DRM is both harmful and futile. It does NOTHING to stop large-scale copyright infringement. Such infringement is best handled the old fashioned way -- hunt them down and sue them. DRM hurts the innocent, while it is barely a slight inconvenience to the bad guys.

556 posted on 01/15/2007 7:44:23 PM PST by antiRepublicrat
[ Post Reply | Private Reply | To 550 | View Replies]

Comment #557 Removed by Moderator


Navigation: use the links below to view more comments.
first previous 1-20 ... 481-500501-520521-540541-557 last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
Smoky Backroom
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson