Posted on 12/30/2009 8:33:14 PM PST by wendy1946
Or, if there is no BIOS to flash...
Please show me where, in any way, I have claimed that Macs do not have flaws or have not done anything wrong. That is a strawman argument that you have posted so you can shoot it down... just as your claim that Macs are vulnerable to a BIOS attack when they do not use a simple BIOS.
No, Flintsilver, it is NOT apparent that the researchers are using the term BIOS to cover all types, including EFI. If they were, they would specifically state so. They did not. You are mischaracterizing the nature of the threat to include EFI so as to include it in the nature of the threat that YOU want to include Macs. Yes, I borrowed the explanation of the EFI from Wikipedia because it was the easiest to provide... so what. I read the original article... and noted what the researchers said. They said: THEY DON'T KNOW... because they haven't made the effort. If it was as easy as you seem to think, they would have. Macs use an encrypted EFI, not a basic BIOS. It is far harder to crack than an open BIOS available to anyone to change.
In addition, this exploit requires that the attacker either have physical access to the machine with a ROOT password (something that is disabled by default on Macs as shipped), or to be able to be gain Administrator level access by use of a virus—something that has not been accomplished in almost nine years of trying on a Mac—and still would have to scale the next wall to ROOT, to be vulnerable to this means of attack. Again, a very high requirement.
When it happens, we'll start worrying. In the meantime, enjoy your swiss cheese systems.
YOU want the Macs to be as vulnerable to this means of attack, but, Flint, they simply are not.
http://eecue.com/log_archive/eecue-log-724-Black_Hat_2007___Day_2___John_Heasman.html
http://eecue.com/log_archive/eecue-log-724-Black_Hat_2007___Day_2___John_Heasman.html
Of course, it would seem that you, certified Message Board Mac Apologist, are correct, and John Heasman, Director of Research for NGS Consulting, is wrong. You aren’t willing to do any sort of research so I apparently have to do it for you. I assume you will be more than capable of reading the above links that illustrate that you are, in fact, dead wrong.
Gee, Flint, ignoring your snide ad hominem insults, I will respectfully disagree with him and you, without insulting you.
Flint, I read that article almost three years ago after the Black Hat Conference where this "expert," John Heasman, predicted these dire events involving EFI and Mac OS X. In two months it will be three years since he talked about the all these vulnerabilities of EFI. Just because someone says there are vulnerabilities does not mean they can easily be exploited. So, Flint, if Heasman was right three years ago, where ARE the exploits and root kits for Mac OS X? They have not materialized. Where are all the invade and compromised OS X Macs?
The fact is that, so far, no one has found a way to exploit the encrypted EFI of OS X or, at least to scale the mountain of gaining access to install such an exploit remotely. How do you account for that lack of rootkit malware in Mac's EFI, if, as you and Heasman claim, it's so vulnerable?
By the way, happy new year!!!!
I don’t consider them ad hominem attacks as I’m pretty sure that you are in fact what I state. It wasn’t name calling, rather a statement of fact. Also, Happy New Year to you.
As you may or may not know, sub-OS level attacks such as these remain interesting only in the theoretical or academic sense. Most everybody who works on them acknowledges that while they are possible they are not particularly useful or worthwhile. If you have physical access to a machine, regardless of what operating system it runs it will be much easier to compromise using some other method than a sub-OS level exploit. I don’t know one way or the other how (or actually if) EFI is encrypted, and I am quite familiar with the topic. For starters, no papers on the subject of hacking EFI mention anything about encryption.
That said, you are simply changing your argument to instead say that because you don’t know of any EFI exploits that exist that they are either difficult or impossible. I might very well ask you where are all the sub-OS level exploits for BIOS machines. The fact is that they remain little more than a curiosity to hackers, yet both types of current systems are vulnerable. Heasman mentions the following:
“SMM (System Management Mode) has been used in the past to disable BSD SecureLevel by Loic Duflot.”
“Modifying the boot loader is actually quite simple in Mac OSX as the bootloader binary is located in user disk space.”
“The bottom line is that with the added functionality, EFI offers an attacker many more options than BIOS for exploitation.”
All of these factors taken together illustrate to me that both EFI and BIOS systems are vulnerable, with BSD (arguably the most secure operating system in existence) and OS X being mentioned by name. No hackers are running out to implement these theoretical exploits for either BIOS systems or EFI systems, and you might notice the choice of operating system means nothing.
I just get sick and tired of you continually changing your argument or blatantly stating falsehoods when you are likely giving people a false sense of security. Do you think Apple regular patches their critical security vulnerabilities for the hell of it? A recent Java exploit allowed machines to be fully compromised. Apple patched it. That’s pretty much exactly the same scenario that plays out on Windows - find a critical vulnerability and patch it. There’s even a book on OS X exploits. Google “OS X exploits” and you’ll find plenty. Secunia lists quite a few critical vulnerabilities for OS X.
The point is that malware and exploits do exist for OS X, and based on the available numbers it would be incredibly inaccurate to state any of the major operating systems are more secure than any of the others (with the possible exception of some Linux systems). You may not want to believe that but it is, in fact, true. It was just as true in the past as it is today.
And what was I telling you? That this exploit required physical access to the computer. Apple takes a multi pronged approach to computer security. Charlie Miller, who regularly makes pronouncements that Macs are not as secure as Windows computers despite the fact that Windows computers are compromised far more than Macs, does so because Apple does not make as complete a use of memory space randomization as does Microsoft, ignoring other equally valid choices that Apple has made instead such as more complete use of the non execute for data stack and heaps than does MS as well as other security measures. His criteria was that sole issue, his personal benchmark of security.
Rootkits HAVE been a problem on Windows machines... and they have been done remotely. They have not been a problem on Macs.
I just get sick and tired of you continually changing your argument or blatantly stating falsehoods when you are likely giving people a false sense of security. Do you think Apple regular patches their critical security vulnerabilities for the hell of it? A recent Java exploit allowed machines to be fully compromised. Apple patched it. That’s pretty much exactly the same scenario that plays out on Windows - find a critical vulnerability and patch it. There’s even a book on OS X exploits. Google “OS X exploits” and you’ll find plenty. Secunia lists quite a few critical vulnerabilities for OS X.
Now you claim I am a liar who changes changes his arguments. You claim you are not using Ad Hominem and then pile on more insults and more slurs. I am done with you. I have not changed my argument one iota. I am quite well aware of the number of vulberabilities a Google search will come up with. A vulnerability does not an exploit make.
Most BIOS's can be rewritten from the web. My MSI motherboard has a page I can go to and a program that allows MSI to upgrade my BIOS.
There must be a way to turn that off.
Also my Toshiba laptops have the same capability.
Well, like the OS, the BIOS chip in the Mac would make a smaller, less efficient target for virus developers than those in Win-boxes. Plus, maybe Mac's BIOSes can't be flashed? Or there's some sort of hard lockout like the mentioned jumper or DIP switch.
Even if somebody made one for the EFI in a Mac, there's the problem that it requires explicit administrator permission to flash. If you're allowing your firmware to be flashed by any source other than System Update, you are pretty much hopeless anyway.
And this isn't simply Windows UAC that can be bypassed. UAC is more of a layer over everything that points out when admin privileges should be required, as evident by Microsoft easily changing that list due to complaints. While the system was designed to have admins and users, in reality most people ran with elevated privileges, and most programs expected the user to have them. This created a huge backwards compatibility problem for Windows, thus the weak UAC.
On a Mac most of the UAC equivalent is a result of the underlying UNIX security architecture, which was designed from the beginning to differentiate between user and admin actions and has always been used that way. I say "most of" because adding admin authentication is optional for many simpler actions in order to increase security, such as connecting to a wireless network. But important things, like flashing EFI or installing updates, always require an admin password, and can't be turned off or (at least so far) bypassed.
My daughter is fighting that problem .
Apple has a foundation with the Berkeley version of Unix....BSD.
My kids gave me a Win XP netbook for Christmas since I'll do some traveling and staying where there's WiFi available. But as you know I'm paranoid about viruses unless I'm running a Mac or Linux. So I contemplate loading Linux onto a USB flashdrive.My wants are:
- Freeping and email
- Downloading Rush's program via Rush24/7 account
- Writing Rush's program onto wife's iPod.
- Skype (I notice that Skype offers a beta version for operation under Linux).
I found that Ubuntu offers a netbook-specific distribution on their site. Ubuntu has open source spreadsheet and word processing, and seems to be designed to talk to Microsoft Office. That could turn out to be useful.any Linux distro would, I assume, work for Freeping and email. But apparently even if I use iTunes on the XP system and use WinXP online to get the audio files, there's incompatibility between Microsoft's FAT32 and the way the iPod has been formatted by the Mac. If I had first formatted the iPod on a PC running iTunes, I'd have been OK, but . . .
Go figure.
Working with both Windows and Macintosh sure makes one appreciate the Macintosh a whole lot more... :-)
Thanks,....didn't know that...
If you're talking about Open Office, I tried it and it's very good, but I found it lacked enough of the things I regularly use in Office that I personally couldn't use it. (Writer & Calc vs. Word & Excel) But then I'm kinda weird and use some obscure things so the average business user might not notice any problems.
Bing search>>>
Windows 7: User Account Control (UAC) overview
One of the highly criticized features in Windows Vista is the User Account Control(UAC) which prompts up a dialog box seeking users' permission to continue or stop whenever a system-level change is made. The problem with Vista is that even the default user account which is created during the install, who is a protected administrator (unlike in XP where the user is an Administrator), could not bypass the UAC until its tweaked. This created lots of criticism and the feature which was built to make Vista secure became the most hated feature amongst users. Of course, this was a drastic change for Microsoft and as well as end users who were very much inclined to a single user account (till Windows XP) who is an Administrator.
One of the major complaints was that the UAC involved more clicks to execute a program when such system-level change occurred. And the other - there were only two options provided by Microsoft in Vista's Control Panel - either Turn On UAC or Turn Off UAC. Users did not have much control over the behaviour of UAC notifications.
How far has this changed in Windows 7?
When the E7 Team blogged about UAC, it was clear that Microsoft was taking the user feedback seriously about the issues and problems they currently face using UAC in Vista.
In Windows 7, Microsoft has given options for the users to select their 'comfort level' in UAC notifications and also improved the user interface by providing more relevant and additional information. The default user account created during the installation in Windows 7 is still a protected administrator but with a different UAC setting:
***********************************************
Any comments on this?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.