Posted on 01/03/2007 11:04:31 AM PST by newgeezer
The Month of Apple Bugs project kicked off Monday by posting a zero-day vulnerability in Apple's QuickTime media player. It also posted an exploit that could be used by attackers to compromise, hijack, or infect computers running either Windows or Mac OS X.
The Month of Apple Bugs (MoAB), which will announce a new security vulnerability in Apple's operating system or other Mac OS X software each day in January, is a follow-on to November's "Month of Kernel Bugs" campaign, and is co-hosted by that project's poster, a hacker who goes by the initials "LMH," and a partner, Kevin Finisterre, a researcher who has posted numerous Mac vulnerabilities and analyses on his own site.
The debut vulnerability is in QuickTime 7's parsing of RTSP (RealTime Streaming Protocol); the protocol is used to transmit streaming audio, video, and 3-D animation over the Web. Users duped into clicking on an overlong rtsp:// link could find their PCs or Macs compromised. It also may be possible to automatically trigger an attack simply by enticing users to a malicious Web site.
"Exploitation of this issue is trivial," said LMH in the vulnerability's write-up on the MoAB Web site. The associated exploit code has been tested on Mac OS X running on Intel-based systems, and works against QuickTime 7.1.3, the current version of the player, LMH and Finisterre said.
Other security researchers rang alarms Tuesday. Danish vulnerability tracker Secunia, for example, pegged the bug as "highly critical," the second-from-the-top threat in its five-step score, and Symantec alerted customers of its DeepSight threat network of the vulnerability.
An Apple spokesman declined to confirm the vulnerability, or, if it was legitimate, when the flaw might be fixed. In an e-mail, he said that "Apple takes security very seriously and has a great track record of addressing potential vulnerabilities before they can affect users. We always welcome feedback on how to improve security on the Mac."
LMH, who didn't immediately reply to several questions sent via e-mail, said on the MoAB site that Apple's Mac OS X operating system was chosen as the target for the month of vulnerabilities because "we like to play with OS X, we enjoy hate e-mail, and it's not as crowded as (random software vendor), yet. Thus, it's really comfortable for research and there's so much to be worked out."
He also said that Apple -- and other vendors whose Mac OS X applications might be the focus of a bug posted during the month's run -- would not be notified in most cases before the information went live, and dismissed that practice. "The point is releasing them without vendor notification. The problem with so-called 'responsible disclosure' is that for some people, it means keeping others on hold for insane amounts of time, even when the fix should be trivial. And the reward (automated responses and euphemism-heavy advisories) doesn't pay off in the end."
LMH, Finisterre, and commercial security vendors recommended that users cripple QuickTime's ability to process rtsp:// links. In Windows, launch QuickTime, select Edit|Preferences|QuickTime Preferences, click the File Types tab, expand Streaming, and clear the box marked "RTSP stream descriptor." In Mac OS X, select System Preferences|QuickTime|Advanced|MIME Settings|Streaming|Streaming Movies and clear the "RTSP stream descriptor" box.
Apple's QuickTime was last in the news during December, when a bug in the player was exploited by fraudsters on MySpace. That vulnerability remains unpatched.
LMH expects to see more QuickTime attacks now that his newest flaw has gone public. He said, "It's a matter of time to see this getting abused in the wild."
The flaws are there. But the reality is that none of them come close to being dangerous to the average OS X user. Antivirus companies are hyping these flaws in order to sell more software, so it is FUD in that sense.
Give it a while, something dangerous will eventually be in the wild, but that time has not yet come.
I have nothing. But you don't have to install, just uncompress the install files and grep them. For such old MS programs, the whole install should just be files with a _ at the beginning, extracted with a tool on the first disk.
I didn't see it in NT 3.51, btw.
That's consistent with Microsoft replacing the BSD stack for 3.5.
Because, he keeps posting excuses for why he lied, knowingly and purposefully, for months, in defense of Russian hackers who illegally cracked the Apple OSX operating system. He fully admits he lied, on purpose, even claims it was quote "fun", but still wants to escape all responsibilty by trying to blame me, while he pleads more defense of the hackers, by lying even more. Sorry, just not going to let it slide, thanks.
Maybe you're right, I don't want this thread deleted, since it's a great reference for his endless lies. Thanks.
As I've been trying to remember that bet...I really can't remember if it was you'd leave if I stated that about IE...so I did. Or if it was also tied to me finding an out of the box MAC exploit. I do remember the oob Mac exploit bet being offerred to either you or Miss Information and either you took the bet and did leave or Miss Information took the bet and lost but chose not to leave. (or possibly one of the handful of Mac lovers on FR took the bet).I honestly can't remember how it all went down...it was many moons ago. But if you have a link, I'd appreciate the link to clear up any confusion (at least in my mind).
For-q, It has not become obvious that you DON'T READ THE REPLIES sent to you. I provided you with a link to the entire thread where you made your ridiculous claims and the fact that YOU lost so that you can refresh your obviously faulty memory. So you can try again to read it, Here it is.
For those who want to learn who is lying, the original thread with For-q's "challenge" and the responses is this link to read the entire thread
Wow so you're the idiot on that one. N3WBi3 was right he left for 30 days for losing a different bet with me. The thread you linked to as I re-read (quickly though) it shows that you never took the bet.
I wonder why? Want to take the bet now? Or do you still claim an unpatched OSX box is perfectly secure, but you're not willing to bet on it?
By the way you and Miss Information are grasping to try and get it to look like everyone lies to make it look like what miss information did was normal.
I have not told a lie on this thread or the one you linked to. I could be an ass like miss information and start screaming about libel but that's childish. Why are you so quick to try and call me a liar? BTW: What is your definition of lie? If it's anything like your idea that exploit as long as it's not in the wild is not a problem/threat..then I guess we'll just have to agree you're still not the brightest bulb in the lamp.
And there is a lie, For-q, because I have never claimed "an unpatched OSX box is perfectly secure" because I know it isn't. YOU put those words in my mouth back in August '05 and then claimed I said them. It is a repeated lie, one among many on that ancient thread and this one, that you have made about what I have said. I do not appreciate your claiming I wrote things I did not write.
You repeatedly misrepresent what I and others write and then claim things we never said... a good example was your claim that I said YOU could win $25,000 by writing a Mac virus when what I had written was the factual statement: "There have been several substantial CASH prizes for writing a viable, transmittable and self propagating virus for the Mac (the last offering had to be withdrawn because of legal reasons) but all of them have gone unclaimed."
You lied by putting words in my mouth by claiming "Oh I see, when you laid down the challenge that I'd win $25,000 for creating a Mac Virus...doesn't constitute a bet."
You wrote, on August 8, 2005: How about we have a bet? I show you where a virus is possible and you leave Free Republic for 1 month?".
You lied when you claimed I withdrew the challenge when I never challenged YOU.
When I did not accept your ridiculous "bet" you lied again and wrote to another freeper, ". . . but Swordmaker challenged me to write a virus and that I'd win $25,000 (only to have the challenge withdrawn)."
And to another freeper, another lie: "Remember he's the lame brain that laid down the false challenge of $25,000."
Since I was and am familiar with every claimed "virus" for OS X and their failings to rise to the level of self-installation, self-transmission, and self-replication, you could not have won such a bet. I was curious what someone such as you who had demonstrated an abysmal ignorance of Macs and their operation seemed to think was an "Ace-in-the-hole" that you were going to pull out, claiming it was a possible virus. However, I don't play such childish games as you apparently want to do.
When I finally suggested a long closed potential Man-in-the-middle LAN vulnerability in OS X's update routines, you said "Wow you finally found it, but now you change your tune. Now it's ok if the exploit if fixed before it's ever exploited". . . but you changed a "virus" to an unexploited vulerability that was merely suggested as a possibility by the person who noticed it. Another lie.
The Man-in-the-Middle Attack you claim could have taken over Grandpa's or Grandma's Mac, the exploit you admitted was your intended exploit to win your proposed bed, was never "in the wild" or even demonstrated as possible. It was "postulated" by Russell Harding to Apple that it could be done IF someone had somehow "had root access to the target Mac and revised the SYSTEM Software Update routines" and then, using another Mac on the same local area network as the targeted computer, spoofed a server that exactly matched Apple's Update Server, then yes, one could install malware on the target Mac.
Apple did indeed close this supposed "vulnerability" forever by instituting validation routines to assure the user was actually connected to the Apple Server and that the System Update Routines on the computer to be updated had not been modified. But, For-q, for all of this "malicious" Man-in-the-middle" attack to take place, the evil doer had to have had local ROOT access (turned OFF by default) to Grandpa's and Grandma's target Mac computer in the first place and could have installed anything he wanted while he was sitting at their keyboard!
Everyone can go back in this web and find your lies about what I wrote here... your stretching and exaggerating and outright misrepresentations of what others write.
We won't even go into your penchant for ad hominem slurs such as "...you're the idiot on that one..." in your replies...
Lying isn't normal, unless you're GE. That was the ONE case where I lied, and (contrary to GE's lie and libel) I am the one who told the truth, ending the lie. IOW, it was a ruse, a joke taking advantage of another's ignorance despite his claimed expertise.
Yet you ignore his numerous documented lies in this very thread. You ignore how he avoids retracting any lie until he is backed into a corner, and then he only retracted one out of several proven.
I established long ago in this thread that you are biased and dishonest. It remains so.
I wouldn't waste another minute arguing with these guys. Everybody knows which operating system has a pathetic history of viruses, worms and spyware - and which one doesn't.
ROFL, you're an admitted liar, and still haven't shown where I've purposefully lied once. And of course you're still lying in defense of Russian hackers who cracked Apple's OSX operating system, by making ridiculous claims that other Russian hackers were writing software for the US DoD, something you were called on immediately but didn't admit for months. Knowingly making up lies in defense of illegal Russian hacking, claiming ties to the DoD, absolutely dispicable behavior, I know of no further low you could have perpetrated on this board. Nothing you can say should ever be trusted again.
If you'll notice I've actually been defending Apple for the majority of this thread, from someone who has been arguing on behalf of the Russian hackers that cracked OSX with lies that have gone on for months. Lies he admits he made on purpose, but instead of accepting responsibility claims they were quote "fun".
This is obviously a significant character issue that goes far deeper than anyone's personal preference of platform, to not only purposefully lie for months but what cause he has chosen to lie in support of, being the illegal Russian hacking of Apple's platform.
I remain a supporter of Apple Inc, especially their intellectal property including patents, something that antiRepublican strongly opposes. So while there are obviously battles going on in this thread, they are not all Apple vs. Microsoft vs. Linux. There is US intellectual property protection vs. illegal foreign hackers, as well, in my opinion being an even more significant issue.
#298 documents four. One lie you tried to weasel when cornered. Two remain unanswered, and there's clear instance of purposeful libel in taking me out of context. #377 documents two more.
And of course you're still lying in defense of Russian hackers
Basic logic check here. How is it a defense to say they're subject to massive civil penalties, just not criminal?
claims that other Russian hackers were writing software for the US DoD, something you were called on immediately but didn't admit for months.
WOW!!! This is incredible. What you just said was a lie I caught you on, documented in #298. You later admitted mistake after being pressured for days and cornered. Now you bring it up again? If I was caught on it, produce the link to the post. Otherwise, immediately admit another lie by you. You definitely can't claim "mistake" again on this one.
Yet again, a lie. Isn't there a board dedicated to libel that you can join? You may feel more welcome there.
You still can't articulate a single time I supposedly lied, on purpose, when you are already on record outright admitting you knowingly did so for months in defense of Russian hackers. #298 is just a documented history of your first admission of your first batch of lies, yet you claim they are somehow mine? LMAO.
"Yes, I lied" - admitted by AntiRepublican - http://www.freerepublic.com/focus/f-chat/1724347/posts?page=88#88
So you have already admitted to lying on behalf of illegal Russian hacking, but you have continued it further since you have been insisting it could not have been a criminal offense for months, claiming that OSX had to be distributed and not just the hack, which has been shown on this thread to be another lie.
"Simply violating a license by not abiding by the terms is a civil tort, not a crime, thus, no criminals. It could be come a crime had they copied OS X itself and widely sold it.." http://www.freerepublic.com/focus/f-chat/1724347/posts?page=119#119
You now claim you support software patents, a 180 from your known position, and that you don't ever defend the radical leftist Richard Stallman, when in fact we know you come running to his defense like a starved man who just heard the dinner bell ring. Get a load of this BS, especially in light of your new lies you now magically support software patents and don't defend Stallman LOL:
"I said Stallman doesn't want patent laws overturned...he's only against software patents...There is no evidence that Stallman is against all patents...I do agree that software patents are harmful...Software patents make software development a minefield..." - http://www.freerepublic.com/focus/f-chat/1527747/posts?page=113#113
You also had this to say about Apple OSX on that same thread:
"Mac OS X is essentially a highly-polished turd." http://www.freerepublic.com/focus/f-chat/1527747/posts?page=49#49
Basic logic? Obviously you have none, nor do you have any basic honesty. Of course you're defending them, you might as well be their lawyer, trying to get the criminal charges dropped, so you can then find some loophole in the civil case. It's bad enough to be far out on limb defending illegal hacking by Russians, but then pile lie after lie after lie on top, and you're far past proving you're ripe to be strung up yourself.
Yet again, a lie. Isn't there a board dedicated to libel that you can join? You may feel more welcome there.
Of course, you're the one lying, here's another one of your own quotes showing your disdain for "intellectual property", and I already showed above where you are opposed to software patents, not that that's any secret either despite your pathetic attempt to now deny it LMAO:
"Intellectual Property" is a fiction and the term shouldn't be used. - as stated by antiRepublican
antiRepublican: Yet again, a lie. Isn't there a board dedicated to libel that you can join? You may feel more welcome there.
Of course, you're the one lying, here's another one of your own quotes showing your disdain for "intellectual property", and I already showed above where you are opposed to software patents, not that that's any secret either despite your pathetic attempt to now deny it LMAO:
"Intellectual Property" is a fiction and the term shouldn't be used. - as stated by antiRepublican
antiRepublican: Yet again, a lie. Isn't there a board dedicated to libel that you can join? You may feel more welcome there.
Of course, you're the one lying, here's another one of your own quotes showing your disdain for "intellectual property", and I already showed above where you are opposed to software patents, not that that's any secret either despite your pathetic attempt to now deny it LMAO:
"Intellectual Property" is a fiction and the term shouldn't be used. - as stated by antiRepublican
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.