Announcement

Collapse
No announcement yet.

LOL! Mac hacked in 2 minutes!

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

    #16
    BTW in #4 what I was trying to hint at is that Unix's scalability and ease of automation usually beats windows or mac. In the second one I thought it was a scale of ease of use on one end with extensibility on the other end. I just thought it was something to point out Macs BSD based OS bears mentioning and kinda dosn't follow that paradigm. Again sorry

    Comment


      #17
      Originally posted by Trooper110 View Post
      Ouchies for Mac. I love the people who like to claim that they're the most secure computers in the world. Mainly because it's not worth it for people to write viruses for them due to percentages :P
      Haha! I am going to love to tell my friend who thinks it is impossible for a mac to get spyware, viruses, or hacked. He literally, thinks it is 100% impossible for those things to happen to any Mac computer.
      Foolish.

      Comment


        #18
        Originally posted by BenKenobi View Post
        FLAME ON!
        Hehehehe, Roger that!
        [IMG]http://thepebkac.net/images/sigs/Outdoors_sig.jpg[/IMG]
        Like the community? Donate here:
        [URL="http://www.cainslair.com/misc.php?do=donate"]http://www.cainslair.com/misc.php?do=donate[/URL]

        Comment


          #19
          Originally posted by GeneralSnake View Post
          Haha! I am going to love to tell my friend who thinks it is impossible for a mac to get spyware, viruses, or hacked. He literally, thinks it is 100% impossible for those things to happen to any Mac computer.
          Foolish.
          You're friend is slightly mis-informed. But only slightly.

          The Mac isn't 100% bulletproof. No OS is 100% (outside of highly specialized cases which have no bearing on our discussion), though the *nixs in general are easier to lockdown than your garden variety windows box. However, while OS X isn't 100%, for the consumer, it's still far better than a windows box in most cases.

          Are there viruses? VERY few, and most can do little within the system. Is it hackable? Yes, though it's still hard (like most of the others) over the network without direct intervention on the machine itself. Spyware? Not that I've heard of, though I'd imagine keyloggers do exist out there (you'd have to explicitly install them on the machine though.....which again requires physical access). Is it 100%? Hardly, but there are FAR, FAR fewer "gotchas" to avoid than on a Windows platform for the typical user.

          Originally posted by mapes View Post
          Hey there are no stupid computers....only stupid computer users. Granted Linux or any Unix has a steep learning curve this is not intentional though. The reason is to give the user more power in order to do anything with the system. Obviously this is at odds with user friendliness... For example with SED and AWK utilities you can do amazing things that windows will never be able to do....unless you install Cygwin which is sort of an Unix emulated environment...
          I think we're in agreement that Linux is the most powerful....I doubt you'd find many dissenters outside of kool-aid drinking fanboys. But that power comes at the cost of usability, and usability is still paramount when you are comparing platforms in the consumer market. Which I dare say is exactly the people this little contest is trying to influence.

          And no dissent here either that there are stupid computer users out there. They make up the bulk of the computing population, hence why so many machines out there are infected with spyware, viruses and other malware applications.

          Comment


            #20
            Originally posted by CarbonFire View Post
            You're friend is slightly mis-informed. But only slightly.

            The Mac isn't 100% bulletproof. No OS is 100% (outside of highly specialized cases which have no bearing on our discussion), though the *nixs in general are easier to lockdown than your garden variety windows box. However, while OS X isn't 100%, for the consumer, it's still far better than a windows box in most cases.

            Are there viruses? VERY few, and most can do little within the system. Is it hackable? Yes, though it's still hard (like most of the others) over the network without direct intervention on the machine itself. Spyware? Not that I've heard of, though I'd imagine keyloggers do exist out there (you'd have to explicitly install them on the machine though.....which again requires physical access). Is it 100%? Hardly, but there are FAR, FAR fewer "gotchas" to avoid than on a Windows platform for the typical user.



            I think we're in agreement that Linux is the most powerful....I doubt you'd find many dissenters outside of kool-aid drinking fanboys. But that power comes at the cost of usability, and usability is still paramount when you are comparing platforms in the consumer market. Which I dare say is exactly the people this little contest is trying to influence.

            And no dissent here either that there are stupid computer users out there. They make up the bulk of the computing population, hence why so many machines out there are infected with spyware, viruses and other malware applications.
            Yeah I totally agree with...I'm just glad your not mad at me

            Comment


              #21
              What makes Macs easier to keep clean? Is it a decently simple answer or is it going to be some page long crazy quantum mumbo jumbo that will melt my brain?
              And I wouldnt want Carbon mad at me either, even though I dont play and games right now. Freaking ground pounding king right there.

              Comment


                #22
                Originally posted by mapes View Post
                The was not performed remotely. He was allowed on the machine and allowed to open web pages and email. It was probably safari that was vulnerable. It actually took more than two minutes since the first day was setup for remote hacks.

                Not from what I'm seeing. He directed the contest advisors to visit a website which contained his exploit code. He never physically had access to the machine until he remotely exploited it.

                Within 2 minutes, he directed the contest's organizers to visit a Web site that contained his exploit code, which then allowed him to seize control of the computer, as about 20 onlookers cheered him on.
                More: http://www.computerworld.com/action/...c=it_blogwatch

                Comment


                  #23
                  Originally posted by GeneralSnake View Post
                  What makes Macs easier to keep clean? Is it a decently simple answer or is it going to be some page long crazy quantum mumbo jumbo that will melt my brain?
                  And I wouldnt want Carbon mad at me either, even though I dont play and games right now. Freaking ground pounding king right there.
                  RAWR!

                  What makes Macs easier to clean? Mainly they make it harder to run "nefarious" code than Windows. Windows is built upon a legacy of non-protected architectures that give way to much access to the core of the operating system. Basically, a lot of the functionality in Windows was designed before the internet was the chief security concern, so MS left a LOT of exploitable holes (which people even now are still discovering ). And since every iteration of Windows has carried with it some of this old functionality, even newer operating systems (even Vista 32) are not immune. Vista 64 should be a little easier to "keep clean", because much of the underlying tech has been rewritten with security in mind. Not that it is impossible for a Vista 64 machine to get infected, it's just heartier than Vista 32 or XP. Microsoft has worked hard to patch these holes to protect users, but their best effort was basically to build walls around the users, rather than plug the holes and possibly break functionality.

                  Also by virtue of the Mac platform being a small percentage of the market, most viruses/spyware/malware out there are directed at the Windows market, which OS X is more or less immune to. If Mac were more popular, viruses/malware would start to become an issue. Hasn't really happened yet AFAIK.

                  Comment


                    #24
                    I learned to build websites with notepad and I would really love to see the coding he used to exploit. It had to have some really neat sleight.

                    Comment


                      #25
                      Mike your splitting hairs. So he didn't touch the keyboard.... he told them what to type .... As for the exploit stuff could be in java or activex type stuff. You know all that stuff that makes websites so pretty.....

                      Comment


                        #26
                        Originally posted by mapes View Post
                        Mike your splitting hairs. So he didn't touch the keyboard.... he told them what to type .... As for the exploit stuff could be in java or activex type stuff. You know all that stuff that makes websites so pretty.....
                        Well, correct me if I'm wrong here, but the idea of the contest was to EXPLOIT any of the operating systems without having physical access to the machine. HOW you go about exploiting the machine and taking complete control of it remotely is completely irrelevant. The objective was/is to exploit the system and be able to read the contents of a pre-named file located on the computer's hard disk, and then presenting the contents of this file document to the contest panel.... All without consent of any given user. What difference does it make if it was html, java, php, activex, silverfish, or Walt Disney? None.

                        See here: The Facts!

                        It was just that simple and no access was required to anyone's physical machine. No splitting hairs there!!! No installers, no downloads, no exe files, no warning idiot boxes, you didn't even have to agree.

                        Pretty damned impressive if you ask me.

                        ~~mike~~

                        Comment


                          #27
                          What I'm saying is there is fair amount of difference between remotely hacking the box or having a user click on a link.

                          Comment


                            #28
                            Sure there is. At the current level of protection, however, from any good updated operating system, it is ALMOST impossible to hack into a system without some sort of security backdoor. Especially is the case if the machine is just plugged in with nothing open i.e. Outlook, OE, IE, Opera, ..etc. where the machine is sitting there with the ports open. (Download IE 5, remove your current browsers and install it and open a page and let it sit for a few days online if you wanna see exploitability --you'll have popups everywhere) Other than running a DDOS attack with some good skills, there's not much chance of cracking into an idle system.

                            What I'm saying is that the system was compromised REMOTELY without having physical access to the machine. Apples or Oranges? Who's splitting hairs here?

                            Any hacker is going to portscan FIRST before trying to attempt anything. The reason for the portscan is to see if the user has already made the machine vulnerable in just this way... by opening something or downloading a software that already has opened a port or installed a script that overrides a firewall rule and such. Then brute forcing .... well you aren't stupid and you know the routine I'm sure.


                            To be contradicting, I do agree with what you are stating to be true. I know exactly what you are getting at. He did not sit down to his own machine across a network connection and force feed code to the EU machine causing it to become vulnerable enough to take control of it. I don't know anyone who can do that these days with new security implementations which do things such as block I.P. addresses after X number of failed authentications, but with ip spoofing, mac cloning and proxy servers, a password brute force can be endless. I've had to block whole continents until proper action was taken to track down a script kiddie...irrelevant.

                            I think, as you do, that a similar contest should be set up except the machine is turned on, plugged in, open every program that accesses anything past 127.0.0.1 and then see if it can be compromised. That would really impress the hell out of me. Then run the same contest with NOTHING open on the machine. I doubt you'd find anyone who could claim the prize.

                            Social Engineering is the easiest form of hacking but takes a lot longer than 2 minutes.
                            Last edited by -IRC-MIKE; 29 Mar 2008, 05:12 PM.

                            Comment


                              #29
                              Well ok you understand what I'm talking about it took user input in order to compromise the machine. As opposed to hacking a listener or service across the network. which still happens.... I betif you os fingerprint a large block of IP's you can find a tonof machines still vulnerable to remote exploits....I'm not talking 0day stuff I'm old stuff and unpatched machines....

                              Comment


                                #30
                                Originally posted by AngryHamster View Post
                                #6 Steve Jobs is a genius no matter how you feel about Macs, and aside from that, has enough wealth and influence to make you look like an ant or a slug.
                                Hey! I resemble that remark.

                                Comment

                                Cain's Lair Forums Statistics

                                Collapse

                                Topics: 26,187   Posts: 269,850   Members: 6,183   Active Members: 7
                                Welcome to our newest member, Fermin13Q.

                                Today's Birthdays

                                Collapse

                                There are no members with birthdays today.

                                Top Active Users

                                Collapse

                                There are no top active users.

                                More Posts

                                Collapse

                                • Reply to Hi guys!
                                  by Evil_T0NY {CLR}
                                  I've been Alpha and will be Beta testing the Delta Force game. It's been really getting good reviews! Definitely a good Battlefield feel to it like the...
                                  14 Nov 2024, 08:50 PM
                                • Reply to Hope your all OK over there
                                  by Apache Warrior
                                  We had 17 inches of rain from the storm on November 7, 2024.
                                  Apache
                                  11 Nov 2024, 07:55 AM
                                • Reply to Hope your all OK over there
                                  by Sirex
                                  Aye, I'm inclined to agree with that lmao
                                  Gone are the days of warm summers and snow filled winters here, nothing but rain and wind for 8mths of...
                                  10 Nov 2024, 08:53 PM
                                • Reply to Hope your all OK over there
                                  by Apache Warrior
                                  Now we have had a lot of flooding in this area and there are still a lot of houses that have not been repaired. Must be the apocalypse.
                                  ...
                                  8 Nov 2024, 09:23 AM
                                Working...
                                X