MAC Users Read This!

For everything that's not in any way related to PureBasic. General chat etc...
IdeasVacuum
Always Here
Always Here
Posts: 6425
Joined: Fri Oct 23, 2009 2:33 am
Location: Wales, UK
Contact:

MAC Users Read This!

Post by IdeasVacuum »

Hi - If your MAC OS is the recent "High Sierra" then you need to read this report as a matter of urgency:

http://www.zdnet.com/article/stupid-stu ... CAD2e14604
IdeasVacuum
If it sounds simple, you have not grasped the complexity.
User avatar
J. Baker
Addict
Addict
Posts: 2178
Joined: Sun Apr 27, 2003 8:12 am
Location: USA
Contact:

Re: MAC Users Read This!

Post by J. Baker »

I will not go into a long rant about new operating systems being supposedly more secure than the previous OS but...

An office was hit with a virus and all the Windows 10 computers were effected. None of the XP machines were effected. All on the same network. I witnessed it myself and I really wasn't surprised. In theory, a new OS should be more secure than the previous for various reasons but a new OS also has new bugs. So new operating systems do not really mean, a more secure OS.

I just wish we could come to a point in operating systems where the focus is bugs, security, and optimizations. Yes, a change in code for optimizations could cause a bug and therefor a security risk but I'm sure it's less likely than new features being added. Most of the new features added today are pretty pointless as far as I can see anyway.

A war for the most secure, bug free, and fastest OS would be nice. The look/style and features are already there. ;)
www.posemotion.com

PureBasic Tools for OS X: PureMonitor, plist Tool, Data Maker & App Chef

Mac: 10.13.6 / 1.4GHz Core 2 Duo / 2GB DDR3 / Nvidia 320M
PC: Win 7 / AMD 64 4000+ / 3GB DDR / Nvidia 720GT


Even the vine knows it surroundings but the man with eyes does not.
jack
Addict
Addict
Posts: 1336
Joined: Fri Apr 25, 2003 11:10 pm

Re: MAC Users Read This!

Post by jack »

ZDNet wrote:Fortunately, it appears that you can't hijack a system using this trivial trick remotely.
I have MacOS HighSierra installed and there's one thing that worries me, while installing there were two unrecognizable programs (agents?) trying to have system privilege which I denied, it seems that the installer was compromised.
IdeasVacuum
Always Here
Always Here
Posts: 6425
Joined: Fri Oct 23, 2009 2:33 am
Location: Wales, UK
Contact:

Re: MAC Users Read This!

Post by IdeasVacuum »

Fortunately, it appears that you can't hijack a system using this trivial trick remotely.
Actually I think they have established that it is possible, hence Apple had to announce they are working on it as a priority.

Most obvious thing to do is give the Root User a good password.
IdeasVacuum
If it sounds simple, you have not grasped the complexity.
User avatar
nco2k
Addict
Addict
Posts: 1344
Joined: Mon Sep 15, 2003 5:55 am

Re: MAC Users Read This!

Post by nco2k »

@J. Baker
well, if you are writing malware, then you want to target as many systems as possible. you wont exploit an os that only 1% of people use.

@topic
apple isolated themselves and their users from the outside world, with the bullshit pretence of "security". they limit the access to your very own system, to "protect" you. you basically cant do anything anymore, without apples consent. so things like this can never hapen, yet they keep happening. its not the first time, and it wont be the last time either.

i really dont feel any pity for people who throw their money at a company like this. total control over their users, monitoring its every moves, and limiting access to their systems. not to mention that they always create their own standards, instead of adopting an independent, widely used industry standard.

TL;DR if you give a company total control over your life, dont be surprised when it comes back to bite you in the ass.

Image

c ya,
nco2k
If OSVersion() = #PB_OS_Windows_ME : End : EndIf
User avatar
Mohawk70
Enthusiast
Enthusiast
Posts: 400
Joined: Thu May 11, 2006 1:04 am
Location: Florida, USA

Re: MAC Users Read This!

Post by Mohawk70 »

Windows and Linux both had/have similar vulnerabilities also.

Sent from my LGLS991 using Tapatalk
User avatar
nco2k
Addict
Addict
Posts: 1344
Joined: Mon Sep 15, 2003 5:55 am

Re: MAC Users Read This!

Post by nco2k »

Mohawk70 wrote:Windows and Linux both had/have similar vulnerabilities also.
thats not the point. vulnarbilities like this will always occur, wether its apple, microsoft, google, or amazon. the point is, that apple created their own little world, and treat everyone outside of it as an intruder. i remember the times, when you couldnt send a simple video over bluetooth, to your non-iphone colleague, because its a potential risk. you couldnt plug your iphone to your aunts pc and copy the latest family photos, without bloating up her pc with itunes first, because otherwise its a potential risk. they made the simplest tasks insanly difficult, if not impossible, and always justified it with the pretence of security and protection. and now what?

i had to jailbreak my iphone, to unlock basic functionalities, that non-iphones offered out of the box. later when i switched to android, everything just worked. i could throw any media at my tvs wifi, with just a tap, even though both deviced are from 2 different manufacturers, with 2 different operating systems. i will choose freedom over pseudo-security any day.

c ya,
nco2k
If OSVersion() = #PB_OS_Windows_ME : End : EndIf
User avatar
Mohawk70
Enthusiast
Enthusiast
Posts: 400
Joined: Thu May 11, 2006 1:04 am
Location: Florida, USA

Re: MAC Users Read This!

Post by Mohawk70 »

Most obvious thing to do is give the Root User a good password.
My thoughts exactly .. this is just as much the blame of lazy/stupid/uninformed/irresponsible ( whichever you prefer ) users and / or admins not setting up the system securely from the start. Feel free to disagree, but that's how I see it.
User avatar
tj1010
Enthusiast
Enthusiast
Posts: 621
Joined: Mon Feb 25, 2013 5:51 pm
Location: US or Estonia
Contact:

Re: MAC Users Read This!

Post by tj1010 »

Actually less dangerous than remote code execution which are everywhere and more stealth..

A lot of people have vulnerable SSH configurations on their web-servers and clients too that are just as dangerous.
The truth hurts.
Post Reply