Mac hacked in 2 minutes

[NotChetHanks]

I see where this thread is going. Might as well be prepared...

[Express]

Someone had to surf to the page....

But the hacker himself doesn't need physical access. I have seen atleast three instances when Neowin itself served malicious code in its pages -- I am not sure whether Neowin was hacked or it was some compromised ad servers (more likely the later). Futhermore, the browser engine can itself be used by several other parts of the system for example to render gadgets, widgets. Any of these can be vector for exploiting the system.

[HawkMan]

Name an OS? I can tell you how to pull data. Remember, even encrypted drives can be thwarted by reading the keys form memory.

Really...

So you can read the data of an encrypted Bitlocker drive witht he encryption key on an USB stick ? you know one of the ways that actully secures your encrypted drives against those RAM memory rebot tricks ? that'd be interesting to see :)

----

Also this particular hack, since it uses a webpage exploit. Though no data is released about it, it would seem that a properly set up Vista laptop with UAC on and IE in protected mode would have stopped the exploit from reading this file. uless the exploit somehow manages to evade protected mode.

[Astra.Xtreme]

its userland, core libraries, and applications are almost entirely custom Apple code and design - with no real emphasis on security. Apple simply doesn't have the same experience writing secure software that Microsoft does. Ridicule Microsoft all you want, but they / we have learned a whole lot from what Windows has been through over the last decade.

You might want to be a little careful with those claims.

[Andrew Lyle Global Moderator]

He also got a spot in the FBI hacking watch list :yes:

[kjordan2001]

Someone had to surf to the page....

Of course. Macs aren't usually servers where they'll be running lots of things listening for connections, so someone would have to do something for it to get hacked. Most desktop hacks work that way, it's not every day a worm comes out that will infect your PC just by having it sitting there.

[1Frothy]

Perhaps it's time for Mac to get some good Antivirus / Security products like some fine examples from ESET and Kaspersky.

[Circaflex]

Perhaps it's time for Mac to get some good Antivirus / Security products like some fine examples from ESET and Kaspersky.

but then all the macusers couldnt say "hey i dont need antivirus, im on a mac"

[Hell-In-A-Handbasket]

market share has nothing to do with vunerabilities,, the holes are there regardless of how many use a system

Not said by the people who know,imagine all this vulnerabilities in Mac OSX with this tiny market share,then imagine if Mac OSX has 93% of market share (DANG!),now imagine that windows (Vista and XP) has lesser vulnerabilites with 750 million computers than OSX with 50 million pc at the most,and im being optimistic.

Can you see the breach?

Hope so,otherwise i'm so sorry :)

[Windam]

Stop wasting your time on this..

It's pointless. A computer is a computer it is not perfect and nothing will be except God almighty.

[david13lt]

He used Safari vulnerability that means Vista/XP and other Windows versions are vulnerable in the same way. As I remember there are three computers this year, Windows, Linux and Mac. And I think that each of them will be hacked. Most of security researches are working on ways to hack all three with the same method. First day no one tried, because only attack from internet was allowed and today (second day) is allowed to use preloaded software and I think later they will install more 3rd party software and that will definitely make all of them vulnerable.

If a Man made, Man can brake.

[david13lt]

Uh... Mistakes, mistakes...

Let's make it "If Man made it, Man can brake it". Still it does not sound that good, but I think you get the point.

[Raa]

Perhaps you meant "You are an imperfect machine, made by an imperfect being" - Star Trek :p

[Unto Darkness]

Wow man! $10 000 in 2 min! What a smart a**!

If there is anything cool worth doing in this world, it would be hacking! :p

[sundayx Veteran]

Wow man! $10 000 in 2 min! What a smart a**!

If there is anything cool worth doing in this world, it would be hacking! :p

... how about getting some greens while doing it!

Hacking for good is actually a good thing, but straight up hacking, I would have to reject to.

[Scirwode]

I'm not surprised really, no system is secure forever. You can only be vigilant to ensure nothing gets on to your computer, that's all.

Scirwode

[Unto Darkness]

... how about getting some greens while doing it!

Hacking for good is actually a good thing, but straight up hacking, I would have to reject to.

Hacking is always good. The guy in this article was actually "cracking". People always mistake cracking for hacking.

Crackers always demolish what hackers build, i.e. walls, security etc.

[Miuku.]

It was social engineering however so the cracking contest doesn't really count - this is no different than me putting up an iFrame vulnerability that exists in IE6/IE7 even today.

Anyone using MSN yesterday should be very aware how easy it's to blow up your IE because I kept getting messages from people asking me to click a certain link that opened an iframe and affects all IE6 and IE7 (Also Vista, because most of the people on the list who sent me the message were Vista users).

[KeeperOfThePizza]

What now Mac? goes to show mac can be hacked just like windows there for then being an overpriced piece of metal.

[Unto Darkness]

What now Mac? goes to show mac can be hacked just like windows there for then being an overpriced piece of metal.

Well, ANY OS can be cracked [not hacked really], it just depends on whether you want to....

And don't give me sh*t about how invincible Linux is :p

[KeeperOfThePizza]

^ Thats clearly why i said its an overpriced piece of metal! :laugh:

[Hell-In-A-Handbasket]

the overpriced part has been proven wrong so many times its not funny.

^ Thats clearly why i said its an overpriced piece of metal! :laugh:

Edited March 28, 2008 by Hell-In-A-Handbasket

[Eric Veteran]

the overpriced part has been proven wrong so many times its not funny.

"overpriced" is relative to what you think something is worth. As evident of Apple's PC market share, they are overpriced.

and of all the Windows machines i work on in a daily basis vs the mac's that i work on, your Mac's can be hacked like windows is also wrong, this " Hack " required a person to be walked through the entire process as though the hacker was at the actual computer. if given physical access to the computer by means of " hand-holding " or touch, any system will go down.

There was no "hand holding." The man told the victim, "Go to this site." That's it.

the only diffrence is that you turn on a Windows PC and its vunerable ( i have witnessed this by putting a non-firewalled/viri/adware windows system on the net, and not touched it, couple days later, its pretty much worthless( aka like a HoneyPot )

Bull.

Face it. Macs are made from the same parts as Windows PCs. The only difference is shiny plastic and a unified experience. They aren't more secure, they aren't better built. In fact, they're probably shiny because they're covered in lead paint. That would explain the bizarre behavior of Mac fanatics: too much smooching the computer.

Edited March 28, 2008 by GreyWolfSC

[KeeperOfThePizza]

^ x2!

[Hell-In-A-Handbasket]

there was more involved then going to a site

and your reply to the windows PC, is actually true, it was done in my Security Class before i graduated, just like i also used the MMC to remotely connect to a machine across the classroom and edited their registry(entrys in MMC go to registry) to lock their startmenu, edit permissions. and at a LAN party as a practical joke, inserted a couple porn vid's to a friends startup. if i have physical access to it but its locked, i can BART it, remove the PW, load the registry into BART Edit that, and do whatever else to the system

there is no Bull***, its fact as iv done it, my job requires me to break into a system @ customers request, or recover files/information if they can no longer access their computer

"overpriced" is relative to what you think something is worth. As evident of Apple's PC market share, they are overpriced.

There was no "hand holding." The man told the victim, "Go to this site." That's it.

Bull****.